summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorjsing <>2014-10-03 13:58:18 +0000
committerjsing <>2014-10-03 13:58:18 +0000
commitf42035acfafef5f2efe92cd8eef619164f7144f2 (patch)
treecffe0badf760bb2604b226bec541734923e423b7 /src/lib
parent079e384e3438a23d2ddc504f4d34e5a46d9dd6e8 (diff)
downloadopenbsd-f42035acfafef5f2efe92cd8eef619164f7144f2.tar.gz
openbsd-f42035acfafef5f2efe92cd8eef619164f7144f2.tar.bz2
openbsd-f42035acfafef5f2efe92cd8eef619164f7144f2.zip
Add support for automatic ephemeral EC keys.
This allows an SSL server to enable ECDHE ciphers with a single setting, which results in an EC key being generated using the first preference shared curve. Based on OpenSSL with inspiration from boringssl. ok miod@
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libssl/s3_lib.c10
-rw-r--r--src/lib/libssl/s3_srvr.c14
-rw-r--r--src/lib/libssl/src/ssl/s3_lib.c10
-rw-r--r--src/lib/libssl/src/ssl/s3_srvr.c14
-rw-r--r--src/lib/libssl/src/ssl/ssl.h8
-rw-r--r--src/lib/libssl/src/ssl/ssl_cert.c3
-rw-r--r--src/lib/libssl/src/ssl/ssl_lib.c5
-rw-r--r--src/lib/libssl/src/ssl/ssl_locl.h8
-rw-r--r--src/lib/libssl/src/ssl/t1_lib.c41
-rw-r--r--src/lib/libssl/ssl.h8
-rw-r--r--src/lib/libssl/ssl_cert.c3
-rw-r--r--src/lib/libssl/ssl_lib.c5
-rw-r--r--src/lib/libssl/ssl_locl.h8
-rw-r--r--src/lib/libssl/t1_lib.c41
14 files changed, 152 insertions, 26 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 246aa6f23d..42f8074f8c 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.81 2014/09/30 15:40:09 jsing Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.82 2014/10/03 13:58:17 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2128,6 +2128,11 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2128 ret = 1; 2128 ret = 1;
2129 break; 2129 break;
2130 2130
2131 case SSL_CTRL_SET_ECDH_AUTO:
2132 s->cert->ecdh_tmp_auto = larg;
2133 ret = 1;
2134 break;
2135
2131 default: 2136 default:
2132 break; 2137 break;
2133 } 2138 }
@@ -2322,6 +2327,9 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2322 return 1; 2327 return 1;
2323 break; 2328 break;
2324 2329
2330 case SSL_CTRL_SET_ECDH_AUTO:
2331 ctx->cert->ecdh_tmp_auto = larg;
2332 return 1;
2325 2333
2326 /* A Thawte special :-) */ 2334 /* A Thawte special :-) */
2327 case SSL_CTRL_EXTRA_CHAIN_CERT: 2335 case SSL_CTRL_EXTRA_CHAIN_CERT:
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index cba875a3e6..c4a8442a3e 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_srvr.c,v 1.85 2014/09/27 11:03:43 jsing Exp $ */ 1/* $OpenBSD: s3_srvr.c,v 1.86 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1465,9 +1465,15 @@ ssl3_send_server_key_exchange(SSL *s)
1465 const EC_GROUP *group; 1465 const EC_GROUP *group;
1466 1466
1467 ecdhp = cert->ecdh_tmp; 1467 ecdhp = cert->ecdh_tmp;
1468 if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL) 1468 if (s->cert->ecdh_tmp_auto != 0) {
1469 int nid = tls1_get_shared_curve(s);
1470 if (nid != NID_undef)
1471 ecdhp = EC_KEY_new_by_curve_name(nid);
1472 } else if (ecdhp == NULL &&
1473 s->cert->ecdh_tmp_cb != NULL) {
1469 ecdhp = s->cert->ecdh_tmp_cb(s, 0, 1474 ecdhp = s->cert->ecdh_tmp_cb(s, 0,
1470 SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher)); 1475 SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
1476 }
1471 if (ecdhp == NULL) { 1477 if (ecdhp == NULL) {
1472 al = SSL_AD_HANDSHAKE_FAILURE; 1478 al = SSL_AD_HANDSHAKE_FAILURE;
1473 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, 1479 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
@@ -1482,7 +1488,9 @@ ssl3_send_server_key_exchange(SSL *s)
1482 } 1488 }
1483 1489
1484 /* Duplicate the ECDH structure. */ 1490 /* Duplicate the ECDH structure. */
1485 if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) { 1491 if (s->cert->ecdh_tmp_auto != 0) {
1492 ecdh = ecdhp;
1493 } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
1486 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, 1494 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1487 ERR_R_ECDH_LIB); 1495 ERR_R_ECDH_LIB);
1488 goto err; 1496 goto err;
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 246aa6f23d..42f8074f8c 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.81 2014/09/30 15:40:09 jsing Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.82 2014/10/03 13:58:17 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2128,6 +2128,11 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2128 ret = 1; 2128 ret = 1;
2129 break; 2129 break;
2130 2130
2131 case SSL_CTRL_SET_ECDH_AUTO:
2132 s->cert->ecdh_tmp_auto = larg;
2133 ret = 1;
2134 break;
2135
2131 default: 2136 default:
2132 break; 2137 break;
