diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 7fc4ef33c2bb2494c3ec1d3deda58a2bdbf76d1a..76e3a737a7516998f9107a34b82b2c2f16d067b5 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1300,8 +1300,6 @@ typedef struct ssl3_state_st { size_t peer_sigalgslen; /* Sigalg peer actualy uses */ const SIGALG_LOOKUP *peer_sigalg; - /* Digest peer uses for signing */ - const EVP_MD *peer_md; /* Array of digests used for signing */ const EVP_MD *md[SSL_PKEY_NUM]; /* diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 7053ef29baa22074d624864c79e1e8753f611452..e5c60aee7825e170fa3c14bb29e1d1cbc5961166 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1981,7 +1981,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) al = SSL_AD_DECODE_ERROR; goto err; } - md = s->s3->tmp.peer_md; + md = ssl_md(s->s3->tmp.peer_sigalg->hash_idx); #ifdef SSL_DEBUG fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); #endif diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index a05b67f1eae3a6abad880dddc7cae18fbf7c7cc5..e21a1027daee70d6bd3410695e74959d825653c5 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -340,7 +340,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) al = SSL_AD_DECODE_ERROR; goto f_err; } - md = s->s3->tmp.peer_md; + md = ssl_md(s->s3->tmp.peer_sigalg->hash_idx); #ifdef SSL_DEBUG fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md)); #endif diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 74b37e05bb1b063b41b5f7bb4680225811a57b5d..ad6ac5f26b608f3794108175080a3ded857f477c 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -937,10 +937,7 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey) SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_SIGNATURE_TYPE); return 0; } - /* - * Store the digest used so applications can retrieve it if they wish. - */ - s->s3->tmp.peer_md = md; + /* Store the sigalg the peer uses */ s->s3->tmp.peer_sigalg = lu; return 1; }