本文整理汇总了C++中CBS_init函数的典型用法代码示例。如果您正苦于以下问题:C++ CBS_init函数的具体用法?C++ CBS_init怎么用?C++ CBS_init使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了CBS_init函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: OPENSSL_PUT_ERROR
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp,
long len) {
if (len < 0) {
OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);
return NULL;
}
// Parse with the legacy format.
CBS cbs;
CBS_init(&cbs, *inp, (size_t)len);
EVP_PKEY *ret = old_priv_decode(&cbs, type);
if (ret == NULL) {
// Try again with PKCS#8.
ERR_clear_error();
CBS_init(&cbs, *inp, (size_t)len);
ret = EVP_parse_private_key(&cbs);
if (ret == NULL) {
return NULL;
}
if (ret->type != type) {
OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES);
EVP_PKEY_free(ret);
return NULL;
}
}
if (out != NULL) {
EVP_PKEY_free(*out);
*out = ret;
}
*inp = CBS_data(&cbs);
return ret;
}示例2: pkcs7_parse_header
/* pkcs7_parse_header reads the non-certificate/non-CRL prefix of a PKCS#7
* SignedData blob from |cbs| and sets |*out| to point to the rest of the
* input. If the input is in BER format, then |*der_bytes| will be set to a
* pointer that needs to be freed by the caller once they have finished
* processing |*out| (which will be pointing into |*der_bytes|).
*
* It returns one on success or zero on error. On error, |*der_bytes| is
* NULL. */
static int pkcs7_parse_header(uint8_t **der_bytes, CBS *out, CBS *cbs) {
size_t der_len;
CBS in, content_info, content_type, wrapped_signed_data, signed_data;
uint64_t version;
/* The input may be in BER format. */
*der_bytes = NULL;
if (!CBS_asn1_ber_to_der(cbs, der_bytes, &der_len)) {
return 0;
}
if (*der_bytes != NULL) {
CBS_init(&in, *der_bytes, der_len);
} else {
CBS_init(&in, CBS_data(cbs), CBS_len(cbs));
}
/* See https://tools.ietf.org/html/rfc2315#section-7 */
if (!CBS_get_asn1(&in, &content_info, CBS_ASN1_SEQUENCE) ||
!CBS_get_asn1(&content_info, &content_type, CBS_ASN1_OBJECT)) {
goto err;
}
if (OBJ_cbs2nid(&content_type) != NID_pkcs7_signed) {
OPENSSL_PUT_ERROR(X509, pkcs7_parse_header,
X509_R_NOT_PKCS7_SIGNED_DATA);
goto err;
}
/* See https://tools.ietf.org/html/rfc2315#section-9.1 */
if (!CBS_get_asn1(&content_info, &wrapped_signed_data,
CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) ||
!CBS_get_asn1(&wrapped_signed_data, &signed_data, CBS_ASN1_SEQUENCE) ||
!CBS_get_asn1_uint64(&signed_data, &version) ||
!CBS_get_asn1(&signed_data, NULL /* digests */, CBS_ASN1_SET) ||
!CBS_get_asn1(&signed_data, NULL /* content */, CBS_ASN1_SEQUENCE)) {
goto err;
}
if (version < 1) {
OPENSSL_PUT_ERROR(X509, pkcs7_parse_header,
X509_R_BAD_PKCS7_VERSION);
goto err;
}
CBS_init(out, CBS_data(&signed_data), CBS_len(&signed_data));
return 1;
err:
if (*der_bytes) {
OPENSSL_free(*der_bytes);
*der_bytes = NULL;
}
return 0;
}示例3: test_asn1_uint64
static int test_asn1_uint64(void) {
size_t i;
for (i = 0; i < sizeof(kAsn1Uint64Tests) / sizeof(kAsn1Uint64Tests[0]); i++) {
const ASN1_UINT64_TEST *test = &kAsn1Uint64Tests[i];
CBS cbs;
uint64_t value;
CBB cbb;
uint8_t *out;
size_t len;
CBS_init(&cbs, (const uint8_t *)test->encoding, test->encoding_len);
