The RSA, DH, and ECDH temporary key callbacks expect the number of keybits

for the key (expressed in RSA key bits, which makes *no sense* for ECDH) as their second argument, not zero. (jsing@ notes that the RSA callback is only invoked for 'export' ciphers, which have been removed from LibreSSL, and for the SSL_OP_EPHEMERAL_RSA option, which is makes the application non-compliant. More fuel for the tedu fire...) jasper@ noted the breakage and bisected it down to the diff that broke this ok jsing@ miod@
author: guenther <> 2014-07-28 04:23:12 +0000
committer: guenther <> 2014-07-28 04:23:12 +0000
commit: 224cc55e7b0aa21110d14dd564e88e13893a294e (patch)
tree: 51d2af22ad1dd980f4ce9c87fa7c5ea39efd7be6 /src/lib
parent: 23872c177fa5acf651189cdfcafd44e94da780ef (diff)
download: openbsd-224cc55e7b0aa21110d14dd564e88e13893a294e.tar.gz
openbsd-224cc55e7b0aa21110d14dd564e88e13893a294e.tar.bz2
openbsd-224cc55e7b0aa21110d14dd564e88e13893a294e.zip
6 files changed, 42 insertions, 18 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index ecf4a198b1..6f1d436d18 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.33 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.34 2014/07/28 04:23:12 guenther Exp $ */
 /* 
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -1034,7 +1034,8 @@ dtls1_send_server_key_exchange(SSL *s)
                if (type & SSL_kRSA) {
                        rsa = cert->rsa_tmp;
                        if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
-                                rsa = s->cert->rsa_tmp_cb(s, 0, 0);
+                                rsa = s->cert->rsa_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                                if (rsa == NULL) {
                                        al = SSL_AD_HANDSHAKE_FAILURE;
                                        SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
@@ -1055,7 +1056,8 @@ dtls1_send_server_key_exchange(SSL *s)
                if (type & SSL_kDHE) {
                        dhp = cert->dh_tmp;
                        if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
-                                dhp = s->cert->dh_tmp_cb(s, 0, 0);
+                                dhp = s->cert->dh_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                        if (dhp == NULL) {
                                al = SSL_AD_HANDSHAKE_FAILURE;
                                SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY);
@@ -1099,7 +1101,8 @@ dtls1_send_server_key_exchange(SSL *s)
                        ecdhp = cert->ecdh_tmp;
                        if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
-                                ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
+                                ecdhp = s->cert->ecdh_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                        if (ecdhp == NULL) {
                                al = SSL_AD_HANDSHAKE_FAILURE;
                                SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_ECDH_KEY);
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 8d47a16b55..ed2aaf19b5 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.79 2014/07/28 04:23:12 guenther Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1395,7 +1395,8 @@ ssl3_send_server_key_exchange(SSL *s)
                if (type & SSL_kRSA) {
                        rsa = cert->rsa_tmp;
                        if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
-                                rsa = s->cert->rsa_tmp_cb(s, 0, 0);
+                                rsa = s->cert->rsa_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                                if (rsa == NULL) {
                                        al = SSL_AD_HANDSHAKE_FAILURE;
                                        SSLerr(
@@ -1419,7 +1420,8 @@ ssl3_send_server_key_exchange(SSL *s)
                if (type & SSL_kDHE) {
                        dhp = cert->dh_tmp;
                        if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
-                                dhp = s->cert->dh_tmp_cb(s, 0, 0);
+                                dhp = s->cert->dh_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                        if (dhp == NULL) {
                                al = SSL_AD_HANDSHAKE_FAILURE;
                                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
@@ -1468,7 +1470,8 @@ ssl3_send_server_key_exchange(SSL *s)
                        ecdhp = cert->ecdh_tmp;
                        if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
-                                ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
+                                ecdhp = s->cert->ecdh_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                        if (ecdhp == NULL) {
                                al = SSL_AD_HANDSHAKE_FAILURE;
                                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
diff --git a/src/lib/libssl/src/ssl/d1_srvr.c b/src/lib/libssl/src/ssl/d1_srvr.c
index ecf4a198b1..6f1d436d18 100644
--- a/src/lib/libssl/src/ssl/d1_srvr.c
+++ b/src/lib/libssl/src/ssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.33 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.34 2014/07/28 04:23:12 guenther Exp $ */
 /* 
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -1034,7 +1034,8 @@ dtls1_send_server_key_exchange(SSL *s)
