Allow Ed25519 in TLS 1.2
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index cf11921..0f1d95b 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1498,6 +1498,7 @@
break;
#endif
#ifndef OPENSSL_NO_EC
+ case NID_ED25519:
case EVP_PKEY_EC:
if (!have_ecdsa && tls12_sigalg_allowed(s, op, lu))
have_ecdsa = 1;
@@ -2380,11 +2381,16 @@
return 0;
}
} else if (!ssl_has_cert(s, idx)) {
- if (al == NULL)
- return 1;
- *al = SSL_AD_INTERNAL_ERROR;
- SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
- return 0;
+ /* Allow Ed25519 if no EC certificate */
+ if (idx == SSL_PKEY_ECC && ssl_has_cert(s, SSL_PKEY_ED25519)) {
+ idx = SSL_PKEY_ED25519;
+ } else {
+ if (al == NULL)
+ return 1;
+ *al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
}
} else {
/* Find index for client certificate */
@@ -2421,6 +2427,10 @@
if (lu->sig_idx == idx
&& (curve == -1 || lu->curve == curve))
break;
+ if (idx == SSL_PKEY_ECC && lu->sig == NID_ED25519) {
+ idx = SSL_PKEY_ED25519;
+ break;
+ }
#endif
if (idx == SSL_PKEY_RSA && lu->sig == EVP_PKEY_RSA_PSS)
break;
