src - OpenBSD base system

diff options


context:
space:
mode:

author	Joel Sing <jsing@cvs.openbsd.org>	2015-09-12 12:26:57 +0000
committer	Joel Sing <jsing@cvs.openbsd.org>	2015-09-12 12:26:57 +0000
commit	9bc9b26251847f34aad59c27af648330f1f5fd21 (patch)
tree	dbcd2939f6a96e3580e7b6abf515ab033f41ad07
parent	78e382a8758c47cbb2894b0f9730727beff2cad7 (diff)

Uncopy and unpaste dtls1_send_client_key_exchange() - the

ssl3_send_client_key_exchange() is effectively identical, in fact it has a number of bug fixes and improvements that never got merged into the DTLS copy of the code. Flenses another 264 lines of code. ok beck@

Diffstat

-rw-r--r--

lib/libssl/src/ssl/d1_clnt.c

271

-rw-r--r--

lib/libssl/src/ssl/ssl_locl.h

2 files changed, 5 insertions, 269 deletions

diff --git a/lib/libssl/src/ssl/d1_clnt.c b/lib/libssl/src/ssl/d1_clnt.c
index f45ef939eda..7dd6126c979 100644
--- a/lib/libssl/src/ssl/d1_clnt.c
+++ b/lib/libssl/src/ssl/d1_clnt.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: d1_clnt.c,v 1.52 2015/09/11 18:08:21 jsing Exp $ */

+/* $OpenBSD: d1_clnt.c,v 1.53 2015/09/12 12:26:56 jsing Exp $ */

* DTLS implementation written by Nagendra Modadugu

* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.

@@ -376,8 +376,7 @@ dtls1_connect(SSL *s)

else

s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;

s->init_num = 0;

- s->state = s->s3->tmp.next_state;

+ s->state = s->s3->tmp.next_state;

break;

case SSL3_ST_CW_CERT_A:

@@ -395,11 +394,10 @@ dtls1_connect(SSL *s)

case SSL3_ST_CW_KEY_EXCH_A:

case SSL3_ST_CW_KEY_EXCH_B:

dtls1_start_timer(s);

- ret = dtls1_send_client_key_exchange(s);

+ ret = ssl3_send_client_key_exchange(s);

if (ret <= 0)

goto end;

/* EAY EAY EAY need to check for DH fix cert

* sent back */

/* For TLS, cert_req is set to 2, so a cert chain

@@ -407,7 +405,7 @@ dtls1_connect(SSL *s)

if (s->s3->tmp.cert_req == 1) {

s->state = SSL3_ST_CW_CERT_VRFY_A;

} else {

- s->state = SSL3_ST_CW_CHANGE_A;

+ s->state = SSL3_ST_CW_CHANGE_A;

s->s3->change_cipher_spec = 0;

}

@@ -661,267 +659,6 @@ f_err:

}

int

-dtls1_send_client_key_exchange(SSL *s)

- unsigned char *p, *q;

- int n;

- unsigned long alg_k;

- EVP_PKEY *pkey = NULL;

- EC_KEY *clnt_ecdh = NULL;

- const EC_POINT *srvr_ecpoint = NULL;

- EVP_PKEY *srvr_pub_pkey = NULL;

- unsigned char *encodedPoint = NULL;

- int encoded_pt_len = 0;

- BN_CTX * bn_ctx = NULL;

- if (s->state == SSL3_ST_CW_KEY_EXCH_A) {

- p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_KEY_EXCHANGE);

- alg_k = s->s3->tmp.new_cipher->algorithm_mkey;

- if (s->session->sess_cert == NULL) {

- ssl3_send_alert(s, SSL3_AL_FATAL,

- SSL_AD_HANDSHAKE_FAILURE);

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_INTERNAL_ERROR);

- goto err;

- }

- if (alg_k & SSL_kRSA) {

- RSA *rsa;

- unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];

- pkey = X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);

- if ((pkey == NULL) ||

- (pkey->type != EVP_PKEY_RSA) ||

- (pkey->pkey.rsa == NULL)) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_INTERNAL_ERROR);

- goto err;

- }

- rsa = pkey->pkey.rsa;

- EVP_PKEY_free(pkey);

- tmp_buf[0] = s->client_version >> 8;

- tmp_buf[1] = s->client_version&0xff;

- arc4random_buf(&tmp_buf[2], sizeof(tmp_buf) - 2);

- s->session->master_key_length = sizeof tmp_buf;

- q = p;

- /* Fix buf for TLS and [incidentally] DTLS */

- if (s->version > SSL3_VERSION)

- p += 2;

- n = RSA_public_encrypt(sizeof tmp_buf,

- tmp_buf, p, rsa, RSA_PKCS1_PADDING);

- if (n <= 0) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- SSL_R_BAD_RSA_ENCRYPT);

- goto err;

- }

- /* Fix buf for TLS and [incidentally] DTLS */

- if (s->version > SSL3_VERSION) {

- s2n(n, q);

- n += 2;

- }

- s->session->master_key_length =

- s->method->ssl3_enc->generate_master_secret(s,

- s->session->master_key,

- tmp_buf, sizeof tmp_buf);

- explicit_bzero(tmp_buf, sizeof tmp_buf);

- } else if (alg_k & SSL_kDHE) {

- DH *dh_srvr, *dh_clnt;

- if (s->session->sess_cert->peer_dh_tmp != NULL)

- dh_srvr = s->session->sess_cert->peer_dh_tmp;

- else {

- /* we get them from the cert */

- ssl3_send_alert(s, SSL3_AL_FATAL,

- SSL_AD_HANDSHAKE_FAILURE);

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);

