diff options
| author | Matt Caswell <matt@openssl.org> | 2022-09-30 10:50:53 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2022-10-07 10:01:48 +0100 |
| commit | 16f0e91cf82e13c327f0b0402459dfbf78ef787c (patch) | |
| tree | 6bf3df6bc0bfec81e505fbab59f8e612588ac6f6 /ssl/statem | |
| parent | c007f466aaebd8ef07111c8560e039d8bcb5fa7b (diff) | |
| download | openssl-new-16f0e91cf82e13c327f0b0402459dfbf78ef787c.tar.gz | |
Partial revert and reimplement "Enable brainpool curves for TLS1.3"
This partially reverts commit 0a10825a0 in order to reimplement it in a
simpler way in the next commit. The reverted aspects are all related to
the TLSv1.3 brainpool curves in the supported_groups extension. Rather
than special casing the handling of these curves we simply add new entries
to the groups table to represent them. They can then be handled without
any additional special casing. This makes the code simpler to maintain.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19315)
Diffstat (limited to 'ssl/statem')
| -rw-r--r-- | ssl/statem/extensions.c | 2 | ||||
| -rw-r--r-- | ssl/statem/extensions_clnt.c | 21 | ||||
| -rw-r--r-- | ssl/statem/extensions_srvr.c | 7 | ||||
| -rw-r--r-- | ssl/statem/statem_lib.c | 6 |
4 files changed, 4 insertions, 32 deletions
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 6dc21ad42f..47ad5110ab 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -1409,7 +1409,7 @@ static int final_key_share(SSL_CONNECTION *s, unsigned int context, int sent) group_id = pgroups[i]; if (check_in_list(s, group_id, clntgroups, clnt_num_groups, - 2)) + 1)) break; } diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 19f6561b17..18bcba036f 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -226,21 +226,6 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL_CONNECTION *s, WPACKET *pkt, if (tls_valid_group(s, ctmp, min_version, max_version, 0, &okfortls13) && tls_group_allowed(s, ctmp, SSL_SECOP_CURVE_SUPPORTED)) { -#ifndef OPENSSL_NO_TLS1_3 - int ctmp13 = ssl_group_id_internal_to_tls13(ctmp); - - if (ctmp13 != 0 && ctmp13 != ctmp - && max_version == TLS1_3_VERSION) { - if (!WPACKET_put_bytes_u16(pkt, ctmp13)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - return EXT_RETURN_FAIL; - } - tls13added++; - added++; - if (min_version == TLS1_3_VERSION) - continue; - } -#endif if (!WPACKET_put_bytes_u16(pkt, ctmp)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return EXT_RETURN_FAIL; @@ -646,7 +631,7 @@ static int add_key_share(SSL_CONNECTION *s, WPACKET *pkt, unsigned int curve_id) } /* Create KeyShareEntry */ - if (!WPACKET_put_bytes_u16(pkt, ssl_group_id_internal_to_tls13(curve_id)) + if (!WPACKET_put_bytes_u16(pkt, curve_id) || !WPACKET_sub_memcpy_u16(pkt, encoded_point, encodedlen)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); goto err; @@ -699,9 +684,6 @@ EXT_RETURN tls_construct_ctos_key_share(SSL_CONNECTION *s, WPACKET *pkt, curve_id = s->s3.group_id; } else { for (i = 0; i < num_groups; i++) { - if (ssl_group_id_internal_to_tls13(pgroups[i]) == 0) - continue; - if (!tls_group_allowed(s, pgroups[i], SSL_SECOP_CURVE_SUPPORTED)) continue; @@ -1799,7 +1781,6 @@ int tls_parse_stoc_key_share(SSL_CONNECTION *s, PACKET *pkt, return 0; } - group_id = ssl_group_id_tls13_to_internal(group_id); if ((context & SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST) != 0) { const uint16_t *pgroups = NULL; size_t i, num_groups; diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 4f7321fd20..6a488a8737 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -642,7 +642,7 @@ int tls_parse_ctos_key_share(SSL_CONNECTION *s, PACKET *pkt, * we requested, and must be the only key_share sent. */ if (s->s3.group_id != 0 - && (ssl_group_id_tls13_to_internal(group_id) != s->s3.group_id + && (group_id != s->s3.group_id || PACKET_remaining(&key_share_list) != 0)) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE); return 0; @@ -664,8 +664,6 @@ int tls_parse_ctos_key_share(SSL_CONNECTION *s, PACKET *pkt, /* Cache the selected group ID in the SSL_SESSION */ s->session->kex_group = group_id; - group_id = ssl_group_id_tls13_to_internal(group_id); - if ((s->s3.peer_tmp = ssl_generate_param_group(s, group_id)) == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); @@ -1612,8 +1610,7 @@ EXT_RETURN tls_construct_stoc_key_share(SSL_CONNECTION *s, WPACKET *pkt, } if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_key_share) || !WPACKET_start_sub_packet_u16(pkt) - || !WPACKET_put_bytes_u16(pkt, ssl_group_id_internal_to_tls13( - s->s3.group_id)) + || !WPACKET_put_bytes_u16(pkt, s->s3.group_id) || !WPACKET_close(pkt)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); return EXT_RETURN_FAIL; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 07939ee960..8b34c11048 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -2222,15 +2222,9 @@ int check_in_list(SSL_CONNECTION *s, uint16_t group_id, const uint16_t *groups, if (groups == NULL || num_groups == 0) return 0; - if (checkallow == 1) - group_id = ssl_group_id_tls13_to_internal(group_id); - for (i = 0; i < num_groups; i++) { uint16_t group = groups[i]; - if (checkallow == 2) - group = ssl_group_id_tls13_to_internal(group); - if (group_id == group && (!checkallow || tls_group_allowed(s, group, SSL_SECOP_CURVE_CHECK))) { |