[openssl] master update
Matt Caswell
matt at openssl.org
Fri Feb 5 15:39:51 UTC 2021
The branch master has been updated
via 5682e77dff5123f0e9259c258bb58bc6d2e358ef (commit)
via e376242d28e08591af229674a2816ac6f4bb8fdf (commit)
via 462f4f4bc0eeb6505a8914bd751b3f20b43ea778 (commit)
via 54e3efff81f41f71fe17303d5ec6db49415e5d6d (commit)
via 306b8e7e19f6c5019a9fc4050c5de6ebe7135c1f (commit)
via 3de751e7f0791f5c9778faf44631555f05e24fad (commit)
via 05b4b85d4bb9f54fa7ed5e964595308f1f87d5b8 (commit)
via a763ca11777ce01a286751f3f3dd9b106ef74f30 (commit)
via 8b1db5d329740bd5363fd1763d4030d0e015b521 (commit)
via ddf8f1ce634b9a3bd30603d9e0eaec1990a0d586 (commit)
via 5b64ce89b0859956387cda1d56718d2a5f09d928 (commit)
from 9ca08f91e9817892c3545612a91d38687e593e14 (commit)
- Log -----------------------------------------------------------------
commit 5682e77dff5123f0e9259c258bb58bc6d2e358ef
Author: Matt Caswell <matt at openssl.org>
Date: Mon Feb 1 15:15:10 2021 +0000
Fix the cipher_overhead_test
Now that libssl no longer has any OPENSSL_NO_ALG guards the internal
cipher_overhead_test wasn't quite handling disabled ciphers correctly.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit e376242d28e08591af229674a2816ac6f4bb8fdf
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jan 20 15:29:59 2021 +0000
Remove all OPENSSL_NO_XXX from libssl where XXX is a crypto alg
We should no longer be relying on compile time checks in libssl for
the availability of crypto algorithms. The availability of crypto
algorithms should be determined at runtime based on what providers have
been loaded.
Fixes #13616
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit 462f4f4bc0eeb6505a8914bd751b3f20b43ea778
Author: Matt Caswell <matt at openssl.org>
Date: Fri Jan 15 16:54:28 2021 +0000
Remove OPENSSL_NO_EC guards from libssl
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit 54e3efff81f41f71fe17303d5ec6db49415e5d6d
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jan 20 15:09:24 2021 +0000
Make sure we don't use sigalgs that are not available
We may have compiled in sigalg values that we can't support at runtime.
Make sure we only use sigalgs that are actually enabled.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit 306b8e7e19f6c5019a9fc4050c5de6ebe7135c1f
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jan 20 12:38:43 2021 +0000
Add the nist group names as aliases for the normal TLS group names
By recognising the nist group names directly we can avoid having to call
EC_curve_nist2nid in libssl, which is not available in a no-ec build.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit 3de751e7f0791f5c9778faf44631555f05e24fad
Author: Matt Caswell <matt at openssl.org>
Date: Fri Jan 15 16:10:52 2021 +0000
Remove compile time guard checking from ssl3_get_req_cert_type
With 3.0 we need to know whether algs are available at run time not
at compile time. Actually the code as written is sufficient to do this,
so we can simply remove the guards.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit 05b4b85d4bb9f54fa7ed5e964595308f1f87d5b8
Author: Matt Caswell <matt at openssl.org>
Date: Fri Jan 15 15:43:28 2021 +0000
Check for availability of ciphersuites at run time
In 1.1.1 and below we would check for the availability of certain
algorithms based on compile time guards. However with 3.0 this is no
longer sufficient. Some algorithms that are unavailable at compile time
may become available later if 3rd party providers are loaded. Similarly,
algorithms that exist in our built-in providers at compile time may not
be available at run time if those providers are not loaded.
Fixes #13184
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit a763ca11777ce01a286751f3f3dd9b106ef74f30
Author: Matt Caswell <matt at openssl.org>
Date: Thu Jan 14 15:50:20 2021 +0000
Stop disabling TLSv1.3 if ec and dh are disabled
Even if EC and DH are disabled then we may still be able to use TLSv1.3
if we have groups that have been plugged in by an external provider.
