Backport support for fixed DH ciphersuites (from HEAD)

author Dr. Stephen Henson <steve@openssl.org>

Fri, 6 Apr 2012 11:33:12 +0000 (11:33 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Fri, 6 Apr 2012 11:33:12 +0000 (11:33 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Fri, 6 Apr 2012 11:33:12 +0000 (11:33 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Fri, 6 Apr 2012 11:33:12 +0000 (11:33 +0000)
diff --git a/CHANGES b/CHANGES

index 00b07c7ae90737ecd89019308f1cad35357244b2..1383cfdeaddaaa4540f0d7d64062b94bc3911ec1 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,9 @@
  
   Changes between 1.0.1 and 1.0.2 [xx XXX xxxx]
  
  
   Changes between 1.0.1 and 1.0.2 [xx XXX xxxx]
  
-  *)
+  *) Support for fixed DH ciphersuites: those requiring DH server
+     certificates.
+     [Steve Henson]
  
   Changes between 1.0.1 and 1.0.1a [xx XXX xxxx]
  
  
   Changes between 1.0.1 and 1.0.1a [xx XXX xxxx]
  
diff --git a/ssl/s3_both.c b/ssl/s3_both.c

index b63460a56ddd3edd56d55d5d1237baf27768e4a9..4ed66da7e53a82503c1f9892760ceb21fd19b5ea 100644 (file)
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -590,6 +590,18 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
                 {
                 ret = SSL_PKEY_GOST01;
                 }
                 {
                 ret = SSL_PKEY_GOST01;
                 }
+       else if (x && i == EVP_PKEY_DH)
+               {
+               /* For DH two cases: DH certificate signed with RSA and
+                * DH certificate signed with DSA.
+                */
+               i = X509_certificate_type(x, pk);
+               if (i & EVP_PKS_RSA)
+                       ret = SSL_PKEY_DH_RSA;
+               else if (i & EVP_PKS_DSA)
+                       ret = SSL_PKEY_DH_DSA;
+               }
+               
  err:
         if(!pkey) EVP_PKEY_free(pk);
         return(ret);
  err:
         if(!pkey) EVP_PKEY_free(pk);
         return(ret);
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c

index 4511a914a43201921e55f4ef13ef4c35f6fd63f3..36be0eb64ae987960414c6cddd5363069972faa3 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2430,24 +2430,39 @@ int ssl3_send_client_key_exchange(SSL *s)
                 else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
                         {
                         DH *dh_srvr,*dh_clnt;
                 else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
                         {
                         DH *dh_srvr,*dh_clnt;
+                       SESS_CERT *scert = s->session->sess_cert;
  
  
-                       if (s->session->sess_cert == NULL) 
+                       if (scert == NULL) 
                                 {
                                 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
                                 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
                                 goto err;
                                 }
  
                                 {
                                 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
                                 SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
                                 goto err;
                                 }
  
-                       if (s->session->sess_cert->peer_dh_tmp != NULL)
-                               dh_srvr=s->session->sess_cert->peer_dh_tmp;
+                       if (scert->peer_dh_tmp != NULL)
+                               dh_srvr=scert->peer_dh_tmp;
                         else
                                 {
                                 /* we get them from the cert */
                         else
                                 {
                                 /* we get them from the cert */
-                               ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
-                               SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
-                               goto err;
+                               int idx = scert->peer_cert_type;
+                               EVP_PKEY *spkey = NULL;
+                               dh_srvr = NULL;
+                               if (idx >= 0)
+                                       spkey = X509_get_pubkey(
+                                               scert->peer_pkeys[idx].x509);
+                               if (spkey)
+                                       {
+                                       dh_srvr = EVP_PKEY_get1_DH(spkey);
+                                       EVP_PKEY_free(spkey);
+                                       }
+                               if (dh_srvr == NULL)
+                                       {
+                                       SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                                           ERR_R_INTERNAL_ERROR);
+                                       goto err;
+                                       }
                                 }
                                 }
-                       
+
                         /* generate a new random key */
                         if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
                                 {
                         /* generate a new random key */
                         if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
                                 {
@@ -2465,6 +2480,8 @@ int ssl3_send_client_key_exchange(SSL *s)
                          * make sure to clear it out afterwards */
  
