summaryrefslogtreecommitdiff
path: root/src/lib/libssl/tls_key_share.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/tls_key_share.c (renamed from src/lib/libssl/tls13_key_share.c)67
1 files changed, 34 insertions, 33 deletions
diff --git a/src/lib/libssl/tls13_key_share.c b/src/lib/libssl/tls_key_share.c
index 70f1b673f6..1bce651e10 100644
--- a/src/lib/libssl/tls13_key_share.c
+++ b/src/lib/libssl/tls_key_share.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_key_share.c,v 1.7 2022/01/04 11:01:58 jsing Exp $ */ 1/* $OpenBSD: tls_key_share.c,v 1.1 2022/01/05 17:10:03 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -18,12 +18,13 @@
18#include <stdlib.h> 18#include <stdlib.h>
19 19
20#include <openssl/curve25519.h> 20#include <openssl/curve25519.h>
21#include <openssl/ec.h>
21 22
22#include "bytestring.h" 23#include "bytestring.h"
23#include "ssl_locl.h" 24#include "ssl_locl.h"
24#include "tls13_internal.h" 25#include "tls_internal.h"
25 26
26struct tls13_key_share { 27struct tls_key_share {
27 int nid; 28 int nid;
28 uint16_t group_id; 29 uint16_t group_id;
29 30
@@ -35,16 +36,16 @@ struct tls13_key_share {
35 uint8_t *x25519_peer_public; 36 uint8_t *x25519_peer_public;
36}; 37};
37 38
38struct tls13_key_share * 39struct tls_key_share *
39tls13_key_share_new(uint16_t group_id) 40tls_key_share_new(uint16_t group_id)
40{ 41{
41 struct tls13_key_share *ks; 42 struct tls_key_share *ks;
42 int nid; 43 int nid;
43 44
44 if ((nid = tls1_ec_curve_id2nid(group_id)) == 0) 45 if ((nid = tls1_ec_curve_id2nid(group_id)) == 0)
45 return NULL; 46 return NULL;
46 47
47 if ((ks = calloc(1, sizeof(struct tls13_key_share))) == NULL) 48 if ((ks = calloc(1, sizeof(struct tls_key_share))) == NULL)
48 return NULL; 49 return NULL;
49 50
50 ks->group_id = group_id; 51 ks->group_id = group_id;
@@ -53,19 +54,19 @@ tls13_key_share_new(uint16_t group_id)
53 return ks; 54 return ks;
54} 55}
55 56
56struct tls13_key_share * 57struct tls_key_share *
57tls13_key_share_new_nid(int nid) 58tls_key_share_new_nid(int nid)
58{ 59{
59 uint16_t group_id; 60 uint16_t group_id;
60 61
61 if ((group_id = tls1_ec_nid2curve_id(nid)) == 0) 62 if ((group_id = tls1_ec_nid2curve_id(nid)) == 0)
62 return NULL; 63 return NULL;
63 64
64 return tls13_key_share_new(group_id); 65 return tls_key_share_new(group_id);
65} 66}
66 67
67void 68void
68tls13_key_share_free(struct tls13_key_share *ks) 69tls_key_share_free(struct tls_key_share *ks)
69{ 70{
70 if (ks == NULL) 71 if (ks == NULL)
71 return; 72 return;
@@ -81,13 +82,13 @@ tls13_key_share_free(struct tls13_key_share *ks)
81} 82}
82 83
83uint16_t 84uint16_t
84tls13_key_share_group(struct tls13_key_share *ks) 85tls_key_share_group(struct tls_key_share *ks)
85{ 86{
86 return ks->group_id; 87 return ks->group_id;
87} 88}
88 89
89int 90int
90tls13_key_share_peer_pkey(struct tls13_key_share *ks, EVP_PKEY *pkey) 91tls_key_share_peer_pkey(struct tls_key_share *ks, EVP_PKEY *pkey)
91{ 92{