Fixes #13767
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit 8b1db5d329740bd5363fd1763d4030d0e015b521
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jan 13 17:27:10 2021 +0000
Make supported_groups code independent of EC and DH
The supported groups code was checking the OPENSSL_NO_EC and
OPENSSL_NO_DH guards in order to work, and the list of default groups was
based on those guards. However we now need it to work even in a no-ec
and no-dh build, because new groups might be added from providers.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit ddf8f1ce634b9a3bd30603d9e0eaec1990a0d586
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jan 13 15:50:36 2021 +0000
Ensure default supported groups works even with no-ec and no-dh
The default supported groups code was disabled in the event of a build
with no-ec and no-dh. However now that providers can add there own
groups (which might not fit into either of these categories), this is
no longer appropriate.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
commit 5b64ce89b0859956387cda1d56718d2a5f09d928
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jan 13 12:39:40 2021 +0000
Remove OPENSSL_NO_DH guards from libssl
This removes man unnecessary OPENSSL_NO_DH guards from libssl. Now that
libssl is entirely using the EVP APIs and implementations can be plugged
in via providers it is no longer needed to disable DH at compile time in
libssl. Instead it should detect at runtime whether DH is available from
the loaded providers.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
-----------------------------------------------------------------------
Summary of changes:
CHANGES.md | 11 +++
Configure | 2 -
crypto/err/openssl.txt | 3 +-
include/openssl/ssl.h.in | 9 +--
include/openssl/sslerr.h | 2 +
providers/common/capabilities.c | 26 ++++---
ssl/s3_enc.c | 2 -
ssl/s3_lib.c | 79 +++++--------------
ssl/ssl_cert.c | 3 +-
ssl/ssl_ciph.c | 52 +++++++------
ssl/ssl_conf.c | 16 ++--
ssl/ssl_err.c | 3 +
ssl/ssl_lib.c | 43 +----------
ssl/ssl_local.h | 20 +----
ssl/ssl_rsa.c | 4 +-
ssl/sslerr.h | 2 +-
ssl/statem/extensions.c | 12 ---
ssl/statem/extensions_clnt.c | 34 +++++----
ssl/statem/extensions_cust.c | 2 -
ssl/statem/extensions_srvr.c | 10 +--
ssl/statem/statem_clnt.c | 24 +-----
ssl/statem/statem_lib.c | 6 --
ssl/statem/statem_local.h | 8 --
ssl/statem/statem_srvr.c | 23 +-----
ssl/t1_enc.c | 2 -
ssl/t1_lib.c | 129 +++++++++++++++-----------------
ssl/t1_trce.c | 2 -
ssl/tls_depr.c | 32 +++++++-
test/cipher_overhead_test.c | 23 ++++++
test/helpers/ssltestlib.c | 49 +++++++-----
test/recipes/70-test_comp.t | 3 +-
test/recipes/70-test_key_share.t | 3 +
test/recipes/70-test_sslcbcpadding.t | 2 +
test/recipes/70-test_sslextension.t | 6 +-
test/recipes/70-test_sslrecords.t | 13 +++-
test/recipes/70-test_sslsigalgs.t | 15 ++--
test/recipes/70-test_sslsignature.t | 4 +-
test/recipes/70-test_sslversions.t | 5 +-
test/recipes/70-test_tls13alerts.t | 2 +-
test/recipes/70-test_tls13cookie.t | 2 +-
test/recipes/70-test_tls13downgrade.t | 4 +-
test/recipes/70-test_tls13hrr.t | 2 +-
test/recipes/70-test_tls13kexmodes.t | 2 +-
test/recipes/70-test_tls13psk.t | 2 +-
test/recipes/70-test_tlsextms.t | 17 +++--
test/recipes/80-test_ssl_new.t | 11 ++-
test/recipes/80-test_ssl_old.t | 2 +
test/recipes/90-test_tls13ccs.t | 2 +-
test/recipes/90-test_tls13encryption.t | 2 +-
test/recipes/90-test_tls13secrets.t | 4 +-
test/recordlentest.c | 3 +-
test/servername_test.c | 15 ++++
test/ssl-tests/04-client_auth.cnf.in | 4 +-
test/ssl-tests/27-ticket-appdata.cnf.in | 3 +-
test/ssl-tests/protocol_version.pm | 22 ++++--
test/ssl_old_test.c | 5 ++
test/ssl_test.c | 22 ++++--
test/sslapitest.c | 121 ++++++++++++++++--------------
58 files changed, 466 insertions(+), 465 deletions(-)
diff --git a/CHANGES.md b/CHANGES.md
index d80016560e..7c934935eb 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -23,6 +23,17 @@ OpenSSL 3.0
### Changes between 1.1.1 and 3.0 [xx XXX xxxx]
+ * Combining the Configure options no-ec and no-dh no longer disables TLSv1.3.
