Check security level for supported groups.

ok jsing
author: tb <> 2022-06-30 16:05:07 +0000
committer: tb <> 2022-06-30 16:05:07 +0000
commit: ff55ae35ce91503ea79ecd5ec86595c03b2d138f (patch)
tree: 5e132e3e23ccde65b520524d5b4a0c1eda124d9c /src/lib/libssl/t1_lib.c
parent: 0ab0519d6cd5ac501518b8dcc6735cf61481f520 (diff)
download: openbsd-ff55ae35ce91503ea79ecd5ec86595c03b2d138f.tar.gz
openbsd-ff55ae35ce91503ea79ecd5ec86595c03b2d138f.tar.bz2
openbsd-ff55ae35ce91503ea79ecd5ec86595c03b2d138f.zip
1 files changed, 149 insertions, 32 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index fc1ccca5b9..c4c58e6675 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.186 2022/01/24 13:47:53 tb Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.187 2022/06/30 16:05:07 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -150,36 +150,128 @@ tls1_clear(SSL *s)
        s->version = s->method->version;
 }
-static const int nid_list[] = {
+struct curve {
-        NID_sect163k1,          /* sect163k1 (1) */
+        int nid;
-        NID_sect163r1,          /* sect163r1 (2) */
+        int bits;
-        NID_sect163r2,          /* sect163r2 (3) */
+};
-        NID_sect193r1,          /* sect193r1 (4) */
-        NID_sect193r2,          /* sect193r2 (5) */
+static const struct curve nid_list[] = {
-        NID_sect233k1,          /* sect233k1 (6) */
+        [1] = {
-        NID_sect233r1,          /* sect233r1 (7) */
+                .nid = NID_sect163k1,           /* sect163k1 (1) */
-        NID_sect239k1,          /* sect239k1 (8) */
+                .bits = 80,
-        NID_sect283k1,          /* sect283k1 (9) */
+        },
-        NID_sect283r1,          /* sect283r1 (10) */
+        [2] = {
-        NID_sect409k1,          /* sect409k1 (11) */
+                .nid = NID_sect163r1,           /* sect163r1 (2) */
-        NID_sect409r1,          /* sect409r1 (12) */
+                .bits = 80,
-        NID_sect571k1,          /* sect571k1 (13) */
+        },
-        NID_sect571r1,          /* sect571r1 (14) */
+        [3] = {
-        NID_secp160k1,          /* secp160k1 (15) */
+                .nid = NID_sect163r2,           /* sect163r2 (3) */
-        NID_secp160r1,          /* secp160r1 (16) */
+                .bits = 80,
-        NID_secp160r2,          /* secp160r2 (17) */
+        },
-        NID_secp192k1,          /* secp192k1 (18) */
+        [4] = {
-        NID_X9_62_prime192v1,   /* secp192r1 (19) */
+                .nid = NID_sect193r1,           /* sect193r1 (4) */
-        NID_secp224k1,          /* secp224k1 (20) */
+                .bits = 80,
-        NID_secp224r1,          /* secp224r1 (21) */
+        },
-        NID_secp256k1,          /* secp256k1 (22) */
+        [5] = {
-        NID_X9_62_prime256v1,   /* secp256r1 (23) */
+                .nid = NID_sect193r2,           /* sect193r2 (5) */
-        NID_secp384r1,          /* secp384r1 (24) */
+                .bits = 80,
-        NID_secp521r1,          /* secp521r1 (25) */
+        },
-        NID_brainpoolP256r1,    /* brainpoolP256r1 (26) */
+        [6] = {
-        NID_brainpoolP384r1,    /* brainpoolP384r1 (27) */
+                .nid = NID_sect233k1,           /* sect233k1 (6) */
-        NID_brainpoolP512r1,    /* brainpoolP512r1 (28) */
+                .bits = 112,
-        NID_X25519,             /* X25519 (29) */
+        },
+        [7] = {
+                .nid = NID_sect233r1,           /* sect233r1 (7) */
+                .bits = 112,
+        },
+        [8] = {
+                .nid = NID_sect239k1,           /* sect239k1 (8) */
+                .bits = 112,
+        },
+        [9] = {
+                .nid = NID_sect283k1,           /* sect283k1 (9) */
+                .bits = 128,