2133 } 2138 }
@@ -2322,6 +2327,9 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2322 return 1; 2327 return 1;
2323 break; 2328 break;
2324 2329
2330 case SSL_CTRL_SET_ECDH_AUTO:
2331 ctx->cert->ecdh_tmp_auto = larg;
2332 return 1;
2325 2333
2326 /* A Thawte special :-) */ 2334 /* A Thawte special :-) */
2327 case SSL_CTRL_EXTRA_CHAIN_CERT: 2335 case SSL_CTRL_EXTRA_CHAIN_CERT:
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index cba875a3e6..c4a8442a3e 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_srvr.c,v 1.85 2014/09/27 11:03:43 jsing Exp $ */ 1/* $OpenBSD: s3_srvr.c,v 1.86 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1465,9 +1465,15 @@ ssl3_send_server_key_exchange(SSL *s)
1465 const EC_GROUP *group; 1465 const EC_GROUP *group;
1466 1466
1467 ecdhp = cert->ecdh_tmp; 1467 ecdhp = cert->ecdh_tmp;
1468 if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL) 1468 if (s->cert->ecdh_tmp_auto != 0) {
1469 int nid = tls1_get_shared_curve(s);
1470 if (nid != NID_undef)
1471 ecdhp = EC_KEY_new_by_curve_name(nid);
1472 } else if (ecdhp == NULL &&
1473 s->cert->ecdh_tmp_cb != NULL) {
1469 ecdhp = s->cert->ecdh_tmp_cb(s, 0, 1474 ecdhp = s->cert->ecdh_tmp_cb(s, 0,
1470 SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher)); 1475 SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
1476 }
1471 if (ecdhp == NULL) { 1477 if (ecdhp == NULL) {
1472 al = SSL_AD_HANDSHAKE_FAILURE; 1478 al = SSL_AD_HANDSHAKE_FAILURE;
1473 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, 1479 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
@@ -1482,7 +1488,9 @@ ssl3_send_server_key_exchange(SSL *s)
1482 } 1488 }
1483 1489
1484 /* Duplicate the ECDH structure. */ 1490 /* Duplicate the ECDH structure. */
1485 if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) { 1491 if (s->cert->ecdh_tmp_auto != 0) {
1492 ecdh = ecdhp;
1493 } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
1486 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, 1494 SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
1487 ERR_R_ECDH_LIB); 1495 ERR_R_ECDH_LIB);
1488 goto err; 1496 goto err;
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
index c7dd4259cc..1e9e846195 100644
--- a/src/lib/libssl/src/ssl/ssl.h
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl.h,v 1.66 2014/09/28 14:45:48 reyk Exp $ */ 1/* $OpenBSD: ssl.h,v 1.67 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1425,6 +1425,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1425#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 1425#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
1426#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 1426#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
1427 1427
1428#define SSL_CTRL_SET_ECDH_AUTO 94
1429
1428#define DTLSv1_get_timeout(ssl, arg) \ 1430#define DTLSv1_get_timeout(ssl, arg) \
1429 SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) 1431 SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
1430#define DTLSv1_handle_timeout(ssl) \ 1432#define DTLSv1_handle_timeout(ssl) \
@@ -1449,6 +1451,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1449 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh) 1451 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1450#define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \ 1452#define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
1451 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) 1453 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
1454#define SSL_CTX_set_ecdh_auto(ctx, onoff) \
1455 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
1452 1456
1453#define SSL_need_tmp_RSA(ssl) \ 1457#define SSL_need_tmp_RSA(ssl) \
1454 SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL) 1458 SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
@@ -1458,6 +1462,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1458 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh) 1462 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1459#define SSL_set_tmp_ecdh(ssl,ecdh) \ 1463#define SSL_set_tmp_ecdh(ssl,ecdh) \
1460 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) 1464 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
1465#define SSL_set_ecdh_auto(s, onoff) \
1466 SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
1461 1467
1462#define SSL_CTX_add_extra_chain_cert(ctx,x509) \ 1468#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
1463 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) 1469 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
diff --git a/src/lib/libssl/src/ssl/ssl_cert.c b/src/lib/libssl/src/ssl/ssl_cert.c