if (!CBS_get_asn1_uint64(&cbs, &value) ||
CBS_len(&cbs) != 0 ||
value != test->value) {
return 0;
}
if (!CBB_init(&cbb, 0)) {
return 0;
}
if (!CBB_add_asn1_uint64(&cbb, test->value) ||
!CBB_finish(&cbb, &out, &len)) {
CBB_cleanup(&cbb);
return 0;
}
if (len != test->encoding_len || memcmp(out, test->encoding, len) != 0) {
free(out);
return 0;
}
free(out);
}
for (i = 0;
i < sizeof(kAsn1InvalidUint64Tests) / sizeof(kAsn1InvalidUint64Tests[0]);
i++) {
const ASN1_INVALID_UINT64_TEST *test = &kAsn1InvalidUint64Tests[i];
CBS cbs;
uint64_t value;
CBS_init(&cbs, (const uint8_t *)test->encoding, test->encoding_len);
if (CBS_get_asn1_uint64(&cbs, &value)) {
return 0;
}
}
return 1;
}示例4: tls13_process_new_session_ticket
int tls13_process_new_session_ticket(SSL *ssl) {
SSL_SESSION *session =
SSL_SESSION_dup(ssl->s3->established_session,
SSL_SESSION_INCLUDE_NONAUTH);
if (session == NULL) {
return 0;
}
CBS cbs, extensions, ticket;
CBS_init(&cbs, ssl->init_msg, ssl->init_num);
if (!CBS_get_u32(&cbs, &session->tlsext_tick_lifetime_hint) ||
!CBS_get_u32(&cbs, &session->ticket_flags) ||
!CBS_get_u32(&cbs, &session->ticket_age_add) ||
!CBS_get_u16_length_prefixed(&cbs, &extensions) ||
!CBS_get_u16_length_prefixed(&cbs, &ticket) ||
!CBS_stow(&ticket, &session->tlsext_tick, &session->tlsext_ticklen) ||
CBS_len(&cbs) != 0) {
SSL_SESSION_free(session);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
return 0;
}
session->ticket_age_add_valid = 1;
session->not_resumable = 0;
if (ssl->ctx->new_session_cb != NULL &&
ssl->ctx->new_session_cb(ssl, session)) {
/* |new_session_cb|'s return value signals that it took ownership. */
return 1;
}
SSL_SESSION_free(session);
return 1;
}示例5: do_ber_convert
static int do_ber_convert(const char *name,
const uint8_t *der_expected, size_t der_len,
const uint8_t *ber, size_t ber_len) {
CBS in;
uint8_t *out;
size_t out_len;
CBS_init(&in, ber, ber_len);
if (!CBS_asn1_ber_to_der(&in, &out, &out_len)) {
fprintf(stderr, "%s: CBS_asn1_ber_to_der failed.\n", name);
return 0;
}
if (out == NULL) {
if (ber_len != der_len ||
memcmp(der_expected, ber, ber_len) != 0) {
fprintf(stderr, "%s: incorrect unconverted result.\n", name);
return 0;
}
return 1;
}
if (out_len != der_len ||
memcmp(out, der_expected, der_len) != 0) {
fprintf(stderr, "%s: incorrect converted result.\n", name);
return 0;
}
free(out);
return 1;
}示例6: do_process_encrypted_extensions
static enum ssl_hs_wait_t do_process_encrypted_extensions(SSL *ssl,
SSL_HANDSHAKE *hs) {
if (!tls13_check_message_type(ssl, SSL3_MT_ENCRYPTED_EXTENSIONS)) {
return ssl_hs_error;
}
CBS cbs;
CBS_init(&cbs, ssl->init_msg, ssl->init_num);
if (!ssl_parse_serverhello_tlsext(ssl, &cbs)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT);
return ssl_hs_error;
}
if (CBS_len(&cbs) != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
return ssl_hs_error;
}
if (!ssl->method->hash_current_message(ssl)) {
return ssl_hs_error;
}
hs->state = state_process_certificate_request;
return ssl_hs_read_message;
}示例7: cbs_find_ber
/* cbs_find_ber walks an ASN.1 structure in |orig_in| and sets |*ber_found|
* depending on whether an indefinite length element was found. The value of
