diff options
| author | Doug Hogan <doug@cvs.openbsd.org> | 2015-07-24 03:50:13 +0000 |
|---|---|---|
| committer | Doug Hogan <doug@cvs.openbsd.org> | 2015-07-24 03:50:13 +0000 |
| commit | 44147c57808ba5b45cd033344140cf42d149fab1 (patch) | |
| tree | 83b4c2ee800634ef05f5fd91447c4cdf2a2d7828 /lib | |
| parent | 3f719f9da3635ec86996c57fa9985cac1b014d9c (diff) | |
Convert tls1_process_sigalgs to CBS.
ok miod@ jsing@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/t1_lib.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c index 70823bf8e71..2481a71f841 100644 --- a/lib/libssl/t1_lib.c +++ b/lib/libssl/t1_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_lib.c,v 1.80 2015/07/19 20:32:18 doug Exp $ */ +/* $OpenBSD: t1_lib.c,v 1.81 2015/07/24 03:50:12 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2336,26 +2336,35 @@ tls12_get_hash(unsigned char hash_alg) int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize) { - int i, idx; + int idx; const EVP_MD *md; CERT *c = s->cert; + CBS cbs; /* Extension ignored for inappropriate versions */ if (!SSL_USE_SIGALGS(s)) return 1; /* Should never happen */ - if (!c) + if (!c || dsize < 0) return 0; + CBS_init(&cbs, data, dsize); + c->pkeys[SSL_PKEY_DSA_SIGN].digest = NULL; c->pkeys[SSL_PKEY_RSA_SIGN].digest = NULL; c->pkeys[SSL_PKEY_RSA_ENC].digest = NULL; c->pkeys[SSL_PKEY_ECC].digest = NULL; c->pkeys[SSL_PKEY_GOST01].digest = NULL; - for (i = 0; i < dsize; i += 2) { - unsigned char hash_alg = data[i], sig_alg = data[i + 1]; + while (CBS_len(&cbs) > 0) { + uint8_t hash_alg, sig_alg; + + if (!CBS_get_u8(&cbs, &hash_alg) || + !CBS_get_u8(&cbs, &sig_alg)) { + /* Should never happen */ + return 0; + } switch (sig_alg) { case TLSEXT_signature_rsa: |