Loading include/openssl/ssl.h +1 −1 Original line number Diff line number Diff line Loading @@ -1836,7 +1836,7 @@ __owur const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c); /* Sanity check of curve server selects */ # define SSL_SECOP_CURVE_CHECK (6 | SSL_SECOP_OTHER_CURVE) /* Temporary DH key */ # define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_DH) # define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_PKEY) /* SSL/TLS version */ # define SSL_SECOP_VERSION (9 | SSL_SECOP_OTHER_NONE) /* Session tickets */ Loading ssl/s3_lib.c +25 −24 Original line number Diff line number Diff line Loading @@ -3488,21 +3488,24 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_SET_TMP_DH: { DH *dh = (DH *)parg; EVP_PKEY *pkdh = NULL; if (dh == NULL) { SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); return (ret); } pkdh = ssl_dh_to_pkey(dh); if (pkdh == NULL) { SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); return 0; } if (!ssl_security(s, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, dh)) { EVP_PKEY_security_bits(pkdh), 0, pkdh)) { SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL); return (ret); } if ((dh = DHparams_dup(dh)) == NULL) { SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); return (ret); EVP_PKEY_free(pkdh); return ret; } DH_free(s->cert->dh_tmp); s->cert->dh_tmp = dh; EVP_PKEY_free(s->cert->dh_tmp); s->cert->dh_tmp = pkdh; ret = 1; } break; Loading Loading @@ -3851,27 +3854,25 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) #ifndef OPENSSL_NO_DH case SSL_CTRL_SET_TMP_DH: { DH *new = NULL, *dh; CERT *cert; cert = ctx->cert; dh = (DH *)parg; if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, dh)) { SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); DH *dh = (DH *)parg; EVP_PKEY *pkdh = NULL; if (dh == NULL) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); return 0; } if ((new = DHparams_dup(dh)) == NULL) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); pkdh = ssl_dh_to_pkey(dh); if (pkdh == NULL) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); return 0; } if (!DH_generate_key(new)) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); DH_free(new); return 0; if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(pkdh), 0, pkdh)) { SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); EVP_PKEY_free(pkdh); return 1; } DH_free(cert->dh_tmp); cert->dh_tmp = new; EVP_PKEY_free(ctx->cert->dh_tmp); ctx->cert->dh_tmp = pkdh; return 1; } /* Loading ssl/ssl_cert.c +3 −22 Original line number Diff line number Diff line Loading @@ -197,27 +197,8 @@ CERT *ssl_cert_dup(CERT *cert) #ifndef OPENSSL_NO_DH if (cert->dh_tmp != NULL) { ret->dh_tmp = DHparams_dup(cert->dh_tmp); if (ret->dh_tmp == NULL) { SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB); goto err; } if (cert->dh_tmp->priv_key) { BIGNUM *b = BN_dup(cert->dh_tmp->priv_key); if (!b) { SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB); goto err; } ret->dh_tmp->priv_key = b; } if (cert->dh_tmp->pub_key) { BIGNUM *b = BN_dup(cert->dh_tmp->pub_key); if (!b) { SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB); goto err; } ret->dh_tmp->pub_key = b; } ret->dh_tmp = cert->dh_tmp; EVP_PKEY_up_ref(ret->dh_tmp); } ret->dh_tmp_cb = cert->dh_tmp_cb; ret->dh_tmp_auto = cert->dh_tmp_auto; Loading Loading @@ -370,7 +351,7 @@ void ssl_cert_free(CERT *c) #endif #ifndef OPENSSL_NO_DH DH_free(c->dh_tmp); EVP_PKEY_free(c->dh_tmp); #endif ssl_cert_clear_certs(c); Loading ssl/ssl_locl.h +1 −1 Original line number Diff line number Diff line Loading @@ -1489,7 +1489,7 @@ typedef struct cert_st { */ CERT_PKEY *key; # ifndef OPENSSL_NO_DH DH *dh_tmp; EVP_PKEY *dh_tmp; DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize); int dh_tmp_auto; # endif Loading ssl/statem/statem_srvr.c +55 −40 Original line number Diff line number Diff line Loading @@ -1714,7 +1714,7 @@ int tls_construct_server_done(SSL *s) int tls_construct_server_key_exchange(SSL *s) { #ifndef OPENSSL_NO_DH DH *dh = NULL, *dhp; EVP_PKEY *pkdh = NULL; #endif #ifndef OPENSSL_NO_EC unsigned char *encodedPoint = NULL; Loading Loading @@ -1761,49 +1761,66 @@ int tls_construct_server_key_exchange(SSL *s) if (type & (SSL_kDHE | SSL_kDHEPSK)) { CERT *cert = s->cert; EVP_PKEY *pkdhp = NULL; DH *dh; if (s->cert->dh_tmp_auto) { dhp = ssl_get_auto_dh(s); if (dhp == NULL) { DH *dhp = ssl_get_auto_dh(s); pkdh = EVP_PKEY_new(); if (pkdh == NULL || dhp == NULL) { DH_free(dhp); al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto f_err; } } else dhp = cert->dh_tmp; if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) dhp = s->cert->dh_tmp_cb(s, 0, 1024); if (dhp == NULL) { EVP_PKEY_assign_DH(pkdh, dhp); pkdhp = pkdh; } else { pkdhp = cert->dh_tmp; } if ((pkdhp == NULL) && (s->cert->dh_tmp_cb != NULL)) { DH *dhp = s->cert->dh_tmp_cb(s, 0, 1024); pkdh = ssl_dh_to_pkey(dhp); if (pkdh == NULL) { al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto f_err; } pkdhp = pkdh; } if (pkdhp == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY); goto f_err; } if (!ssl_security(s, SSL_SECOP_TMP_DH, DH_security_bits(dhp), 0, dhp)) { EVP_PKEY_security_bits(pkdhp), 0, pkdhp)) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, SSL_R_DH_KEY_TOO_SMALL); goto f_err; } if (s->s3->tmp.dh != NULL) { if (s->s3->tmp.pkey != NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; } if (s->cert->dh_tmp_auto) dh = dhp; else if ((dh = DHparams_dup(dhp)) == NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); goto err; } s->s3->tmp.pkey = ssl_generate_pkey(pkdhp, NID_undef); s->s3->tmp.dh = dh; if (!DH_generate_key(dh)) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); if (s->s3->tmp.pkey == NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_EVP_LIB); goto err; } dh = EVP_PKEY_get0_DH(s->s3->tmp.pkey); EVP_PKEY_free(pkdh); pkdh = NULL; r[0] = dh->p; r[1] = dh->g; r[2] = dh->pub_key; Loading Loading @@ -2018,6 +2035,9 @@ int tls_construct_server_key_exchange(SSL *s) f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); err: #ifndef OPENSSL_NO_DH EVP_PKEY_free(pkdh); #endif #ifndef OPENSSL_NO_EC OPENSSL_free(encodedPoint); #endif Loading Loading @@ -2107,10 +2127,6 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) RSA *rsa = NULL; EVP_PKEY *pkey = NULL; #endif #ifndef OPENSSL_NO_DH BIGNUM *pub = NULL; DH *dh_srvr; #endif #ifndef OPENSSL_NO_EC EVP_PKEY *ckey = NULL; #endif Loading Loading @@ -2334,7 +2350,8 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) #endif #ifndef OPENSSL_NO_DH if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) { unsigned char shared[(OPENSSL_DH_MAX_MODULUS_BITS + 7) / 8]; EVP_PKEY *skey = NULL; DH *cdh; if (!PACKET_get_net_2(pkt, &i)) { if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) { Loading @@ -2350,13 +2367,13 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); goto err; } if (s->s3->tmp.dh == NULL) { skey = s->s3->tmp.pkey; if (skey == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY); goto f_err; } else dh_srvr = s->s3->tmp.dh; } if (PACKET_remaining(pkt) == 0L) { al = SSL_AD_HANDSHAKE_FAILURE; Loading @@ -2371,29 +2388,27 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) ERR_R_INTERNAL_ERROR); goto f_err; } pub = BN_bin2bn(data, i, NULL); if (pub == NULL) { ckey = EVP_PKEY_new(); if (ckey == NULL || EVP_PKEY_copy_parameters(ckey, skey) == 0) { SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, SSL_R_BN_LIB); goto err; } i = DH_compute_key(shared, pub, dh_srvr); if (i <= 0) { SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB); BN_clear_free(pub); cdh = EVP_PKEY_get0_DH(ckey); cdh->pub_key = BN_bin2bn(data, i, NULL); if (cdh->pub_key == NULL) { SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, SSL_R_BN_LIB); goto err; } DH_free(s->s3->tmp.dh); s->s3->tmp.dh = NULL; BN_clear_free(pub); pub = NULL; if (!ssl_generate_master_secret(s, shared, i, 0)) { if (ssl_derive(s, skey, ckey) == 0) { al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto f_err; } EVP_PKEY_free(ckey); ckey = NULL; } else #endif Loading Loading