                         n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
                          * make sure to clear it out afterwards */
  
                         n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
+                       if (scert->peer_dh_tmp == NULL)
+                               DH_free(dh_srvr);
  
                         if (n <= 0)
                                 {
  
                         if (n <= 0)
                                 {
@@ -3166,7 +3183,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
         alg_a=s->s3->tmp.new_cipher->algorithm_auth;
  
         /* we don't have a certificate */
         alg_a=s->s3->tmp.new_cipher->algorithm_auth;
  
         /* we don't have a certificate */
-       if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
+       if ((alg_a & (SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
                 return(1);
  
         sc=s->session->sess_cert;
                 return(1);
  
         sc=s->session->sess_cert;
@@ -3228,19 +3245,21 @@ int ssl3_check_cert_and_algorithm(SSL *s)
                 }
  #endif
  #ifndef OPENSSL_NO_DH
                 }
  #endif
  #ifndef OPENSSL_NO_DH
-       if ((alg_k & SSL_kEDH) &&
+       if ((alg_k & SSL_kEDH) && 
                 !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
                 {
                 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
                 goto f_err;
                 }
                 !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
                 {
                 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
                 goto f_err;
                 }
-       else if ((alg_k & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
+       else if ((alg_k & SSL_kDHr) && (TLS1_get_version(s) < TLS1_2_VERSION) &&
+               !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
                 {
                 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
                 goto f_err;
                 }
  #ifndef OPENSSL_NO_DSA
                 {
                 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
                 goto f_err;
                 }
  #ifndef OPENSSL_NO_DSA
-       else if ((alg_k & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
+       else if ((alg_k & SSL_kDHd) && (TLS1_get_version(s) < TLS1_2_VERSION) &&
+               !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
                 {
                 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
                 goto f_err;
                 {
                 SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
                 goto f_err;
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c

index db75479c388c8327122f57457c5f2e73bd46837c..d51a31fff8738073138b43cfdb6ea6fc200a0a1d 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -335,7 +335,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  /* The DH ciphers */
  /* Cipher 0B */
         {
  /* The DH ciphers */
  /* Cipher 0B */
         {
-       0,
+       1,
         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
         SSL_kDHd,
         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
         SSL_kDHd,
@@ -351,7 +351,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
  /* Cipher 0C */
         {
  
  /* Cipher 0C */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
         SSL_kDHd,
         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
         SSL_kDHd,
@@ -367,7 +367,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
  /* Cipher 0D */
         {
  
  /* Cipher 0D */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
         SSL_kDHd,
         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
         SSL_kDHd,
@@ -383,7 +383,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
  /* Cipher 0E */
         {
  
  /* Cipher 0E */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
         SSL_kDHr,
         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
         SSL_kDHr,
@@ -399,7 +399,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
  /* Cipher 0F */
         {
  
  /* Cipher 0F */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
         SSL_kDHr,
         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
         SSL_kDHr,
@@ -415,7 +415,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
  /* Cipher 10 */
         {
  
