diff options
Diffstat (limited to 'ssl/statem/statem_srvr.c')
| -rw-r--r-- | ssl/statem/statem_srvr.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 43f9811163..1bab800ced 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2624,6 +2624,18 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) goto err; } + /* + * TODO(3.0) Remove this when EVP_PKEY_get1_tls_encodedpoint() + * knows how to get a key from an encoded point with the help of + * a OSSL_SERIALIZER deserializer. We know that EVP_PKEY_get0() + * downgrades an EVP_PKEY to contain a legacy key. + * + * THIS IS TEMPORARY + */ + EVP_PKEY_get0(s->s3.tmp.pkey); + if (EVP_PKEY_id(s->s3.tmp.pkey) == EVP_PKEY_NONE) + goto err; + /* Encode the public key. */ encodedlen = EVP_PKEY_get1_tls_encodedpoint(s->s3.tmp.pkey, &encodedPoint); @@ -3207,6 +3219,22 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt) ERR_R_EVP_LIB); goto err; } + + /* + * TODO(3.0) Remove this when EVP_PKEY_get1_tls_encodedpoint() + * knows how to get a key from an encoded point with the help of + * a OSSL_SERIALIZER deserializer. We know that EVP_PKEY_get0() + * downgrades an EVP_PKEY to contain a legacy key. + * + * THIS IS TEMPORARY + */ + EVP_PKEY_get0(ckey); + if (EVP_PKEY_id(ckey) == EVP_PKEY_NONE) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE, + ERR_R_INTERNAL_ERROR); + goto err; + } + if (EVP_PKEY_set1_tls_encodedpoint(ckey, data, i) == 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE, ERR_R_EC_LIB); |