generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use EC_KEY_key2buf and EC_oct2key in libssl.

Browse Source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2015-12-12 01:13:42 +00:00
parent 981bd8a2f2
commit cae4136431
2 changed files with 14 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
ssl/statem/statem_clnt.c
View File

@ -1586,8 +1586,6 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
#endif
#ifndef OPENSSL_NO_EC
EC_KEY *ecdh = NULL;
BN_CTX *bn_ctx = NULL;
EC_POINT *srvr_ecpoint = NULL;
int curve_nid = 0;
#endif
PACKET save_param_start, signature;
@ -1742,16 +1740,9 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
#ifndef OPENSSL_NO_EC
else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) {
EC_GROUP *ngroup;
const EC_GROUP *group;
PACKET encoded_pt;
unsigned char *ecparams;
if ((ecdh = EC_KEY_new()) == NULL) {
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
goto err;
}
/*
* Extract elliptic curve parameters and the server's ephemeral ECDH
* public key. For now we only support named (not generic) curves and
@ -1777,23 +1768,10 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
goto f_err;
}
ngroup = EC_GROUP_new_by_curve_name(curve_nid);
if (ngroup == NULL) {
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EC_LIB);
goto err;
}
if (EC_KEY_set_group(ecdh, ngroup) == 0) {
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EC_LIB);
goto err;
}
EC_GROUP_free(ngroup);
ecdh = EC_KEY_new_by_curve_name(curve_nid);
group = EC_KEY_get0_group(ecdh);
/* Next, get the encoded ECPoint */
if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
((bn_ctx = BN_CTX_new()) == NULL)) {
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
if (ecdh == NULL) {
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EC_LIB);
goto err;
}
@ -1802,8 +1780,8 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
goto f_err;
}
if (EC_POINT_oct2point(group, srvr_ecpoint, PACKET_data(&encoded_pt),
PACKET_remaining(&encoded_pt), bn_ctx) == 0) {
if (EC_KEY_oct2key(ecdh, PACKET_data(&encoded_pt),
PACKET_remaining(&encoded_pt), NULL) == 0) {
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_BAD_ECPOINT);
goto f_err;
}
@ -1823,13 +1801,8 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
pkey = X509_get_pubkey(s->session->peer);
# endif
/* else anonymous ECDH, so no certificate or pkey. */
EC_KEY_set_public_key(ecdh, srvr_ecpoint);
s->s3->peer_ecdh_tmp = ecdh;
ecdh = NULL;
BN_CTX_free(bn_ctx);
bn_ctx = NULL;
EC_POINT_free(srvr_ecpoint);
srvr_ecpoint = NULL;
} else if (alg_k) {
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
@ -1940,8 +1913,6 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
DH_free(dh);
#endif
#ifndef OPENSSL_NO_EC
BN_CTX_free(bn_ctx);
EC_POINT_free(srvr_ecpoint);
EC_KEY_free(ecdh);
#endif
EVP_MD_CTX_free(md_ctx);
@ -2272,7 +2243,6 @@ int tls_construct_client_key_exchange(SSL *s)
EVP_PKEY *srvr_pub_pkey = NULL;
unsigned char *encodedPoint = NULL;
int encoded_pt_len = 0;
BN_CTX *bn_ctx = NULL;
#endif
unsigned char *pms = NULL;
size_t pmslen = 0;
@ -2620,25 +2590,15 @@ psk_err:
* accordingly.
*/
encoded_pt_len =
EC_POINT_point2oct(srvr_group,
EC_KEY_get0_public_key(clnt_ecdh),
POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, NULL);
EC_KEY_key2buf(clnt_ecdh, POINT_CONVERSION_UNCOMPRESSED,
&encodedPoint, NULL);
encodedPoint = (unsigned char *)
OPENSSL_malloc(encoded_pt_len * sizeof(unsigned char));
bn_ctx = BN_CTX_new();
if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
ERR_R_MALLOC_FAILURE);
if (encoded_pt_len == 0) {
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
goto err;
}
/* Encode the public key */
n = EC_POINT_point2oct(srvr_group,
EC_KEY_get0_public_key(clnt_ecdh),
POINT_CONVERSION_UNCOMPRESSED,
encodedPoint, encoded_pt_len, bn_ctx);
n = encoded_pt_len;
*p = n; /* length of encoded point */
/* Encoded point will be copied here */
@ -2650,7 +2610,6 @@ psk_err:
}
/* Free allocated memory */
BN_CTX_free(bn_ctx);
OPENSSL_free(encodedPoint);
EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
@ -2828,7 +2787,6 @@ psk_err:
OPENSSL_clear_free(pms, pmslen);
s->s3->tmp.pms = NULL;
#ifndef OPENSSL_NO_EC
BN_CTX_free(bn_ctx);
OPENSSL_free(encodedPoint);
EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);

