Adapt client-side signature verification to use raw public key

We must dispatch between the peer's public key stored as part of
the peer's CRT in the current session structure (situation until
now, and future behaviour if MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is
enabled), and the sole public key stored in the handshake structure
(new, if MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is disabled).
This commit is contained in:
Hanno Becker 2019-02-06 18:26:03 +00:00
parent 53b6b7e09b
commit 69fad13853

View file

@ -2655,6 +2655,8 @@ start_processing:
size_t params_len = p - params; size_t params_len = p - params;
void *rs_ctx = NULL; void *rs_ctx = NULL;
mbedtls_pk_context * peer_pk;
/* /*
* Handle the digitally-signed structure * Handle the digitally-signed structure
*/ */
@ -2757,16 +2759,21 @@ start_processing:
MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
peer_pk = &ssl->handshake->peer_pubkey;
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
if( ssl->session_negotiate->peer_cert == NULL ) if( ssl->session_negotiate->peer_cert == NULL )
{ {
/* Should never happen */ /* Should never happen */
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
} }
peer_pk = &ssl->session_negotiate->peer_cert->pk;
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
/* /*
* Verify signature * Verify signature
*/ */
if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) ) if( !mbedtls_pk_can_do( peer_pk, pk_alg ) )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
@ -2779,8 +2786,7 @@ start_processing:
rs_ctx = &ssl->handshake->ecrs_ctx.pk; rs_ctx = &ssl->handshake->ecrs_ctx.pk;
#endif #endif
if( ( ret = mbedtls_pk_verify_restartable( if( ( ret = mbedtls_pk_verify_restartable( peer_pk,
&ssl->session_negotiate->peer_cert->pk,
md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 ) md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 )
{ {
#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) #if defined(MBEDTLS_SSL__ECP_RESTARTABLE)