  /* Cipher 10 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
         SSL_kDHr,
         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
         SSL_kDHr,
@@ -902,7 +902,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         },
  /* Cipher 30 */
         {
         },
  /* Cipher 30 */
         {
-       0,
+       1,
         TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
         TLS1_CK_DH_DSS_WITH_AES_128_SHA,
         SSL_kDHd,
         TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
         TLS1_CK_DH_DSS_WITH_AES_128_SHA,
         SSL_kDHd,
@@ -917,7 +917,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         },
  /* Cipher 31 */
         {
         },
  /* Cipher 31 */
         {
-       0,
+       1,
         TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
         TLS1_CK_DH_RSA_WITH_AES_128_SHA,
         SSL_kDHr,
         TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
         TLS1_CK_DH_RSA_WITH_AES_128_SHA,
         SSL_kDHr,
@@ -993,7 +993,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         },
  /* Cipher 36 */
         {
         },
  /* Cipher 36 */
         {
-       0,
+       1,
         TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
         TLS1_CK_DH_DSS_WITH_AES_256_SHA,
         SSL_kDHd,
         TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
         TLS1_CK_DH_DSS_WITH_AES_256_SHA,
         SSL_kDHd,
@@ -1009,7 +1009,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
  /* Cipher 37 */
         {
  
  /* Cipher 37 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
         TLS1_CK_DH_RSA_WITH_AES_256_SHA,
         SSL_kDHr,
         TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
         TLS1_CK_DH_RSA_WITH_AES_256_SHA,
         SSL_kDHr,
@@ -1122,7 +1122,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher 3E */
         {
  
         /* Cipher 3E */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
         TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
         SSL_kDHr,
         TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
         TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
         SSL_kDHr,
@@ -1138,7 +1138,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher 3F */
         {
  
         /* Cipher 3F */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
         TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
         SSL_kDHr,
         TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
         TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
         SSL_kDHr,
@@ -1189,7 +1189,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher 42 */
         {
  
         /* Cipher 42 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
         TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
         SSL_kDHd,
         TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
         TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
         SSL_kDHd,
@@ -1205,7 +1205,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher 43 */
         {
  
         /* Cipher 43 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
         TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
         SSL_kDHr,
         TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
         TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
         SSL_kDHr,
@@ -1404,7 +1404,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher 68 */
         {
  
         /* Cipher 68 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
         TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
         SSL_kDHr,
         TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
         TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
         SSL_kDHr,
@@ -1420,7 +1420,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher 69 */
         {
  
         /* Cipher 69 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
         TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
         SSL_kDHr,
         TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
         TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
         SSL_kDHr,
@@ -1577,7 +1577,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         },
         /* Cipher 85 */
         {
         },
         /* Cipher 85 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
         TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
         SSL_kDHd,
         TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
         TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
         SSL_kDHd,
@@ -1593,7 +1593,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher 86 */
         {
  
         /* Cipher 86 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
         TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
         SSL_kDHr,
         TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
         TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
         SSL_kDHr,
@@ -1743,7 +1743,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher 97 */
         {
  
         /* Cipher 97 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_DSS_WITH_SEED_SHA,
         TLS1_CK_DH_DSS_WITH_SEED_SHA,
         SSL_kDHd,
         TLS1_TXT_DH_DSS_WITH_SEED_SHA,
         TLS1_CK_DH_DSS_WITH_SEED_SHA,
         SSL_kDHd,
@@ -1759,7 +1759,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher 98 */
         {
  
         /* Cipher 98 */
         {
-       0, /* not implemented (non-ephemeral DH) */
+       1,
         TLS1_TXT_DH_RSA_WITH_SEED_SHA,
         TLS1_CK_DH_RSA_WITH_SEED_SHA,
         SSL_kDHr,
         TLS1_TXT_DH_RSA_WITH_SEED_SHA,
         TLS1_CK_DH_RSA_WITH_SEED_SHA,
         SSL_kDHr,
@@ -1891,7 +1891,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher A0 */
         {
  
         /* Cipher A0 */
         {
-       0,
+       1,
         TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
         TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
         SSL_kDHr,
         TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
         TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
         SSL_kDHr,
@@ -1907,7 +1907,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher A1 */
         {
  
         /* Cipher A1 */
         {
-       0,
+       1,
         TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
         TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
         SSL_kDHr,
         TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
         TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
         SSL_kDHr,
@@ -1955,7 +1955,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher A4 */
         {
  
         /* Cipher A4 */
         {
-       0,
+       1,
         TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
         TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
         SSL_kDHr,
         TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
         TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
         SSL_kDHr,
@@ -1971,7 +1971,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
  
