Add TLS 1.3 signing curve check (8f88cb53) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/t1_lib.c

+35 −23

Original line number	Diff line number	Diff line
		@@ -850,9 +850,18 @@ int tls12_check_peer_sigalg(SSL s, uint16_t sig, EVP_PKEY pkey)
		}
		#ifndef OPENSSL_NO_EC
		if (pkeyid == EVP_PKEY_EC) {
		EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
		if (SSL_IS_TLS13(s)) {
		/* For TLS 1.3 check curve matches signature algorithm */
		int curve = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
		if (curve != lu->curve) {
		SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE);
		return 0;
		}
		} else {
		unsigned char curve_id[2], comp_id;
		/* Check compression and curve matches extensions */
		if (!tls1_set_ec_id(curve_id, &comp_id, EVP_PKEY_get0_EC_KEY(pkey)))
		if (!tls1_set_ec_id(curve_id, &comp_id, ec))
		return 0;
		if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id)) {
		SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE);
		@@ -874,11 +883,14 @@ int tls12_check_peer_sigalg(SSL s, uint16_t sig, EVP_PKEY pkey)
		SSL_R_ILLEGAL_SUITEB_DIGEST);
		return 0;
		}
		} else
		} else {
		return 0;
		}
		} else if (tls1_suiteb(s))
		}
		}
		} else if (tls1_suiteb(s)) {
		return 0;
		}
		#endif

		/* Check signature matches a type we sent */