+        },
+        [10] = {
+                .nid = NID_sect283r1,           /* sect283r1 (10) */
+                .bits = 128,
+        },
+        [11] = {
+                .nid = NID_sect409k1,           /* sect409k1 (11) */
+                .bits = 192,
+        },
+        [12] = {
+                .nid = NID_sect409r1,           /* sect409r1 (12) */
+                .bits = 192,
+        },
+        [13] = {
+                .nid = NID_sect571k1,           /* sect571k1 (13) */
+                .bits = 256,
+        },
+        [14] = {
+                .nid = NID_sect571r1,           /* sect571r1 (14) */
+                .bits = 256,
+        },
+        [15] = {
+                .nid = NID_secp160k1,           /* secp160k1 (15) */
+                .bits = 80,
+        },
+        [16] = {
+                .nid = NID_secp160r1,           /* secp160r1 (16) */
+                .bits = 80,
+        },
+        [17] = {
+                .nid = NID_secp160r2,           /* secp160r2 (17) */
+                .bits = 80,
+        },
+        [18] = {
+                .nid = NID_secp192k1,           /* secp192k1 (18) */
+                .bits = 80,
+        },
+        [19] = {
+                .nid = NID_X9_62_prime192v1,    /* secp192r1 (19) */
+                .bits = 80,
+        },
+        [20] = {
+                .nid = NID_secp224k1,           /* secp224k1 (20) */
+                .bits = 112,
+        },
+        [21] = {
+                .nid = NID_secp224r1,           /* secp224r1 (21) */
+                .bits = 112,
+        },
+        [22] = {
+                .nid = NID_secp256k1,           /* secp256k1 (22) */
+                .bits = 128,
+        },
+        [23] = {
+                .nid = NID_X9_62_prime256v1,    /* secp256r1 (23) */
+                .bits = 128,
+        },
+        [24] = {
+                .nid = NID_secp384r1,           /* secp384r1 (24) */
+                .bits = 192,
+        },
+        [25] = {
+                .nid = NID_secp521r1,           /* secp521r1 (25) */
+                .bits = 256,
+        },
+        [26] = {
+                .nid = NID_brainpoolP256r1,     /* brainpoolP256r1 (26) */
+                .bits = 128,
+        },
+        [27] = {
+                .nid = NID_brainpoolP384r1,     /* brainpoolP384r1 (27) */
+                .bits = 192,
+        },
+        [28] = {
+                .nid = NID_brainpoolP512r1,     /* brainpoolP512r1 (28) */
+                .bits = 256,
+        },
+        [29] = {
+                .nid = NID_X25519,              /* X25519 (29) */
+                .bits = 128,
+        },
 };
 #if 0
@@ -244,11 +336,32 @@ static const uint16_t eccurves_server_default[] = {
 int
 tls1_ec_curve_id2nid(const uint16_t curve_id)
 {
+        const struct curve *curve;
        /* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */
        if ((curve_id < 1) ||
            ((unsigned int)curve_id > sizeof(nid_list) / sizeof(nid_list[0])))
                return 0;
-        return nid_list[curve_id - 1];
+        if ((curve = &nid_list[curve_id]) == NULL)
+                return 0;
+        return curve->nid;
+}
+int
+tls1_ec_curve_id2bits(const uint16_t curve_id)
+{
+        const struct curve *curve;
+        if ((curve_id < 1) ||
+            ((unsigned int)curve_id > sizeof(nid_list) / sizeof(nid_list[0])))
+                return 0;
+        if ((curve = &nid_list[curve_id]) == NULL)
+                return 0;
+        return curve->bits;
 }
 uint16_t
@@ -455,6 +568,8 @@ tls1_check_curve(SSL *s, const uint16_t curve_id)
        tls1_get_group_list(s, 0, &groups, &groupslen);
        for (i = 0; i < groupslen; i++) {
+                if (!ssl_security_supported_group(s, groups[i]))
+                        continue;