index 6aae59e310..6f1815067b 100644
--- a/src/lib/libssl/src/ssl/ssl_cert.c
+++ b/src/lib/libssl/src/ssl/ssl_cert.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_cert.c,v 1.41 2014/07/10 08:25:00 guenther Exp $ */ 1/* $OpenBSD: ssl_cert.c,v 1.42 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -244,6 +244,7 @@ ssl_cert_dup(CERT *cert)
244 } 244 }
245 } 245 }
246 ret->ecdh_tmp_cb = cert->ecdh_tmp_cb; 246 ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
247 ret->ecdh_tmp_auto = cert->ecdh_tmp_auto;
247 248
248 for (i = 0; i < SSL_PKEY_NUM; i++) { 249 for (i = 0; i < SSL_PKEY_NUM; i++) {
249 if (cert->pkeys[i].x509 != NULL) { 250 if (cert->pkeys[i].x509 != NULL) {
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index bd5f9f6da1..f6a21d4351 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.84 2014/09/07 12:16:23 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.85 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1943,7 +1943,8 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1943 rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL); 1943 rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
1944 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL); 1944 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
1945 1945
1946 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL); 1946 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL ||
1947 c->ecdh_tmp_auto != 0);
1947 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]); 1948 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
1948 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL); 1949 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
1949 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]); 1950 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 8ec4c69d5b..976f835c92 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.70 2014/09/30 15:40:09 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.71 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -439,13 +439,16 @@ typedef struct cert_st {
439 int valid; 439 int valid;
440 unsigned long mask_k; 440 unsigned long mask_k;
441 unsigned long mask_a; 441 unsigned long mask_a;
442
442 RSA *rsa_tmp; 443 RSA *rsa_tmp;
443 RSA *(*rsa_tmp_cb)(SSL *ssl, int is_export, int keysize); 444 RSA *(*rsa_tmp_cb)(SSL *ssl, int is_export, int keysize);
445
444 DH *dh_tmp; 446 DH *dh_tmp;
445 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize); 447 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize);
448
446 EC_KEY *ecdh_tmp; 449 EC_KEY *ecdh_tmp;
447 /* Callback for generating ephemeral ECDH keys */
448 EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize); 450 EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize);
451 int ecdh_tmp_auto;
449 452
450 CERT_PKEY pkeys[SSL_PKEY_NUM]; 453 CERT_PKEY pkeys[SSL_PKEY_NUM];
451 454
@@ -799,6 +802,7 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
799int tls1_ec_curve_id2nid(int curve_id); 802int tls1_ec_curve_id2nid(int curve_id);
800int tls1_ec_nid2curve_id(int nid); 803int tls1_ec_nid2curve_id(int nid);
801int tls1_check_curve(SSL *s, const unsigned char *p, size_t len); 804int tls1_check_curve(SSL *s, const unsigned char *p, size_t len);
805int tls1_get_shared_curve(SSL *s);
802 806
803unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, 807unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p,
804 unsigned char *limit); 808 unsigned char *limit);
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c
index d40768560c..678818d51b 100644
--- a/src/lib/libssl/src/ssl/t1_lib.c
+++ b/src/lib/libssl/src/ssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.59 2014/09/30 15:40:09 jsing Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.60 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -408,6 +408,35 @@ tls1_check_curve(SSL *s, const unsigned char *p, size_t len)
408 return (0); 408 return (0);
409} 409}
410 410
411int
412tls1_get_shared_curve(SSL *s)
413{
414 const unsigned char *pref, *supp, *tsupp;
415 size_t preflen, supplen, i, j;
416 unsigned long server_pref;
417 int id;
418
419 /* Cannot do anything on the client side. */
420 if (s->server == 0)
421 return (NID_undef);
422
423 /* Return first preference shared curve. */
424 server_pref = (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE);
425 tls1_get_curvelist(s, (server_pref == 0), &pref, &preflen);
426 tls1_get_curvelist(s, (server_pref != 0), &supp, &supplen);
427
428 for (i = 0; i < preflen; i += 2, pref += 2) {
429 tsupp = supp;
430 for (j = 0; j < supplen; j += 2, tsupp += 2) {
431 if (pref[0] == tsupp[0] && pref[1] == tsupp[1]) {
