Change around some "client CA" things
re-use code for parsing CA name lists.
Change-Id: I55027999862912cedad062ab4ea2e97e407ae01f
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/71608
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc
index 44ef210..f87e000 100644
--- a/ssl/handshake_client.cc
+++ b/ssl/handshake_client.cc
@@ -1301,7 +1301,7 @@
uint8_t alert = SSL_AD_DECODE_ERROR;
UniquePtr<STACK_OF(CRYPTO_BUFFER)> ca_names =
- ssl_parse_client_CA_list(ssl, &alert, &body);
+ SSL_parse_CA_list(ssl, &alert, &body);
if (!ca_names) {
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
return ssl_hs_error;
diff --git a/ssl/internal.h b/ssl/internal.h
index fac6260..ccb66e0 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -1620,13 +1620,14 @@
// nullptr and pushes to the error queue.
UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in);
-// ssl_parse_client_CA_list parses a CA list from |cbs| in the format used by a
-// TLS CertificateRequest message. On success, it returns a newly-allocated
-// |CRYPTO_BUFFER| list and advances |cbs|. Otherwise, it returns nullptr and
-// sets |*out_alert| to an alert to send to the peer.
-UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
- uint8_t *out_alert,
- CBS *cbs);
+// SSL_parse_CA_list parses a CA list from |cbs| in the format used by a TLS
+// CertificateRequest message and Certificate Authorities extension. On success,
+// it returns a newly-allocated |CRYPTO_BUFFER| list and advances
+// |cbs|. Otherwise, it returns nullptr and sets |*out_alert| to an alert to
+// send to the peer.
+UniquePtr<STACK_OF(CRYPTO_BUFFER)> SSL_parse_CA_list(SSL *ssl,
+ uint8_t *out_alert,
+ CBS *cbs);
// ssl_has_client_CAs returns there are configured CAs.
bool ssl_has_client_CAs(const SSL_CONFIG *cfg);
@@ -2851,10 +2852,10 @@
Span<uint8_t> in);
struct SSL_X509_METHOD {
- // check_client_CA_list returns one if |names| is a good list of X.509
- // distinguished names and zero otherwise. This is used to ensure that we can
- // reject unparsable values at handshake time when using crypto/x509.
- bool (*check_client_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
+ // check_CA_list returns one if |names| is a good list of X.509 distinguished
+ // names and zero otherwise. This is used to ensure that we can reject
+ // unparsable values at handshake time when using crypto/x509.
+ bool (*check_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
// cert_clear frees and NULLs all X509 certificate-related state.
void (*cert_clear)(CERT *cert);
@@ -3378,6 +3379,13 @@
// |client_CA|.
STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
+ // For client side, keep the list of CA distinguished names we can use
+ // for the Certificate Authorities extension.
+ // TODO(bbe) having this separate from the client side (above) is mildly
+ // silly, but OpenSSL has *_client_CA API's for this exposed, and for the
+ // moment we are not crossing those streams.
+ UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
+
Array<uint16_t> supported_group_list; // our list
// channel_id_private is the client's Channel ID private key, or null if
@@ -3887,6 +3895,8 @@
// |client_CA|.
STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
+ // What we put in client hello in the CA extension.
+ bssl::UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
// Default values to use in SSL structures follow (these are copied by
// SSL_new)
diff --git a/ssl/ssl_cert.cc b/ssl/ssl_cert.cc
index b6d2cb7..68e155c 100644
--- a/ssl/ssl_cert.cc
+++ b/ssl/ssl_cert.cc
@@ -469,9 +469,9 @@
return true;
}
-UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
- uint8_t *out_alert,
- CBS *cbs) {
+UniquePtr<STACK_OF(CRYPTO_BUFFER)> SSL_parse_CA_list(SSL *ssl,
+ uint8_t *out_alert,
+ CBS *cbs) {
CRYPTO_BUFFER_POOL *const pool = ssl->ctx->pool;
UniquePtr<STACK_OF(CRYPTO_BUFFER)> ret(sk_CRYPTO_BUFFER_new_null());
@@ -504,7 +504,7 @@
}
}
- if (!ssl->ctx->x509_method->check_client_CA_list(ret.get())) {
+ if (!ssl->ctx->x509_method->check_CA_list(ret.get())) {
*out_alert = SSL_AD_DECODE_ERROR;
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
return nullptr;
diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc
index c386241..fbe94ad 100644
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc
@@ -672,7 +672,7 @@
}
if (ca.present) {
- hs->ca_names = ssl_parse_client_CA_list(ssl, &alert, &ca.data);
+ hs->ca_names = SSL_parse_CA_list(ssl, &alert, &ca.data);
if (!hs->ca_names) {
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
return ssl_hs_error;
