Merge pull request #5835 from superna9999/5831-tls-1-2-ciphersuite-selection

Permissions 2a: TLS 1.2 ciphersuite selection

library/ssl_tls12_server.c

@@ -682,8 +682,15 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
                           const mbedtls_ssl_ciphersuite_t * ciphersuite_info )
 {
     mbedtls_ssl_key_cert *cur, *list;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_algorithm_t pk_alg =
+        mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( ciphersuite_info );
+    psa_key_usage_t pk_usage =
+        mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage( ciphersuite_info );
+#else
     mbedtls_pk_type_t pk_alg =
         mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     uint32_t flags;
 
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
@@ -693,7 +700,11 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
 #endif
         list = ssl->conf->key_cert;
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( pk_alg == PSA_ALG_NONE )
+#else
     if( pk_alg == MBEDTLS_PK_NONE )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
         return( 0 );
 
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) );
@@ -710,7 +721,18 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
         MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate",
                           cur->cert );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+        if( ( ssl->conf->f_async_sign_start == NULL &&
+              ssl->conf->f_async_decrypt_start == NULL &&
+              ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) ) ||
+            ! mbedtls_pk_can_do_ext( &cur->cert->pk, pk_alg, pk_usage ) )
+#else
+        if( ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) )
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+#else
         if( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
         {
             MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) );
             continue;
@@ -821,21 +843,6 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id,
     }
 #endif
 
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    /* If the ciphersuite requires signing, check whether
-     * a suitable hash algorithm is present. */
-    sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info );
-    if( sig_type != MBEDTLS_PK_NONE &&
-        mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg(
-            ssl, mbedtls_ssl_sig_from_pk_alg( sig_type ) ) == MBEDTLS_SSL_HASH_NONE )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm "
-                                    "for signature algorithm %u", (unsigned) sig_type ) );
-        return( 0 );
-    }
-
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
     /*
      * Final check: if ciphersuite requires us to have a
@@ -852,6 +859,21 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id,
     }
 #endif
 
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+    /* If the ciphersuite requires signing, check whether
+     * a suitable hash algorithm is present. */
+    sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info );
+    if( sig_type != MBEDTLS_PK_NONE &&
+        mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg(
+            ssl, mbedtls_ssl_sig_from_pk_alg( sig_type ) ) == MBEDTLS_SSL_HASH_NONE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm "
+                                    "for signature algorithm %u", (unsigned) sig_type ) );
+        return( 0 );
+    }
+
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
     *ciphersuite_info = suite_info;
     return( 0 );
 }