Commit a8c1c704 authored by Matt Caswell's avatar Matt Caswell
Browse files

Split out DHE CKE construction into a separate function 



Continuing previous commit to break up the
tls_construct_client_key_exchange() function. This splits out the DHE
code.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
parent 13c0ec4a

ssl/statem/statem_clnt.c

+41 −33
Original line number Diff line number Diff line
@@ -2187,32 +2187,9 @@ static int tls_construct_cke_rsa(SSL *s, unsigned char **p, int *len, int *al) 
#endif

}



int tls_construct_client_key_exchange(SSL *s)

static int tls_construct_cke_dhe(SSL *s, unsigned char **p, int *len, int *al)

{

    unsigned char *p;

    int n;

    size_t pskhdrlen = 0;

    unsigned long alg_k;

    int al = -1;



    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;



    p = ssl_handshake_start(s);







    if ((alg_k & SSL_PSK)

            && !tls_construct_cke_psk_preamble(s, &p, &pskhdrlen, &al))

        goto err;



    if (alg_k & SSL_kPSK) {

        n = 0;

    } else if (alg_k & (SSL_kRSA | SSL_kRSAPSK)) {

        if (!tls_construct_cke_rsa(s, &p, &n, &al))

            goto err;

    }

#ifndef OPENSSL_NO_DH

    else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {

    DH *dh_clnt = NULL;

    const BIGNUM *pub_key;

    EVP_PKEY *ckey = NULL, *skey = NULL;
@@ -2221,7 +2198,7 @@ int tls_construct_client_key_exchange(SSL *s) 
    if (skey == NULL) {

        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,

               ERR_R_INTERNAL_ERROR);

            goto err;

        return 0;

    }

    ckey = ssl_generate_pkey(skey, NID_undef);

    dh_clnt = EVP_PKEY_get0_DH(ckey);
@@ -2230,21 +2207,52 @@ int tls_construct_client_key_exchange(SSL *s) 
        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,

               ERR_R_INTERNAL_ERROR);

        EVP_PKEY_free(ckey);

            goto err;

        return 0;

    }





    /* send off the data */

    DH_get0_key(dh_clnt, &pub_key, NULL);

        n = BN_num_bytes(pub_key);

        s2n(n, p);

        BN_bn2bin(pub_key, p);

        n += 2;

    *len = BN_num_bytes(pub_key);

    s2n(*len, *p);

    BN_bn2bin(pub_key, *p);

    *len += 2;

    EVP_PKEY_free(ckey);

        ckey = NULL;

    }



    return 1;

#else

    SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);

    *al = SSL_AD_INTERNAL_ERROR;

    return 0;

#endif

}



int tls_construct_client_key_exchange(SSL *s)

{

    unsigned char *p;

    int n;

    size_t pskhdrlen = 0;

    unsigned long alg_k;

    int al = -1;



    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;



    p = ssl_handshake_start(s);







    if ((alg_k & SSL_PSK)

            && !tls_construct_cke_psk_preamble(s, &p, &pskhdrlen, &al))

        goto err;



    if (alg_k & SSL_kPSK) {

        n = 0;

    } else if (alg_k & (SSL_kRSA | SSL_kRSAPSK)) {

        if (!tls_construct_cke_rsa(s, &p, &n, &al))

            goto err;

    } else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {

        if (!tls_construct_cke_dhe(s, &p, &n, &al))

            goto err;

    }

#ifndef OPENSSL_NO_EC

    else if (alg_k & (SSL_kECDHE | SSL_kECDHEPSK)) {

        unsigned char *encodedPoint = NULL;