From f48d826e33cac6f88cf41da0af9f54a287bdbadd Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 26 Sep 2017 15:41:34 +0100 Subject: [PATCH] Change curves to groups where relevant Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/4475) --- ssl/statem/extensions.c | 16 ++++++++-------- ssl/statem/extensions_clnt.c | 34 +++++++++++++++++----------------- ssl/statem/extensions_srvr.c | 18 +++++++++--------- ssl/t1_lib.c | 6 +++--- 4 files changed, 37 insertions(+), 37 deletions(-) diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 69214c522c..f6a200fa18 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -1167,25 +1167,25 @@ static int final_key_share(SSL *s, unsigned int context, int sent, int *al) && (!s->hit || (s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE_DHE) != 0)) { - const uint16_t *pcurves, *clntcurves; - size_t num_curves, clnt_num_curves, i; + const uint16_t *pgroups, *clntgroups; + size_t num_groups, clnt_num_groups, i; unsigned int group_id = 0; /* Check if a shared group exists */ /* Get the clients list of supported groups. */ - tls1_get_peer_groups(s, &clntcurves, &clnt_num_curves); - tls1_get_supported_groups(s, &pcurves, &num_curves); + tls1_get_peer_groups(s, &clntgroups, &clnt_num_groups); + tls1_get_supported_groups(s, &pgroups, &num_groups); /* Find the first group we allow that is also in client's list */ - for (i = 0; i < num_curves; i++) { - group_id = pcurves[i]; + for (i = 0; i < num_groups; i++) { + group_id = pgroups[i]; - if (check_in_list(s, group_id, clntcurves, clnt_num_curves, 1)) + if (check_in_list(s, group_id, clntgroups, clnt_num_groups, 1)) break; } - if (i < num_curves) { + if (i < num_groups) { /* A shared group exists so send a HelloRetryRequest */ s->s3->group_id = group_id; s->hello_retry_request = 1; diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index e392ac484b..c1f98b42f7 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -139,8 +139,8 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, size_t chainidx, int *al) { - const uint16_t *pcurves = NULL; - size_t num_curves = 0, i; + const uint16_t *pgroups = NULL; + size_t num_groups = 0, i; if (!use_ecc(s)) return EXT_RETURN_NOT_SENT; @@ -149,7 +149,7 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, * Add TLS extension supported_groups to the ClientHello message */ /* TODO(TLS1.3): Add support for DHE groups */ - tls1_get_supported_groups(s, &pcurves, &num_curves); + tls1_get_supported_groups(s, &pgroups, &num_groups); if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_supported_groups) /* Sub-packet for supported_groups extension */ @@ -160,8 +160,8 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, return EXT_RETURN_FAIL; } /* Copy curve ID if supported */ - for (i = 0; i < num_curves; i++) { - uint16_t ctmp = pcurves[i]; + for (i = 0; i < num_groups; i++) { + uint16_t ctmp = pgroups[i]; if (tls_curve_allowed(s, ctmp, SSL_SECOP_CURVE_SUPPORTED)) { if (!WPACKET_put_bytes_u16(pkt, ctmp)) { @@ -590,8 +590,8 @@ EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, size_t chainidx, int *al) { #ifndef OPENSSL_NO_TLS1_3 - size_t i, num_curves = 0; - const uint16_t *pcurves = NULL; + size_t i, num_groups = 0; + const uint16_t *pgroups = NULL; uint16_t curve_id = 0; /* key_share extension */ @@ -604,7 +604,7 @@ EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, return EXT_RETURN_FAIL; } - tls1_get_supported_groups(s, &pcurves, &num_curves); + tls1_get_supported_groups(s, &pgroups, &num_groups); /* * TODO(TLS1.3): Make the number of key_shares sent configurable. For @@ -613,12 +613,12 @@ EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, if (s->s3->group_id != 0) { curve_id = s->s3->group_id; } else { - for (i = 0; i < num_curves; i++) { + for (i = 0; i < num_groups; i++) { - if (!tls_curve_allowed(s, pcurves[i], SSL_SECOP_CURVE_SUPPORTED)) + if (!tls_curve_allowed(s, pgroups[i], SSL_SECOP_CURVE_SUPPORTED)) continue; - curve_id = pcurves[i]; + curve_id = pgroups[i]; break; } } @@ -1514,8 +1514,8 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } if ((context & SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST) != 0) { - const uint16_t *pcurves = NULL; - size_t i, num_curves; + const uint16_t *pgroups = NULL; + size_t i, num_groups; if (PACKET_remaining(pkt) != 0) { *al = SSL_AD_DECODE_ERROR; @@ -1534,12 +1534,12 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } /* Validate the selected group is one we support */ - tls1_get_supported_groups(s, &pcurves, &num_curves); - for (i = 0; i < num_curves; i++) { - if (group_id == pcurves[i]) + tls1_get_supported_groups(s, &pgroups, &num_groups); + for (i = 0; i < num_groups; i++) { + if (group_id == pgroups[i]) break; } - if (i >= num_curves + if (i >= num_groups || !tls_curve_allowed(s, group_id, SSL_SECOP_CURVE_SUPPORTED)) { *al = SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_BAD_KEY_SHARE); diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 8183ea574c..8bf3a7678f 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -499,8 +499,8 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, #ifndef OPENSSL_NO_TLS1_3 unsigned int group_id; PACKET key_share_list, encoded_pt; - const uint16_t *clntcurves, *srvrcurves; - size_t clnt_num_curves, srvr_num_curves; + const uint16_t *clntgroups, *srvrgroups; + size_t clnt_num_groups, srvr_num_groups; int found = 0; if (s->hit && (s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE_DHE) == 0) @@ -519,11 +519,11 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, return 0; } - /* Get our list of supported curves */ - tls1_get_supported_groups(s, &srvrcurves, &srvr_num_curves); - /* Get the clients list of supported curves. */ - tls1_get_peer_groups(s, &clntcurves, &clnt_num_curves); - if (clnt_num_curves == 0) { + /* Get our list of supported groups */ + tls1_get_supported_groups(s, &srvrgroups, &srvr_num_groups); + /* Get the clients list of supported groups. */ + tls1_get_peer_groups(s, &clntgroups, &clnt_num_groups); + if (clnt_num_groups == 0) { /* * This can only happen if the supported_groups extension was not sent, * because we verify that the length is non-zero when we process that @@ -553,14 +553,14 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, continue; /* Check if this share is in supported_groups sent from client */ - if (!check_in_list(s, group_id, clntcurves, clnt_num_curves, 0)) { + if (!check_in_list(s, group_id, clntgroups, clnt_num_groups, 0)) { *al = SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_KEY_SHARE); return 0; } /* Check if this share is for a group we can use */ - if (!check_in_list(s, group_id, srvrcurves, srvr_num_curves, 1)) { + if (!check_in_list(s, group_id, srvrgroups, srvr_num_groups, 1)) { /* Share not suitable */ continue; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index e002013d4f..9582e21eea 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -186,12 +186,12 @@ static const uint16_t suiteb_curves[] = { TLSEXT_curve_P_384 }; -const TLS_GROUP_INFO *tls1_group_id_lookup(uint16_t curve_id) +const TLS_GROUP_INFO *tls1_group_id_lookup(uint16_t group_id) { /* ECC curves from RFC 4492 and RFC 7027 */ - if (curve_id < 1 || curve_id > OSSL_NELEM(nid_list)) + if (group_id < 1 || group_id > OSSL_NELEM(nid_list)) return NULL; - return &nid_list[curve_id - 1]; + return &nid_list[group_id - 1]; } static uint16_t tls1_nid2group_id(int nid) -- 2.25.1