Deprecate the low level Diffie-Hellman functions.

Use of the low level DH functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11024)
author: Pauli <paul.dale@oracle.com> 2020-02-03 19:05:31 +1000
committer: Pauli <paul.dale@oracle.com> 2020-02-20 19:04:57 +1000
commit: ada66e78ef535fe80e422bbbadffe8e7863d457c (patch)
tree: c9caa2b3cd516d99937b02d50e16fc0dda1509b8 /ssl
parent: 0ad05b190ebb3a62f8519c8c4c721304c2405849 (diff)
4 files changed, 13 insertions, 12 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 706290be9b..51f8a0f63d 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4752,7 +4752,7 @@ EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id)
                 || (dh = DH_new_by_nid(ginf->nid)) == NULL
                 || !EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
-                    ERR_R_EVP_LIB);
+                     ERR_R_EVP_LIB);
             DH_free(dh);
             EVP_PKEY_free(pkey);
             pkey = NULL;
@@ -4760,7 +4760,7 @@ EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id)
         }
         if (EVP_PKEY_CTX_set_dh_nid(pctx, ginf->nid) <= 0) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
-                    ERR_R_EVP_LIB);
+                     ERR_R_EVP_LIB);
             EVP_PKEY_free(pkey);
             pkey = NULL;
             goto err;
@@ -4796,7 +4796,7 @@ EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id)
 /*
  * Generate parameters from a group ID
  */
-EVP_PKEY *ssl_generate_param_group(uint16_t id)
+EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id)
 {
     EVP_PKEY_CTX *pctx = NULL;
     EVP_PKEY *pkey = NULL;
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 31c01328ce..d9092161ff 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -2605,7 +2605,7 @@ __owur int tls1_set_groups_list(uint16_t **pext, size_t *pextlen,
                                 const char *str);
 __owur EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id);
 __owur int tls_valid_group(SSL *s, uint16_t group_id, int version);
-__owur EVP_PKEY *ssl_generate_param_group(uint16_t id);
+__owur EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id);
 #  ifndef OPENSSL_NO_EC
 void tls1_get_formatlist(SSL *s, const unsigned char **pformats,
                          size_t *num_formats);
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 36201c68e4..9649420012 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -705,7 +705,7 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
             continue;
         }
 
-        if ((s->s3.peer_tmp = ssl_generate_param_group(group_id)) == NULL) {
+        if ((s->s3.peer_tmp = ssl_generate_param_group(s, group_id)) == NULL) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_KEY_SHARE,
                    SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
             return 0;
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index ba2fe0802d..99459a8c6a 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2147,18 +2147,19 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
     }
     bnpub_key = NULL;
 
-    if (!ssl_security(s, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, dh)) {
-        SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PROCESS_SKE_DHE,
-                 SSL_R_DH_KEY_TOO_SMALL);
-        goto err;
-    }
-
     if (EVP_PKEY_assign_DH(peer_tmp, dh) == 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_SKE_DHE,
                  ERR_R_EVP_LIB);
         goto err;
     }
 
+    if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(peer_tmp),
+                      0, dh)) {
+        SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PROCESS_SKE_DHE,
+                 SSL_R_DH_KEY_TOO_SMALL);
+        goto err;
+    }
+
     s->s3.peer_tmp = peer_tmp;
 
     /*
@@ -2213,7 +2214,7 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
         return 0;
     }
 
-    if ((s->s3.peer_tmp = ssl_generate_param_group(curve_id)) == NULL) {
+    if ((s->s3.peer_tmp = ssl_generate_param_group(s, curve_id)) == NULL) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_SKE_ECDHE,
                  SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
         return 0;
author	Pauli <paul.dale@oracle.com>	2020-02-03 19:05:31 +1000
committer	Pauli <paul.dale@oracle.com>	2020-02-20 19:04:57 +1000
commit	ada66e78ef535fe80e422bbbadffe8e7863d457c (patch)
tree	c9caa2b3cd516d99937b02d50e16fc0dda1509b8 /ssl
parent	0ad05b190ebb3a62f8519c8c4c721304c2405849 (diff)