Trim tls1_check_chain and CERT_PKEY flags.
Many are now unused. Only two are currently considered in cipher selection:
CERT_PKEY_VALID and CERT_PKEY_SIGN. (As per previous commits, this is either
bizarre due to limited slots or redundant with ssl_early_callback_ctx. We can
probably prune this too.)
This also fixes a bug where DTLS 1.0 went through a TLS 1.2 codepath. As the
DTLS code is currently arranged, all version comparisons must be done via
macros like SSL_USE_SIGALGS. (Probably we should add functions to map from DTLS
to TLS versions and slowly move the library to using the TLS version as
in-memory representation.)
Change-Id: I89bcf5b7b9ea5cdecf54f4445156586377328fe0
Reviewed-on: https://boringssl-review.googlesource.com/2286
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 8f8d779..3b5bff7 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -427,20 +427,6 @@
#define CERT_PKEY_VALID 0x1
/* Certificate can also be used for signing */
#define CERT_PKEY_SIGN 0x2
-/* EE certificate signing algorithm OK */
-#define CERT_PKEY_EE_SIGNATURE 0x10
-/* CA signature algorithms OK */
-#define CERT_PKEY_CA_SIGNATURE 0x20
-/* EE certificate parameters OK */
-#define CERT_PKEY_EE_PARAM 0x40
-/* CA certificate parameters OK */
-#define CERT_PKEY_CA_PARAM 0x80
-/* Client CA issuer names match (always set for server cert) */
-#define CERT_PKEY_ISSUER_NAME 0x200
-/* Cert type matches client types (always set for server cert) */
-#define CERT_PKEY_CERT_TYPE 0x400
-/* Cert chain suitable to Suite B */
-#define CERT_PKEY_SUITEB 0x800
typedef struct cert_pkey_st
{
@@ -1077,7 +1063,7 @@
int tls1_set_sigalgs_list(CERT *c, const char *str, int client);
int tls1_set_sigalgs(CERT *c, const int *salg, size_t salglen, int client);
-int tls1_check_chain(SSL *s, int idx);
+void tls1_check_chain(SSL *s, size_t idx);
void tls1_set_cert_validity(SSL *s);
/* ssl_ctx_log_rsa_client_key_exchange logs |premaster| to |ctx|, if logging is
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4456dfc..c31720c 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -657,7 +657,7 @@
/* Check cert parameters compatible with extensions: currently just checks
* EC certificates have compatible curves and compression.
*/
-static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
+static int tls1_check_cert_param(SSL *s, X509 *x)
{
uint8_t comp_id;
uint16_t curve_id;
@@ -2920,52 +2920,24 @@
* server. This allows the server to check chains before attempting to use them.
*/
-int tls1_check_chain(SSL *s, int idx)
+void tls1_check_chain(SSL *s, size_t idx)
{
- int rv = 0;
- CERT_PKEY *cpk = NULL;
- CERT *c = s->cert;
- X509 *x;
- EVP_PKEY *pk;
+ CERT_PKEY *cpk = &s->cert->pkeys[idx];
- cpk = c->pkeys + idx;
- x = cpk->x509;
- pk = cpk->privatekey;
- /* If no cert or key, forget it */
- if (!x || !pk)
- goto end;
+ /* Clear the flags. */
+ cpk->valid_flags = 0;
+
+ /* If no cert or key, forget it. */
+ if (!cpk->x509 || !cpk->privatekey)
+ return;
/* Check cert parameters are consistent */
- if (tls1_check_cert_param(s, x, 2))
- rv |= CERT_PKEY_EE_PARAM;
- else
- goto end;
- if (!s->server)
- rv |= CERT_PKEY_CA_PARAM;
- rv |= CERT_PKEY_ISSUER_NAME|CERT_PKEY_CERT_TYPE|CERT_PKEY_VALID;
+ if (!tls1_check_cert_param(s, cpk->x509))
+ return;
- end:
-
- if (TLS1_get_version(s) >= TLS1_2_VERSION)
- {
- if (cpk->digest)
- rv |= CERT_PKEY_SIGN;
- }
- else
- rv |= CERT_PKEY_SIGN;
-
- /* When checking a CERT_PKEY structure all flags are irrelevant
- * if the chain is invalid.
- */
- if (rv & CERT_PKEY_VALID)
- cpk->valid_flags = rv;
- else
- {
- /* Clear flags. */
- cpk->valid_flags = 0;
- return 0;
- }
- return rv;
+ cpk->valid_flags = CERT_PKEY_VALID;
+ if (!SSL_USE_SIGALGS(s) || cpk->digest)
+ cpk->valid_flags |= CERT_PKEY_SIGN;
}
/* Set validity of certificates in an SSL structure */