Commit 67ad5aab authored by Matt Caswell's avatar Matt Caswell
Browse files

Split out DHE CKE construction into a separate function 



Continuing previous commit to break up the
tls_construct_client_key_exchange() function. This splits out the ECDHE
code.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
parent a8c1c704

ssl/statem/statem_clnt.c

+59 −48
Original line number Diff line number Diff line
@@ -2226,35 +2226,9 @@ static int tls_construct_cke_dhe(SSL *s, unsigned char **p, int *len, int *al) 
#endif

}



int tls_construct_client_key_exchange(SSL *s)

static int tls_construct_cke_ecdhe(SSL *s, unsigned char **p, int *len, int *al)

{

    unsigned char *p;

    int n;

    size_t pskhdrlen = 0;

    unsigned long alg_k;

    int al = -1;



    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;



    p = ssl_handshake_start(s);







    if ((alg_k & SSL_PSK)

            && !tls_construct_cke_psk_preamble(s, &p, &pskhdrlen, &al))

        goto err;



    if (alg_k & SSL_kPSK) {

        n = 0;

    } else if (alg_k & (SSL_kRSA | SSL_kRSAPSK)) {

        if (!tls_construct_cke_rsa(s, &p, &n, &al))

            goto err;

    } else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {

        if (!tls_construct_cke_dhe(s, &p, &n, &al))

            goto err;

    }

#ifndef OPENSSL_NO_EC

    else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) {

    unsigned char *encodedPoint = NULL;

    int encoded_pt_len = 0;

    EVP_PKEY *ckey = NULL, *skey = NULL;
@@ -2263,14 +2237,13 @@ int tls_construct_client_key_exchange(SSL *s) 
    if ((skey == NULL) || EVP_PKEY_get0_EC_KEY(skey) == NULL) {

        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,

                   ERR_R_INTERNAL_ERROR);

            goto err;

        return 0;

    }



    ckey = ssl_generate_pkey(skey, NID_undef);



    if (ssl_derive(s, ckey, skey) == 0) {

        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_EVP_LIB);

            EVP_PKEY_free(ckey);

        goto err;

    }
@@ -2281,27 +2254,65 @@ int tls_construct_client_key_exchange(SSL *s) 


    if (encoded_pt_len == 0) {

        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);

            EVP_PKEY_free(ckey);

        goto err;

    }



    EVP_PKEY_free(ckey);

    ckey = NULL;



        n = encoded_pt_len;

    *len = encoded_pt_len;



        *p = n;         /* length of encoded point */

        /* Encoded point will be copied here */

        p += 1;

    /* length of encoded point */

    **p = *len;

    *p += 1;

    /* copy the point */

        memcpy(p, encodedPoint, n);

        /* increment n to account for length field */

        n += 1;

    memcpy(*p, encodedPoint, *len);

    /* increment len to account for length field */

    *len += 1;



        /* Free allocated memory */

    OPENSSL_free(encodedPoint);



    return 1;

 err:

    EVP_PKEY_free(ckey);

    return 0;

#else

    SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);

    *al = SSL_AD_INTERNAL_ERROR;

    return 0;

#endif

}



int tls_construct_client_key_exchange(SSL *s)

{

    unsigned char *p;

    int n;

    size_t pskhdrlen = 0;

    unsigned long alg_k;

    int al = -1;



    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;



    p = ssl_handshake_start(s);







    if ((alg_k & SSL_PSK)

            && !tls_construct_cke_psk_preamble(s, &p, &pskhdrlen, &al))

        goto err;



    if (alg_k & SSL_kPSK) {

        n = 0;

    } else if (alg_k & (SSL_kRSA | SSL_kRSAPSK)) {

        if (!tls_construct_cke_rsa(s, &p, &n, &al))

            goto err;

    } else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {

        if (!tls_construct_cke_dhe(s, &p, &n, &al))

            goto err;

    } else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) {

        if (!tls_construct_cke_ecdhe(s, &p, &n, &al))

            goto err;

    }

#endif                          /* !OPENSSL_NO_EC */

#ifndef OPENSSL_NO_GOST

    else if (alg_k & SSL_kGOST) {

        /* GOST key exchange message creation */