1 files changed, 35 insertions, 89 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 261e4e996f..b087535ce1 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.46 2015/07/14 05:26:32 doug Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.47 2015/07/15 18:35:34 beck Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -881,37 +881,8 @@ dtls1_send_client_key_exchange(SSL *s)
                } else if (alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe)) {
                        const EC_GROUP *srvr_group = NULL;
                        EC_KEY *tkey;
-                        int ecdh_clnt_cert = 0;
                        int field_size = 0;
-                        /* Did we send out the client's
-                         * ECDH share for use in premaster
-                         * computation as part of client certificate?
-                         * If so, set ecdh_clnt_cert to 1.
-                         */
-                        if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) &&
-                            (s->cert != NULL)) {
-                                /* XXX: For now, we do not support client
-                                 * authentication using ECDH certificates.
-                                 * To add such support, one needs to add
-                                 * code that checks for appropriate
-                                 * conditions and sets ecdh_clnt_cert to 1.
-                                 * For example, the cert have an ECC
-                                 * key on the same curve as the server's
-                                 * and the key should be authorized for
-                                 * key agreement.
-                                 *
-                                 * One also needs to add code in ssl3_connect
-                                 * to skip sending the certificate verify
-                                 * message.
-                                 *
-                                 * if ((s->cert->key->privatekey != NULL) &&
-                                 *     (s->cert->key->privatekey->type ==
-                                 *      EVP_PKEY_EC) && ...)
-                                 * ecdh_clnt_cert = 1;
-                                 */
-                        }
                        if (s->session->sess_cert->peer_ecdh_tmp != NULL) {
                                tkey = s->session->sess_cert->peer_ecdh_tmp;
                        } else {
@@ -949,31 +920,12 @@ dtls1_send_client_key_exchange(SSL *s)
                                    ERR_R_EC_LIB);
                                goto err;
                        }
-                        if (ecdh_clnt_cert) {
-                                /* Reuse key info from our certificate
+                        /* Generate a new ECDH key pair */
-                                 * We only need our private key to perform
+                        if (!(EC_KEY_generate_key(clnt_ecdh))) {
-                                 * the ECDH computation.
+                                SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
-                                 */
+                                    ERR_R_ECDH_LIB);
-                                const BIGNUM *priv_key;
+                                goto err;
-                                tkey = s->cert->key->privatekey->pkey.ec;
-                                priv_key = EC_KEY_get0_private_key(tkey);
-                                if (priv_key == NULL) {
-                                        SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
-                                            ERR_R_MALLOC_FAILURE);
-                                        goto err;
-                                }
-                                if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
-                                        SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
-                                            ERR_R_EC_LIB);
-                                        goto err;
-                                }
-                        } else {
-                                /* Generate a new ECDH key pair */
-                                if (!(EC_KEY_generate_key(clnt_ecdh))) {
-                                        SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
-                                            ERR_R_ECDH_LIB);
-                                        goto err;
-                                }
                        }
                        /* use the 'p' output buffer for the ECDH key, but
@@ -999,44 +951,38 @@ dtls1_send_client_key_exchange(SSL *s)
                                s, s->session->master_key, p, n);
                        memset(p, 0, n); /* clean up */
-                        if (ecdh_clnt_cert) {
+                        /* First check the size of encoding and
-                                /* Send empty client key exch message */
+                         * allocate memory accordingly.
-                                n = 0;
+                         */
-                        } else {
+                        encoded_pt_len = EC_POINT_point2oct(srvr_group,
-                                /* First check the size of encoding and
+                            EC_KEY_get0_public_key(clnt_ecdh),
-                                 * allocate memory accordingly.
