Check the security level when building sigalgs

ok beck jsing

4 files changed, 20 insertions, 12 deletions

diff --git a/lib/libssl/ssl_sigalgs.c b/lib/libssl/ssl_sigalgs.c
index 79239ef597c..8a1b5f51983 100644
--- a/lib/libssl/ssl_sigalgs.c
+++ b/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.42 2022/06/29 07:53:00 tb Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.43 2022/06/29 07:53:58 tb Exp $ */
 /*
  * Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
@@ -241,11 +241,13 @@ ssl_sigalg_from_value(SSL *s, uint16_t value)
 }
 
 int
-ssl_sigalgs_build(uint16_t tls_version, CBB *cbb)
+ssl_sigalgs_build(uint16_t tls_version, CBB *cbb, int security_level)
 {
+	const struct ssl_sigalg *sigalg;
 	const uint16_t *values;
 	size_t len;
 	size_t i;
+	int ret = 0;
 
 	ssl_sigalgs_for_version(tls_version, &values, &len);
 
@@ -254,12 +256,17 @@ ssl_sigalgs_build(uint16_t tls_version, CBB *cbb)
 		/* Do not allow the legacy value for < 1.2 to be used. */
 		if (values[i] == SIGALG_RSA_PKCS1_MD5_SHA1)
 			return 0;
-		if (ssl_sigalg_lookup(values[i]) == NULL)
+		if ((sigalg = ssl_sigalg_lookup(values[i])) == NULL)
 			return 0;
+		if (sigalg->security_level < security_level)
+			continue;
+
 		if (!CBB_add_u16(cbb, values[i]))
 			return 0;
+
+		ret = 1;
 	}
-	return 1;
+	return ret;
 }
 
 static const struct ssl_sigalg *
diff --git a/lib/libssl/ssl_sigalgs.h b/lib/libssl/ssl_sigalgs.h
index 9f4a3a3c33d..5be2122906a 100644
--- a/lib/libssl/ssl_sigalgs.h
+++ b/lib/libssl/ssl_sigalgs.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.h,v 1.24 2022/06/29 07:53:00 tb Exp $ */
+/* $OpenBSD: ssl_sigalgs.h,v 1.25 2022/06/29 07:53:58 tb Exp $ */
 /*
  * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
  *
@@ -69,7 +69,7 @@ struct ssl_sigalg {
 	int flags;
 };
 
-int ssl_sigalgs_build(uint16_t tls_version, CBB *cbb);
+int ssl_sigalgs_build(uint16_t tls_version, CBB *cbb, int security_level);
 const struct ssl_sigalg *ssl_sigalg_select(SSL *s, EVP_PKEY *pkey);
 const struct ssl_sigalg *ssl_sigalg_for_peer(SSL *s, EVP_PKEY *pkey,
     uint16_t sigalg_value);
diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c
index 20660cbf27a..97077a3380f 100644
--- a/lib/libssl/ssl_srvr.c
+++ b/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.143 2022/06/28 14:51:37 tb Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.144 2022/06/29 07:53:58 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1567,8 +1567,8 @@ ssl3_send_certificate_request(SSL *s)
 			if (!CBB_add_u16_length_prefixed(&cert_request,
 			    &sigalgs))
 				goto err;
-			if (!ssl_sigalgs_build(
-			    s->s3->hs.negotiated_tls_version, &sigalgs))
+			if (!ssl_sigalgs_build(s->s3->hs.negotiated_tls_version,
+			    &sigalgs, SSL_get_security_level(s)))
 				goto err;
 		}
 
diff --git a/lib/libssl/ssl_tlsext.c b/lib/libssl/ssl_tlsext.c
index 53d40157e93..8faf90fde0e 100644
--- a/lib/libssl/ssl_tlsext.c
+++ b/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.113 2022/06/04 07:55:44 tb Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.114 2022/06/29 07:53:58 tb Exp $ */
 /*
  * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -587,7 +587,7 @@ tlsext_sigalgs_client_build(SSL *s, uint16_t msg_type, CBB *cbb)
 
 	if (!CBB_add_u16_length_prefixed(cbb, &sigalgs))
 		return 0;
-	if (!ssl_sigalgs_build(tls_version, &sigalgs))
+	if (!ssl_sigalgs_build(tls_version, &sigalgs, SSL_get_security_level(s)))
 		return 0;
 	if (!CBB_flush(cbb))
 		return 0;
@@ -623,7 +623,8 @@ tlsext_sigalgs_server_build(SSL *s, uint16_t msg_type, CBB *cbb)
 
 	if (!CBB_add_u16_length_prefixed(cbb, &sigalgs))
 		return 0;
-	if (!ssl_sigalgs_build(s->s3->hs.negotiated_tls_version, &sigalgs))
+	if (!ssl_sigalgs_build(s->s3->hs.negotiated_tls_version, &sigalgs,
+	    SSL_get_security_level(s)))
 		return 0;
 	if (!CBB_flush(cbb))
 		return 0;