TLS 1.2 CertificateVerify: req sig alg to have been in CR

SparkiDev · SparkiDev · commit bbe477159d70 · 2025-11-07T12:29:08.000+10:00
The signature algorithm specified in CertificateVerify must have been in
the CertificateRequest. Add check.

The cipher suite test cases, when client auth and RSA are built-in and
use the default client certificate and use the ECDHE-ECDSA-* cipher
suites, no longer work. The client certificate must be ECC when the
cipher suite is ECDHE-ECDSA. Don't run them in that build case.
diff --git a/src/internal.c b/src/internal.c
@@ -38568,10 +38568,19 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
             case TLS_ASYNC_BUILD:
             {
                 if (IsAtLeastTLSv1_2(ssl)) {
-                    if ((args->idx - args->begin) + ENUM_LEN + ENUM_LEN > size) {
+                    if ((args->idx - args->begin) + ENUM_LEN + ENUM_LEN >
+                                                                         size) {
                         ERROR_OUT(BUFFER_ERROR, exit_dcv);
                     }
 
+                    /* Check if hashSigAlgo in CertificateVerify is supported
+                     * in our ssl->suites or ssl->ctx->suites. */
+                    if (!SupportedHashSigAlgo(ssl, &input[args->idx])) {
+                        WOLFSSL_MSG("Signature algorithm was not in "
+                                                          "CertificateRequest");
+                        ERROR_OUT(INVALID_PARAMETER, exit_dcv);
+                    }
+
                     DecodeSigAlg(&input[args->idx], &ssl->options.peerHashAlgo,
                                  &ssl->options.peerSigAlgo);
                     args->idx += 2;
diff --git a/tests/suites.c b/tests/suites.c
@@ -358,6 +358,20 @@ static int IsNoClientCert(const char* line)
 }
 #endif
 
+#if (defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
+    !defined(NO_RSA) && !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH)
+static int IsEcdsaCipherSuiteDefRsaCert(const char* line)
+{
+    int found;
+
+    found  = (strstr(line, "ECDHE-ECDSA") != NULL);
+    found &= (strstr(line, "-c ") == NULL);
+    found &= (strstr(line, "-x") == NULL);
+
+    return found;
+}
+#endif
+
 static int execute_test_case(int svr_argc, char** svr_argv,
                              int cli_argc, char** cli_argv,
                              int addNoVerify, int addNonBlocking,
@@ -618,6 +632,12 @@ static int execute_test_case(int svr_argc, char** svr_argv,
         #endif
         return NOT_BUILT_IN;
     }
+#endif
+#if (defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
+    !defined(NO_RSA) && !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH)
+    if (IsEcdsaCipherSuiteDefRsaCert(commandLine)) {
+        return NOT_BUILT_IN;
+    }
 #endif
     printf("trying client command line[%d]: %s\n", tests, commandLine);
     tests++;
