Loading apps/s_cb.c +3 −0 Original line number Diff line number Diff line Loading @@ -409,10 +409,13 @@ static int do_print_sigalgs(BIO *out, SSL *s, int shared) int ssl_print_sigalgs(BIO *out, SSL *s) { int mdnid; if (!SSL_is_server(s)) ssl_print_client_cert_types(out, s); do_print_sigalgs(out, s, 0); do_print_sigalgs(out, s, 1); if (SSL_get_peer_signature_nid(s, &mdnid)) BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid)); return 1; } Loading ssl/s3_lib.c +19 −0 Original line number Diff line number Diff line Loading @@ -3458,6 +3458,25 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_SET_CHAIN_CERT_STORE: return ssl_cert_set_cert_store(s->cert, parg, 1, larg); case SSL_CTRL_GET_PEER_SIGNATURE_NID: if (TLS1_get_version(s) >= TLS1_2_VERSION) { if (s->session && s->session->sess_cert) { const EVP_MD *sig; sig = s->session->sess_cert->peer_key->digest; if (sig) { *(int *)parg = EVP_MD_type(sig); return 1; } } return 0; } /* Might want to do something here for other versions */ else return 0; default: break; } Loading ssl/ssl.h +4 −0 Original line number Diff line number Diff line Loading @@ -1707,6 +1707,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_BUILD_CERT_CHAIN 105 #define SSL_CTRL_SET_VERIFY_CERT_STORE 106 #define SSL_CTRL_SET_CHAIN_CERT_STORE 107 #define SSL_CTRL_GET_PEER_SIGNATURE_NID 108 #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) Loading Loading @@ -1831,6 +1832,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_set1_client_certificate_types(s, clist, clistlen) \ SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist) #define SSL_get_peer_signature_nid(s, pn) \ SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn) #ifndef OPENSSL_NO_BIO BIO_METHOD *BIO_f_ssl(void); BIO *BIO_new_ssl(SSL_CTX *ctx,int client); Loading ssl/t1_lib.c +5 −0 Original line number Diff line number Diff line Loading @@ -922,6 +922,11 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s, SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG,SSL_R_UNKNOWN_DIGEST); return 0; } /* Store the digest used so applications can retrieve it if they * wish. */ if (s->session && s->session->sess_cert) s->session->sess_cert->peer_key->digest = *pmd; return 1; } /* Get a mask of disabled algorithms: an algorithm is disabled Loading Loading
apps/s_cb.c +3 −0 Original line number Diff line number Diff line Loading @@ -409,10 +409,13 @@ static int do_print_sigalgs(BIO *out, SSL *s, int shared) int ssl_print_sigalgs(BIO *out, SSL *s) { int mdnid; if (!SSL_is_server(s)) ssl_print_client_cert_types(out, s); do_print_sigalgs(out, s, 0); do_print_sigalgs(out, s, 1); if (SSL_get_peer_signature_nid(s, &mdnid)) BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid)); return 1; } Loading
ssl/s3_lib.c +19 −0 Original line number Diff line number Diff line Loading @@ -3458,6 +3458,25 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_SET_CHAIN_CERT_STORE: return ssl_cert_set_cert_store(s->cert, parg, 1, larg); case SSL_CTRL_GET_PEER_SIGNATURE_NID: if (TLS1_get_version(s) >= TLS1_2_VERSION) { if (s->session && s->session->sess_cert) { const EVP_MD *sig; sig = s->session->sess_cert->peer_key->digest; if (sig) { *(int *)parg = EVP_MD_type(sig); return 1; } } return 0; } /* Might want to do something here for other versions */ else return 0; default: break; } Loading
ssl/ssl.h +4 −0 Original line number Diff line number Diff line Loading @@ -1707,6 +1707,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_BUILD_CERT_CHAIN 105 #define SSL_CTRL_SET_VERIFY_CERT_STORE 106 #define SSL_CTRL_SET_CHAIN_CERT_STORE 107 #define SSL_CTRL_GET_PEER_SIGNATURE_NID 108 #define DTLSv1_get_timeout(ssl, arg) \ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) Loading Loading @@ -1831,6 +1832,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_set1_client_certificate_types(s, clist, clistlen) \ SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist) #define SSL_get_peer_signature_nid(s, pn) \ SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn) #ifndef OPENSSL_NO_BIO BIO_METHOD *BIO_f_ssl(void); BIO *BIO_new_ssl(SSL_CTX *ctx,int client); Loading
ssl/t1_lib.c +5 −0 Original line number Diff line number Diff line Loading @@ -922,6 +922,11 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s, SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG,SSL_R_UNKNOWN_DIGEST); return 0; } /* Store the digest used so applications can retrieve it if they * wish. */ if (s->session && s->session->sess_cert) s->session->sess_cert->peer_key->digest = *pmd; return 1; } /* Get a mask of disabled algorithms: an algorithm is disabled Loading
