mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove DH usage from tls_process_cke_dhe

Browse Source 
We instead set the encoded public key directly in the EVP_PKEY object.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13368)
This commit is contained in:
Matt Caswell 2020-10-14 16:19:16 +01:00
parent 184280971c
commit 936d565768
1 changed files with 1 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ssl/statem/statem_srvr.c
View File

@ -2962,11 +2962,8 @@ static int tls_process_cke_rsa(SSL *s, PACKET *pkt)
static int tls_process_cke_dhe(SSL *s, PACKET *pkt)
{
#ifndef OPENSSL_NO_DH
EVP_PKEY *skey = NULL;
DH *cdh;
unsigned int i;
BIGNUM *pub_key;
const unsigned char *data;
EVP_PKEY *ckey = NULL;
int ret = 0;
@ -2996,11 +2993,8 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt)
goto err;
}
cdh = EVP_PKEY_get0_DH(ckey);
pub_key = BN_bin2bn(data, i, NULL);
if (pub_key == NULL || cdh == NULL || !DH_set0_key(cdh, pub_key, NULL)) {
if (!EVP_PKEY_set1_encoded_public_key(ckey, data, i)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
BN_free(pub_key);
goto err;
}
@ -3015,11 +3009,6 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt)
err:
EVP_PKEY_free(ckey);
return ret;
#else
/* Should never happen */
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return 0;
#endif
}
static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)