OLD | NEW |
---|---|
1 /* ssl/t1_lib.c */ | 1 /* ssl/t1_lib.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
195 NID_secp192k1, /* secp192k1 (18) */ | 195 NID_secp192k1, /* secp192k1 (18) */ |
196 NID_X9_62_prime192v1, /* secp192r1 (19) */ | 196 NID_X9_62_prime192v1, /* secp192r1 (19) */ |
197 NID_secp224k1, /* secp224k1 (20) */ | 197 NID_secp224k1, /* secp224k1 (20) */ |
198 NID_secp224r1, /* secp224r1 (21) */ | 198 NID_secp224r1, /* secp224r1 (21) */ |
199 NID_secp256k1, /* secp256k1 (22) */ | 199 NID_secp256k1, /* secp256k1 (22) */ |
200 NID_X9_62_prime256v1, /* secp256r1 (23) */ | 200 NID_X9_62_prime256v1, /* secp256r1 (23) */ |
201 NID_secp384r1, /* secp384r1 (24) */ | 201 NID_secp384r1, /* secp384r1 (24) */ |
202 NID_secp521r1 /* secp521r1 (25) */ | 202 NID_secp521r1 /* secp521r1 (25) */ |
203 }; | 203 }; |
204 | 204 |
205 /* We support only the elliptic curves that are also supported by NSS | |
206 * to improve compatibility with sites that don't accept large ClientHellos. | |
207 */ | |
205 static int pref_list[] = | 208 static int pref_list[] = |
206 { | 209 { |
207 NID_sect571r1, /* sect571r1 (14) */ | |
208 NID_sect571k1, /* sect571k1 (13) */ | |
209 NID_secp521r1, /* secp521r1 (25) */ | 210 NID_secp521r1, /* secp521r1 (25) */ |
210 NID_sect409k1, /* sect409k1 (11) */ | |
211 NID_sect409r1, /* sect409r1 (12) */ | |
212 NID_secp384r1, /* secp384r1 (24) */ | 211 NID_secp384r1, /* secp384r1 (24) */ |
213 NID_sect283k1, /* sect283k1 (9) */ | |
214 NID_sect283r1, /* sect283r1 (10) */ | |
215 NID_secp256k1, /* secp256k1 (22) */ | |
216 NID_X9_62_prime256v1, /* secp256r1 (23) */ | 212 NID_X9_62_prime256v1, /* secp256r1 (23) */ |
217 NID_sect239k1, /* sect239k1 (8) */ | |
218 NID_sect233k1, /* sect233k1 (6) */ | |
219 NID_sect233r1, /* sect233r1 (7) */ | |
220 NID_secp224k1, /* secp224k1 (20) */ | |
221 NID_secp224r1, /* secp224r1 (21) */ | |
222 NID_sect193r1, /* sect193r1 (4) */ | |
223 NID_sect193r2, /* sect193r2 (5) */ | |
224 NID_secp192k1, /* secp192k1 (18) */ | |
225 NID_X9_62_prime192v1, /* secp192r1 (19) */ | |
226 NID_sect163k1, /* sect163k1 (1) */ | |
227 NID_sect163r1, /* sect163r1 (2) */ | |
228 NID_sect163r2, /* sect163r2 (3) */ | |
229 NID_secp160k1, /* secp160k1 (15) */ | |
230 NID_secp160r1, /* secp160r1 (16) */ | |
231 NID_secp160r2, /* secp160r2 (17) */ | |
232 }; | 213 }; |
233 | 214 |
234 int tls1_ec_curve_id2nid(int curve_id) | 215 int tls1_ec_curve_id2nid(int curve_id) |
235 { | 216 { |
236 /* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */ | 217 /* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */ |
237 if ((curve_id < 1) || ((unsigned int)curve_id > | 218 if ((curve_id < 1) || ((unsigned int)curve_id > |
238 sizeof(nid_list)/sizeof(nid_list[0]))) | 219 sizeof(nid_list)/sizeof(nid_list[0]))) |
239 return 0; | 220 return 0; |
240 return nid_list[curve_id-1]; | 221 return nid_list[curve_id-1]; |
241 } | 222 } |
(...skipping 1454 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1696 if ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe) || (alg_a & SSL_ aECDSA))) | 1677 if ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe) || (alg_a & SSL_ aECDSA))) |
1697 { | 1678 { |
1698 using_ecc = 1; | 1679 using_ecc = 1; |
1699 break; | 1680 break; |
1700 } | 1681 } |
1701 } | 1682 } |
