Properly check for signature_algorithms from the client in a TLS 1.3 …

…server. The server was checking ssl->extensions which will always have an entry for TLSX_SIGNATURE_ALGORITHMS as it is unconditionally added by TLSX_PopulateExtensions earlier in the DoTls13ClientHello function. Instead, check args->clSuites->hashSigAlgoSz which is only set if signature_algorithms is found and parsed by TLSX_Parse.
wolfSSL · Jan 13, 2025 · 9f5c89a · 9f5c89a
1 parent e037e08
commit 9f5c89a
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/src/tls13.c b/src/tls13.c
@@ -7053,7 +7053,9 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
             WOLFSSL_MSG("Client did not send a KeyShare extension");
             ERROR_OUT(INCOMPLETE_DATA, exit_dch);
         }
-        if (TLSX_Find(ssl->extensions, TLSX_SIGNATURE_ALGORITHMS) == NULL) {
+        /* Can't check ssl->extensions here as SigAlgs are unconditionally
+           set by TLSX_PopulateExtensions */
+        if (args->clSuites->hashSigAlgoSz == 0) {
             WOLFSSL_MSG("Client did not send a SignatureAlgorithms extension");
             ERROR_OUT(INCOMPLETE_DATA, exit_dch);
         }