         /* Cipher A5 */
         {
  
         /* Cipher A5 */
         {
-       0,
+       1,
         TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
         TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
         SSL_kDHr,
         TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
         TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
         SSL_kDHr,
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c

index 5944d8c484824a9147f6c6f7ede2d872f966e3dd..bcde8f245a26d4f4b1571a34c721862c7064f2c2 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -476,7 +476,7 @@ int ssl3_accept(SSL *s)
                             /* SRP: send ServerKeyExchange */
                             || (alg_k & SSL_kSRP)
  #endif
                             /* SRP: send ServerKeyExchange */
                             || (alg_k & SSL_kSRP)
  #endif
-                           || (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kEDH))
+                           || (alg_k & SSL_kEDH)
                             || (alg_k & SSL_kEECDH)
                             || ((alg_k & SSL_kRSA)
                                 && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
                             || (alg_k & SSL_kEECDH)
                             || ((alg_k & SSL_kRSA)
                                 && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
@@ -2278,7 +2278,25 @@ int ssl3_get_client_key_exchange(SSL *s)
                         }
                 else
                         {
                         }
                 else
                         {
-                       if (s->s3->tmp.dh == NULL)
+                       int idx = -1;
+                       if (alg_k & SSL_kDHr)
+                               idx = SSL_PKEY_DH_RSA;
+                       else if (alg_k & SSL_kDHd)
+                               idx = SSL_PKEY_DH_DSA;
+                       if (idx >= 0)
+                               {
+                               EVP_PKEY *skey = s->cert->pkeys[idx].privatekey;
+                               if ((skey == NULL) ||
+                                       (skey->type != EVP_PKEY_DH) ||
+                                       (skey->pkey.dh == NULL))
+                                       {
+                                       al=SSL_AD_HANDSHAKE_FAILURE;
+                                       SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
+                                       goto f_err;
+                                       }
+                               dh_srvr = skey->pkey.dh;
+                               }
+                       else if (s->s3->tmp.dh == NULL)
                                 {
                                 al=SSL_AD_HANDSHAKE_FAILURE;
                                 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
                                 {
                                 al=SSL_AD_HANDSHAKE_FAILURE;
                                 SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
diff --git a/ssl/ssl.h b/ssl/ssl.h

index 525602e4c2670c1aa16afc4e0e6bec5f0c43dea3..f0b6a56c2f4a7722e0800623ce8198006bb6ec14 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -241,9 +241,9 @@ extern "C" {
  #define        SSL_TXT_NULL            "NULL"
  
  #define SSL_TXT_kRSA           "kRSA"
  #define        SSL_TXT_NULL            "NULL"
  
  #define SSL_TXT_kRSA           "kRSA"
-#define SSL_TXT_kDHr           "kDHr" /* no such ciphersuites supported! */
-#define SSL_TXT_kDHd           "kDHd" /* no such ciphersuites supported! */
-#define SSL_TXT_kDH            "kDH"  /* no such ciphersuites supported! */
+#define SSL_TXT_kDHr           "kDHr" 
+#define SSL_TXT_kDHd           "kDHd"
+#define SSL_TXT_kDH            "kDH"
  #define SSL_TXT_kEDH           "kEDH"
  #define SSL_TXT_kKRB5          "kKRB5"
  #define SSL_TXT_kECDHr         "kECDHr"
  #define SSL_TXT_kEDH           "kEDH"
  #define SSL_TXT_kKRB5          "kKRB5"
  #define SSL_TXT_kECDHr         "kECDHr"
@@ -256,7 +256,7 @@ extern "C" {
  
  #define        SSL_TXT_aRSA            "aRSA"
  #define        SSL_TXT_aDSS            "aDSS"
  
