提交 1db3107a 编写于 作者: D Dr. Stephen Henson

TLS support for X25519

Add X25519 to TLS supported curve list.
Reject attempts to configure keys which cannot be used
for signing.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
上级 db50c1da
/* crypto/ec/ec_err.c */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved. * Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
* *
...@@ -275,6 +274,8 @@ static ERR_STRING_DATA EC_str_reasons[] = { ...@@ -275,6 +274,8 @@ static ERR_STRING_DATA EC_str_reasons[] = {
{ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"}, {ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"},
{ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"}, {ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"},
{ERR_REASON(EC_R_COORDINATES_OUT_OF_RANGE), "coordinates out of range"}, {ERR_REASON(EC_R_COORDINATES_OUT_OF_RANGE), "coordinates out of range"},
{ERR_REASON(EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING),
"curve does not support signing"},
{ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE), {ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),
"d2i ecpkparameters failure"}, "d2i ecpkparameters failure"},
{ERR_REASON(EC_R_DECODE_ERROR), "decode error"}, {ERR_REASON(EC_R_DECODE_ERROR), "decode error"},
......
...@@ -1569,6 +1569,7 @@ void ERR_load_EC_strings(void); ...@@ -1569,6 +1569,7 @@ void ERR_load_EC_strings(void);
# define EC_R_BIGNUM_OUT_OF_RANGE 144 # define EC_R_BIGNUM_OUT_OF_RANGE 144
# define EC_R_BUFFER_TOO_SMALL 100 # define EC_R_BUFFER_TOO_SMALL 100
# define EC_R_COORDINATES_OUT_OF_RANGE 146 # define EC_R_COORDINATES_OUT_OF_RANGE 146
# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159
# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 # define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
# define EC_R_DECODE_ERROR 142 # define EC_R_DECODE_ERROR 142
# define EC_R_DISCRIMINANT_IS_ZERO 118 # define EC_R_DISCRIMINANT_IS_ZERO 118
......
...@@ -378,6 +378,11 @@ static int ssl_set_cert(CERT *c, X509 *x) ...@@ -378,6 +378,11 @@ static int ssl_set_cert(CERT *c, X509 *x)
return 0; return 0;
} }
if (i == SSL_PKEY_ECC && !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey))) {
SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
return 0;
}
if (c->pkeys[i].privatekey != NULL) { if (c->pkeys[i].privatekey != NULL) {
/* /*
* The return code from EVP_PKEY_copy_parameters is deliberately * The return code from EVP_PKEY_copy_parameters is deliberately
......
...@@ -222,9 +222,11 @@ typedef struct { ...@@ -222,9 +222,11 @@ typedef struct {
unsigned int flags; /* Flags: currently just field type */ unsigned int flags; /* Flags: currently just field type */
} tls_curve_info; } tls_curve_info;
# define TLS_CURVE_TYPE 0x1 /* Mask for curve type */
# define TLS_CURVE_CHAR2 0x1 # define TLS_CURVE_TYPE 0x3
# define TLS_CURVE_PRIME 0x0 # define TLS_CURVE_PRIME 0x0
# define TLS_CURVE_CHAR2 0x1
# define TLS_CURVE_CUSTOM 0x2
/* /*
* Table of curve information. * Table of curve information.
...@@ -261,6 +263,8 @@ static const tls_curve_info nid_list[] = { ...@@ -261,6 +263,8 @@ static const tls_curve_info nid_list[] = {
{NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */ {NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */
{NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */ {NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */
{NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */ {NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */
/* X25519 (29) */
{NID_X25519, 128, TLS_CURVE_CUSTOM},
}; };
static const unsigned char ecformats_default[] = { static const unsigned char ecformats_default[] = {
...@@ -271,6 +275,7 @@ static const unsigned char ecformats_default[] = { ...@@ -271,6 +275,7 @@ static const unsigned char ecformats_default[] = {
/* The default curves */ /* The default curves */
static const unsigned char eccurves_default[] = { static const unsigned char eccurves_default[] = {
0, 29, /* X25519 (29) */
/* Prefer P-256 which has the fastest and most secure implementations. */ /* Prefer P-256 which has the fastest and most secure implementations. */
0, 23, /* secp256r1 (23) */ 0, 23, /* secp256r1 (23) */
/* Other >= 256-bit prime curves. */ /* Other >= 256-bit prime curves. */
...@@ -290,6 +295,7 @@ static const unsigned char eccurves_default[] = { ...@@ -290,6 +295,7 @@ static const unsigned char eccurves_default[] = {
}; };
static const unsigned char eccurves_all[] = { static const unsigned char eccurves_all[] = {
0, 29, /* X25519 (29) */
/* Prefer P-256 which has the fastest and most secure implementations. */ /* Prefer P-256 which has the fastest and most secure implementations. */
0, 23, /* secp256r1 (23) */ 0, 23, /* secp256r1 (23) */
/* Other >= 256-bit prime curves. */ /* Other >= 256-bit prime curves. */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册