summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_lib.c
diff options
context:
space:
mode:
authorjsing <>2017-08-10 17:18:38 +0000
committerjsing <>2017-08-10 17:18:38 +0000
commitf6039d62295a1c6b1188b531731d233d196faf0d (patch)
treeaa09a427af12b5b2e6c7178a34d25bab71b31269 /src/lib/libssl/s3_lib.c
parent53bebfdbe69d92a9d3e68a860900ff0ebd428792 (diff)
downloadopenbsd-f6039d62295a1c6b1188b531731d233d196faf0d.tar.gz
openbsd-f6039d62295a1c6b1188b531731d233d196faf0d.tar.bz2
openbsd-f6039d62295a1c6b1188b531731d233d196faf0d.zip
Clean up the EC key/curve configuration handling.
Over the years OpenSSL grew multiple ways of being able to specify EC keys (and/or curves) for use with ECDH and ECDHE key exchange. You could specify a static EC key (SSL{_CTX,}_set_tmp_ecdh()), use that as a curve and generate ephemeral keys (SSL_OP_SINGLE_ECDH_USE), provide the EC key via a callback that was provided with insufficient information (SSL{_CTX,}_set_tmp_ecdh_cb()) or enable automatic selection and generation of EC keys via SSL{_CTX,}_set_ecdh_auto(). This complexity leads to problems (like ECDHE not being enabled) and potential weird configuration (like being able to do ECDHE without the ephemeral part...). We no longer support ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As such, permanently enable automatic EC curve selection and generation, effectively disabling all of the configuration knobs. The only exception is the SSL{_CTX,}_set_tmp_ecdh() functions, which retain part of their previous behaviour by configuring the curve of the given EC key as the only curve being enabled. Everything else becomes a no-op. ok beck@ doug@
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
-rw-r--r--src/lib/libssl/s3_lib.c58
1 files changed, 14 insertions, 44 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 1abe01cd88..abebaa0fc4 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.154 2017/08/09 17:49:54 jsing Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.155 2017/08/10 17:18:38 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1838,39 +1838,26 @@ _SSL_set_dh_auto(SSL *s, int state)
1838static int 1838static int
1839_SSL_set_tmp_ecdh(SSL *s, EC_KEY *ecdh) 1839_SSL_set_tmp_ecdh(SSL *s, EC_KEY *ecdh)
1840{ 1840{
1841 const EC_GROUP *group;
1842 int nid;
1843
1841 if (!ssl_cert_inst(&s->cert)) { 1844 if (!ssl_cert_inst(&s->cert)) {
1842 SSLerror(s, ERR_R_MALLOC_FAILURE); 1845 SSLerror(s, ERR_R_MALLOC_FAILURE);
1843 return 0; 1846 return 0;
1844 } 1847 }
1845 1848
1846 if (ecdh == NULL) { 1849 if (ecdh == NULL)
1847 SSLerror(s, ERR_R_PASSED_NULL_PARAMETER);
1848 return 0; 1850 return 0;
1849 } 1851 if ((group = EC_KEY_get0_group(ecdh)) == NULL)
1850
1851 if (!EC_KEY_up_ref(ecdh)) {
1852 SSLerror(s, ERR_R_ECDH_LIB);
1853 return 0; 1852 return 0;
1854 }
1855
1856 if (!(s->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
1857 if (!EC_KEY_generate_key(ecdh)) {
1858 EC_KEY_free(ecdh);
1859 SSLerror(s, ERR_R_ECDH_LIB);
1860 return 0;
1861 }
1862 }
1863
1864 EC_KEY_free(s->cert->ecdh_tmp);
1865 s->cert->ecdh_tmp = ecdh;
1866 1853
1867 return 1; 1854 nid = EC_GROUP_get_curve_name(group);
1855 return SSL_set1_groups(s, &nid, 1);
1868} 1856}
1869 1857
1870static int 1858static int
1871_SSL_set_ecdh_auto(SSL *s, int state) 1859_SSL_set_ecdh_auto(SSL *s, int state)
1872{ 1860{
1873 s->cert->ecdh_tmp_auto = state;
1874 return 1; 1861 return 1;
1875} 1862}
1876 1863
@@ -2095,7 +2082,6 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
2095 return 1; 2082 return 1;
2096 2083
2097 case SSL_CTRL_SET_TMP_ECDH_CB: 2084 case SSL_CTRL_SET_TMP_ECDH_CB:
2098 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
2099 return 1; 2085 return 1;
2100 2086
2101 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 2087 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
@@ -2133,35 +2119,21 @@ _SSL_CTX_set_dh_auto(SSL_CTX *ctx, int state)
2133static int 2119static int
2134_SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, EC_KEY *ecdh) 2120_SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, EC_KEY *ecdh)
2135{ 2121{
2136 EC_KEY *ecdh_tmp; 2122 const EC_GROUP *group;
2123 int nid;
2137 2124
2138 if (ecdh == NULL) { 2125 if (ecdh == NULL)
2139 SSLerrorx(ERR_R_ECDH_LIB);
2140 return 0; 2126 return 0;
2141 } 2127 if ((group = EC_KEY_get0_group(ecdh)) == NULL)
2142
2143 if ((ecdh_tmp = EC_KEY_dup(ecdh)) == NULL) {
2144 SSLerrorx(ERR_R_EC_LIB);
2145 return 0; 2128 return 0;
2146 }
2147 if (!(ctx->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
2148 if (!EC_KEY_generate_key(ecdh_tmp)) {
2149 EC_KEY_free(ecdh_tmp);
2150 SSLerrorx(ERR_R_ECDH_LIB);
2151 return 0;
2152 }
2153 }
2154 2129
2155 EC_KEY_free(ctx->internal->cert->ecdh_tmp); 2130 nid = EC_GROUP_get_curve_name(group);
2156 ctx->internal->cert->ecdh_tmp = ecdh_tmp; 2131 return SSL_CTX_set1_groups(ctx, &nid, 1);
2157
2158 return 1;
2159} 2132}
2160 2133
2161static int 2134static int
2162_SSL_CTX_set_ecdh_auto(SSL_CTX *ctx, int state) 2135_SSL_CTX_set_ecdh_auto(SSL_CTX *ctx, int state)
2163{ 2136{
2164 ctx->internal->cert->ecdh_tmp_auto = state;
2165 return 1; 2137 return 1;
2166} 2138}
2167 2139
@@ -2347,8 +2319,6 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
2347 return 1; 2319 return 1;
2348 2320
2349 case SSL_CTRL_SET_TMP_ECDH_CB: 2321 case SSL_CTRL_SET_TMP_ECDH_CB:
2350 ctx->internal->cert->ecdh_tmp_cb =
2351 (EC_KEY *(*)(SSL *, int, int))fp;
2352 return 1; 2322 return 1;
2353 2323
2354 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 2324 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 14:00:30 +0000