+ Typically if OpenSSL has no EC or DH algorithms then it cannot support
+ connections with TLSv1.3. However OpenSSL now supports "pluggable" groups
+ through providers. Therefore third party providers may supply group
+ implementations even where there are no built-in ones. Attempting to create
+ TLS connections in such a build without also disabling TLSv1.3 at run time or
+ using third party provider groups may result in handshake failures. TLSv1.3
+ can be disabled at compile time using the "no-tls1_3" Configure option.
+
+ *Matt Caswell*
+
* The undocumented function X509_certificate_type() has been deprecated;
applications can use X509_get0_pubkey() and X509_get0_signature() to
get the same information.
diff --git a/Configure b/Configure
index e429d6ff5b..9a96a7f0c0 100755
--- a/Configure
+++ b/Configure
@@ -563,8 +563,6 @@ my @disable_cascades = (
"zlib" => [ "zlib-dynamic" ],
"des" => [ "mdc2" ],
"ec" => [ "ec2m", "ecdsa", "ecdh", "sm2", "gost" ],
- sub { $disabled{"ec"} && $disabled{"dh"} }
- => [ "tls1_3" ],
"dgram" => [ "dtls", "sctp" ],
"sock" => [ "dgram" ],
"dtls" => [ @dtls ],
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index d64b356044..c1a0f1d0bd 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1264,6 +1264,7 @@ SSL_R_BLOCK_CIPHER_PAD_IS_WRONG:129:block cipher pad is wrong
SSL_R_BN_LIB:130:bn lib
SSL_R_CALLBACK_FAILED:234:callback failed
SSL_R_CANNOT_CHANGE_CIPHER:109:cannot change cipher
+SSL_R_CANNOT_GET_GROUP_NAME:299:cannot get group name
SSL_R_CA_DN_LENGTH_MISMATCH:131:ca dn length mismatch
SSL_R_CA_KEY_TOO_SMALL:397:ca key too small
SSL_R_CA_MD_TOO_WEAK:398:ca md too weak
@@ -1273,7 +1274,6 @@ SSL_R_CERT_CB_ERROR:377:cert cb error
SSL_R_CERT_LENGTH_MISMATCH:135:cert length mismatch
SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED:218:ciphersuite digest has changed
SSL_R_CIPHER_CODE_WRONG_LENGTH:137:cipher code wrong length
-SSL_R_CIPHER_OR_HASH_UNAVAILABLE:138:cipher or hash unavailable
SSL_R_CLIENTHELLO_TLSEXT:226:clienthello tlsext
SSL_R_COMPRESSED_LENGTH_TOO_LONG:140:compressed length too long
SSL_R_COMPRESSION_DISABLED:343:compression disabled
@@ -1399,6 +1399,7 @@ SSL_R_NO_SHARED_GROUPS:410:no shared groups
SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS:376:no shared signature algorithms
SSL_R_NO_SRTP_PROFILES:359:no srtp profiles
SSL_R_NO_SUITABLE_DIGEST_ALGORITHM:297:no suitable digest algorithm
+SSL_R_NO_SUITABLE_GROUPS:295:no suitable groups
SSL_R_NO_SUITABLE_KEY_SHARE:101:no suitable key share
SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM:118:no suitable signature algorithm
SSL_R_NO_VALID_SCTS:216:no valid scts
diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in
index 00956547e7..f329514324 100644
--- a/include/openssl/ssl.h.in
+++ b/include/openssl/ssl.h.in
@@ -194,14 +194,9 @@ extern "C" {
* DEPRECATED IN 3.0.0, in favor of OSSL_default_ciphersuites()
* Update both macro and function simultaneously
*/
-# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
- "TLS_CHACHA20_POLY1305_SHA256:" \
- "TLS_AES_128_GCM_SHA256"
-# else
-# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
+# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
+ "TLS_CHACHA20_POLY1305_SHA256:" \
"TLS_AES_128_GCM_SHA256"
-# endif
# endif
/*
* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index 27664afd58..7fea8a87b7 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -66,6 +66,7 @@
# define SSL_R_BN_LIB 130
# define SSL_R_CALLBACK_FAILED 234
# define SSL_R_CANNOT_CHANGE_CIPHER 109
+# define SSL_R_CANNOT_GET_GROUP_NAME 299
# define SSL_R_CA_DN_LENGTH_MISMATCH 131
# define SSL_R_CA_KEY_TOO_SMALL 397
# define SSL_R_CA_MD_TOO_WEAK 398
@@ -195,6 +196,7 @@
# define SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS 376
# define SSL_R_NO_SRTP_PROFILES 359
# define SSL_R_NO_SUITABLE_DIGEST_ALGORITHM 297
+# define SSL_R_NO_SUITABLE_GROUPS 295
# define SSL_R_NO_SUITABLE_KEY_SHARE 101
# define SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM 118
# define SSL_R_NO_VALID_SCTS 216
diff --git a/providers/common/capabilities.c b/providers/common/capabilities.c
index f935268ab2..f708beb16d 100644
--- a/providers/common/capabilities.c
+++ b/providers/common/capabilities.c
@@ -102,12 +102,14 @@ static const OSSL_PARAM param_group_list[][10] = {
# ifndef OPENSSL_NO_EC
# ifndef OPENSSL_NO_EC2M
TLS_GROUP_ENTRY("sect163k1", "sect163k1", "EC", 0),
+ TLS_GROUP_ENTRY("K-163", "sect163k1", "EC", 0), /* Alias of above */
# endif
# ifndef FIPS_MODULE
TLS_GROUP_ENTRY("sect163r1", "sect163r1", "EC", 1),
# endif
# ifndef OPENSSL_NO_EC2M
TLS_GROUP_ENTRY("sect163r2", "sect163r2", "EC", 2),
+ TLS_GROUP_ENTRY("B-163", "sect163r2", "EC", 2), /* Alias of above */
# endif
# ifndef FIPS_MODULE
TLS_GROUP_ENTRY("sect193r1", "sect193r1", "EC", 3),
@@ -115,18 +117,26 @@ static const OSSL_PARAM param_group_list[][10] = {
# endif
# ifndef OPENSSL_NO_EC2M
TLS_GROUP_ENTRY("sect233k1", "sect233k1", "EC", 5),
+ TLS_GROUP_ENTRY("K-233", "sect233k1", "EC", 5), /* Alias of above */
TLS_GROUP_ENTRY("sect233r1", "sect233r1", "EC", 6),
+ TLS_GROUP_ENTRY("B-233", "sect233r1", "EC", 6), /* Alias of above */
# endif
# ifndef FIPS_MODULE
TLS_GROUP_ENTRY("sect239k1", "sect239k1", "EC", 7),
# endif
# ifndef OPENSSL_NO_EC2M
TLS_GROUP_ENTRY("sect283k1", "sect283k1", "EC", 8),
+ TLS_GROUP_ENTRY("K-283", "sect283k1", "EC", 8), /* Alias of above */
TLS_GROUP_ENTRY("sect283r1", "sect283r1", "EC", 9),
+ TLS_GROUP_ENTRY("B-283", "sect283r1", "EC", 9), /* Alias of above */
TLS_GROUP_ENTRY("sect409k1", "sect409k1", "EC", 10),
+ TLS_GROUP_ENTRY("K-409", "sect409k1", "EC", 10), /* Alias of above */
TLS_GROUP_ENTRY("sect409r1", "sect409r1", "EC", 11),
+ TLS_GROUP_ENTRY("B-409", "sect409r1", "EC", 11), /* Alias of above */
TLS_GROUP_ENTRY("sect571k1", "sect571k1", "EC", 12),
+ TLS_GROUP_ENTRY("K-571", "sect571k1", "EC", 12), /* Alias of above */
TLS_GROUP_ENTRY("sect571r1", "sect571r1", "EC", 13),
+ TLS_GROUP_ENTRY("B-571", "sect571r1", "EC", 13), /* Alias of above */
# endif
# ifndef FIPS_MODULE
TLS_GROUP_ENTRY("secp160k1", "secp160k1", "EC", 14),
@@ -135,23 +145,28 @@ static const OSSL_PARAM param_group_list[][10] = {
TLS_GROUP_ENTRY("secp192k1", "secp192k1", "EC", 17),
# endif
TLS_GROUP_ENTRY("secp192r1", "prime192v1", "EC", 18),
+ TLS_GROUP_ENTRY("P-192", "prime192v1", "EC", 18), /* Alias of above */
# ifndef FIPS_MODULE
TLS_GROUP_ENTRY("secp224k1", "secp224k1", "EC", 19),
# endif
TLS_GROUP_ENTRY("secp224r1", "secp224r1", "EC", 20),
+ TLS_GROUP_ENTRY("P-224", "secp224r1", "EC", 20), /* Alias of above */
# ifndef FIPS_MODULE
TLS_GROUP_ENTRY("secp256k1", "secp256k1", "EC", 21),