432 id = (pref[0] << 8) | pref[1];
433 return (tls1_ec_curve_id2nid(id));
434 }
435 }
436 }
437 return (NID_undef);
438}
439
411/* For an EC key set TLS ID and required compression based on parameters. */ 440/* For an EC key set TLS ID and required compression based on parameters. */
412static int 441static int
413tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, EC_KEY *ec) 442tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, EC_KEY *ec)
@@ -524,11 +553,17 @@ tls1_check_ec_tmp_key(SSL *s)
524 EC_KEY *ec = s->cert->ecdh_tmp; 553 EC_KEY *ec = s->cert->ecdh_tmp;
525 unsigned char curve_id[2]; 554 unsigned char curve_id[2];
526 555
556 if (s->cert->ecdh_tmp_auto != 0) {
557 /* Need a shared curve. */
558 if (tls1_get_shared_curve(s) != NID_undef)
559 return (1);
560 return (0);
561 }
562
527 if (ec == NULL) { 563 if (ec == NULL) {
528 if (s->cert->ecdh_tmp_cb != NULL) 564 if (s->cert->ecdh_tmp_cb != NULL)
529 return (1); 565 return (1);
530 else 566 return (0);
531 return (0);
532 } 567 }
533 if (tls1_set_ec_id(curve_id, NULL, ec) != 1) 568 if (tls1_set_ec_id(curve_id, NULL, ec) != 1)
534 return (0); 569 return (0);
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index c7dd4259cc..1e9e846195 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl.h,v 1.66 2014/09/28 14:45:48 reyk Exp $ */ 1/* $OpenBSD: ssl.h,v 1.67 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1425,6 +1425,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1425#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 1425#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
1426#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 1426#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
1427 1427
1428#define SSL_CTRL_SET_ECDH_AUTO 94
1429
1428#define DTLSv1_get_timeout(ssl, arg) \ 1430#define DTLSv1_get_timeout(ssl, arg) \
1429 SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) 1431 SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
1430#define DTLSv1_handle_timeout(ssl) \ 1432#define DTLSv1_handle_timeout(ssl) \
@@ -1449,6 +1451,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1449 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh) 1451 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1450#define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \ 1452#define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
1451 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) 1453 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
1454#define SSL_CTX_set_ecdh_auto(ctx, onoff) \
1455 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
1452 1456
1453#define SSL_need_tmp_RSA(ssl) \ 1457#define SSL_need_tmp_RSA(ssl) \
1454 SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL) 1458 SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
@@ -1458,6 +1462,8 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1458 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh) 1462 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
1459#define SSL_set_tmp_ecdh(ssl,ecdh) \ 1463#define SSL_set_tmp_ecdh(ssl,ecdh) \
1460 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) 1464 SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
1465#define SSL_set_ecdh_auto(s, onoff) \
1466 SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
1461 1467
1462#define SSL_CTX_add_extra_chain_cert(ctx,x509) \ 1468#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
1463 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) 1469 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index 6aae59e310..6f1815067b 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_cert.c,v 1.41 2014/07/10 08:25:00 guenther Exp $ */ 1/* $OpenBSD: ssl_cert.c,v 1.42 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -244,6 +244,7 @@ ssl_cert_dup(CERT *cert)
244 } 244 }
245 } 245 }
246 ret->ecdh_tmp_cb = cert->ecdh_tmp_cb; 246 ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
247 ret->ecdh_tmp_auto = cert->ecdh_tmp_auto;
247 248
248 for (i = 0; i < SSL_PKEY_NUM; i++) { 249 for (i = 0; i < SSL_PKEY_NUM; i++) {
249 if (cert->pkeys[i].x509 != NULL) { 250 if (cert->pkeys[i].x509 != NULL) {
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index bd5f9f6da1..f6a21d4351 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.84 2014/09/07 12:16:23 jsing Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.85 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1943,7 +1943,8 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
1943 rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL); 1943 rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