92 if (ks->nid == NID_X25519 && ks->x25519_peer_public != NULL) { 93 if (ks->nid == NID_X25519 && ks->x25519_peer_public != NULL) {
93 if (!ssl_kex_dummy_ecdhe_x25519(pkey)) 94 if (!ssl_kex_dummy_ecdhe_x25519(pkey))
@@ -103,7 +104,7 @@ tls13_key_share_peer_pkey(struct tls13_key_share *ks, EVP_PKEY *pkey)
103} 104}
104 105
105static int 106static int
106tls13_key_share_generate_ecdhe_ecp(struct tls13_key_share *ks) 107tls_key_share_generate_ecdhe_ecp(struct tls_key_share *ks)
107{ 108{
108 EC_KEY *ecdhe = NULL; 109 EC_KEY *ecdhe = NULL;
109 int ret = 0; 110 int ret = 0;
@@ -128,7 +129,7 @@ tls13_key_share_generate_ecdhe_ecp(struct tls13_key_share *ks)
128} 129}
129 130
130static int 131static int
131tls13_key_share_generate_x25519(struct tls13_key_share *ks) 132tls_key_share_generate_x25519(struct tls_key_share *ks)
132{ 133{
133 uint8_t *public = NULL, *private = NULL; 134 uint8_t *public = NULL, *private = NULL;
134 int ret = 0; 135 int ret = 0;
@@ -158,16 +159,16 @@ tls13_key_share_generate_x25519(struct tls13_key_share *ks)
158} 159}
159 160
160int 161int
161tls13_key_share_generate(struct tls13_key_share *ks) 162tls_key_share_generate(struct tls_key_share *ks)
162{ 163{
163 if (ks->nid == NID_X25519) 164 if (ks->nid == NID_X25519)
164 return tls13_key_share_generate_x25519(ks); 165 return tls_key_share_generate_x25519(ks);
165 166
166 return tls13_key_share_generate_ecdhe_ecp(ks); 167 return tls_key_share_generate_ecdhe_ecp(ks);
167} 168}
168 169
169static int 170static int
170tls13_key_share_public_ecdhe_ecp(struct tls13_key_share *ks, CBB *cbb) 171tls_key_share_public_ecdhe_ecp(struct tls_key_share *ks, CBB *cbb)
171{ 172{
172 if (ks->ecdhe == NULL) 173 if (ks->ecdhe == NULL)
173 return 0; 174 return 0;
@@ -176,7 +177,7 @@ tls13_key_share_public_ecdhe_ecp(struct tls13_key_share *ks, CBB *cbb)
176} 177}
177 178
178static int 179static int
179tls13_key_share_public_x25519(struct tls13_key_share *ks, CBB *cbb) 180tls_key_share_public_x25519(struct tls_key_share *ks, CBB *cbb)
180{ 181{
181 if (ks->x25519_public == NULL) 182 if (ks->x25519_public == NULL)
182 return 0; 183 return 0;
@@ -185,16 +186,16 @@ tls13_key_share_public_x25519(struct tls13_key_share *ks, CBB *cbb)
185} 186}
186 187
187int 188int
188tls13_key_share_public(struct tls13_key_share *ks, CBB *cbb) 189tls_key_share_public(struct tls_key_share *ks, CBB *cbb)
189{ 190{
190 if (ks->nid == NID_X25519) 191 if (ks->nid == NID_X25519)
191 return tls13_key_share_public_x25519(ks, cbb); 192 return tls_key_share_public_x25519(ks, cbb);
192 193
193 return tls13_key_share_public_ecdhe_ecp(ks, cbb); 194 return tls_key_share_public_ecdhe_ecp(ks, cbb);
194} 195}
195 196
196static int 197static int
197tls13_key_share_peer_public_ecdhe_ecp(struct tls13_key_share *ks, CBS *cbs) 198tls_key_share_peer_public_ecdhe_ecp(struct tls_key_share *ks, CBS *cbs)
198{ 199{
199 EC_KEY *ecdhe = NULL; 200 EC_KEY *ecdhe = NULL;
200 int ret = 0; 201 int ret = 0;
@@ -219,7 +220,7 @@ tls13_key_share_peer_public_ecdhe_ecp(struct tls13_key_share *ks, CBS *cbs)
