Bugfix: GOST2012 certificates for GOST ciphersuites were broken.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6168)
2025-02-23 14:42:15 +08:00 · 2018-05-03 17:25:48 +03:00 · 2018-05-03 17:25:48 +03:00 · 1f65c0459a
commit 1f65c0459a
parent 02a7e0a9f6
2 changed files with 15 additions and 5 deletions
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@ -383,11 +383,6 @@
 # define SSL_PKEY_ED25519        7
 # define SSL_PKEY_ED448          8
 # define SSL_PKEY_NUM            9
-/*
- * Pseudo-constant. GOST cipher suites can use different certs for 1
- * SSL_CIPHER. So let's see which one we have in fact.
- */
-# define SSL_PKEY_GOST_EC SSL_PKEY_NUM+1

 /*-
 * SSL_kRSA <- RSA_ENC
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -857,6 +857,21 @@ static const SIGALG_LOOKUP *tls1_get_legacy_sigalg(const SSL *s, int idx)
                    break;
                }
            }
+
+            /*
+             * Some GOST ciphersuites allow more than one signature algorithms
+             * */
+            if (idx == SSL_PKEY_GOST01 && s->s3->tmp.new_cipher->algorithm_auth != SSL_aGOST01) {
+                int real_idx;
+
+                for (real_idx = SSL_PKEY_GOST12_512; real_idx >= SSL_PKEY_GOST01;
+                     real_idx--) {
+                    if (s->cert->pkeys[real_idx].privatekey != NULL) {
+                        idx = real_idx;
+                        break;
+                    }
+                }
+            }
        } else {
            idx = s->cert->key - s->cert->pkeys;
        }