Merge pull request #9482 from anhu/move_the_sigalg_check

Need to move sigalg check down because it does not consider hybrids.
2026-01-26 16:12:24 +01:00 · 2025-11-27 09:42:18 +10:00
parent e30e9b7e09 a765bbdb79
commit 93944d289f
1 changed files with 12 additions and 12 deletions
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -10230,18 +10230,6 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
                ERROR_OUT(BUFFER_ERROR, exit_dcv);
            }

-            validSigAlgo = 0;
-            for (i = 0; i < suites->hashSigAlgoSz; i += 2) {
-                 if ((suites->hashSigAlgo[i + 0] == input[args->idx + 0]) &&
-                         (suites->hashSigAlgo[i + 1] == input[args->idx + 1])) {
-                     validSigAlgo = 1;
-                     break;
-                 }
-            }
-            if (!validSigAlgo) {
-                ERROR_OUT(INVALID_PARAMETER, exit_dcv);
-            }
-
 #ifdef WOLFSSL_DUAL_ALG_CERTS
            if (ssl->peerSigSpec == NULL) {
                /* The peer did not respond. We didn't send CKS or they don't
@@ -10258,6 +10246,18 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
                *ssl->sigSpec == WOLFSSL_CKS_SIGSPEC_NATIVE ||
                *ssl->sigSpec == WOLFSSL_CKS_SIGSPEC_ALTERNATIVE) {
 #endif /* WOLFSSL_DUAL_ALG_CERTS */
+                validSigAlgo = 0;
+                for (i = 0; i < suites->hashSigAlgoSz; i += 2) {
+                     if ((suites->hashSigAlgo[i + 0] == input[args->idx + 0]) &&
+                             (suites->hashSigAlgo[i + 1] == input[args->idx + 1])) {
+                         validSigAlgo = 1;
+                         break;
+                     }
+                }
+                if (!validSigAlgo) {
+                    ERROR_OUT(INVALID_PARAMETER, exit_dcv);
+                }
+
                ret = DecodeTls13SigAlg(input + args->idx,
                        &ssl->options.peerHashAlgo, &ssl->options.peerSigAlgo);
 #ifdef WOLFSSL_DUAL_ALG_CERTS