Change curves to groups where relevant
authorDr. Stephen Henson <steve@openssl.org>
Tue, 26 Sep 2017 14:41:34 +0000 (15:41 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 6 Oct 2017 12:23:45 +0000 (13:23 +0100)
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4475)

ssl/statem/extensions.c
ssl/statem/extensions_clnt.c
ssl/statem/extensions_srvr.c
ssl/t1_lib.c

index 69214c5..f6a200f 100644 (file)
@@ -1167,25 +1167,25 @@ static int final_key_share(SSL *s, unsigned int context, int sent, int *al)
                 && (!s->hit
                     || (s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE_DHE)
                        != 0)) {
-            const uint16_t *pcurves, *clntcurves;
-            size_t num_curves, clnt_num_curves, i;
+            const uint16_t *pgroups, *clntgroups;
+            size_t num_groups, clnt_num_groups, i;
             unsigned int group_id = 0;
 
             /* Check if a shared group exists */
 
             /* Get the clients list of supported groups. */
-            tls1_get_peer_groups(s, &clntcurves, &clnt_num_curves);
-            tls1_get_supported_groups(s, &pcurves, &num_curves);
+            tls1_get_peer_groups(s, &clntgroups, &clnt_num_groups);
+            tls1_get_supported_groups(s, &pgroups, &num_groups);
 
             /* Find the first group we allow that is also in client's list */
-            for (i = 0; i < num_curves; i++) {
-                group_id = pcurves[i];
+            for (i = 0; i < num_groups; i++) {
+                group_id = pgroups[i];
 
-                if (check_in_list(s, group_id, clntcurves, clnt_num_curves, 1))
+                if (check_in_list(s, group_id, clntgroups, clnt_num_groups, 1))
                     break;
             }
 
-            if (i < num_curves) {
+            if (i < num_groups) {
                 /* A shared group exists so send a HelloRetryRequest */
                 s->s3->group_id = group_id;
                 s->hello_retry_request = 1;
index e392ac4..c1f98b4 100644 (file)
@@ -139,8 +139,8 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
                                                unsigned int context, X509 *x,
                                                size_t chainidx, int *al)
 {
-    const uint16_t *pcurves = NULL;
-    size_t num_curves = 0, i;
+    const uint16_t *pgroups = NULL;
+    size_t num_groups = 0, i;
 
     if (!use_ecc(s))
         return EXT_RETURN_NOT_SENT;
@@ -149,7 +149,7 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
      * Add TLS extension supported_groups to the ClientHello message
      */
     /* TODO(TLS1.3): Add support for DHE groups */
-    tls1_get_supported_groups(s, &pcurves, &num_curves);
+    tls1_get_supported_groups(s, &pgroups, &num_groups);
 
     if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_supported_groups)
                /* Sub-packet for supported_groups extension */
@@ -160,8 +160,8 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
         return EXT_RETURN_FAIL;
     }
     /* Copy curve ID if supported */
-    for (i = 0; i < num_curves; i++) {
-        uint16_t ctmp = pcurves[i];
+    for (i = 0; i < num_groups; i++) {
+        uint16_t ctmp = pgroups[i];
 
         if (tls_curve_allowed(s, ctmp, SSL_SECOP_CURVE_SUPPORTED)) {
             if (!WPACKET_put_bytes_u16(pkt, ctmp)) {
@@ -590,8 +590,8 @@ EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt,
                                         size_t chainidx, int *al)
 {
 #ifndef OPENSSL_NO_TLS1_3
-    size_t i, num_curves = 0;
-    const uint16_t *pcurves = NULL;
+    size_t i, num_groups = 0;
+    const uint16_t *pgroups = NULL;
     uint16_t curve_id = 0;
 
     /* key_share extension */
@@ -604,7 +604,7 @@ EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt,
         return EXT_RETURN_FAIL;
     }
 
-    tls1_get_supported_groups(s, &pcurves, &num_curves);
+    tls1_get_supported_groups(s, &pgroups, &num_groups);
 
     /*
      * TODO(TLS1.3): Make the number of key_shares sent configurable. For
@@ -613,12 +613,12 @@ EXT_RETURN tls_construct_ctos_key_share(SSL *s, WPACKET *pkt,
     if (s->s3->group_id != 0) {
         curve_id = s->s3->group_id;
     } else {
-        for (i = 0; i < num_curves; i++) {
+        for (i = 0; i < num_groups; i++) {
 