                if (groups[i] == curve_id)
                        return (1);
        }
@@ -478,6 +593,8 @@ tls1_get_shared_curve(SSL *s)
        tls1_get_group_list(s, (server_pref != 0), &supp, &supplen);
        for (i = 0; i < preflen; i++) {
+                if (!ssl_security_supported_group(s, pref[i]))
+                        continue;
                for (j = 0; j < supplen; j++) {
                        if (pref[i] == supp[j])
                                return (tls1_ec_curve_id2nid(pref[i]));
author	tb <>	2022-06-30 16:05:07 +0000
committer	tb <>	2022-06-30 16:05:07 +0000
commit	ff55ae35ce91503ea79ecd5ec86595c03b2d138f (patch)
tree	5e132e3e23ccde65b520524d5b4a0c1eda124d9c /src/lib/libssl/t1_lib.c
parent	0ab0519d6cd5ac501518b8dcc6735cf61481f520 (diff)
download	openbsd-ff55ae35ce91503ea79ecd5ec86595c03b2d138f.tar.gz openbsd-ff55ae35ce91503ea79ecd5ec86595c03b2d138f.tar.bz2 openbsd-ff55ae35ce91503ea79ecd5ec86595c03b2d138f.zip

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index fc1ccca5b9..c4c58e6675 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.186 2022/01/24 13:47:53 tb Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.187 2022/06/30 16:05:07 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -150,36 +150,128 @@ tls1_clear(SSL *s)
150	s->version = s->method->version;	150	s->version = s->method->version;
151	}	151	}
152		152
153	static const int nid_list[] = {	153	struct curve {
154	NID_sect163k1, /* sect163k1 (1) */	154	int nid;
155	NID_sect163r1, /* sect163r1 (2) */	155	int bits;
156	NID_sect163r2, /* sect163r2 (3) */	156	};
157	NID_sect193r1, /* sect193r1 (4) */	157
158	NID_sect193r2, /* sect193r2 (5) */	158	static const struct curve nid_list[] = {
159	NID_sect233k1, /* sect233k1 (6) */	159	[1] = {
160	NID_sect233r1, /* sect233r1 (7) */	160	.nid = NID_sect163k1, /* sect163k1 (1) */
161	NID_sect239k1, /* sect239k1 (8) */	161	.bits = 80,
162	NID_sect283k1, /* sect283k1 (9) */	162	},
163	NID_sect283r1, /* sect283r1 (10) */	163	[2] = {
164	NID_sect409k1, /* sect409k1 (11) */	164	.nid = NID_sect163r1, /* sect163r1 (2) */
165	NID_sect409r1, /* sect409r1 (12) */	165	.bits = 80,
166	NID_sect571k1, /* sect571k1 (13) */	166	},
167	NID_sect571r1, /* sect571r1 (14) */	167	[3] = {
168	NID_secp160k1, /* secp160k1 (15) */	168	.nid = NID_sect163r2, /* sect163r2 (3) */
169	NID_secp160r1, /* secp160r1 (16) */	169	.bits = 80,
170	NID_secp160r2, /* secp160r2 (17) */	170	},
171	NID_secp192k1, /* secp192k1 (18) */	171	[4] = {
172	NID_X9_62_prime192v1, /* secp192r1 (19) */	172	.nid = NID_sect193r1, /* sect193r1 (4) */
173	NID_secp224k1, /* secp224k1 (20) */	173	.bits = 80,
174	NID_secp224r1, /* secp224r1 (21) */	174	},
175	NID_secp256k1, /* secp256k1 (22) */	175	[5] = {
176	NID_X9_62_prime256v1, /* secp256r1 (23) */	176	.nid = NID_sect193r2, /* sect193r2 (5) */
177	NID_secp384r1, /* secp384r1 (24) */	177	.bits = 80,
178	NID_secp521r1, /* secp521r1 (25) */	178	},
179	NID_brainpoolP256r1, /* brainpoolP256r1 (26) */	179	[6] = {
180	NID_brainpoolP384r1, /* brainpoolP384r1 (27) */	180	.nid = NID_sect233k1, /* sect233k1 (6) */
181	NID_brainpoolP512r1, /* brainpoolP512r1 (28) */	181	.bits = 112,
182	NID_X25519, /* X25519 (29) */	182	},
		183	[7] = {
		184	.nid = NID_sect233r1, /* sect233r1 (7) */
		185	.bits = 112,
		186	},
		187	[8] = {
		188	.nid = NID_sect239k1, /* sect239k1 (8) */
		189	.bits = 112,
		190	},
		191	[9] = {
		192	.nid = NID_sect283k1, /* sect283k1 (9) */
		193	.bits = 128,
		194	},
		195	[10] = {
		196	.nid = NID_sect283r1, /* sect283r1 (10) */
		197	.bits = 128,
		198	},
		199	[11] = {
		200	.nid = NID_sect409k1, /* sect409k1 (11) */
		201	.bits = 192,
		202	},
		203	[12] = {
		204	.nid = NID_sect409r1, /* sect409r1 (12) */
		205	.bits = 192,