- goto err;

- }

- /* generate a new random key */

- if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_DH_LIB);

- goto err;

- }

- if (!DH_generate_key(dh_clnt)) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_DH_LIB);

- goto err;

- }

- /* use the 'p' output buffer for the DH key, but

- * make sure to clear it out afterwards */

- n = DH_compute_key(p, dh_srvr->pub_key, dh_clnt);

- if (n <= 0) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_DH_LIB);

- goto err;

- }

- /* generate master key from the result */

- s->session->master_key_length =

- s->method->ssl3_enc->generate_master_secret(

- s, s->session->master_key, p, n);

- /* clean up */

- memset(p, 0, n);

- /* send off the data */

- n = BN_num_bytes(dh_clnt->pub_key);

- s2n(n, p);

- BN_bn2bin(dh_clnt->pub_key, p);

- n += 2;

- DH_free(dh_clnt);

- /* perhaps clean things up a bit EAY EAY EAY EAY*/

- } else if (alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe)) {

- const EC_GROUP *srvr_group = NULL;

- EC_KEY *tkey;

- int field_size = 0;

- if (s->session->sess_cert->peer_ecdh_tmp != NULL) {

- tkey = s->session->sess_cert->peer_ecdh_tmp;

- } else {

- /* Get the Server Public Key from Cert */

- srvr_pub_pkey = X509_get_pubkey(s->session-> \

- sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);

- if ((srvr_pub_pkey == NULL) ||

- (srvr_pub_pkey->type != EVP_PKEY_EC) ||

- (srvr_pub_pkey->pkey.ec == NULL)) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_INTERNAL_ERROR);

- goto err;

- }

- tkey = srvr_pub_pkey->pkey.ec;

- }

- srvr_group = EC_KEY_get0_group(tkey);

- srvr_ecpoint = EC_KEY_get0_public_key(tkey);

- if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_INTERNAL_ERROR);

- goto err;

- }

- if ((clnt_ecdh = EC_KEY_new()) == NULL) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_MALLOC_FAILURE);

- goto err;

- }

- if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_EC_LIB);

- goto err;

- }

- /* Generate a new ECDH key pair */

- if (!(EC_KEY_generate_key(clnt_ecdh))) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_ECDH_LIB);

- goto err;

- }

- /* use the 'p' output buffer for the ECDH key, but

- * make sure to clear it out afterwards

- */

- field_size = EC_GROUP_get_degree(srvr_group);

- if (field_size <= 0) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_ECDH_LIB);

- goto err;

- }

- n = ECDH_compute_key(p, (field_size + 7)/8, srvr_ecpoint, clnt_ecdh, NULL);

- if (n <= 0) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_ECDH_LIB);

- goto err;

- }

- /* generate master key from the result */

- s->session->master_key_length =

- s->method->ssl3_enc->generate_master_secret(

- s, s->session->master_key, p, n);

- memset(p, 0, n); /* clean up */

- /* First check the size of encoding and

- * allocate memory accordingly.

- */

- encoded_pt_len = EC_POINT_point2oct(srvr_group,

- EC_KEY_get0_public_key(clnt_ecdh),

- POINT_CONVERSION_UNCOMPRESSED,

- NULL, 0, NULL);

- encodedPoint = malloc(encoded_pt_len);

- bn_ctx = BN_CTX_new();

- if ((encodedPoint == NULL) ||

- (bn_ctx == NULL)) {

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_MALLOC_FAILURE);

- goto err;

- }

- /* Encode the public key */

- n = EC_POINT_point2oct(srvr_group,

- EC_KEY_get0_public_key(clnt_ecdh),

- POINT_CONVERSION_UNCOMPRESSED,

- encodedPoint, encoded_pt_len, bn_ctx);

- *p = n; /* length of encoded point */

- /* Encoded point will be copied here */

- p += 1;

- /* copy the point */

- memcpy((unsigned char *)p, encodedPoint, n);

- /* increment n to account for length field */

- n += 1;

- /* Free allocated memory */

- BN_CTX_free(bn_ctx);

- free(encodedPoint);

- EC_KEY_free(clnt_ecdh);

- EVP_PKEY_free(srvr_pub_pkey);

- }

- else {

- ssl3_send_alert(s, SSL3_AL_FATAL,

- SSL_AD_HANDSHAKE_FAILURE);

- SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE,

- ERR_R_INTERNAL_ERROR);

- goto err;

- }

- ssl3_handshake_msg_finish(s, n);

- s->state = SSL3_ST_CW_KEY_EXCH_B;

- }

- /* SSL3_ST_CW_KEY_EXCH_B */

- return (ssl3_handshake_write(s));

-err:

- BN_CTX_free(bn_ctx);

- free(encodedPoint);

- EC_KEY_free(clnt_ecdh);

- EVP_PKEY_free(srvr_pub_pkey);

- return (-1);

-int

dtls1_send_client_verify(SSL *s)

{

unsigned char *p;

diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h
index f9be29b2410..92842346a20 100644
--- a/lib/libssl/src/ssl/ssl_locl.h
+++ b/lib/libssl/src/ssl/ssl_locl.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_locl.h,v 1.119 2015/09/11 18:08:21 jsing Exp $ */

+/* $OpenBSD: ssl_locl.h,v 1.120 2015/09/12 12:26:56 jsing Exp $ */

@@ -711,7 +711,6 @@ int ssl3_check_finished(SSL *s);

int ssl3_send_next_proto(SSL *s);

int dtls1_send_client_certificate(SSL *s);

-int dtls1_send_client_key_exchange(SSL *s);

int dtls1_send_client_verify(SSL *s);

/* some server-only functions */