include/openssl/ssl.h +1 −1 Original line number Diff line number Diff line Loading @@ -1836,7 +1836,7 @@ __owur const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c); /* Sanity check of curve server selects */ # define SSL_SECOP_CURVE_CHECK (6 | SSL_SECOP_OTHER_CURVE) /* Temporary DH key */ # define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_DH) # define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_PKEY) /* SSL/TLS version */ # define SSL_SECOP_VERSION (9 | SSL_SECOP_OTHER_NONE) /* Session tickets */ Loading
ssl/s3_lib.c +25 −24 Original line number Diff line number Diff line Loading @@ -3488,21 +3488,24 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_SET_TMP_DH: { DH *dh = (DH *)parg; EVP_PKEY *pkdh = NULL; if (dh == NULL) { SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); return (ret); } pkdh = ssl_dh_to_pkey(dh); if (pkdh == NULL) { SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); return 0; } if (!ssl_security(s, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, dh)) { EVP_PKEY_security_bits(pkdh), 0, pkdh)) { SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL); return (ret); } if ((dh = DHparams_dup(dh)) == NULL) { SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); return (ret); EVP_PKEY_free(pkdh); return ret; } DH_free(s->cert->dh_tmp); s->cert->dh_tmp = dh; EVP_PKEY_free(s->cert->dh_tmp); s->cert->dh_tmp = pkdh; ret = 1; } break; Loading Loading @@ -3851,27 +3854,25 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) #ifndef OPENSSL_NO_DH case SSL_CTRL_SET_TMP_DH: { DH *new = NULL, *dh; CERT *cert; cert = ctx->cert; dh = (DH *)parg; if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, dh)) { SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); DH *dh = (DH *)parg; EVP_PKEY *pkdh = NULL; if (dh == NULL) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); return 0; } if ((new = DHparams_dup(dh)) == NULL) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); pkdh = ssl_dh_to_pkey(dh); if (pkdh == NULL) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); return 0; } if (!DH_generate_key(new)) { SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); DH_free(new); return 0; if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(pkdh), 0, pkdh)) { SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); EVP_PKEY_free(pkdh); return 1; } DH_free(cert->dh_tmp); cert->dh_tmp = new; EVP_PKEY_free(ctx->cert->dh_tmp); ctx->cert->dh_tmp = pkdh; return 1; } /* Loading
ssl/ssl_cert.c +3 −22 Original line number Diff line number Diff line Loading @@ -197,27 +197,8 @@ CERT *ssl_cert_dup(CERT *cert) #ifndef OPENSSL_NO_DH if (cert->dh_tmp != NULL) { ret->dh_tmp = DHparams_dup(cert->dh_tmp); if (ret->dh_tmp == NULL) { SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB); goto err; } if (cert->dh_tmp->priv_key) { BIGNUM *b = BN_dup(cert->dh_tmp->priv_key); if (!b) { SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB); goto err; } ret->dh_tmp->priv_key = b; } if (cert->dh_tmp->pub_key) { BIGNUM *b = BN_dup(cert->dh_tmp->pub_key); if (!b) { SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB); goto err; } ret->dh_tmp->pub_key = b; } ret->dh_tmp = cert->dh_tmp; EVP_PKEY_up_ref(ret->dh_tmp); } ret->dh_tmp_cb = cert->dh_tmp_cb; ret->dh_tmp_auto = cert->dh_tmp_auto; Loading Loading @@ -370,7 +351,7 @@ void ssl_cert_free(CERT *c) #endif #ifndef OPENSSL_NO_DH DH_free(c->dh_tmp); EVP_PKEY_free(c->dh_tmp); #endif ssl_cert_clear_certs(c); Loading
ssl/ssl_locl.h +1 −1 Original line number Diff line number Diff line Loading @@ -1489,7 +1489,7 @@ typedef struct cert_st { */ CERT_PKEY *key; # ifndef OPENSSL_NO_DH DH *dh_tmp; EVP_PKEY *dh_tmp; DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize); int dh_tmp_auto; # endif Loading
