1 files changed, 40 insertions, 98 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index eed6cb5215..6bc5a8b622 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.116 2015/07/14 03:33:16 doug Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.117 2015/07/15 18:35:34 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -2009,37 +2009,8 @@ ssl3_send_client_key_exchange(SSL *s)
                } else if (alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe)) {
                        const EC_GROUP *srvr_group = NULL;
                        EC_KEY *tkey;
-                        int ecdh_clnt_cert = 0;
                        int field_size = 0;
-                        /*
-                         * Did we send out the client's ECDH share for use
-                         * in premaster computation as part of client
-                         * certificate? If so, set ecdh_clnt_cert to 1.
-                         */
-                        if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) &&
-                            (s->cert != NULL)) {
-                                /*
-                                 * XXX: For now, we do not support client
-                                 * authentication using ECDH certificates.
-                                 * To add such support, one needs to add
-                                 * code that checks for appropriate
-                                 * conditions and sets ecdh_clnt_cert to 1.
-                                 * For example, the cert have an ECC
-                                 * key on the same curve as the server's
-                                 * and the key should be authorized for
-                                 * key agreement.
-                                 *
-                                 * One also needs to add code in ssl3_connect
-                                 * to skip sending the certificate verify
-                                 * message.
-                                 *
-                                 * if ((s->cert->key->privatekey != NULL) &&
-                                 *     (s->cert->key->privatekey->type ==
-                                 *      EVP_PKEY_EC) && ...)
-                                 * ecdh_clnt_cert = 1;
-                                 */
-                        }
                        /* Ensure that we have an ephemeral key for ECDHE. */
                        if ((alg_k & SSL_kECDHE) &&
@@ -2087,36 +2058,13 @@ ssl3_send_client_key_exchange(SSL *s)
                                    ERR_R_EC_LIB);
                                goto err;
                        }
-                        if (ecdh_clnt_cert) {
-                                /*
+                        /* Generate a new ECDH key pair */
-                                 * Reuse key info from our certificate
+                        if (!(EC_KEY_generate_key(clnt_ecdh))) {
-                                 * We only need our private key to perform
+                                SSLerr(
-                                 * the ECDH computation.
+                                    SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                 */
+                                    ERR_R_ECDH_LIB);
-                                const BIGNUM *priv_key;
+                                goto err;
-                                tkey = s->cert->key->privatekey->pkey.ec;
-                                priv_key = EC_KEY_get0_private_key(tkey);
-                                if (priv_key == NULL) {
-                                        SSLerr(
-                                            SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                            ERR_R_MALLOC_FAILURE);
-                                        goto err;
-                                }
-                                if (!EC_KEY_set_private_key(clnt_ecdh,
-                                    priv_key)) {
-                                        SSLerr(
-                                            SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                            ERR_R_EC_LIB);
-                                        goto err;
-                                }
-                        } else {
-                                /* Generate a new ECDH key pair */
-                                if (!(EC_KEY_generate_key(clnt_ecdh))) {
-                                        SSLerr(
-                                            SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                            ERR_R_ECDH_LIB);
-                                        goto err;
-                                }
                        }
                        /*
@@ -2144,47 +2092,41 @@ ssl3_send_client_key_exchange(SSL *s)
                        memset(p, 0, n); /* clean up */
-                        if (ecdh_clnt_cert) {
+                        /*
-                                /* Send empty client key exch message. */
+                         * First check the size of encoding and
-                                n = 0;
+                         * allocate memory accordingly.
-                        } else {
+                         */
-                                /*
+                        encoded_pt_len = EC_POINT_point2oct(
-                                 * First check the size of encoding and
+                                srvr_group,
-                                 * allocate memory accordingly.
