Avoid using OSSL_PKEY_PARAM_GROUP_NAME when the key might be legacy

Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13139)
author: Tomas Mraz <tomas@openssl.org> 2021-01-20 14:01:01 +0100
committer: Tomas Mraz <tomas@openssl.org> 2021-01-26 15:26:49 +0100
commit: 0c8e98e615d3522592a5bde6fcef43e42eb70deb (patch)
tree: d4cde4d46f67f9d2baf6a5d9c7bf8982699d856f /ssl/s3_lib.c
parent: f377e58fde1a7e6b29067c48df7d3c04fdaeba38 (diff)
1 files changed, 4 insertions, 41 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 34980b0bc6..966d799d6b 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3430,29 +3430,6 @@ static char *srp_password_from_info_cb(SSL *s, void *arg)
 }
 #endif
 
-#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
-static int ssl_set_tmp_ecdh_groups(uint16_t **pext, size_t *pextlen,
-                                   EVP_PKEY *pkey)
-{
-    char name[80];
-    int nid, ret = 0;
-    size_t name_len;
-
-    if (!EVP_PKEY_get_utf8_string_param(pkey, OSSL_PKEY_PARAM_GROUP_NAME,
-                                        name, sizeof(name), &name_len)) {
-        SSLerr(0, EC_R_MISSING_PARAMETERS);
-        return 0;
-    }
-    nid = OBJ_txt2nid(name);
-    if (nid == NID_undef)
-        goto end;
-    ret = tls1_set_groups(pext, pextlen, &nid, 1);
-end:
-    EVP_PKEY_free(pkey);
-    return ret;
-}
-#endif
-
 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
 
 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
@@ -3503,22 +3480,15 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     case SSL_CTRL_SET_TMP_ECDH:
         {
-            EVP_PKEY *pkecdh = NULL;
-
             if (parg == NULL) {
                 ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
                 return 0;
             }
-            pkecdh = ssl_ecdh_to_pkey(parg);
-            if (pkecdh == NULL) {
-                ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
             return ssl_set_tmp_ecdh_groups(&s->ext.supportedgroups,
                                            &s->ext.supportedgroups_len,
-                                           pkecdh);
+                                           parg);
         }
-#endif                          /* !OPENSSL_NO_EC */
+#endif
     case SSL_CTRL_SET_TLSEXT_HOSTNAME:
         /*
          * TODO(OpenSSL1.2)
@@ -3838,22 +3808,15 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
     case SSL_CTRL_SET_TMP_ECDH:
         {
-            EVP_PKEY *pkecdh = NULL;
-
             if (parg == NULL) {
                 ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
                 return 0;
             }
-            pkecdh = ssl_ecdh_to_pkey(parg);
-            if (pkecdh == NULL) {
-                ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
             return ssl_set_tmp_ecdh_groups(&ctx->ext.supportedgroups,
                                            &ctx->ext.supportedgroups_len,
-                                           pkecdh);
+                                           parg);
         }
-#endif                          /* !OPENSSL_NO_EC */
+#endif
     case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
         ctx->ext.servername_arg = parg;
         break;
author	Tomas Mraz <tomas@openssl.org>	2021-01-20 14:01:01 +0100
committer	Tomas Mraz <tomas@openssl.org>	2021-01-26 15:26:49 +0100
commit	0c8e98e615d3522592a5bde6fcef43e42eb70deb (patch)
tree	d4cde4d46f67f9d2baf6a5d9c7bf8982699d856f /ssl/s3_lib.c
parent	f377e58fde1a7e6b29067c48df7d3c04fdaeba38 (diff)