-            if (!tls_curve_allowed(s, pcurves[i], SSL_SECOP_CURVE_SUPPORTED))
+            if (!tls_curve_allowed(s, pgroups[i], SSL_SECOP_CURVE_SUPPORTED))
                 continue;
 
-            curve_id = pcurves[i];
+            curve_id = pgroups[i];
             break;
         }
     }
@@ -1514,8 +1514,8 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
     }
 
     if ((context & SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST) != 0) {
-        const uint16_t *pcurves = NULL;
-        size_t i, num_curves;
+        const uint16_t *pgroups = NULL;
+        size_t i, num_groups;
 
         if (PACKET_remaining(pkt) != 0) {
             *al = SSL_AD_DECODE_ERROR;
@@ -1534,12 +1534,12 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         }
 
         /* Validate the selected group is one we support */
-        tls1_get_supported_groups(s, &pcurves, &num_curves);
-        for (i = 0; i < num_curves; i++) {
-            if (group_id == pcurves[i])
+        tls1_get_supported_groups(s, &pgroups, &num_groups);
+        for (i = 0; i < num_groups; i++) {
+            if (group_id == pgroups[i])
                 break;
         }
-        if (i >= num_curves
+        if (i >= num_groups
                 || !tls_curve_allowed(s, group_id, SSL_SECOP_CURVE_SUPPORTED)) {
             *al = SSL_AD_ILLEGAL_PARAMETER;
             SSLerr(SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_BAD_KEY_SHARE);
index 8183ea5..8bf3a76 100644 (file)
@@ -499,8 +499,8 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
 #ifndef OPENSSL_NO_TLS1_3
     unsigned int group_id;
     PACKET key_share_list, encoded_pt;
-    const uint16_t *clntcurves, *srvrcurves;
-    size_t clnt_num_curves, srvr_num_curves;
+    const uint16_t *clntgroups, *srvrgroups;
+    size_t clnt_num_groups, srvr_num_groups;
     int found = 0;
 
     if (s->hit && (s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE_DHE) == 0)
@@ -519,11 +519,11 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         return 0;
     }
 
-    /* Get our list of supported curves */
-    tls1_get_supported_groups(s, &srvrcurves, &srvr_num_curves);
-    /* Get the clients list of supported curves. */
-    tls1_get_peer_groups(s, &clntcurves, &clnt_num_curves);
-    if (clnt_num_curves == 0) {
+    /* Get our list of supported groups */
+    tls1_get_supported_groups(s, &srvrgroups, &srvr_num_groups);
+    /* Get the clients list of supported groups. */
+    tls1_get_peer_groups(s, &clntgroups, &clnt_num_groups);
+    if (clnt_num_groups == 0) {
         /*
          * This can only happen if the supported_groups extension was not sent,
          * because we verify that the length is non-zero when we process that
@@ -553,14 +553,14 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
             continue;
 
         /* Check if this share is in supported_groups sent from client */
-        if (!check_in_list(s, group_id, clntcurves, clnt_num_curves, 0)) {
+        if (!check_in_list(s, group_id, clntgroups, clnt_num_groups, 0)) {
             *al = SSL_AD_ILLEGAL_PARAMETER;
             SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_KEY_SHARE);
             return 0;
         }
 
         /* Check if this share is for a group we can use */
-        if (!check_in_list(s, group_id, srvrcurves, srvr_num_curves, 1)) {
+        if (!check_in_list(s, group_id, srvrgroups, srvr_num_groups, 1)) {
             /* Share not suitable */
             continue;
         }
index e002013..9582e21 100644 (file)
@@ -186,12 +186,12 @@ static const uint16_t suiteb_curves[] = {
     TLSEXT_curve_P_384
 };
 
-const TLS_GROUP_INFO *tls1_group_id_lookup(uint16_t curve_id)
+const TLS_GROUP_INFO *tls1_group_id_lookup(uint16_t group_id)
 {
     /* ECC curves from RFC 4492 and RFC 7027 */
-    if (curve_id < 1 || curve_id > OSSL_NELEM(nid_list))
+    if (group_id < 1 || group_id > OSSL_NELEM(nid_list))
         return NULL;
-    return &nid_list[curve_id - 1];
+    return &nid_list[group_id - 1];
 }
 
 static uint16_t tls1_nid2group_id(int nid)