+                                EC_KEY_get0_public_key(clnt_ecdh),
-                                 */
+                                POINT_CONVERSION_UNCOMPRESSED,
-                                encoded_pt_len = EC_POINT_point2oct(
+                                NULL, 0, NULL);
-                                    srvr_group,
-                                    EC_KEY_get0_public_key(clnt_ecdh),
+                        encodedPoint = malloc(encoded_pt_len);
-                                    POINT_CONVERSION_UNCOMPRESSED,
-                                    NULL, 0, NULL);
+                        bn_ctx = BN_CTX_new();
+                        if ((encodedPoint == NULL) ||
-                                encodedPoint = malloc(encoded_pt_len);
+                            (bn_ctx == NULL)) {
+                                SSLerr(
-                                bn_ctx = BN_CTX_new();
+                                    SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                if ((encodedPoint == NULL) ||
+                                    ERR_R_MALLOC_FAILURE);
-                                    (bn_ctx == NULL)) {
+                                goto err;
-                                        SSLerr(
+                        }
-                                            SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                                            ERR_R_MALLOC_FAILURE);
-                                        goto err;
-                                }
-                                /* Encode the public key */
-                                n = EC_POINT_point2oct(srvr_group,
-                                    EC_KEY_get0_public_key(clnt_ecdh),
-                                    POINT_CONVERSION_UNCOMPRESSED,
-                                    encodedPoint, encoded_pt_len, bn_ctx);
-                                *p = n; /* length of encoded point */
+                        /* Encode the public key */
-                                /* Encoded point will be copied here */
+                        n = EC_POINT_point2oct(srvr_group,
-                                p += 1;
+                            EC_KEY_get0_public_key(clnt_ecdh),
+                            POINT_CONVERSION_UNCOMPRESSED,
+                            encodedPoint, encoded_pt_len, bn_ctx);
-                                /* copy the point */
+                        *p = n; /* length of encoded point */
-                                memcpy((unsigned char *)p, encodedPoint, n);
+                        /* Encoded point will be copied here */
-                                /* increment n to account for length field */
+                        p += 1;
-                                n += 1;
-                        }
+                        /* copy the point */
+                        memcpy((unsigned char *)p, encodedPoint, n);
+                        /* increment n to account for length field */
+                        n += 1;
                        /* Free allocated memory */
                        BN_CTX_free(bn_ctx);

diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index eed6cb5215..6bc5a8b622 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_clnt.c,v 1.116 2015/07/14 03:33:16 doug Exp $ */	1	/* $OpenBSD: s3_clnt.c,v 1.117 2015/07/15 18:35:34 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -2009,37 +2009,8 @@ ssl3_send_client_key_exchange(SSL *s)
2009	} else if (alg_k & (SSL_kECDHE\|SSL_kECDHr\|SSL_kECDHe)) {	2009	} else if (alg_k & (SSL_kECDHE\|SSL_kECDHr\|SSL_kECDHe)) {
2010	const EC_GROUP *srvr_group = NULL;	2010	const EC_GROUP *srvr_group = NULL;
2011	EC_KEY *tkey;	2011	EC_KEY *tkey;
2012	int ecdh_clnt_cert = 0;
2013	int field_size = 0;	2012	int field_size = 0;
2014		2013
2015	/*
2016	* Did we send out the client's ECDH share for use
2017	* in premaster computation as part of client
2018	* certificate? If so, set ecdh_clnt_cert to 1.
2019	*/
2020	if ((alg_k & (SSL_kECDHr\|SSL_kECDHe)) &&
2021	(s->cert != NULL)) {
2022	/*
2023	* XXX: For now, we do not support client
2024	* authentication using ECDH certificates.
2025	* To add such support, one needs to add
2026	* code that checks for appropriate
2027	* conditions and sets ecdh_clnt_cert to 1.
2028	* For example, the cert have an ECC
2029	* key on the same curve as the server's
2030	* and the key should be authorized for
2031	* key agreement.
2032	*
2033	* One also needs to add code in ssl3_connect
2034	* to skip sending the certificate verify
2035	* message.
2036	*
2037	* if ((s->cert->key->privatekey != NULL) &&
2038	* (s->cert->key->privatekey->type ==
2039	* EVP_PKEY_EC) && ...)