+                            POINT_CONVERSION_UNCOMPRESSED,
-                                 */
+                            NULL, 0, NULL);
-                                encoded_pt_len = EC_POINT_point2oct(srvr_group,
-                                    EC_KEY_get0_public_key(clnt_ecdh),
-                                    POINT_CONVERSION_UNCOMPRESSED,
-                                    NULL, 0, NULL);
-                                encodedPoint = malloc(encoded_pt_len);
-                                bn_ctx = BN_CTX_new();
-                                if ((encodedPoint == NULL) ||
-                                    (bn_ctx == NULL)) {
-                                        SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
-                                            ERR_R_MALLOC_FAILURE);
-                                        goto err;
-                                }
-                                /* Encode the public key */
+                        encodedPoint = malloc(encoded_pt_len);
-                                n = EC_POINT_point2oct(srvr_group,
-                                    EC_KEY_get0_public_key(clnt_ecdh),
-                                    POINT_CONVERSION_UNCOMPRESSED,
-                                    encodedPoint, encoded_pt_len, bn_ctx);
-                                *p = n; /* length of encoded point */
+                        bn_ctx = BN_CTX_new();
-                                /* Encoded point will be copied here */
+                        if ((encodedPoint == NULL) ||
-                                p += 1;
+                            (bn_ctx == NULL)) {
+                                SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
+                                    ERR_R_MALLOC_FAILURE);
+                                goto err;
+                        }
-                                /* copy the point */
+                        /* Encode the public key */
-                                memcpy((unsigned char *)p, encodedPoint, n);
+                        n = EC_POINT_point2oct(srvr_group,
-                                /* increment n to account for length field */
+                            EC_KEY_get0_public_key(clnt_ecdh),
-                                n += 1;
+                            POINT_CONVERSION_UNCOMPRESSED,
+                            encodedPoint, encoded_pt_len, bn_ctx);
-                        }
+                        *p = n; /* length of encoded point */
+                        /* Encoded point will be copied here */
+                        p += 1;
+                        /* copy the point */
+                        memcpy((unsigned char *)p, encodedPoint, n);
+                        /* increment n to account for length field */
+                        n += 1;
                        /* Free allocated memory */
                        BN_CTX_free(bn_ctx);

diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index 261e4e996f..b087535ce1 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_clnt.c,v 1.46 2015/07/14 05:26:32 doug Exp $ */	1	/* $OpenBSD: d1_clnt.c,v 1.47 2015/07/15 18:35:34 beck Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -881,37 +881,8 @@ dtls1_send_client_key_exchange(SSL *s)
881	} else if (alg_k & (SSL_kECDHE\|SSL_kECDHr\|SSL_kECDHe)) {	881	} else if (alg_k & (SSL_kECDHE\|SSL_kECDHr\|SSL_kECDHe)) {
882	const EC_GROUP *srvr_group = NULL;	882	const EC_GROUP *srvr_group = NULL;
883	EC_KEY *tkey;	883	EC_KEY *tkey;
884	int ecdh_clnt_cert = 0;
885	int field_size = 0;	884	int field_size = 0;
886		885
887	/* Did we send out the client's
888	* ECDH share for use in premaster
889	* computation as part of client certificate?
890	* If so, set ecdh_clnt_cert to 1.
891	*/
892	if ((alg_k & (SSL_kECDHr\|SSL_kECDHe)) &&
893	(s->cert != NULL)) {
894	/* XXX: For now, we do not support client
895	* authentication using ECDH certificates.
896	* To add such support, one needs to add
897	* code that checks for appropriate
898	* conditions and sets ecdh_clnt_cert to 1.
899	* For example, the cert have an ECC
900	* key on the same curve as the server's
901	* and the key should be authorized for
902	* key agreement.
903	*
904	* One also needs to add code in ssl3_connect
905	* to skip sending the certificate verify
906	* message.
907	*
908	* if ((s->cert->key->privatekey != NULL) &&
909	* (s->cert->key->privatekey->type ==
910	* EVP_PKEY_EC) && ...)
