diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2021-06-30 18:07:51 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2021-06-30 18:07:51 +0000 |
| commit | e7e266a776ba879a5c718a6149386bc498357bc6 (patch) | |
| tree | ab80f262929a6ff2d7396b55e0fc5afb437b8943 /lib/libssl/s3_lib.c | |
| parent | 95dd2fa771b76baa8711d5903655716618cca569 (diff) | |
Prepare to provide SSL_get_signature_nid() and friends.
This adds functionality for SSL_get_signature_nid(),
SSL_get_peer_signature_nid(), SSL_get_signature_type_nid() and
SSL_get_peer_signature_type_nid().
This is not currently publicly visible and will be exposed at a later
date.
ok inoguchi@ tb@
Diffstat (limited to 'lib/libssl/s3_lib.c')
| -rw-r--r-- | lib/libssl/s3_lib.c | 67 |
1 files changed, 66 insertions, 1 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index f056c3bae49..0cdf9edd2fe 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.210 2021/05/16 13:56:30 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.211 2021/06/30 18:07:50 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -161,6 +161,7 @@ #include "bytestring.h" #include "dtls_locl.h" #include "ssl_locl.h" +#include "ssl_sigalgs.h" #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers) / sizeof(SSL_CIPHER)) @@ -1929,6 +1930,64 @@ SSL_set1_groups_list(SSL *s, const char *groups) &s->internal->tlsext_supportedgroups_length, groups); } +static int +_SSL_get_signature_nid(SSL *s, int *nid) +{ + const struct ssl_sigalg *sigalg; + + if ((sigalg = S3I(s)->hs.our_sigalg) == NULL) + return 0; + + *nid = EVP_MD_type(sigalg->md()); + + return 1; +} + +static int +_SSL_get_peer_signature_nid(SSL *s, int *nid) +{ + const struct ssl_sigalg *sigalg; + + if ((sigalg = S3I(s)->hs.peer_sigalg) == NULL) + return 0; + + *nid = EVP_MD_type(sigalg->md()); + + return 1; +} + +int +SSL_get_signature_type_nid(const SSL *s, int *nid) +{ + const struct ssl_sigalg *sigalg; + + if ((sigalg = S3I(s)->hs.our_sigalg) == NULL) + return 0; + + *nid = sigalg->key_type; + if (sigalg->key_type == EVP_PKEY_RSA && + (sigalg->flags & SIGALG_FLAG_RSA_PSS)) + *nid = EVP_PKEY_RSA_PSS; + + return 1; +} + +int +SSL_get_peer_signature_type_nid(const SSL *s, int *nid) +{ + const struct ssl_sigalg *sigalg; + + if ((sigalg = S3I(s)->hs.peer_sigalg) == NULL) + return 0; + + *nid = sigalg->key_type; + if (sigalg->key_type == EVP_PKEY_RSA && + (sigalg->flags & SIGALG_FLAG_RSA_PSS)) + *nid = EVP_PKEY_RSA_PSS; + + return 1; +} + long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) { @@ -2039,6 +2098,12 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return 0; return SSL_set_max_proto_version(s, larg); + case SSL_CTRL_GET_SIGNATURE_NID: + return _SSL_get_signature_nid(s, parg); + + case SSL_CTRL_GET_PEER_SIGNATURE_NID: + return _SSL_get_peer_signature_nid(s, parg); + /* * Legacy controls that should eventually be removed. */ |