generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Implement cipher-suite selection logic given Supported Point Formats Extension.

Browse Source 
Submitted by: Douglas Stebila
This commit is contained in:
Bodo Möller 2006-03-30 02:35:09 +00:00
parent 531308d929
commit f393b7449d
1 changed files with 67 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
ssl/s3_lib.c
View File

@ -152,6 +152,11 @@
#include <openssl/objects.h> #include <openssl/objects.h>
#include "ssl_locl.h" #include "ssl_locl.h"
#include "kssl_lcl.h" #include "kssl_lcl.h"
#ifndef OPENSSL_NO_TLSEXT
#ifndef OPENSSL_NO_EC
#include "../crypto/ec/ec_lcl.h"
#endif /* OPENSSL_NO_EC */
#endif /* OPENSSL_NO_TLSEXT */
#include <openssl/md5.h> #include <openssl/md5.h>
#ifndef OPENSSL_NO_DH #ifndef OPENSSL_NO_DH
#include <openssl/dh.h> #include <openssl/dh.h>
@ -2039,6 +2044,11 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
SSL_CIPHER *c,*ret=NULL; SSL_CIPHER *c,*ret=NULL;
STACK_OF(SSL_CIPHER) *prio, *allow; STACK_OF(SSL_CIPHER) *prio, *allow;
int i,j,ok; int i,j,ok;
#ifndef OPENSSL_NO_TLSEXT
#ifndef OPENSSL_NO_EC
int ec_ok;
#endif /* OPENSSL_NO_EC */
#endif /* OPENSSL_NO_TLSEXT */
CERT *cert; CERT *cert;
unsigned long alg,mask,emask; unsigned long alg,mask,emask;
@ -2124,6 +2134,63 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
#endif #endif
} }
#ifndef OPENSSL_NO_TLSEXT
#ifndef OPENSSL_NO_EC
if (
/* if we are considering an ECC cipher suite that uses our certificate */
(alg & SSL_aECDSA)
/* and we have an ECC certificate */
&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
/* and the client specified a Supported Point Formats extension */
&& ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
/* and our certificate's point is compressed */
&& (
(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
&& (
(*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
|| (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
)
)
)
{
ec_ok = 0;
/* if our certificate's curve is over a field type that the client does not support
* then do not allow this cipher suite to be negotiated */
if (
(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
&& (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
)
{
for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
{
if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
{
ec_ok = 1;
break;
}
}
}
else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
{
for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
{
if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
{
ec_ok = 1;
break;
}
}
}
ok = ok && ec_ok;
}
#endif /* OPENSSL_NO_EC */
#endif /* OPENSSL_NO_TLSEXT */
if (!ok) continue; if (!ok) continue;
j=sk_SSL_CIPHER_find(allow,c); j=sk_SSL_CIPHER_find(allow,c);
if (j >= 0) if (j >= 0)