summaryrefslogtreecommitdiffstats
path: root/lib/libssl/t1_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libssl/t1_lib.c')
-rw-r--r--lib/libssl/t1_lib.c91
1 files changed, 44 insertions, 47 deletions
diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c
index 7e4aba7f23a..38f7fcfe7b1 100644
--- a/lib/libssl/t1_lib.c
+++ b/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.56 2014/09/22 14:26:22 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.57 2014/09/26 14:58:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -349,6 +349,20 @@ tls1_ec_nid2curve_id(int nid)
}
}
+static void
+tls1_get_formatlist(SSL *s, const unsigned char **pformats, size_t *pformatslen)
+{
+ /*
+ * If we have a custom point format list use it, otherwise use default.
+ */
+ *pformats = s->tlsext_ecpointformatlist;
+ *pformatslen = s->tlsext_ecpointformatlist_length;
+ if (*pformats == NULL) {
+ *pformats = ecformats_default;
+ *pformatslen = sizeof(ecformats_default);
+ }
+}
+
/*
* List of supported signature algorithms and hashes. Should make this
* customisable at some point, for now include everything we support.
@@ -486,20 +500,11 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
/*
* Add TLS extension ECPointFormats to the ClientHello message.
*/
- size_t lenmax;
const unsigned char *plist;
size_t plistlen;
+ size_t lenmax;
- /*
- * If we have a custom point format list use it otherwise
- * use default.
- */
- plist = s->tlsext_ecpointformatlist;
- plistlen = s->tlsext_ecpointformatlist_length;
- if (plist == NULL) {
- plist = ecformats_default;
- plistlen = sizeof(ecformats_default);
- }
+ tls1_get_formatlist(s, &plist, &plistlen);
if ((size_t)(limit - ret) < 5)
return NULL;
@@ -723,12 +728,19 @@ skip_ext:
unsigned char *
ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
{
- int extdatalen = 0;
+ int using_ecc, extdatalen = 0;
+ unsigned long alg_a, alg_k;
unsigned char *ret = p;
#ifndef OPENSSL_NO_NEXTPROTONEG
int next_proto_neg_seen;
#endif
+ alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+ alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+ using_ecc = (alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe) ||
+ alg_a & SSL_aECDSA) &&
+ s->session->tlsext_ecpointformatlist != NULL;
+
/* don't add extensions for SSLv3, unless doing secure renegotiation */
if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
return p;
@@ -770,32 +782,39 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
ret += el;
}
- if (s->tlsext_ecpointformatlist != NULL &&
- s->version != DTLS1_VERSION) {
- /* Add TLS extension ECPointFormats to the ServerHello message */
+ if (using_ecc && s->version != DTLS1_VERSION) {
+ /*
+ * Add TLS extension ECPointFormats to the ServerHello message.
+ */
+ const unsigned char *plist;
+ size_t plistlen;
size_t lenmax;
+ tls1_get_formatlist(s, &plist, &plistlen);
+
if ((size_t)(limit - ret) < 5)
return NULL;
lenmax = limit - ret - 5;
- if (s->tlsext_ecpointformatlist_length > lenmax)
+ if (plistlen > lenmax)
return NULL;
- if (s->tlsext_ecpointformatlist_length > 255) {
+ if (plistlen > 255) {
SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT,
ERR_R_INTERNAL_ERROR);
return NULL;
}
s2n(TLSEXT_TYPE_ec_point_formats, ret);
- s2n(s->tlsext_ecpointformatlist_length + 1, ret);
- *(ret++) = (unsigned char) s->tlsext_ecpointformatlist_length;
- memcpy(ret, s->tlsext_ecpointformatlist,
- s->tlsext_ecpointformatlist_length);
- ret += s->tlsext_ecpointformatlist_length;
-
+ s2n(plistlen + 1, ret);
+ *(ret++) = (unsigned char)plistlen;
+ memcpy(ret, plist, plistlen);
+ ret += plistlen;
}
- /* Currently the server should not respond with a SupportedCurves extension */
+
+ /*
+ * Currently the server should not respond with a SupportedCurves
+ * extension.
+ */
if (s->tlsext_ticket_expected &&
!(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
@@ -1526,28 +1545,6 @@ ssl_prepare_clienthello_tlsext(SSL *s)
int
ssl_prepare_serverhello_tlsext(SSL *s)
{
- /* If we are server and using an ECC cipher suite, send the point formats we support
- * if the client sent us an ECPointsFormat extension. Note that the server is not
- * supposed to send an EllipticCurves extension.
- */
-
- unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
- unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
- int using_ecc = (alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA);
- using_ecc = using_ecc && (s->session->tlsext_ecpointformatlist != NULL);
-
- if (using_ecc) {
- free(s->tlsext_ecpointformatlist);
- if ((s->tlsext_ecpointformatlist = malloc(3)) == NULL) {
- SSLerr(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT, ERR_R_MALLOC_FAILURE);
- return -1;
- }
- s->tlsext_ecpointformatlist_length = 3;
- s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompressed;
- s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
- s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
- }
-
return 1;
}
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.