40
ssl/statem/statem_srvr.c
View File

@ -1721,7 +1721,6 @@ int tls_construct_server_key_exchange(SSL *s)
unsigned char *encodedPoint = NULL;
int encodedlen = 0;
int curve_id = 0;
BN_CTX *bn_ctx = NULL;
#endif
EVP_PKEY *pkey;
const EVP_MD *md = NULL;
@ -1879,33 +1878,14 @@ int tls_construct_server_key_exchange(SSL *s)
* Encode the public key. First check the size of encoding and
* allocate memory accordingly.
*/
encodedlen = EC_POINT_point2oct(group,
EC_KEY_get0_public_key(ecdh),
POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, NULL);
encodedPoint = (unsigned char *)
OPENSSL_malloc(encodedlen * sizeof(unsigned char));
bn_ctx = BN_CTX_new();
if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE,
ERR_R_MALLOC_FAILURE);
goto err;
}
encodedlen = EC_POINT_point2oct(group,
EC_KEY_get0_public_key(ecdh),
POINT_CONVERSION_UNCOMPRESSED,
encodedPoint, encodedlen, bn_ctx);
encodedlen = EC_KEY_key2buf(ecdh, POINT_CONVERSION_UNCOMPRESSED,
&encodedPoint, NULL);
if (encodedlen == 0) {
SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_EC_LIB);
goto err;
}
BN_CTX_free(bn_ctx);
bn_ctx = NULL;
/*
* XXX: For now, we only support named (not generic) curves in
* ECDH ephemeral key exchanges. In this situation, we need four
@ -2082,7 +2062,6 @@ int tls_construct_server_key_exchange(SSL *s)
err:
#ifndef OPENSSL_NO_EC
OPENSSL_free(encodedPoint);
BN_CTX_free(bn_ctx);
#endif
EVP_MD_CTX_free(md_ctx);
ossl_statem_set_error(s);
@ -2176,9 +2155,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
#endif
#ifndef OPENSSL_NO_EC
EC_KEY *srvr_ecdh = NULL;
EVP_PKEY *clnt_pub_pkey = NULL;
EC_POINT *clnt_ecpoint = NULL;
BN_CTX *bn_ctx = NULL;
#endif
PACKET enc_premaster;
unsigned char *data, *rsa_decrypt = NULL;
@ -2581,11 +2558,6 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
* Get client's public key from encoded point in the
* ClientKeyExchange message.
*/
if ((bn_ctx = BN_CTX_new()) == NULL) {
SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE,
ERR_R_MALLOC_FAILURE);
goto err;
}
/* Get encoded point length */
if (!PACKET_get_1(pkt, &i)) {
@ -2599,7 +2571,7 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
goto err;
}
if (EC_POINT_oct2point(group, clnt_ecpoint, data, i, bn_ctx) == 0) {
if (EC_POINT_oct2point(group, clnt_ecpoint, data, i, NULL) == 0) {
SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
goto err;
}
@ -2624,10 +2596,8 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
goto err;
}
EVP_PKEY_free(clnt_pub_pkey);
EC_POINT_free(clnt_ecpoint);
EC_KEY_free(srvr_ecdh);
BN_CTX_free(bn_ctx);
EC_KEY_free(s->s3->tmp.ecdh);
s->s3->tmp.ecdh = NULL;
@ -2780,10 +2750,8 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
err:
#endif
#ifndef OPENSSL_NO_EC
EVP_PKEY_free(clnt_pub_pkey);
EC_POINT_free(clnt_ecpoint);
EC_KEY_free(srvr_ecdh);
BN_CTX_free(bn_ctx);
OPENSSL_free(rsa_decrypt);
#endif
#ifndef OPENSSL_NO_PSK