diff options
author | Pauli <pauli@openssl.org> | 2021-06-18 12:54:24 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-06-19 15:49:46 +1000 |
commit | d7b5c648d682b499b71320a03747602a6ba4dec3 (patch) | |
tree | e862a77bf88186198192164adc3ed5bf1f61c5ae /ssl/ssl_cert.c | |
parent | b9d022d78faee0648c3ace7f15ccec08f14feddb (diff) | |
download | openssl-new-d7b5c648d682b499b71320a03747602a6ba4dec3.tar.gz |
ssl: do not choose auto DH groups that are weaker than the security level
Fixes #15808
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15818)
Diffstat (limited to 'ssl/ssl_cert.c')
-rw-r--r-- | ssl/ssl_cert.c | 33 |
1 files changed, 24 insertions, 9 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index f78cb99c18..4f3c2f8ee7 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -960,18 +960,36 @@ int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref) return 1; } +int ssl_get_security_level_bits(const SSL *s, const SSL_CTX *ctx, int *levelp) +{ + int level; + static const int minbits_table[5 + 1] = { 0, 80, 112, 128, 192, 256 }; + + if (ctx != NULL) + level = SSL_CTX_get_security_level(ctx); + else + level = SSL_get_security_level(s); + + if (level > 5) + level = 5; + else if (level < 0) + level = 0; + + if (levelp != NULL) + *levelp = level; + + return minbits_table[level]; +} + static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex) { int level, minbits; - static const int minbits_table[5] = { 80, 112, 128, 192, 256 }; - if (ctx) - level = SSL_CTX_get_security_level(ctx); - else - level = SSL_get_security_level(s); - if (level <= 0) { + minbits = ssl_get_security_level_bits(s, ctx, &level); + + if (level == 0) { /* * No EDH keys weaker than 1024-bits even at level 0, otherwise, * anything goes. @@ -980,9 +998,6 @@ static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, return 0; return 1; } - if (level > 5) - level = 5; - minbits = minbits_table[level - 1]; switch (op) { case SSL_SECOP_CIPHER_SUPPORTED: case SSL_SECOP_CIPHER_SHARED: |