1944 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL); 1944 dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
1945 1945
1946 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL); 1946 have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL ||
1947 c->ecdh_tmp_auto != 0);
1947 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]); 1948 cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
1948 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL); 1949 rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
1949 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]); 1950 cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 8ec4c69d5b..976f835c92 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.70 2014/09/30 15:40:09 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.71 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -439,13 +439,16 @@ typedef struct cert_st {
439 int valid; 439 int valid;
440 unsigned long mask_k; 440 unsigned long mask_k;
441 unsigned long mask_a; 441 unsigned long mask_a;
442
442 RSA *rsa_tmp; 443 RSA *rsa_tmp;
443 RSA *(*rsa_tmp_cb)(SSL *ssl, int is_export, int keysize); 444 RSA *(*rsa_tmp_cb)(SSL *ssl, int is_export, int keysize);
445
444 DH *dh_tmp; 446 DH *dh_tmp;
445 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize); 447 DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize);
448
446 EC_KEY *ecdh_tmp; 449 EC_KEY *ecdh_tmp;
447 /* Callback for generating ephemeral ECDH keys */
448 EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize); 450 EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize);
451 int ecdh_tmp_auto;
449 452
450 CERT_PKEY pkeys[SSL_PKEY_NUM]; 453 CERT_PKEY pkeys[SSL_PKEY_NUM];
451 454
@@ -799,6 +802,7 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
799int tls1_ec_curve_id2nid(int curve_id); 802int tls1_ec_curve_id2nid(int curve_id);
800int tls1_ec_nid2curve_id(int nid); 803int tls1_ec_nid2curve_id(int nid);
801int tls1_check_curve(SSL *s, const unsigned char *p, size_t len); 804int tls1_check_curve(SSL *s, const unsigned char *p, size_t len);
805int tls1_get_shared_curve(SSL *s);
802 806
803unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, 807unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p,
804 unsigned char *limit); 808 unsigned char *limit);
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index d40768560c..678818d51b 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.59 2014/09/30 15:40:09 jsing Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.60 2014/10/03 13:58:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -408,6 +408,35 @@ tls1_check_curve(SSL *s, const unsigned char *p, size_t len)
408 return (0); 408 return (0);
409} 409}
410 410
411int
412tls1_get_shared_curve(SSL *s)
413{
414 const unsigned char *pref, *supp, *tsupp;
415 size_t preflen, supplen, i, j;
416 unsigned long server_pref;
417 int id;
418
419 /* Cannot do anything on the client side. */
420 if (s->server == 0)
421 return (NID_undef);
422
423 /* Return first preference shared curve. */
424 server_pref = (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE);
425 tls1_get_curvelist(s, (server_pref == 0), &pref, &preflen);
426 tls1_get_curvelist(s, (server_pref != 0), &supp, &supplen);
427
428 for (i = 0; i < preflen; i += 2, pref += 2) {
429 tsupp = supp;
430 for (j = 0; j < supplen; j += 2, tsupp += 2) {
431 if (pref[0] == tsupp[0] && pref[1] == tsupp[1]) {
432 id = (pref[0] << 8) | pref[1];
433 return (tls1_ec_curve_id2nid(id));
434 }
435 }
436 }
437 return (NID_undef);
438}
439
411/* For an EC key set TLS ID and required compression based on parameters. */ 440/* For an EC key set TLS ID and required compression based on parameters. */
412static int 441static int
413tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, EC_KEY *ec) 442tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id, EC_KEY *ec)
@@ -524,11 +553,17 @@ tls1_check_ec_tmp_key(SSL *s)
524 EC_KEY *ec = s->cert->ecdh_tmp; 553 EC_KEY *ec = s->cert->ecdh_tmp;
525 unsigned char curve_id[2]; 554 unsigned char curve_id[2];
526 555
556 if (s->cert->ecdh_tmp_auto != 0) {
557 /* Need a shared curve. */
558 if (tls1_get_shared_curve(s) != NID_undef)
559 return (1);
560 return (0);
561 }
562
527 if (ec == NULL) { 563 if (ec == NULL) {
528 if (s->cert->ecdh_tmp_cb != NULL) 564 if (s->cert->ecdh_tmp_cb != NULL)
529 return (1); 565 return (1);
530 else 566 return (0);
531 return (0);
532 } 567 }
533 if (tls1_set_ec_id(curve_id, NULL, ec) != 1) 568 if (tls1_set_ec_id(curve_id, NULL, ec) != 1)
534 return (0); 569 return (0);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-31 03:56:41 +0000