return 1;
}
- if (session->internals.have_ffdhe) {
+ if (session->internals.hsk_flags & HSK_HAVE_FFDHE) {
/* if the client has advertized FFDHE then it doesn't matter
* whether we have server DH parameters. They are no good. */
gnutls_assert();
* we must also distinguish between not matching a ciphersuite due to an
* incompatible certificate which we traditionally return GNUTLS_E_INSUFFICIENT_SECURITY.
*/
- if (!no_cert_found && session->internals.have_ffdhe && session->internals.priorities->groups.have_ffdhe)
+ if (!no_cert_found && (session->internals.hsk_flags & HSK_HAVE_FFDHE) &&
+ session->internals.priorities->groups.have_ffdhe)
return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_SECURITY);
else
return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES);
unsigned j;
ssize_t data_size = _data_size;
- session->internals.used_ffdhe = 0;
-
/* just in case we are resuming a session */
gnutls_pk_params_release(&session->key.dh_params);
memcmp(session->internals.priorities->groups.entry[j]->prime->data,
data_p, n_p) == 0) {
- session->internals.used_ffdhe = 1;
+ session->internals.hsk_flags |= HSK_USED_FFDHE;
_gnutls_session_group_set(session, session->internals.priorities->groups.entry[j]);
session->key.dh_params.qbits = *session->internals.priorities->groups.entry[j]->q_bits;
break;
}
}
- if (!session->internals.used_ffdhe) {
+ if (!(session->internals.hsk_flags & HSK_USED_FFDHE)) {
_gnutls_audit_log(session, "FFDHE groups advertised, but server didn't support it; falling back to server's choice\n");
}
}
session->key.dh_params.params_nr = 3; /* include empty q */
session->key.dh_params.algo = GNUTLS_PK_DH;
- if (session->internals.used_ffdhe == 0) {
+ if (!(session->internals.hsk_flags & HSK_USED_FFDHE)) {
bits = _gnutls_dh_get_min_prime_bits(session);
if (bits < 0) {
gnutls_assert();
group = get_group(session);
params.deinit = 0;
- session->internals.used_ffdhe = 0;
/* if we negotiated RFC7919 FFDHE */
if (group && group->pk == GNUTLS_PK_DH) {
goto cleanup;
}
- session->internals.used_ffdhe = 1;
+ session->internals.hsk_flags |= HSK_USED_FFDHE;
q_bits = *session->internals.priorities->groups.entry[i]->q_bits;
goto finished;
}
}
}
- session->internals.have_ffdhe = have_ffdhe;
+ if (have_ffdhe)
+ session->internals.hsk_flags |= HSK_HAVE_FFDHE;
}
return 0;
#define HSK_CRT_REQ_GOT_SIG_ALGO (1<<6)
#define HSK_KEY_UPDATE_ASKED (1<<7) /* flag is not used during handshake */
#define HSK_FALSE_START_USED (1<<8) /* TLS1.2 only */
+#define HSK_HAVE_FFDHE (1<<9) /* whether the peer has advertized at least an FFDHE group */
+#define HSK_USED_FFDHE (1<<10) /* whether ffdhe was actually negotiated and used */
unsigned hsk_flags;
time_t last_key_update;
* receive size */
unsigned max_recv_size;
- /* whether the peer has advertized at least an FFDHE group */
- bool have_ffdhe;
- bool used_ffdhe; /* whether ffdhe was actually negotiated and used */
-
/* candidate groups to be selected for security params groups */
const gnutls_group_entry_st *cand_ec_group;
const gnutls_group_entry_st *cand_dh_group;
session->internals.dtls.hsk_read_seq = 0;
session->internals.dtls.hsk_write_seq = 0;
- session->internals.have_ffdhe = 0;
session->internals.cand_ec_group = 0;
session->internals.cand_dh_group = 0;
flags |= GNUTLS_SFLAGS_HB_PEER_SEND;
if (session->internals.hsk_flags & HSK_FALSE_START_USED)
flags |= GNUTLS_SFLAGS_FALSE_START;
- if (session->internals.used_ffdhe)
+ if (session->internals.hsk_flags & HSK_USED_FFDHE)
flags |= GNUTLS_SFLAGS_RFC7919;
return flags;
projects / thirdparty / gnutls.git / commitdiff
