BoringSSL: Map OpenSSL SUITEB192 cipher into appropriate sigalgs

BoringSSL removed the special OpenSSL cipher suite value "SUITEB192", so
need to map that to the explicit ciphersuite
(ECDHE-ECDSA-AES256-GCM-SHA384), curve (P-384), and sigalg
(SSL_SIGN_ECDSA_SECP384R1_SHA384) to allow 192-bit level Suite B with
ECDSA to be used.

This commit takes care of the sigalg configuration using the relatively
recent SSL_CTX_set_verify_algorithm_prefs() addition from April 2017.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index bd5c23bd070d53cf046a95864a00f8c26d942402..b739f9e7059785a4adbd193082be89ba5db4852b 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2536,6 +2536,7 @@ static int tls_set_conn_flags(struct tls_connection *conn, unsigned int flags,
 
 #ifdef OPENSSL_IS_BORINGSSL
        if (openssl_ciphers && os_strcmp(openssl_ciphers, "SUITEB192") == 0) {
+               uint16_t sigalgs[1] = { SSL_SIGN_ECDSA_SECP384R1_SHA384 };
                int nid[1] = { NID_secp384r1 };
 
                if (SSL_set1_curves(ssl, nid, 1) != 1) {
@@ -2543,6 +2544,16 @@ static int tls_set_conn_flags(struct tls_connection *conn, unsigned int flags,
                                   "OpenSSL: Failed to set Suite B curves");
                        return -1;
                }
+
+               if (SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, sigalgs,
+                                                      1) != 1) {
+                       wpa_printf(MSG_INFO,
+                                  "OpenSSL: Failed to set Suite B sigalgs");
+                       return -1;
+               }
+       } else {
+               /* Use defaults from BoringSSL */
+               SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, NULL, 0);
        }
 #endif /* OPENSSL_IS_BORINGSSL */
 #endif /* CONFIG_SUITEB */