diff options
Diffstat (limited to 'src/lib/libssl/tls13_server.c')
| -rw-r--r-- | src/lib/libssl/tls13_server.c | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c index 1aebf5840c..f3d21a7477 100644 --- a/src/lib/libssl/tls13_server.c +++ b/src/lib/libssl/tls13_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_server.c,v 1.29 2020/04/17 17:16:53 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_server.c,v 1.30 2020/04/21 17:06:16 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 4 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| @@ -49,11 +49,6 @@ tls13_server_init(struct tls13_ctx *ctx) | |||
| 49 | if ((s->session = SSL_SESSION_new()) == NULL) | 49 | if ((s->session = SSL_SESSION_new()) == NULL) |
| 50 | return 0; | 50 | return 0; |
| 51 | 51 | ||
| 52 | if ((ctx->hs->key_share = tls13_key_share_new_nid(NID_X25519)) == NULL) | ||
| 53 | return 0; | ||
| 54 | if (!tls13_key_share_generate(ctx->hs->key_share)) | ||
| 55 | return 0; | ||
| 56 | |||
| 57 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); | 52 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); |
| 58 | 53 | ||
| 59 | return 1; | 54 | return 1; |
| @@ -284,6 +279,14 @@ tls13_client_hello_recv(struct tls13_ctx *ctx, CBS *cbs) | |||
| 284 | if (s->method->internal->version < TLS1_3_VERSION) | 279 | if (s->method->internal->version < TLS1_3_VERSION) |
| 285 | return 1; | 280 | return 1; |
| 286 | 281 | ||
| 282 | /* | ||
| 283 | * If no matching key share was provided, we need to send a | ||
| 284 | * HelloRetryRequest, if matching security parameters exist. | ||
| 285 | */ | ||
| 286 | if (ctx->hs->key_share == NULL) | ||
| 287 | ctx->handshake_stage.hs_type |= WITH_HRR; | ||
| 288 | |||
| 289 | /* XXX - check this is the correct point */ | ||
| 287 | tls13_record_layer_allow_ccs(ctx->rl, 1); | 290 | tls13_record_layer_allow_ccs(ctx->rl, 1); |
| 288 | 291 | ||
| 289 | return 1; | 292 | return 1; |
| @@ -524,6 +527,12 @@ err: | |||
| 524 | int | 527 | int |
| 525 | tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb) | 528 | tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb) |
| 526 | { | 529 | { |
| 530 | if (ctx->hs->key_share == NULL) | ||
| 531 | return 0; | ||
| 532 | |||
| 533 | if (!tls13_key_share_generate(ctx->hs->key_share)) | ||
| 534 | return 0; | ||
| 535 | |||
| 527 | if (!tls13_server_hello_build(ctx, cbb)) | 536 | if (!tls13_server_hello_build(ctx, cbb)) |
| 528 | return 0; | 537 | return 0; |
| 529 | 538 | ||
| @@ -542,11 +551,6 @@ tls13_server_hello_sent(struct tls13_ctx *ctx) | |||
| 542 | SSL *s = ctx->ssl; | 551 | SSL *s = ctx->ssl; |
| 543 | int ret = 0; | 552 | int ret = 0; |
| 544 | 553 | ||
| 545 | /* XXX - handle other key share types. */ | ||
| 546 | if (ctx->hs->key_share == NULL) { | ||
| 547 | /* XXX - alert. */ | ||
| 548 | goto err; | ||
| 549 | } | ||
| 550 | if (!tls13_key_share_derive(ctx->hs->key_share, | 554 | if (!tls13_key_share_derive(ctx->hs->key_share, |
| 551 | &shared_key, &shared_key_len)) | 555 | &shared_key, &shared_key_len)) |
| 552 | goto err; | 556 | goto err; |