  #define        SSL_TXT_aRSA            "aRSA"
  #define        SSL_TXT_aDSS            "aDSS"
-#define        SSL_TXT_aDH             "aDH" /* no such ciphersuites supported! */
+#define        SSL_TXT_aDH             "aDH"
  #define        SSL_TXT_aECDH           "aECDH"
  #define SSL_TXT_aKRB5          "aKRB5"
  #define SSL_TXT_aECDSA         "aECDSA"
  #define        SSL_TXT_aECDH           "aECDH"
  #define SSL_TXT_aKRB5          "aKRB5"
  #define SSL_TXT_aECDSA         "aECDSA"
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c

index b96d26faba2eb9c4e48b7ddcc60008a0bef15ab9..a96a5daaf5d2b9c3404b78eea04f9f3bb96b8679 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -238,9 +238,9 @@ static const SSL_CIPHER cipher_aliases[]={
          * e.g. kEDH combines DHE_DSS and DHE_RSA) */
         {0,SSL_TXT_kRSA,0,    SSL_kRSA,  0,0,0,0,0,0,0,0},
  
          * e.g. kEDH combines DHE_DSS and DHE_RSA) */
         {0,SSL_TXT_kRSA,0,    SSL_kRSA,  0,0,0,0,0,0,0,0},
  
-       {0,SSL_TXT_kDHr,0,    SSL_kDHr,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
-       {0,SSL_TXT_kDHd,0,    SSL_kDHd,  0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
-       {0,SSL_TXT_kDH,0,     SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
+       {0,SSL_TXT_kDHr,0,    SSL_kDHr,  0,0,0,0,0,0,0,0},
+       {0,SSL_TXT_kDHd,0,    SSL_kDHd,  0,0,0,0,0,0,0,0},
+       {0,SSL_TXT_kDH,0,     SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0},
         {0,SSL_TXT_kEDH,0,    SSL_kEDH,  0,0,0,0,0,0,0,0},
         {0,SSL_TXT_DH,0,      SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
  
         {0,SSL_TXT_kEDH,0,    SSL_kEDH,  0,0,0,0,0,0,0,0},
         {0,SSL_TXT_DH,0,      SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
  
@@ -702,8 +702,6 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
  #ifdef OPENSSL_NO_DSA
         *auth |= SSL_aDSS;
  #endif
  #ifdef OPENSSL_NO_DSA
         *auth |= SSL_aDSS;
  #endif
-       *mkey |= SSL_kDHr|SSL_kDHd; /* no such ciphersuites supported! */
-       *auth |= SSL_aDH;
  #ifdef OPENSSL_NO_DH
         *mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
         *auth |= SSL_aDH;
  #ifdef OPENSSL_NO_DH
         *mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
         *auth |= SSL_aDH;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c

index f82d071d6e75689f22146bbf0cf3554ae99078dc..ac7c9f6e0f409ccb6f7306552310c07451d5b253 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2108,6 +2108,9 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
         if (dh_dsa) mask_k|=SSL_kDHd;
         if (dh_dsa_export) emask_k|=SSL_kDHd;
  
         if (dh_dsa) mask_k|=SSL_kDHd;
         if (dh_dsa_export) emask_k|=SSL_kDHd;
  
+       if (emask_k & (SSL_kDHr|SSL_kDHd))
+               mask_a |= SSL_aDH;
+
         if (rsa_enc || rsa_sign)
                 {
                 mask_a|=SSL_aRSA;
         if (rsa_enc || rsa_sign)
                 {
                 mask_a|=SSL_aRSA;
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h

index d87fd51cfa824e3ef0ad06a64496affb783aa88e..13ab8d39468b61e7178498261f1e7e207d903dc7 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -280,8 +280,8 @@
  
  /* Bits for algorithm_mkey (key exchange algorithm) */
  #define SSL_kRSA               0x00000001L /* RSA key exchange */
  
