diff options
| author | Matt Caswell <matt@openssl.org> | 2020-10-14 09:25:35 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2020-11-18 14:14:22 +0000 |
| commit | 091f6074c554a14bd9d37186e40ff9d556e4b216 (patch) | |
| tree | 3190a46233adee735d55f3659ed0f5a87a2cfbf0 /ssl | |
| parent | 2b93900e28b330e6066a993278fabd4d560936f9 (diff) | |
Convert TLS auto DH parameters to use EVP_PKEY
Previously a DH object was constructed and then assigned to an EVP_PKEY.
Instead we now construct the EVP_PKEY directly instead.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13368)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_local.h | 2 | ||||
| -rw-r--r-- | ssl/statem/statem_srvr.c | 7 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 51 |
3 files changed, 34 insertions, 26 deletions
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index 5e47320d62..67bb0a8d52 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -2693,7 +2693,7 @@ __owur int ssl_validate_ct(SSL *s); # endif # ifndef OPENSSL_NO_DH -__owur DH *ssl_get_auto_dh(SSL *s); +__owur EVP_PKEY *ssl_get_auto_dh(SSL *s); # endif __owur int ssl_security_cert(SSL *s, SSL_CTX *ctx, X509 *x, int vfy, int is_ee); diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 9d5e73f62c..d45afebf07 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2460,14 +2460,11 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) DH *dh; if (s->cert->dh_tmp_auto) { - DH *dhp = ssl_get_auto_dh(s); - pkdh = EVP_PKEY_new(); - if (pkdh == NULL || dhp == NULL) { - DH_free(dhp); + pkdh = ssl_get_auto_dh(s); + if (pkdh == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); goto err; } - EVP_PKEY_assign_DH(pkdh, dhp); pkdhp = pkdh; } else { pkdhp = cert->dh_tmp; diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index ff80b81167..9089cb8086 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -19,6 +19,7 @@ #include <openssl/dh.h> #include <openssl/bn.h> #include <openssl/provider.h> +#include <openssl/param_build.h> #include "internal/nelem.h" #include "internal/evp.h" #include "internal/tlsgroups.h" @@ -2873,12 +2874,15 @@ int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain) return tls1_check_chain(s, x, pk, chain, -1); } -#ifndef OPENSSL_NO_DH -DH *ssl_get_auto_dh(SSL *s) +EVP_PKEY *ssl_get_auto_dh(SSL *s) { - DH *dhp; - BIGNUM *p, *g; + EVP_PKEY *dhp = NULL; + BIGNUM *p; int dh_secbits = 80; + EVP_PKEY_CTX *pctx = NULL; + OSSL_PARAM_BLD *tmpl = NULL; + OSSL_PARAM *params = NULL; + if (s->cert->dh_tmp_auto != 2) { if (s->s3.tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aPSK)) { if (s->s3.tmp.new_cipher->strength_bits == 256) @@ -2892,15 +2896,6 @@ DH *ssl_get_auto_dh(SSL *s) } } - dhp = DH_new(); - if (dhp == NULL) - return NULL; - g = BN_new(); - if (g == NULL || !BN_set_word(g, 2)) { - DH_free(dhp); - BN_free(g); - return NULL; - } if (dh_secbits >= 192) p = BN_get_rfc3526_prime_8192(NULL); else if (dh_secbits >= 152) @@ -2911,15 +2906,31 @@ DH *ssl_get_auto_dh(SSL *s) p = BN_get_rfc3526_prime_2048(NULL); else p = BN_get_rfc2409_prime_1024(NULL); - if (p == NULL || !DH_set0_pqg(dhp, p, NULL, g)) { - DH_free(dhp); - BN_free(p); - BN_free(g); - return NULL; - } + if (p == NULL) + goto err; + + pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, "DH", s->ctx->propq); + if (pctx == NULL + || EVP_PKEY_key_fromdata_init(pctx) != 1) + goto err; + + tmpl = OSSL_PARAM_BLD_new(); + if (tmpl == NULL + || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p) + || !OSSL_PARAM_BLD_push_uint(tmpl, OSSL_PKEY_PARAM_FFC_G, 2)) + goto err; + + params = OSSL_PARAM_BLD_to_param(tmpl); + if (params == NULL || EVP_PKEY_fromdata(pctx, &dhp, params) != 1) + goto err; + +err: + OSSL_PARAM_BLD_free_params(params); + OSSL_PARAM_BLD_free(tmpl); + EVP_PKEY_CTX_free(pctx); + BN_free(p); return dhp; } -#endif static int ssl_security_cert_key(SSL *s, SSL_CTX *ctx, X509 *x, int op) { |