911	* ecdh_clnt_cert = 1;
912	*/
913	}
914
915	if (s->session->sess_cert->peer_ecdh_tmp != NULL) {	886	if (s->session->sess_cert->peer_ecdh_tmp != NULL) {
916	tkey = s->session->sess_cert->peer_ecdh_tmp;	887	tkey = s->session->sess_cert->peer_ecdh_tmp;
917	} else {	888	} else {
@@ -949,31 +920,12 @@ dtls1_send_client_key_exchange(SSL *s)
949	ERR_R_EC_LIB);	920	ERR_R_EC_LIB);
950	goto err;	921	goto err;
951	}	922	}
952	if (ecdh_clnt_cert) {	923
953	/* Reuse key info from our certificate	924	/* Generate a new ECDH key pair */
954	* We only need our private key to perform	925	if (!(EC_KEY_generate_key(clnt_ecdh))) {
955	* the ECDH computation.	926	SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
956	*/	927	ERR_R_ECDH_LIB);
957	const BIGNUM *priv_key;	928	goto err;
958	tkey = s->cert->key->privatekey->pkey.ec;
959	priv_key = EC_KEY_get0_private_key(tkey);
960	if (priv_key == NULL) {
961	SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
962	ERR_R_MALLOC_FAILURE);
963	goto err;
964	}
965	if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
966	SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
967	ERR_R_EC_LIB);
968	goto err;
969	}
970	} else {
971	/* Generate a new ECDH key pair */
972	if (!(EC_KEY_generate_key(clnt_ecdh))) {
973	SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
974	ERR_R_ECDH_LIB);
975	goto err;
976	}
977	}	929	}
978		930
979	/* use the 'p' output buffer for the ECDH key, but	931	/* use the 'p' output buffer for the ECDH key, but
@@ -999,44 +951,38 @@ dtls1_send_client_key_exchange(SSL *s)
999	s, s->session->master_key, p, n);	951	s, s->session->master_key, p, n);
1000	memset(p, 0, n); /* clean up */	952	memset(p, 0, n); /* clean up */
1001		953
1002	if (ecdh_clnt_cert) {	954	/* First check the size of encoding and
1003	/* Send empty client key exch message */	955	* allocate memory accordingly.
1004	n = 0;	956	*/
1005	} else {	957	encoded_pt_len = EC_POINT_point2oct(srvr_group,
1006	/* First check the size of encoding and	958	EC_KEY_get0_public_key(clnt_ecdh),
1007	* allocate memory accordingly.	959	POINT_CONVERSION_UNCOMPRESSED,
1008	*/	960	NULL, 0, NULL);
1009	encoded_pt_len = EC_POINT_point2oct(srvr_group,
1010	EC_KEY_get0_public_key(clnt_ecdh),
1011	POINT_CONVERSION_UNCOMPRESSED,
1012	NULL, 0, NULL);
1013
1014	encodedPoint = malloc(encoded_pt_len);
1015
1016	bn_ctx = BN_CTX_new();
1017	if ((encodedPoint == NULL) \|\|
1018	(bn_ctx == NULL)) {
1019	SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
1020	ERR_R_MALLOC_FAILURE);
1021	goto err;
1022	}
1023		961
1024	/* Encode the public key */	962	encodedPoint = malloc(encoded_pt_len);
1025	n = EC_POINT_point2oct(srvr_group,
1026	EC_KEY_get0_public_key(clnt_ecdh),
1027	POINT_CONVERSION_UNCOMPRESSED,
1028	encodedPoint, encoded_pt_len, bn_ctx);
1029		963
1030	p = n; / length of encoded point */	964	bn_ctx = BN_CTX_new();
1031	/* Encoded point will be copied here */	965	if ((encodedPoint == NULL) \|\|
1032	p += 1;	966	(bn_ctx == NULL)) {
		967	SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,
		968	ERR_R_MALLOC_FAILURE);
		969	goto err;
		970	}
1033		971
1034	/* copy the point */	972	/* Encode the public key */
1035	memcpy((unsigned char *)p, encodedPoint, n);	973	n = EC_POINT_point2oct(srvr_group,
1036	/* increment n to account for length field */	974	EC_KEY_get0_public_key(clnt_ecdh),
1037	n += 1;	975	POINT_CONVERSION_UNCOMPRESSED,
		976	encodedPoint, encoded_pt_len, bn_ctx);
1038		977
1039	}	978	p = n; / length of encoded point */
		979	/* Encoded point will be copied here */
		980	p += 1;
		981
		982	/* copy the point */
		983	memcpy((unsigned char *)p, encodedPoint, n);
		984	/* increment n to account for length field */
		985	n += 1;
1040		986
1041	/* Free allocated memory */	987	/* Free allocated memory */
1042	BN_CTX_free(bn_ctx);	988	BN_CTX_free(bn_ctx);