  /* Bits for algorithm_mkey (key exchange algorithm) */
  #define SSL_kRSA               0x00000001L /* RSA key exchange */
-#define SSL_kDHr               0x00000002L /* DH cert, RSA CA cert */ /* no such ciphersuites supported! */
-#define SSL_kDHd               0x00000004L /* DH cert, DSA CA cert */ /* no such ciphersuite supported! */
+#define SSL_kDHr               0x00000002L /* DH cert, RSA CA cert */
+#define SSL_kDHd               0x00000004L /* DH cert, DSA CA cert */
  #define SSL_kEDH               0x00000008L /* tmp DH key no DH cert */
  #define SSL_kKRB5              0x00000010L /* Kerberos5 key exchange */
  #define SSL_kECDHr             0x00000020L /* ECDH cert, RSA CA cert */
  #define SSL_kEDH               0x00000008L /* tmp DH key no DH cert */
  #define SSL_kKRB5              0x00000010L /* Kerberos5 key exchange */
  #define SSL_kECDHr             0x00000020L /* ECDH cert, RSA CA cert */
@@ -295,7 +295,7 @@
  #define SSL_aRSA               0x00000001L /* RSA auth */
  #define SSL_aDSS               0x00000002L /* DSS auth */
  #define SSL_aNULL              0x00000004L /* no auth (i.e. use ADH or AECDH) */
  #define SSL_aRSA               0x00000001L /* RSA auth */
  #define SSL_aDSS               0x00000002L /* DSS auth */
  #define SSL_aNULL              0x00000004L /* no auth (i.e. use ADH or AECDH) */
-#define SSL_aDH                0x00000008L /* Fixed DH auth (kDHd or kDHr) */ /* no such ciphersuites supported! */
+#define SSL_aDH                0x00000008L /* Fixed DH auth (kDHd or kDHr) */
  #define SSL_aECDH              0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
  #define SSL_aKRB5               0x00000020L /* KRB5 auth */
  #define SSL_aECDSA              0x00000040L /* ECDSA auth*/
  #define SSL_aECDH              0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
  #define SSL_aKRB5               0x00000020L /* KRB5 auth */
  #define SSL_aECDSA              0x00000040L /* ECDSA auth*/
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c

index c0960b5712b8e596ec4ed057e915da804ec68bde..b7c19051e97cc3781acb20b0a2a68cd1a8b86db5 100644 (file)
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -182,8 +182,23 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
  static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
         {
         int i;
  static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
         {
         int i;
-
-       i=ssl_cert_type(NULL,pkey);
+       /* Special case for DH: check two DH certificate types for a match.
+        * This means for DH certificates we must set the certificate first.
+        */
+       if (pkey->type == EVP_PKEY_DH)
+               {
+               X509 *x;
+               i = -1;
+               x = c->pkeys[SSL_PKEY_DH_RSA].x509;
+               if (x && X509_check_private_key(x, pkey))
+                               i = SSL_PKEY_DH_RSA;
+               x = c->pkeys[SSL_PKEY_DH_DSA].x509;
+               if (i == -1 && x && X509_check_private_key(x, pkey))
+                               i = SSL_PKEY_DH_DSA;
+               ERR_clear_error();
+               }
+       else 
+               i=ssl_cert_type(NULL,pkey);
         if (i < 0)
                 {
                 SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
         if (i < 0)
                 {
                 SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
author	Dr. Stephen Henson <steve@openssl.org>
	Fri, 6 Apr 2012 11:33:12 +0000 (11:33 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 6 Apr 2012 11:33:12 +0000 (11:33 +0000)
CHANGES		patch \| blob \| history
ssl/s3_both.c		patch \| blob \| history
ssl/s3_clnt.c		patch \| blob \| history
ssl/s3_lib.c		patch \| blob \| history
ssl/s3_srvr.c		patch \| blob \| history
ssl/ssl.h		patch \| blob \| history
ssl/ssl_ciph.c		patch \| blob \| history
ssl/ssl_lib.c		patch \| blob \| history
ssl/ssl_locl.h		patch \| blob \| history
ssl/ssl_rsa.c		patch \| blob \| history