* |in| is not changed. It returns one on success (i.e. |*ber_found| was set)
* and zero on error. */
static int cbs_find_ber(CBS *orig_in, char *ber_found, unsigned depth) {
CBS in;
if (depth > kMaxDepth) {
return 0;
}
CBS_init(&in, CBS_data(orig_in), CBS_len(orig_in));
*ber_found = 0;
while (CBS_len(&in) > 0) {
CBS contents;
unsigned tag;
size_t header_len;
if (!CBS_get_any_ber_asn1_element(&in, &contents, &tag, &header_len)) {
return 0;
}
if (CBS_len(&contents) == header_len &&
header_len > 0 &&
CBS_data(&contents)[header_len-1] == 0x80) {
*ber_found = 1;
return 1;
}
if (tag & CBS_ASN1_CONSTRUCTED) {
if (!CBS_skip(&contents, header_len) ||
!cbs_find_ber(&contents, ber_found, depth + 1)) {
return 0;
}
}
}
return 1;
}示例8: ssl3_get_finished
int ssl3_get_finished(SSL *s, int a, int b)
{
int al, ok, md_len;
long n;
CBS cbs;
n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64,
/* should actually be 36+4 :-) */ &ok);
if (!ok)
return ((int)n);
/* If this occurs, we have missed a message */
if (!s->s3->change_cipher_spec) {
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_GOT_A_FIN_BEFORE_A_CCS);
goto f_err;
}
s->s3->change_cipher_spec = 0;
md_len = s->s3->tmp.peer_finish_md_len;
if (n < 0) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
goto f_err;
}
CBS_init(&cbs, s->init_msg, n);
if (s->s3->tmp.peer_finish_md_len != md_len || (int)CBS_len(&cbs) != md_len) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
goto f_err;
}
if (!CBS_mem_equal(&cbs, s->s3->tmp.peer_finish_md, CBS_len(&cbs))) {
al = SSL_AD_DECRYPT_ERROR;
SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED);
goto f_err;
}
/* Copy the finished so we can use it for
renegotiation checks */
if (s->type == SSL_ST_ACCEPT) {
OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_client_finished, s->s3->tmp.peer_finish_md, md_len);
s->s3->previous_client_finished_len = md_len;
} else {
OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_server_finished, s->s3->tmp.peer_finish_md, md_len);
s->s3->previous_server_finished_len = md_len;
}
return (1);
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
return (0);
}示例9: tls13_process_certificate_verify
int tls13_process_certificate_verify(SSL *ssl) {
int ret = 0;
X509 *peer = ssl->s3->new_session->peer;
EVP_PKEY *pkey = NULL;
uint8_t *msg = NULL;
size_t msg_len;
/* Filter out unsupported certificate types. */
pkey = X509_get_pubkey(peer);
if (pkey == NULL) {
goto err;
}
CBS cbs, signature;
uint16_t signature_algorithm;
CBS_init(&cbs, ssl->init_msg, ssl->init_num);
if (!CBS_get_u16(&cbs, &signature_algorithm) ||
!CBS_get_u16_length_prefixed(&cbs, &signature) ||
CBS_len(&cbs) != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
goto err;
}
int al;
if (!tls12_check_peer_sigalg(ssl, &al, signature_algorithm)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
goto err;
}
ssl->s3->tmp.peer_signature_algorithm = signature_algorithm;
if (!tls13_get_cert_verify_signature_input(
ssl, &msg, &msg_len,
ssl->server ? ssl_cert_verify_client : ssl_cert_verify_server)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
goto err;
}
int sig_ok =