                if (type & SSL_kRSA) {
                        rsa = cert->rsa_tmp;
                        if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
-                                rsa = s->cert->rsa_tmp_cb(s, 0, 0);
+                                rsa = s->cert->rsa_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                                if (rsa == NULL) {
                                        al = SSL_AD_HANDSHAKE_FAILURE;
                                        SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
@@ -1055,7 +1056,8 @@ dtls1_send_server_key_exchange(SSL *s)
                if (type & SSL_kDHE) {
                        dhp = cert->dh_tmp;
                        if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
-                                dhp = s->cert->dh_tmp_cb(s, 0, 0);
+                                dhp = s->cert->dh_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                        if (dhp == NULL) {
                                al = SSL_AD_HANDSHAKE_FAILURE;
                                SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY);
@@ -1099,7 +1101,8 @@ dtls1_send_server_key_exchange(SSL *s)
                        ecdhp = cert->ecdh_tmp;
                        if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
-                                ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
+                                ecdhp = s->cert->ecdh_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                        if (ecdhp == NULL) {
                                al = SSL_AD_HANDSHAKE_FAILURE;
                                SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_ECDH_KEY);
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index 8d47a16b55..ed2aaf19b5 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.78 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.79 2014/07/28 04:23:12 guenther Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1395,7 +1395,8 @@ ssl3_send_server_key_exchange(SSL *s)
                if (type & SSL_kRSA) {
                        rsa = cert->rsa_tmp;
                        if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
-                                rsa = s->cert->rsa_tmp_cb(s, 0, 0);
+                                rsa = s->cert->rsa_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                                if (rsa == NULL) {
                                        al = SSL_AD_HANDSHAKE_FAILURE;
                                        SSLerr(
@@ -1419,7 +1420,8 @@ ssl3_send_server_key_exchange(SSL *s)
                if (type & SSL_kDHE) {
                        dhp = cert->dh_tmp;
                        if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
-                                dhp = s->cert->dh_tmp_cb(s, 0, 0);
+                                dhp = s->cert->dh_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                        if (dhp == NULL) {
                                al = SSL_AD_HANDSHAKE_FAILURE;
                                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
@@ -1468,7 +1470,8 @@ ssl3_send_server_key_exchange(SSL *s)
                        ecdhp = cert->ecdh_tmp;
                        if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
-                                ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
+                                ecdhp = s->cert->ecdh_tmp_cb(s, 0,
+                                    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
                        if (ecdhp == NULL) {
                                al = SSL_AD_HANDSHAKE_FAILURE;
                                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 34e6337856..3c1c444cb0 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.62 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.63 2014/07/28 04:23:12 guenther Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -368,6 +368,12 @@
 #define SSL_MEDIUM              0x00000040L
 #define SSL_HIGH                0x00000080L
+/*
+ * The keylength (measured in RSA key bits, I guess)  for temporary keys.
+ * Cipher argument is so that this can be variable in the future.
+ */
+#define SSL_C_PKEYLENGTH(c)     1024
 /* Check if an SSL structure is using DTLS. */
 #define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 34e6337856..3c1c444cb0 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.62 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.63 2014/07/28 04:23:12 guenther Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -368,6 +368,12 @@
 #define SSL_MEDIUM              0x00000040L
 #define SSL_HIGH                0x00000080L
+/*
+ * The keylength (measured in RSA key bits, I guess)  for temporary keys.
+ * Cipher argument is so that this can be variable in the future.
+ */
+#define SSL_C_PKEYLENGTH(c)     1024
 /* Check if an SSL structure is using DTLS. */
 #define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
author	guenther <>	2014-07-28 04:23:12 +0000
committer	guenther <>	2014-07-28 04:23:12 +0000
commit	224cc55e7b0aa21110d14dd564e88e13893a294e (patch)
tree	51d2af22ad1dd980f4ce9c87fa7c5ea39efd7be6 /src/lib
parent	23872c177fa5acf651189cdfcafd44e94da780ef (diff)
download	openbsd-224cc55e7b0aa21110d14dd564e88e13893a294e.tar.gz openbsd-224cc55e7b0aa21110d14dd564e88e13893a294e.tar.bz2 openbsd-224cc55e7b0aa21110d14dd564e88e13893a294e.zip