2040	* ecdh_clnt_cert = 1;
2041	*/
2042	}
2043		2014
2044	/* Ensure that we have an ephemeral key for ECDHE. */	2015	/* Ensure that we have an ephemeral key for ECDHE. */
2045	if ((alg_k & SSL_kECDHE) &&	2016	if ((alg_k & SSL_kECDHE) &&
@@ -2087,36 +2058,13 @@ ssl3_send_client_key_exchange(SSL *s)
2087	ERR_R_EC_LIB);	2058	ERR_R_EC_LIB);
2088	goto err;	2059	goto err;
2089	}	2060	}
2090	if (ecdh_clnt_cert) {	2061
2091	/*	2062	/* Generate a new ECDH key pair */
2092	* Reuse key info from our certificate	2063	if (!(EC_KEY_generate_key(clnt_ecdh))) {
2093	* We only need our private key to perform	2064	SSLerr(
2094	* the ECDH computation.	2065	SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2095	*/	2066	ERR_R_ECDH_LIB);
2096	const BIGNUM *priv_key;	2067	goto err;
2097	tkey = s->cert->key->privatekey->pkey.ec;
2098	priv_key = EC_KEY_get0_private_key(tkey);
2099	if (priv_key == NULL) {
2100	SSLerr(
2101	SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2102	ERR_R_MALLOC_FAILURE);
2103	goto err;
2104	}
2105	if (!EC_KEY_set_private_key(clnt_ecdh,
2106	priv_key)) {
2107	SSLerr(
2108	SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2109	ERR_R_EC_LIB);
2110	goto err;
2111	}
2112	} else {
2113	/* Generate a new ECDH key pair */
2114	if (!(EC_KEY_generate_key(clnt_ecdh))) {
2115	SSLerr(
2116	SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2117	ERR_R_ECDH_LIB);
2118	goto err;
2119	}
2120	}	2068	}
2121		2069
2122	/*	2070	/*
@@ -2144,47 +2092,41 @@ ssl3_send_client_key_exchange(SSL *s)
2144		2092
2145	memset(p, 0, n); /* clean up */	2093	memset(p, 0, n); /* clean up */
2146		2094
2147	if (ecdh_clnt_cert) {	2095	/*
2148	/* Send empty client key exch message. */	2096	* First check the size of encoding and
2149	n = 0;	2097	* allocate memory accordingly.
2150	} else {	2098	*/
2151	/*	2099	encoded_pt_len = EC_POINT_point2oct(
2152	* First check the size of encoding and	2100	srvr_group,
2153	* allocate memory accordingly.	2101	EC_KEY_get0_public_key(clnt_ecdh),
2154	*/	2102	POINT_CONVERSION_UNCOMPRESSED,
2155	encoded_pt_len = EC_POINT_point2oct(	2103	NULL, 0, NULL);
2156	srvr_group,	2104
2157	EC_KEY_get0_public_key(clnt_ecdh),	2105	encodedPoint = malloc(encoded_pt_len);
2158	POINT_CONVERSION_UNCOMPRESSED,	2106
2159	NULL, 0, NULL);	2107	bn_ctx = BN_CTX_new();
2160		2108	if ((encodedPoint == NULL) \|\|
2161	encodedPoint = malloc(encoded_pt_len);	2109	(bn_ctx == NULL)) {
2162		2110	SSLerr(
2163	bn_ctx = BN_CTX_new();	2111	SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2164	if ((encodedPoint == NULL) \|\|	2112	ERR_R_MALLOC_FAILURE);
2165	(bn_ctx == NULL)) {	2113	goto err;
2166	SSLerr(	2114	}
2167	SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2168	ERR_R_MALLOC_FAILURE);
2169	goto err;
2170	}
2171
2172	/* Encode the public key */
2173	n = EC_POINT_point2oct(srvr_group,
2174	EC_KEY_get0_public_key(clnt_ecdh),
2175	POINT_CONVERSION_UNCOMPRESSED,
2176	encodedPoint, encoded_pt_len, bn_ctx);
2177		2115
2178	p = n; / length of encoded point */	2116	/* Encode the public key */
2179	/* Encoded point will be copied here */	2117	n = EC_POINT_point2oct(srvr_group,
2180	p += 1;	2118	EC_KEY_get0_public_key(clnt_ecdh),
		2119	POINT_CONVERSION_UNCOMPRESSED,
		2120	encodedPoint, encoded_pt_len, bn_ctx);
2181		2121
2182	/* copy the point */	2122	p = n; / length of encoded point */
2183	memcpy((unsigned char *)p, encodedPoint, n);	2123	/* Encoded point will be copied here */
2184	/* increment n to account for length field */	2124	p += 1;
2185	n += 1;
2186		2125
2187	}	2126	/* copy the point */
		2127	memcpy((unsigned char *)p, encodedPoint, n);
		2128	/* increment n to account for length field */
		2129	n += 1;
2188		2130
2189	/* Free allocated memory */	2131	/* Free allocated memory */
2190	BN_CTX_free(bn_ctx);	2132	BN_CTX_free(bn_ctx);