commit 05da6e1641bb8b3576b97dfc4fba22ee6c5d0453
author David Benjamin <davidben@chromium.org> Sat Jul 12 20:42:55 2014 -0400
committer Adam Langley <agl@google.com> Mon Jul 14 23:55:01 2014 +0000
tree b80ba4f001e142e64a6af1dcafcd96435af4633a
parent a03d95d15611095927849193d3a84ef4e9d3e231

Port tls12_check_peer_sigalg to CBS.

This avoids having to do the CBS_skip dance and is better about returning the
right alert.

Change-Id: Id84eba307d7c67269ccbc07a38d9044b6f4f7c6c
Reviewed-on: https://boringssl-review.googlesource.com/1169
Reviewed-by: Adam Langley <agl@google.com>

ssl/s3_clnt.c

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 837d8ff..eb59778 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1627,26 +1627,8 @@
 
 		if (SSL_USE_SIGALGS(s))
 			{
-			int rv;
-			const uint8_t *sigalg;
-
-			/* The first two bytes are the signature and
-			 * algorithm. */
-			sigalg = CBS_data(&server_key_exchange);
-			if (!CBS_skip(&server_key_exchange, 2))
-				{
-				al = SSL_AD_DECODE_ERROR;
-				OPENSSL_PUT_ERROR(SSL, ssl3_get_key_exchange, SSL_R_DECODE_ERROR);
+			if (!tls12_check_peer_sigalg(&md, &al, s, &server_key_exchange, pkey))
 				goto f_err;
-				}
-			rv = tls12_check_peer_sigalg(&md, s, sigalg, pkey);
-			if (rv == -1)
-				goto err;
-			else if (rv == 0)
-				{
-				al = SSL_AD_DECODE_ERROR;
-				goto f_err;
-				}
 			}
 		else
 			md = EVP_sha1();