		206	},
		207	[13] = {
		208	.nid = NID_sect571k1, /* sect571k1 (13) */
		209	.bits = 256,
		210	},
		211	[14] = {
		212	.nid = NID_sect571r1, /* sect571r1 (14) */
		213	.bits = 256,
		214	},
		215	[15] = {
		216	.nid = NID_secp160k1, /* secp160k1 (15) */
		217	.bits = 80,
		218	},
		219	[16] = {
		220	.nid = NID_secp160r1, /* secp160r1 (16) */
		221	.bits = 80,
		222	},
		223	[17] = {
		224	.nid = NID_secp160r2, /* secp160r2 (17) */
		225	.bits = 80,
		226	},
		227	[18] = {
		228	.nid = NID_secp192k1, /* secp192k1 (18) */
		229	.bits = 80,
		230	},
		231	[19] = {
		232	.nid = NID_X9_62_prime192v1, /* secp192r1 (19) */
		233	.bits = 80,
		234	},
		235	[20] = {
		236	.nid = NID_secp224k1, /* secp224k1 (20) */
		237	.bits = 112,
		238	},
		239	[21] = {
		240	.nid = NID_secp224r1, /* secp224r1 (21) */
		241	.bits = 112,
		242	},
		243	[22] = {
		244	.nid = NID_secp256k1, /* secp256k1 (22) */
		245	.bits = 128,
		246	},
		247	[23] = {
		248	.nid = NID_X9_62_prime256v1, /* secp256r1 (23) */
		249	.bits = 128,
		250	},
		251	[24] = {
		252	.nid = NID_secp384r1, /* secp384r1 (24) */
		253	.bits = 192,
		254	},
		255	[25] = {
		256	.nid = NID_secp521r1, /* secp521r1 (25) */
		257	.bits = 256,
		258	},
		259	[26] = {
		260	.nid = NID_brainpoolP256r1, /* brainpoolP256r1 (26) */
		261	.bits = 128,
		262	},
		263	[27] = {
		264	.nid = NID_brainpoolP384r1, /* brainpoolP384r1 (27) */
		265	.bits = 192,
		266	},
		267	[28] = {
		268	.nid = NID_brainpoolP512r1, /* brainpoolP512r1 (28) */
		269	.bits = 256,
		270	},
		271	[29] = {
		272	.nid = NID_X25519, /* X25519 (29) */
		273	.bits = 128,
		274	},
183	};	275	};
184		276
185	#if 0	277	#if 0
@@ -244,11 +336,32 @@ static const uint16_t eccurves_server_default[] = {
244	int	336	int
245	tls1_ec_curve_id2nid(const uint16_t curve_id)	337	tls1_ec_curve_id2nid(const uint16_t curve_id)
246	{	338	{
		339	const struct curve *curve;
		340
247	/* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */	341	/* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */
248	if ((curve_id < 1) \|\|	342	if ((curve_id < 1) \|\|
249	((unsigned int)curve_id > sizeof(nid_list) / sizeof(nid_list[0])))	343	((unsigned int)curve_id > sizeof(nid_list) / sizeof(nid_list[0])))
250	return 0;	344	return 0;
251	return nid_list[curve_id - 1];	345
		346	if ((curve = &nid_list[curve_id]) == NULL)
		347	return 0;
		348
		349	return curve->nid;
		350	}
		351
		352	int
		353	tls1_ec_curve_id2bits(const uint16_t curve_id)
		354	{
		355	const struct curve *curve;
		356
		357	if ((curve_id < 1) \|\|
		358	((unsigned int)curve_id > sizeof(nid_list) / sizeof(nid_list[0])))
		359	return 0;
		360
		361	if ((curve = &nid_list[curve_id]) == NULL)
		362	return 0;
		363
		364	return curve->bits;
252	}	365	}
253		366
254	uint16_t	367	uint16_t
@@ -455,6 +568,8 @@ tls1_check_curve(SSL *s, const uint16_t curve_id)
455	tls1_get_group_list(s, 0, &groups, &groupslen);	568	tls1_get_group_list(s, 0, &groups, &groupslen);
456		569
457	for (i = 0; i < groupslen; i++) {	570	for (i = 0; i < groupslen; i++) {
		571	if (!ssl_security_supported_group(s, groups[i]))
		572	continue;
458	if (groups[i] == curve_id)	573	if (groups[i] == curve_id)
459	return (1);	574	return (1);
460	}	575	}
@@ -478,6 +593,8 @@ tls1_get_shared_curve(SSL *s)
478	tls1_get_group_list(s, (server_pref != 0), &supp, &supplen);	593	tls1_get_group_list(s, (server_pref != 0), &supp, &supplen);
479		594
480	for (i = 0; i < preflen; i++) {	595	for (i = 0; i < preflen; i++) {
		596	if (!ssl_security_supported_group(s, pref[i]))
		597	continue;
481	for (j = 0; j < supplen; j++) {	598	for (j = 0; j < supplen; j++) {
482	if (pref[i] == supp[j])	599	if (pref[i] == supp[j])
483	return (tls1_ec_curve_id2nid(pref[i]));	600	return (tls1_ec_curve_id2nid(pref[i]));