commit 3d458dc048c2ece7d89f9d50239c022322f6d0bd
author David Benjamin <davidben@google.com> Mon Sep 12 22:40:27 2016 +0000
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Mon Sep 12 22:54:08 2016 +0000
tree 731595cfbae63763509e6091c7c64cbd6d2ee0d8
parent 639846e5e47a2aacfd3d368bec1b208af34e68c8

Revert of Determining certificate_auth and key_exchange based on SSL.

Reason for revert:  Right now in TLS 1.3, certificate_auth is exactly
the same as whether we're doing resumption. With the weird reauth
stuff punted to later in the spec, having extra state is just more
room for bugs to creep in.

Original issue's description:
> Determining certificate_auth and key_exchange based on SSL.
> 
> This allows us to switch TLS 1.3 to use non-cipher based negotiation
> without needing to use separate functions between 1.3 and below.
> 
> BUG=77
> 
> Change-Id: I9207e7a6793cb69e8300e2c15afe3548cbf82af2
> Reviewed-on: https://boringssl-review.googlesource.com/10803
> Reviewed-by: David Benjamin <davidben@google.com>
> Commit-Queue: David Benjamin <davidben@google.com>
> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
> 

Change-Id: I240e3ee959ffd1f2481a06eabece3af554d20ffa
Reviewed-on: https://boringssl-review.googlesource.com/11008
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/handshake_client.c

diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c
index dd3ab04..ce736b5 100644
--- a/ssl/handshake_client.c
+++ b/ssl/handshake_client.c
@@ -264,7 +264,7 @@
         break;
 
       case SSL3_ST_CR_CERT_A:
-        if (ssl->s3->hs->use_cert_auth) {
+        if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
           ret = ssl3_get_server_certificate(ssl);
           if (ret <= 0) {
             goto end;
@@ -288,7 +288,7 @@
         break;
 
       case SSL3_ST_VERIFY_SERVER_CERT:
-        if (ssl->s3->hs->use_cert_auth) {
+        if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
           ret = ssl3_verify_server_cert(ssl);
           if (ret <= 0) {
             goto end;
@@ -308,7 +308,7 @@
         break;
 
       case SSL3_ST_CR_CERT_REQ_A:
-        if (ssl->s3->hs->use_cert_auth) {
+        if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
           ret = ssl3_get_certificate_request(ssl);
           if (ret <= 0) {
             goto end;
@@ -952,9 +952,6 @@
     ssl->s3->new_session->cipher = c;
   }
   ssl->s3->tmp.new_cipher = c;
-  if (ssl_cipher_uses_certificate_auth(c)) {
-    ssl->s3->hs->use_cert_auth = 1;
-  }
 
   /* Now that the cipher is known, initialize the handshake hash. */
   if (!ssl3_init_handshake_hash(ssl)) {
@@ -964,7 +961,8 @@
   /* If doing a full handshake, the server may request a client certificate
    * which requires hashing the handshake transcript. Otherwise, the handshake
    * buffer may be released. */
-  if (ssl->session != NULL || !ssl->s3->hs->use_cert_auth) {
+  if (ssl->session != NULL ||
+      !ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
     ssl3_free_handshake_buffer(ssl);
   }
 
@@ -1286,7 +1284,7 @@
            CBS_len(&server_key_exchange_orig) - CBS_len(&server_key_exchange));
 
   /* ServerKeyExchange should be signed by the server's public key. */
-  if (ssl->s3->hs->use_cert_auth) {
+  if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
     pkey = X509_get_pubkey(ssl->s3->new_session->peer);
     if (pkey == NULL) {
       goto err;