# endif
TLS_GROUP_ENTRY("secp256r1", "prime256v1", "EC", 22),
+ TLS_GROUP_ENTRY("P-256", "prime256v1", "EC", 22), /* Alias of above */
TLS_GROUP_ENTRY("secp384r1", "secp384r1", "EC", 23),
+ TLS_GROUP_ENTRY("P-384", "secp384r1", "EC", 23), /* Alias of above */
TLS_GROUP_ENTRY("secp521r1", "secp521r1", "EC", 24),
+ TLS_GROUP_ENTRY("P-521", "secp521r1", "EC", 24), /* Alias of above */
# ifndef FIPS_MODULE
TLS_GROUP_ENTRY("brainpoolP256r1", "brainpoolP256r1", "EC", 25),
TLS_GROUP_ENTRY("brainpoolP384r1", "brainpoolP384r1", "EC", 26),
TLS_GROUP_ENTRY("brainpoolP512r1", "brainpoolP512r1", "EC", 27),
# endif
- TLS_GROUP_ENTRY("x25519", "x25519", "X25519", 28),
- TLS_GROUP_ENTRY("x448", "x448", "X448", 29),
+ TLS_GROUP_ENTRY("x25519", "X25519", "X25519", 28),
+ TLS_GROUP_ENTRY("x448", "X448", "X448", 29),
# endif /* OPENSSL_NO_EC */
# ifndef OPENSSL_NO_DH
/* Security bit values for FFDHE groups are as per RFC 7919 */
@@ -169,13 +184,6 @@ static int tls_group_capability(OSSL_CALLBACK *cb, void *arg)
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
size_t i;
-# if !defined(OPENSSL_NO_EC) \
- && !defined(OPENSSL_NO_EC2M) \
- && !defined(OPENSSL_NO_DH) \
- && !defined(FIPS_MODULE)
- assert(OSSL_NELEM(param_group_list) == OSSL_NELEM(group_list));
-# endif
-
for (i = 0; i < OSSL_NELEM(param_group_list); i++)
if (!cb(param_group_list[i], arg))
return 0;
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 1e297d23d5..cf4d5fe4e7 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -297,10 +297,8 @@ int ssl3_setup_key_block(SSL *s)
if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3.need_empty_fragments = 0;
-#ifndef OPENSSL_NO_RC4
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3.need_empty_fragments = 0;
-#endif
}
}
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index a6c87ad75d..ec19eeacc3 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -66,7 +66,6 @@ static SSL_CIPHER tls13_ciphers[] = {
256,
256,
},
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
{
1,
TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
@@ -83,7 +82,6 @@ static SSL_CIPHER tls13_ciphers[] = {
256,
256,
},
-#endif
{
1,
TLS1_3_RFC_AES_128_CCM_SHA256,
@@ -2036,7 +2034,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
},
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
{
1,
TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
@@ -2149,10 +2146,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
256,
},
-#endif /* !defined(OPENSSL_NO_CHACHA) &&
- * !defined(OPENSSL_NO_POLY1305) */
-#ifndef OPENSSL_NO_CAMELLIA
{
1,
TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
@@ -2601,7 +2595,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
256,
},
-#endif /* OPENSSL_NO_CAMELLIA */
#ifndef OPENSSL_NO_GOST
{
@@ -2718,7 +2711,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
},
#endif /* OPENSSL_NO_GOST */
-#ifndef OPENSSL_NO_IDEA
{
1,
SSL3_TXT_RSA_IDEA_128_SHA,
@@ -2735,9 +2727,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
128,
128,
},
-#endif
-#ifndef OPENSSL_NO_SEED
{
1,
TLS1_TXT_RSA_WITH_SEED_SHA,
@@ -2802,7 +2792,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
128,
128,
},
-#endif /* OPENSSL_NO_SEED */
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