1702 using_ecc = using_ecc && (s->version >= TLS1_VERSION); | 1683 using_ecc = using_ecc && (s->version >= TLS1_VERSION); |
1703 if (using_ecc) | 1684 if (using_ecc) |
1704 { | 1685 { |
1705 if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ ecpointformatlist); | 1686 if (s->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->tlsext_ ecpointformatlist); |
1706 » » if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) | 1687 » » /* To save an additional 2 bytes in the ClientHello, we only adv ertise support |
1688 » » * for the only EC Point Format that NSS supports (instead of al l 3). | |
1689 » » */ | |
1690 » » if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(1)) == NULL) | |
1707 { | 1691 { |
1708 SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC _FAILURE); | 1692 SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC _FAILURE); |
1709 return -1; | 1693 return -1; |
1710 } | 1694 } |
1711 » » s->tlsext_ecpointformatlist_length = 3; | 1695 » » s->tlsext_ecpointformatlist_length = 1; |
1712 s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompress ed; | 1696 s->tlsext_ecpointformatlist[0] = TLSEXT_ECPOINTFORMAT_uncompress ed; |
1713 s->tlsext_ecpointformatlist[1] = TLSEXT_ECPOINTFORMAT_ansiX962_c ompressed_prime; | |
1714 s->tlsext_ecpointformatlist[2] = TLSEXT_ECPOINTFORMAT_ansiX962_c ompressed_char2; | |
1715 | 1697 |
1716 » » /* we support all named elliptic curves in draft-ietf-tls-ecc-12 */ | 1698 » » /* we only support elliptic curves in NSA Suite B */ |
wtc
2013/06/21 22:12:04
I suggest we change
we only support ...
to
| |
1717 if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ ellipticcurvelist); | 1699 if (s->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->tlsext_ ellipticcurvelist); |
1718 s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pr ef_list[0]) * 2; | 1700 s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pr ef_list[0]) * 2; |
1719 if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_elli pticcurvelist_length)) == NULL) | 1701 if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_elli pticcurvelist_length)) == NULL) |
1720 { | 1702 { |
1721 s->tlsext_ellipticcurvelist_length = 0; | 1703 s->tlsext_ellipticcurvelist_length = 0; |
1722 SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC _FAILURE); | 1704 SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,ERR_R_MALLOC _FAILURE); |
1723 return -1; | 1705 return -1; |
1724 } | 1706 } |
1725 for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i < | 1707 for (i = 0, j = s->tlsext_ellipticcurvelist; (unsigned int)i < |
1726 sizeof(pref_list)/sizeof(pref_list[0]); i++) | 1708 sizeof(pref_list)/sizeof(pref_list[0]); i++) |
(...skipping 947 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2674 continue; | 2656 continue; |
2675 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); | 2657 EVP_MD_CTX_copy_ex(&ctx, s->s3->handshake_dgst[i]); |
2676 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); | 2658 EVP_DigestFinal_ex(&ctx, temp_digest, &temp_digest_len); |
2677 EVP_DigestUpdate(md, temp_digest, temp_digest_len); | 2659 EVP_DigestUpdate(md, temp_digest, temp_digest_len); |
2678 } | 2660 } |
2679 EVP_MD_CTX_cleanup(&ctx); | 2661 EVP_MD_CTX_cleanup(&ctx); |
2680 | 2662 |
2681 return 1; | 2663 return 1; |
2682 } | 2664 } |
2683 #endif | 2665 #endif |
OLD | NEW |