Pull key share group/length CBB code up from tls13_key_share_public()

This provides better symmetry with the parsing code and will allow for
better reuse with the legacy stack, which has different message structures.

ok inoguchi@ tb@

2 files changed, 22 insertions, 27 deletions

diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index c97ade8bdd..74b54154e3 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.102 2022/01/04 10:34:16 jsing Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.103 2022/01/04 11:01:58 jsing Exp $ */
 /*
  * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -1455,13 +1455,17 @@ tlsext_keyshare_client_needs(SSL *s, uint16_t msg_type)
 int
 tlsext_keyshare_client_build(SSL *s, uint16_t msg_type, CBB *cbb)
 {
-        CBB client_shares;
+        CBB client_shares, key_exchange;
 
         if (!CBB_add_u16_length_prefixed(cbb, &client_shares))
                 return 0;
 
-        if (!tls13_key_share_public(S3I(s)->hs.tls13.key_share,
-            &client_shares))
+        if (!CBB_add_u16(&client_shares,
+            tls13_key_share_group(S3I(s)->hs.tls13.key_share)))
+                return 0;
+        if (!CBB_add_u16_length_prefixed(&client_shares, &key_exchange))
+                return 0;
+        if (!tls13_key_share_public(S3I(s)->hs.tls13.key_share, &key_exchange))
                 return 0;
 
         if (!CBB_flush(cbb))
@@ -1531,6 +1535,8 @@ tlsext_keyshare_server_needs(SSL *s, uint16_t msg_type)
 int
 tlsext_keyshare_server_build(SSL *s, uint16_t msg_type, CBB *cbb)
 {
+        CBB key_exchange;
+
         /* In the case of a HRR, we only send the server selected group. */
         if (S3I(s)->hs.tls13.hrr) {
                 if (S3I(s)->hs.tls13.server_group == 0)
@@ -1541,7 +1547,14 @@ tlsext_keyshare_server_build(SSL *s, uint16_t msg_type, CBB *cbb)
         if (S3I(s)->hs.tls13.key_share == NULL)
                 return 0;
 
-        if (!tls13_key_share_public(S3I(s)->hs.tls13.key_share, cbb))
+        if (!CBB_add_u16(cbb, tls13_key_share_group(S3I(s)->hs.tls13.key_share)))
+                return 0;
+        if (!CBB_add_u16_length_prefixed(cbb, &key_exchange))
+                return 0;
+        if (!tls13_key_share_public(S3I(s)->hs.tls13.key_share, &key_exchange))
+                return 0;
+
+        if (!CBB_flush(cbb))
                 return 0;
 
         return 1;
diff --git a/src/lib/libssl/tls13_key_share.c b/src/lib/libssl/tls13_key_share.c
index 0d1c091462..70f1b673f6 100644
--- a/src/lib/libssl/tls13_key_share.c
+++ b/src/lib/libssl/tls13_key_share.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_key_share.c,v 1.6 2020/04/18 14:07:56 jsing Exp $ */
+/* $OpenBSD: tls13_key_share.c,v 1.7 2022/01/04 11:01:58 jsing Exp $ */
 /*
  * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
  *
@@ -187,28 +187,10 @@ tls13_key_share_public_x25519(struct tls13_key_share *ks, CBB *cbb)
 int
 tls13_key_share_public(struct tls13_key_share *ks, CBB *cbb)
 {
-        CBB key_exchange;
-
-        if (!CBB_add_u16(cbb, ks->group_id))
-                goto err;
-        if (!CBB_add_u16_length_prefixed(cbb, &key_exchange))
-                goto err;
-
-        if (ks->nid == NID_X25519) {
-                if (!tls13_key_share_public_x25519(ks, &key_exchange))
-                        goto err;
-        } else {
-                if (!tls13_key_share_public_ecdhe_ecp(ks, &key_exchange))
-                        goto err;
-        }
-
-        if (!CBB_flush(cbb))
-                goto err;
-
-        return 1;
+        if (ks->nid == NID_X25519)
+                return tls13_key_share_public_x25519(ks, cbb);
 
- err:
-        return 0;
+        return tls13_key_share_public_ecdhe_ecp(ks, cbb);
 }
 
 static int