ssl_public_key_verify(ssl, CBS_data(&signature), CBS_len(&signature),
signature_algorithm, pkey, msg, msg_len);
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
sig_ok = 1;
ERR_clear_error();
#endif
if (!sig_ok) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
goto err;
}
ret = 1;
err:
EVP_PKEY_free(pkey);
OPENSSL_free(msg);
return ret;
}示例10: test_EVP_DigestVerifyInitFromAlgorithm
static int test_EVP_DigestVerifyInitFromAlgorithm(void) {
int ret = 0;
CBS cert, cert_body, tbs_cert, algorithm, signature;
uint8_t padding;
X509_ALGOR *algor = NULL;
const uint8_t *derp;
EVP_PKEY *pkey = NULL;
EVP_MD_CTX md_ctx;
EVP_MD_CTX_init(&md_ctx);
CBS_init(&cert, kExamplePSSCert, sizeof(kExamplePSSCert));
if (!CBS_get_asn1(&cert, &cert_body, CBS_ASN1_SEQUENCE) ||
CBS_len(&cert) != 0 ||
!CBS_get_any_asn1_element(&cert_body, &tbs_cert, NULL, NULL) ||
!CBS_get_asn1_element(&cert_body, &algorithm, CBS_ASN1_SEQUENCE) ||
!CBS_get_asn1(&cert_body, &signature, CBS_ASN1_BITSTRING) ||
CBS_len(&cert_body) != 0) {
fprintf(stderr, "Failed to parse certificate\n");
goto out;
}
/* Signatures are BIT STRINGs, but they have are multiple of 8 bytes, so the
leading phase byte is just a zero. */
if (!CBS_get_u8(&signature, &padding) || padding != 0) {
fprintf(stderr, "Invalid signature padding\n");
goto out;
}
derp = CBS_data(&algorithm);
if (!d2i_X509_ALGOR(&algor, &derp, CBS_len(&algorithm)) ||
derp != CBS_data(&algorithm) + CBS_len(&algorithm)) {
fprintf(stderr, "Failed to parse algorithm\n");
}
pkey = load_example_rsa_key();
if (pkey == NULL ||
!EVP_DigestVerifyInitFromAlgorithm(&md_ctx, algor, pkey) ||
!EVP_DigestVerifyUpdate(&md_ctx, CBS_data(&tbs_cert),
CBS_len(&tbs_cert)) ||
!EVP_DigestVerifyFinal(&md_ctx, CBS_data(&signature),
CBS_len(&signature))) {
goto out;
}
ret = 1;
out:
if (!ret) {
BIO_print_errors_fp(stderr);
}
EVP_MD_CTX_cleanup(&md_ctx);
if (pkey) {
EVP_PKEY_free(pkey);
}
return ret;
}示例11: do_process_hello_retry_request
static enum ssl_hs_wait_t do_process_hello_retry_request(SSL *ssl,
SSL_HANDSHAKE *hs) {
if (ssl->s3->tmp.message_type != SSL3_MT_HELLO_RETRY_REQUEST) {
hs->state = state_process_server_hello;
return ssl_hs_ok;
}
CBS cbs, extensions;
uint16_t server_wire_version, cipher_suite, group_id;
CBS_init(&cbs, ssl->init_msg, ssl->init_num);
if (!CBS_get_u16(&cbs, &server_wire_version) ||
!CBS_get_u16(&cbs, &cipher_suite) ||
!CBS_get_u16(&cbs, &group_id) ||
/* We do not currently parse any HelloRetryRequest extensions. */
!CBS_get_u16_length_prefixed(&cbs, &extensions) ||
CBS_len(&cbs) != 0) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
return ssl_hs_error;
}
/* TODO(svaldez): Don't do early_data on HelloRetryRequest. */
const uint16_t *groups;
size_t groups_len;
tls1_get_grouplist(ssl, 0 /* local groups */, &groups, &groups_len);
int found = 0;
for (size_t i = 0; i < groups_len; i++) {
if (groups[i] == group_id) {
found = 1;
break;
}
}
if (!found) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE);
return ssl_hs_error;
}
for (size_t i = 0; i < ssl->s3->hs->groups_len; i++) {
/* Check that the HelloRetryRequest does not request a key share that was
* provided in the initial ClientHello.