ssl/statem/statem_srvr.c +55 −40 Original line number Diff line number Diff line Loading @@ -1714,7 +1714,7 @@ int tls_construct_server_done(SSL *s) int tls_construct_server_key_exchange(SSL *s) { #ifndef OPENSSL_NO_DH DH *dh = NULL, *dhp; EVP_PKEY *pkdh = NULL; #endif #ifndef OPENSSL_NO_EC unsigned char *encodedPoint = NULL; Loading Loading @@ -1761,49 +1761,66 @@ int tls_construct_server_key_exchange(SSL *s) if (type & (SSL_kDHE | SSL_kDHEPSK)) { CERT *cert = s->cert; EVP_PKEY *pkdhp = NULL; DH *dh; if (s->cert->dh_tmp_auto) { dhp = ssl_get_auto_dh(s); if (dhp == NULL) { DH *dhp = ssl_get_auto_dh(s); pkdh = EVP_PKEY_new(); if (pkdh == NULL || dhp == NULL) { DH_free(dhp); al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto f_err; } } else dhp = cert->dh_tmp; if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) dhp = s->cert->dh_tmp_cb(s, 0, 1024); if (dhp == NULL) { EVP_PKEY_assign_DH(pkdh, dhp); pkdhp = pkdh; } else { pkdhp = cert->dh_tmp; } if ((pkdhp == NULL) && (s->cert->dh_tmp_cb != NULL)) { DH *dhp = s->cert->dh_tmp_cb(s, 0, 1024); pkdh = ssl_dh_to_pkey(dhp); if (pkdh == NULL) { al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto f_err; } pkdhp = pkdh; } if (pkdhp == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY); goto f_err; } if (!ssl_security(s, SSL_SECOP_TMP_DH, DH_security_bits(dhp), 0, dhp)) { EVP_PKEY_security_bits(pkdhp), 0, pkdhp)) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, SSL_R_DH_KEY_TOO_SMALL); goto f_err; } if (s->s3->tmp.dh != NULL) { if (s->s3->tmp.pkey != NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; } if (s->cert->dh_tmp_auto) dh = dhp; else if ((dh = DHparams_dup(dhp)) == NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); goto err; } s->s3->tmp.pkey = ssl_generate_pkey(pkdhp, NID_undef); s->s3->tmp.dh = dh; if (!DH_generate_key(dh)) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); if (s->s3->tmp.pkey == NULL) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_EVP_LIB); goto err; } dh = EVP_PKEY_get0_DH(s->s3->tmp.pkey); EVP_PKEY_free(pkdh); pkdh = NULL; r[0] = dh->p; r[1] = dh->g; r[2] = dh->pub_key; Loading Loading @@ -2018,6 +2035,9 @@ int tls_construct_server_key_exchange(SSL *s) f_err: ssl3_send_alert(s, SSL3_AL_FATAL, al); err: #ifndef OPENSSL_NO_DH EVP_PKEY_free(pkdh); #endif #ifndef OPENSSL_NO_EC OPENSSL_free(encodedPoint); #endif Loading Loading @@ -2107,10 +2127,6 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) RSA *rsa = NULL; EVP_PKEY *pkey = NULL; #endif #ifndef OPENSSL_NO_DH BIGNUM *pub = NULL; DH *dh_srvr; #endif #ifndef OPENSSL_NO_EC EVP_PKEY *ckey = NULL; #endif Loading Loading @@ -2334,7 +2350,8 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) #endif #ifndef OPENSSL_NO_DH if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) { unsigned char shared[(OPENSSL_DH_MAX_MODULUS_BITS + 7) / 8]; EVP_PKEY *skey = NULL; DH *cdh; if (!PACKET_get_net_2(pkt, &i)) { if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) { Loading @@ -2350,13 +2367,13 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); goto err; } if (s->s3->tmp.dh == NULL) { skey = s->s3->tmp.pkey; if (skey == NULL) { al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY); goto f_err; } else dh_srvr = s->s3->tmp.dh; } if (PACKET_remaining(pkt) == 0L) { al = SSL_AD_HANDSHAKE_FAILURE; Loading @@ -2371,29 +2388,27 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) ERR_R_INTERNAL_ERROR); goto f_err; } pub = BN_bin2bn(data, i, NULL); if (pub == NULL) { ckey = EVP_PKEY_new(); if (ckey == NULL || EVP_PKEY_copy_parameters(ckey, skey) == 0) { SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, SSL_R_BN_LIB); goto err; } i = DH_compute_key(shared, pub, dh_srvr); if (i <= 0) { SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB); BN_clear_free(pub); cdh = EVP_PKEY_get0_DH(ckey); cdh->pub_key = BN_bin2bn(data, i, NULL); if (cdh->pub_key == NULL) { SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, SSL_R_BN_LIB); goto err; } DH_free(s->s3->tmp.dh); s->s3->tmp.dh = NULL; BN_clear_free(pub); pub = NULL; if (!ssl_generate_master_secret(s, shared, i, 0)) { if (ssl_derive(s, skey, ckey) == 0) { al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto f_err; } EVP_PKEY_free(ckey); ckey = NULL; } else #endif Loading
Matt Caswell <matt@openssl.org>Matt Caswell <matt@openssl.org>