@@ -2967,7 +2956,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
},
#endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
-#ifndef OPENSSL_NO_ARIA
{
1,
TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
@@ -3224,7 +3212,6 @@ static SSL_CIPHER ssl3_ciphers[] = {
256,
256,
},
-#endif /* OPENSSL_NO_ARIA */
};
/*
@@ -3360,12 +3347,10 @@ void ssl3_free(SSL *s)
ssl3_cleanup_key_block(s);
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
EVP_PKEY_free(s->s3.peer_tmp);
s->s3.peer_tmp = NULL;
EVP_PKEY_free(s->s3.tmp.pkey);
s->s3.tmp.pkey = NULL;
-#endif
ssl_evp_cipher_free(s->s3.tmp.new_sym_enc);
ssl_evp_md_free(s->s3.tmp.new_hash);
@@ -3396,10 +3381,8 @@ int ssl3_clear(SSL *s)
OPENSSL_free(s->s3.tmp.peer_sigalgs);
OPENSSL_free(s->s3.tmp.peer_cert_sigalgs);
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
EVP_PKEY_free(s->s3.tmp.pkey);
EVP_PKEY_free(s->s3.peer_tmp);
-#endif /* !OPENSSL_NO_EC */
ssl3_free_digest_list(s);
@@ -3452,7 +3435,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
case SSL_CTRL_GET_FLAGS:
ret = (int)(s->s3.flags);
break;
-#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+#if !defined(OPENSSL_NO_DEPRECATED_3_0)
case SSL_CTRL_SET_TMP_DH:
{
EVP_PKEY *pkdh = NULL;
@@ -3477,7 +3460,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
case SSL_CTRL_SET_DH_AUTO:
s->cert->dh_tmp_auto = larg;
return 1;
-#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+#if !defined(OPENSSL_NO_DEPRECATED_3_0)
case SSL_CTRL_SET_TMP_ECDH:
{
if (parg == NULL) {
@@ -3488,7 +3471,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
&s->ext.supportedgroups_len,
parg);
}
-#endif
+#endif /* !OPENSSL_NO_DEPRECATED_3_0 */
case SSL_CTRL_SET_TLSEXT_HOSTNAME:
/*
* This API is only used for a client to set what SNI it will request
@@ -3610,7 +3593,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
}
return ssl_cert_set_current(s->cert, larg);
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
case SSL_CTRL_GET_GROUPS:
{
uint16_t *clist;
@@ -3656,7 +3638,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
case SSL_CTRL_GET_NEGOTIATED_GROUP:
ret = tls1_group_id2nid(s->s3.group_id, 1);
break;
-#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
case SSL_CTRL_SET_SIGALGS:
return tls1_set_sigalgs(s->cert, parg, larg, 0);
@@ -3707,7 +3688,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
return 1;
case SSL_CTRL_GET_PEER_TMP_KEY:
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
if (s->session == NULL || s->s3.peer_tmp == NULL) {
return 0;
} else {
@@ -3715,12 +3695,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
*(EVP_PKEY **)parg = s->s3.peer_tmp;
return 1;
}
-#else
- return 0;
-#endif
case SSL_CTRL_GET_TMP_KEY:
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
if (s->session == NULL || s->s3.tmp.pkey == NULL) {
return 0;
} else {
@@ -3728,11 +3704,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
*(EVP_PKEY **)parg = s->s3.tmp.pkey;
return 1;
}
-#else
- return 0;
-#endif
-#ifndef OPENSSL_NO_EC
case SSL_CTRL_GET_EC_POINT_FORMATS:
{
const unsigned char **pformat = parg;
@@ -3742,7 +3714,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
*pformat = s->ext.peer_ecpointformats;
return (int)s->ext.peer_ecpointformats_len;
}
-#endif
default:
break;
@@ -3755,7 +3726,7 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