219} 220}
220 221
221static int 222static int
222tls13_key_share_peer_public_x25519(struct tls13_key_share *ks, CBS *cbs) 223tls_key_share_peer_public_x25519(struct tls_key_share *ks, CBS *cbs)
223{ 224{
224 size_t out_len; 225 size_t out_len;
225 226
@@ -233,17 +234,17 @@ tls13_key_share_peer_public_x25519(struct tls13_key_share *ks, CBS *cbs)
233} 234}
234 235
235int 236int
236tls13_key_share_peer_public(struct tls13_key_share *ks, uint16_t group, 237tls_key_share_peer_public(struct tls_key_share *ks, uint16_t group,
237 CBS *cbs) 238 CBS *cbs)
238{ 239{
239 if (ks->group_id != group) 240 if (ks->group_id != group)
240 return 0; 241 return 0;
241 242
242 if (ks->nid == NID_X25519) { 243 if (ks->nid == NID_X25519) {
243 if (!tls13_key_share_peer_public_x25519(ks, cbs)) 244 if (!tls_key_share_peer_public_x25519(ks, cbs))
244 return 0; 245 return 0;
245 } else { 246 } else {
246 if (!tls13_key_share_peer_public_ecdhe_ecp(ks, cbs)) 247 if (!tls_key_share_peer_public_ecdhe_ecp(ks, cbs))
247 return 0; 248 return 0;
248 } 249 }
249 250
@@ -251,7 +252,7 @@ tls13_key_share_peer_public(struct tls13_key_share *ks, uint16_t group,
251} 252}
252 253
253static int 254static int
254tls13_key_share_derive_ecdhe_ecp(struct tls13_key_share *ks, 255tls_key_share_derive_ecdhe_ecp(struct tls_key_share *ks,
255 uint8_t **shared_key, size_t *shared_key_len) 256 uint8_t **shared_key, size_t *shared_key_len)
256{ 257{
257 if (ks->ecdhe == NULL || ks->ecdhe_peer == NULL) 258 if (ks->ecdhe == NULL || ks->ecdhe_peer == NULL)
@@ -262,7 +263,7 @@ tls13_key_share_derive_ecdhe_ecp(struct tls13_key_share *ks,
262} 263}
263 264
264static int 265static int
265tls13_key_share_derive_x25519(struct tls13_key_share *ks, 266tls_key_share_derive_x25519(struct tls_key_share *ks,
266 uint8_t **shared_key, size_t *shared_key_len) 267 uint8_t **shared_key, size_t *shared_key_len)
267{ 268{
268 uint8_t *sk = NULL; 269 uint8_t *sk = NULL;
@@ -289,7 +290,7 @@ tls13_key_share_derive_x25519(struct tls13_key_share *ks,
289} 290}
290 291
291int 292int
292tls13_key_share_derive(struct tls13_key_share *ks, uint8_t **shared_key, 293tls_key_share_derive(struct tls_key_share *ks, uint8_t **shared_key,
293 size_t *shared_key_len) 294 size_t *shared_key_len)
294{ 295{
295 if (*shared_key != NULL) 296 if (*shared_key != NULL)
@@ -298,9 +299,9 @@ tls13_key_share_derive(struct tls13_key_share *ks, uint8_t **shared_key,
298 *shared_key_len = 0; 299 *shared_key_len = 0;
299 300
300 if (ks->nid == NID_X25519) 301 if (ks->nid == NID_X25519)
301 return tls13_key_share_derive_x25519(ks, shared_key, 302 return tls_key_share_derive_x25519(ks, shared_key,
302 shared_key_len); 303 shared_key_len);
303 304
304 return tls13_key_share_derive_ecdhe_ecp(ks, shared_key, 305 return tls_key_share_derive_ecdhe_ecp(ks, shared_key,
305 shared_key_len); 306 shared_key_len);
306} 307}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-18 14:52:49 +0000