[openssl] OpenSSL_1_1_1-stable update

davidben at google.com davidben at google.com
Thu Jul 25 20:26:28 UTC 2019


The branch OpenSSL_1_1_1-stable has been updated
       via  e4a282fe030363a87d52d4a3214eb7490036015e (commit)
      from  54aa9d51b09d67e90db443f682cface795f5af9e (commit)


- Log -----------------------------------------------------------------
commit e4a282fe030363a87d52d4a3214eb7490036015e
Author: David Benjamin <davidben at google.com>
Date:   Tue Jul 23 14:14:48 2019 -0400

    Don't generate an unnecessary Diffie-Hellman key in TLS 1.3 clients.
    
    tls_parse_stoc_key_share was generating a new EVP_PKEY public/private
    keypair and then overrides it with the server public key, so the
    generation was a waste anyway. Instead, it should create a
    parameters-only EVP_PKEY.
    
    (This is a consequence of OpenSSL using the same type for empty key,
    empty key with key type, empty key with key type + parameters, public
    key, and private key. As a result, it's easy to mistakenly mix such
    things up, as happened here.)
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
    (Merged from https://github.com/openssl/openssl/pull/9445)
    
    (cherry picked from commit 166c0b98fd6e8b1bb341397642527a9396468f6c)

-----------------------------------------------------------------------

Summary of changes:
 ssl/statem/extensions_clnt.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 0ebaeea..f0ae642 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1858,8 +1858,8 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         return 0;
     }
 
-    skey = ssl_generate_pkey(ckey);
-    if (skey == NULL) {
+    skey = EVP_PKEY_new();
+    if (skey == NULL || EVP_PKEY_copy_parameters(skey, ckey) <= 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_KEY_SHARE,
                  ERR_R_MALLOC_FAILURE);
         return 0;


More information about the openssl-commits mailing list