int ret = 0;
switch (cmd) {
-#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+#if !defined(OPENSSL_NO_DEPRECATED_3_0)
case SSL_CTRL_SET_TMP_DH_CB:
s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
ret = 1;
@@ -3780,7 +3751,7 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
{
switch (cmd) {
-#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+#if !defined(OPENSSL_NO_DEPRECATED_3_0)
case SSL_CTRL_SET_TMP_DH:
{
EVP_PKEY *pkdh = NULL;
@@ -3804,7 +3775,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
case SSL_CTRL_SET_DH_AUTO:
ctx->cert->dh_tmp_auto = larg;
return 1;
-#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+#if !defined(OPENSSL_NO_DEPRECATED_3_0)
case SSL_CTRL_SET_TMP_ECDH:
{
if (parg == NULL) {
@@ -3815,7 +3786,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
&ctx->ext.supportedgroups_len,
parg);
}
-#endif
+#endif /* !OPENSSL_NO_DEPRECATED_3_0 */
case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
ctx->ext.servername_arg = parg;
break;
@@ -3911,7 +3882,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
break;
#endif
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
case SSL_CTRL_SET_GROUPS:
return tls1_set_groups(&ctx->ext.supportedgroups,
&ctx->ext.supportedgroups_len,
@@ -3921,7 +3891,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return tls1_set_groups_list(ctx, &ctx->ext.supportedgroups,
&ctx->ext.supportedgroups_len,
parg);
-#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
case SSL_CTRL_SET_SIGALGS:
return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
@@ -4004,7 +3973,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
{
switch (cmd) {
-#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+#if !defined(OPENSSL_NO_DEPRECATED_3_0)
case SSL_CTRL_SET_TMP_DH_CB:
{
ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
@@ -4138,9 +4107,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
STACK_OF(SSL_CIPHER) *prio, *allow;
int i, ii, ok, prefer_sha256 = 0;
unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
-#ifndef OPENSSL_NO_CHACHA
STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
-#endif
/* Let's see which ciphers we can support */
@@ -4173,7 +4140,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
} else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
prio = srvr;
allow = clnt;
-#ifndef OPENSSL_NO_CHACHA
+
/* If ChaCha20 is at the top of the client preference list,
and there are ChaCha20 ciphers in the server list, then
temporarily prioritize all ChaCha20 ciphers in the servers list. */
@@ -4212,7 +4179,6 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
}
}
}
-# endif
} else {
prio = clnt;
allow = srvr;
@@ -4282,14 +4248,12 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
"%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
-#ifndef OPENSSL_NO_EC
/*
* if we are considering an ECC cipher suite that uses an ephemeral
* EC key check it
*/
if (alg_k & SSL_kECDHE)
ok = ok && tls1_check_ec_tmp_key(s, c->id);
-#endif /* OPENSSL_NO_EC */
if (!ok)
continue;
@@ -4300,14 +4264,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
c->strength_bits, 0, (void *)c))
continue;
-#if !defined(OPENSSL_NO_EC)
+
if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
&& s->s3.is_probably_safari) {
if (!ret)
ret = sk_SSL_CIPHER_value(allow, ii);
