From 65dc5c3cc10af7c6f24ecd922adb7b6d17a9fe65 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 13 Jun 2019 19:34:37 +0100 Subject: [PATCH] Fix no-ec with no-dh Make sure that the combination of no-ec with no-dh builds successfully. If neither ec or dh are available then TLSv1.3 is not possible. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9156) --- Configure | 3 ++- ssl/s3_lib.c | 6 +++++ ssl/statem/extensions.c | 3 ++- ssl/t1_lib.c | 52 +++++++++++++++++++++++++++++------------ test/tls13ccstest.c | 2 ++ 5 files changed, 49 insertions(+), 17 deletions(-) diff --git a/Configure b/Configure index 90e97a1bb7..c3f4f99ba6 100755 --- a/Configure +++ b/Configure @@ -483,7 +483,8 @@ my @disable_cascades = ( "zlib" => [ "zlib-dynamic" ], "des" => [ "mdc2" ], "ec" => [ "ecdsa", "ecdh", "sm2" ], - + sub { $disabled{"ec"} && $disabled{"dh"} } + => [ "tls1_3" ], "dgram" => [ "dtls", "sctp" ], "sock" => [ "dgram" ], "dtls" => [ @dtls ], diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 2e041d5887..6c3f04db42 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3578,6 +3578,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) } return ssl_cert_set_current(s->cert, larg); +#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) case SSL_CTRL_GET_GROUPS: { uint16_t *clist; @@ -3622,6 +3623,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) } return id; } +#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(s->cert, parg, larg, 0); @@ -3898,6 +3900,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) break; #endif +#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) case SSL_CTRL_SET_GROUPS: return tls1_set_groups(&ctx->ext.supportedgroups, &ctx->ext.supportedgroups_len, @@ -3907,6 +3910,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) return tls1_set_groups_list(&ctx->ext.supportedgroups, &ctx->ext.supportedgroups_len, parg); +#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ case SSL_CTRL_SET_SIGALGS: return tls1_set_sigalgs(ctx->cert, parg, larg, 0); @@ -4678,6 +4682,7 @@ EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm) } /* Generate a private key from a group ID */ +#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id) { const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id); @@ -4764,6 +4769,7 @@ EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id) EVP_PKEY_CTX_free(pctx); return pkey; } +#endif /* * Generate parameters from a group ID diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 9023e47599..eacc7215b5 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -1267,6 +1267,7 @@ static int final_sig_algs(SSL *s, unsigned int context, int sent) static int final_key_share(SSL *s, unsigned int context, int sent) { +#if !defined(OPENSSL_NO_TLS1_3) if (!SSL_IS_TLS13(s)) return 1; @@ -1424,7 +1425,7 @@ static int final_key_share(SSL *s, unsigned int context, int sent) return 0; } } - +#endif /* !defined(OPENSSL_NO_TLS1_3) */ return 1; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 373f1c58d6..dcae274879 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -131,8 +131,9 @@ int tls1_clear(SSL *s) /* * Table of group information. */ +#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) static const TLS_GROUP_INFO nid_list[] = { -#ifndef OPENSSL_NO_EC +# ifndef OPENSSL_NO_EC {NID_sect163k1, 80, TLS_GROUP_CURVE_CHAR2, 0x0001}, /* sect163k1 (1) */ {NID_sect163r1, 80, TLS_GROUP_CURVE_CHAR2, 0x0002}, /* sect163r1 (2) */ {NID_sect163r2, 80, TLS_GROUP_CURVE_CHAR2, 0x0003}, /* sect163r2 (3) */ @@ -163,16 +164,17 @@ static const TLS_GROUP_INFO nid_list[] = { {NID_brainpoolP512r1, 256, TLS_GROUP_CURVE_PRIME, 0x001C}, /* brainpool512r1 (28) */ {EVP_PKEY_X25519, 128, TLS_GROUP_CURVE_CUSTOM, 0x001D}, /* X25519 (29) */ {EVP_PKEY_X448, 224, TLS_GROUP_CURVE_CUSTOM, 0x001E}, /* X448 (30) */ -#endif /* OPENSSL_NO_EC */ -#ifndef OPENSSL_NO_DH +# endif /* OPENSSL_NO_EC */ +# ifndef OPENSSL_NO_DH /* Security bit values for FFDHE groups are updated as per RFC 7919 */ {NID_ffdhe2048, 103, TLS_GROUP_FFDHE_FOR_TLS1_3, 0x0100}, /* ffdhe2048 (0x0100) */ {NID_ffdhe3072, 125, TLS_GROUP_FFDHE_FOR_TLS1_3, 0x0101}, /* ffdhe3072 (0x0101) */ {NID_ffdhe4096, 150, TLS_GROUP_FFDHE_FOR_TLS1_3, 0x0102}, /* ffdhe4096 (0x0102) */ {NID_ffdhe6144, 175, TLS_GROUP_FFDHE_FOR_TLS1_3, 0x0103}, /* ffdhe6144 (0x0103) */ {NID_ffdhe8192, 192, TLS_GROUP_FFDHE_FOR_TLS1_3, 0x0104}, /* ffdhe8192 (0x0104) */ -#endif /* OPENSSL_NO_DH */ +# endif /* OPENSSL_NO_DH */ }; +#endif #ifndef OPENSSL_NO_EC static const unsigned char ecformats_default[] = { @@ -180,25 +182,27 @@ static const unsigned char