From 703bcee021790d33e07809c9b07fd51d2b4b5474 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 14 Dec 2016 14:31:21 +0000 Subject: Convert Sigalgs processing to use ints In TLSv1.2 an individual sig alg is represented by 1 byte for the hash and 1 byte for the signature. In TLSv1.3 each sig alg is represented by two bytes, where the two bytes together represent a single hash and signature combination. This converts the internal representation of sigalgs to use a single int for the pair, rather than a pair of bytes. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2157) --- ssl/ssl_cert.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'ssl/ssl_cert.c') diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 9668976324..bbb6932210 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -141,20 +141,23 @@ CERT *ssl_cert_dup(CERT *cert) /* Configured sigalgs copied across */ if (cert->conf_sigalgs) { - ret->conf_sigalgs = OPENSSL_malloc(cert->conf_sigalgslen); + ret->conf_sigalgs = OPENSSL_malloc(cert->conf_sigalgslen + * sizeof(*cert->conf_sigalgs)); if (ret->conf_sigalgs == NULL) goto err; - memcpy(ret->conf_sigalgs, cert->conf_sigalgs, cert->conf_sigalgslen); + memcpy(ret->conf_sigalgs, cert->conf_sigalgs, + cert->conf_sigalgslen * sizeof(*cert->conf_sigalgs)); ret->conf_sigalgslen = cert->conf_sigalgslen; } else ret->conf_sigalgs = NULL; if (cert->client_sigalgs) { - ret->client_sigalgs = OPENSSL_malloc(cert->client_sigalgslen); + ret->client_sigalgs = OPENSSL_malloc(cert->client_sigalgslen + * sizeof(*cert->client_sigalgs)); if (ret->client_sigalgs == NULL) goto err; memcpy(ret->client_sigalgs, cert->client_sigalgs, - cert->client_sigalgslen); + cert->client_sigalgslen * sizeof(*cert->client_sigalgs)); ret->client_sigalgslen = cert->client_sigalgslen; } else ret->client_sigalgs = NULL; -- cgit v1.2.1