*
* TODO(svaldez): Don't enforce this check when the HelloRetryRequest is due
* to a cookie. */
if (SSL_ECDH_CTX_get_id(&ssl->s3->hs->groups[i]) == group_id) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE);
return ssl_hs_error;
}
}
ssl_handshake_clear_groups(ssl->s3->hs);
ssl->s3->hs->retry_group = group_id;
hs->state = state_send_second_client_hello;
return ssl_hs_ok;
}示例12: do_process_certificate_request
static enum ssl_hs_wait_t do_process_certificate_request(SSL *ssl,
SSL_HANDSHAKE *hs) {
ssl->s3->tmp.cert_request = 0;
/* CertificateRequest may only be sent in certificate-based ciphers. */
if (!ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
hs->state = state_process_server_finished;
return ssl_hs_ok;
}
/* CertificateRequest is optional. */
if (ssl->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
hs->state = state_process_server_certificate;
return ssl_hs_ok;
}
CBS cbs, context, supported_signature_algorithms;
CBS_init(&cbs, ssl->init_msg, ssl->init_num);
if (!CBS_get_u8_length_prefixed(&cbs, &context) ||
/* The request context is always empty during the handshake. */
CBS_len(&context) != 0 ||
!CBS_get_u16_length_prefixed(&cbs, &supported_signature_algorithms) ||
CBS_len(&supported_signature_algorithms) == 0 ||
!tls1_parse_peer_sigalgs(ssl, &supported_signature_algorithms)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
return ssl_hs_error;
}
uint8_t alert;
STACK_OF(X509_NAME) *ca_sk = ssl_parse_client_CA_list(ssl, &alert, &cbs);
if (ca_sk == NULL) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
return ssl_hs_error;
}
/* Ignore extensions. */
CBS extensions;
if (!CBS_get_u16_length_prefixed(&cbs, &extensions) ||
CBS_len(&cbs) != 0) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
return ssl_hs_error;
}
ssl->s3->tmp.cert_request = 1;
sk_X509_NAME_pop_free(ssl->s3->tmp.ca_names, X509_NAME_free);
ssl->s3->tmp.ca_names = ca_sk;
if (!ssl->method->hash_current_message(ssl)) {
return ssl_hs_error;
}
hs->state = state_process_server_certificate;
return ssl_hs_read_message;
}示例13: dtls1_get_hello_verify
int
dtls1_get_hello_verify(SSL *s)
{
long n;
int al, ok = 0;
size_t cookie_len;
uint16_t ssl_version;
CBS hello_verify_request, cookie;
n = s->method->internal->ssl_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list, &ok);
if (!ok)
return ((int)n);
if (S3I(s)->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
D1I(s)->send_cookie = 0;
S3I(s)->tmp.reuse_message = 1;
return (1);
}
if (n < 0)
goto truncated;
CBS_init(&hello_verify_request, s->internal->init_msg, n);
if (!CBS_get_u16(&hello_verify_request, &ssl_version))
goto truncated;
if (ssl_version != s->version) {
SSLerror(s, SSL_R_WRONG_SSL_VERSION);
s->version = (s->version & 0xff00) | (ssl_version & 0xff);
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
if (!CBS_get_u8_length_prefixed(&hello_verify_request, &cookie))
goto truncated;
if (!CBS_write_bytes(&cookie, D1I(s)->cookie,
sizeof(D1I(s)->cookie), &cookie_len)) {
D1I(s)->cookie_len = 0;
al = SSL_AD_ILLEGAL_PARAMETER;
goto f_err;
}
D1I(s)->cookie_len = cookie_len;
D1I(s)->send_cookie = 1;
return 1;
truncated:
al = SSL_AD_DECODE_ERROR;
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
return -1;
}示例14: CBS_init
ECDSA_SIG *ECDSA_SIG_from_bytes(const uint8_t *in, size_t in_len) {
CBS cbs;
CBS_init(&cbs, in, in_len);
ECDSA_SIG *ret = ECDSA_SIG_parse(&cbs);
if (ret == NULL || CBS_len(&cbs) != 0) {
OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE);
ECDSA_SIG_free(ret);
return NULL;
}
return ret;
}示例15: tls13_process_certificate_verify
int tls13_process_certificate_verify(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
int ret = 0;
uint8_t *msg = NULL;
size_t msg_len;
if (hs->peer_pubkey == NULL) {
goto err;
}
CBS cbs, signature;
uint16_t signature_algorithm;
CBS_init(&cbs, ssl->init_msg, ssl->init_num);
if (!CBS_get_u16(&cbs, &signature_algorithm) ||
!CBS_get_u16_length_prefixed(&cbs, &signature) ||
CBS_len(&cbs) != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
goto err;
}
int al;
if (!tls12_check_peer_sigalg(ssl, &al, signature_algorithm)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
goto err;
}
ssl->s3->new_session->peer_signature_algorithm = signature_algorithm;
if (!tls13_get_cert_verify_signature_input(
ssl, &msg, &msg_len,
ssl->server ? ssl_cert_verify_client : ssl_cert_verify_server)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
goto err;
}
int sig_ok =
ssl_public_key_verify(ssl, CBS_data(&signature), CBS_len(&signature),
signature_algorithm, hs->peer_pubkey, msg, msg_len);
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
sig_ok = 1;
ERR_clear_error();
#endif
if (!sig_ok) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
goto err;
}
ret = 1;
err:
OPENSSL_free(msg);
return ret;
}