ecformats_default[] = { TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime, TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 }; -#endif +#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ /* The default curves */ +#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) static const uint16_t supported_groups_default[] = { -#ifndef OPENSSL_NO_EC +# ifndef OPENSSL_NO_EC 29, /* X25519 (29) */ 23, /* secp256r1 (23) */ 30, /* X448 (30) */ 25, /* secp521r1 (25) */ 24, /* secp384r1 (24) */ -#endif -#ifndef OPENSSL_NO_DH +# endif +# ifndef OPENSSL_NO_DH 0x100, /* ffdhe2048 (0x100) */ 0x101, /* ffdhe3072 (0x101) */ 0x102, /* ffdhe4096 (0x102) */ 0x103, /* ffdhe6144 (0x103) */ 0x104, /* ffdhe8192 (0x104) */ -#endif +# endif }; +#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ #ifndef OPENSSL_NO_EC static const uint16_t suiteb_curves[] = { @@ -209,6 +213,7 @@ static const uint16_t suiteb_curves[] = { const TLS_GROUP_INFO *tls1_group_id_lookup(uint16_t group_id) { +#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) size_t i; /* ECC curves from RFC 4492 and RFC 7027 FFDHE group from RFC 8446 */ @@ -216,9 +221,11 @@ const TLS_GROUP_INFO *tls1_group_id_lookup(uint16_t group_id) if (nid_list[i].group_id == group_id) return &nid_list[i]; } +#endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */ return NULL; } +#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) static uint16_t tls1_nid2group_id(int nid) { size_t i; @@ -229,6 +236,7 @@ static uint16_t tls1_nid2group_id(int nid) } return 0; } +#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ /* * Set *pgroups to the supported groups list and *pgroupslen to @@ -237,10 +245,10 @@ static uint16_t tls1_nid2group_id(int nid) void tls1_get_supported_groups(SSL *s, const uint16_t **pgroups, size_t *pgroupslen) { - +#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) /* For Suite B mode only include P-256, P-384 */ switch (tls1_suiteb(s)) { -#ifndef OPENSSL_NO_EC +# ifndef OPENSSL_NO_EC case SSL_CERT_FLAG_SUITEB_128_LOS: *pgroups = suiteb_curves; *pgroupslen = OSSL_NELEM(suiteb_curves); @@ -255,7 +263,7 @@ void tls1_get_supported_groups(SSL *s, const uint16_t **pgroups, *pgroups = suiteb_curves + 1; *pgroupslen = 1; break; -#endif +# endif default: if (s->ext.supportedgroups == NULL) { @@ -267,6 +275,10 @@ void tls1_get_supported_groups(SSL *s, const uint16_t **pgroups, } break; } +#else + *pgroups = NULL; + *pgroupslen = 0; +#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ } int tls_valid_group(SSL *s, uint16_t group_id, int version) @@ -376,6 +388,7 @@ uint16_t tls1_shared_group(SSL *s, int nmatch) int tls1_set_groups(uint16_t **pext, size_t *pextlen, int *groups, size_t ngroups) { +#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) uint16_t *glist; size_t i; /* @@ -414,9 +427,13 @@ int tls1_set_groups(uint16_t **pext, size_t *pextlen, err: OPENSSL_free(glist); return 0; +#else + return 0; +#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ } -#define MAX_GROUPLIST OSSL_NELEM(nid_list) +#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) +# define MAX_GROUPLIST OSSL_NELEM(nid_list) typedef struct { size_t nidcnt; @@ -437,9 +454,9 @@ static int nid_cb(const char *elem, int len, void *arg) return 0; memcpy(etmp, elem, len); etmp[len] = 0; -#ifndef OPENSSL_NO_EC +# ifndef OPENSSL_NO_EC nid = EC_curve_nist2nid(etmp); -#endif +# endif if (nid == NID_undef) nid = OBJ_sn2nid(etmp); if (nid == NID_undef) @@ -452,10 +469,12 @@ static int nid_cb(const char *elem, int len, void *arg) narg->nid_arr[narg->nidcnt++] = nid; return 1; } +#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */ /* Set groups based on a colon separate list */ int tls1_set_groups_list(uint16_t **pext, size_t *pextlen, const char *str) { +#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) nid_cb_st ncb; ncb.nidcnt = 0; if (!CONF_parse_list(str, ':', 1, nid_cb, &ncb)) @@ -463,6 +482,9 @@ int tls1_set_groups_list(uint16_t **pext, size_t *pextlen, const char *str) if (pext == NULL) return 1; return tls1_set_groups(pext, pextlen, ncb.nid_arr, ncb.nidcnt); +#else + return 0; +#endif } /* Check a group id matches preferences */ diff --git a/test/tls13ccstest.c b/test/tls13ccstest.c index d0bc43a8fa..1d0a268615 100644 --- a/test/tls13ccstest.c +++ b/test/tls13ccstest.c @@ -316,8 +316,10 @@ static int test_tls13ccs(int tst) if ((tst >= 3 && tst <= 5) || tst >= 9) { /* HRR handshake */ #if defined(OPENSSL_NO_EC) +# if !defined(OPENSSL_NO_DH) if (!TEST_true(SSL_CTX_set1_groups_list(sctx, "ffdhe3072"))) goto err; +# endif #else if (!TEST_true(SSL_CTX_set1_groups_list(sctx, "P-256"))) goto err; -- 2.39.2