mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 21:20:49 +02:00
tls13: avoid to create a new suite in CertificateRequest
This way the ssl object honour the HasSigAlgo list set by wolfSSL_set1_sigalgs_list.
This commit is contained in:
+3
-7
@@ -7791,7 +7791,6 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
|
||||
int sendSz;
|
||||
word32 i;
|
||||
word32 reqSz;
|
||||
word16 hashSigAlgoSz = 0;
|
||||
SignatureAlgorithms* sa;
|
||||
|
||||
WOLFSSL_START(WC_FUNC_CERTIFICATE_REQUEST_SEND);
|
||||
@@ -7802,14 +7801,11 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
|
||||
if (ssl->options.side != WOLFSSL_SERVER_END)
|
||||
return SIDE_ERROR;
|
||||
|
||||
/* Get the length of the hashSigAlgo buffer */
|
||||
InitSuitesHashSigAlgo(NULL, SIG_ALL, 1, 1, ssl->buffers.keySz,
|
||||
&hashSigAlgoSz);
|
||||
sa = TLSX_SignatureAlgorithms_New(ssl, hashSigAlgoSz, ssl->heap);
|
||||
/* Use ssl->suites->hashSigAlgo so wolfSSL_set1_sigalgs_list() is honored.
|
||||
* hashSigAlgoSz=0 makes GetSize/Write fall back to WOLFSSL_SUITES(ssl). */
|
||||
sa = TLSX_SignatureAlgorithms_New(ssl, 0, ssl->heap);
|
||||
if (sa == NULL)
|
||||
return MEMORY_ERROR;
|
||||
InitSuitesHashSigAlgo(sa->hashSigAlgo, SIG_ALL, 1, 1, ssl->buffers.keySz,
|
||||
&hashSigAlgoSz);
|
||||
ret = TLSX_Push(&ssl->extensions, TLSX_SIGNATURE_ALGORITHMS, sa, ssl->heap);
|
||||
if (ret != 0) {
|
||||
TLSX_SignatureAlgorithms_FreeAll(sa, ssl->heap);
|
||||
|
||||
Reference in New Issue
Block a user