continue;
}
-#endif
+
if (prefer_sha256) {
const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
@@ -4328,9 +4292,9 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
break;
}
}
-#ifndef OPENSSL_NO_CHACHA
+
sk_SSL_CIPHER_free(prio_chacha);
-#endif
+
return ret;
}
@@ -4362,22 +4326,17 @@ int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt)
#endif
if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
-#ifndef OPENSSL_NO_DH
if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
return 0;
-# ifndef OPENSSL_NO_DSA
- if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
+ if (!(alg_a & SSL_aDSS)
+ && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
return 0;
-# endif
-#endif /* !OPENSSL_NO_DH */
}
if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
return 0;
-#ifndef OPENSSL_NO_DSA
if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
return 0;
-#endif
-#ifndef OPENSSL_NO_EC
+
/*
* ECDSA certs can be used with RSA cipher suites too so we don't
* need to check for SSL_kECDH or SSL_kECDHE
@@ -4386,7 +4345,7 @@ int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt)
&& !(alg_a & SSL_aECDSA)
&& !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
return 0;
-#endif
+
return 1;
}
@@ -4820,10 +4779,8 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
goto err;
}
-#ifndef OPENSSL_NO_DH
- if (SSL_IS_TLS13(s) && EVP_PKEY_id(privkey) == EVP_PKEY_DH)
+ if (SSL_IS_TLS13(s) && EVP_PKEY_is_a(privkey, "DH"))
EVP_PKEY_CTX_set_dh_pad(pctx, 1);
-#endif
pms = OPENSSL_malloc(pmslen);
if (pms == NULL) {
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 93608beddc..a9d9b9ca06 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -95,9 +95,8 @@ CERT *ssl_cert_dup(CERT *cert)
ret->dh_tmp = cert->dh_tmp;
EVP_PKEY_up_ref(ret->dh_tmp);
}
-#ifndef OPENSSL_NO_DH
+
ret->dh_tmp_cb = cert->dh_tmp_cb;
-#endif
ret->dh_tmp_auto = cert->dh_tmp_auto;
for (i = 0; i < SSL_PKEY_NUM; i++) {
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index ec366707e5..d517799895 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -323,6 +323,8 @@ int ssl_load_ciphers(SSL_CTX *ctx)
{
size_t i;
const ssl_cipher_table *t;
+ EVP_KEYEXCH *kex = NULL;
+ EVP_SIGNATURE *sig = NULL;
ctx->disabled_enc_mask = 0;
for (i = 0, t = ssl_cipher_table_cipher; i < SSL_ENC_NUM_IDX; i++, t++) {
@@ -354,16 +356,33 @@ int ssl_load_ciphers(SSL_CTX *ctx)
ctx->disabled_mkey_mask = 0;
ctx->disabled_auth_mask = 0;
-#ifdef OPENSSL_NO_DSA
- ctx->disabled_auth_mask |= SSL_aDSS;
-#endif
-#ifdef OPENSSL_NO_DH
- ctx->disabled_mkey_mask |= SSL_kDHE | SSL_kDHEPSK;
-#endif
-#ifdef OPENSSL_NO_EC
- ctx->disabled_mkey_mask |= SSL_kECDHE | SSL_kECDHEPSK;
- ctx->disabled_auth_mask |= SSL_aECDSA;
-#endif
+ /*
+ * We ignore any errors from the fetches below. They are expected to fail
+ * if theose algorithms are not available.
+ */
+ ERR_set_mark();
+ sig = EVP_SIGNATURE_fetch(ctx->libctx, "DSA", ctx->propq);
+ if (sig == NULL)
+ ctx->disabled_auth_mask |= SSL_aDSS;
+ else
+ EVP_SIGNATURE_free(sig);
+ kex = EVP_KEYEXCH_fetch(ctx->libctx, "DH", ctx->propq);
+ if (kex == NULL)
+ ctx->disabled_mkey_mask |= SSL_kDHE | SSL_kDHEPSK;
+ else
+ EVP_KEYEXCH_free(kex);
+ kex = EVP_KEYEXCH_fetch(ctx->libctx, "ECDH", ctx->propq);
+ if (kex == NULL)
+ ctx->disabled_mkey_mask |= SSL_kECDHE | SSL_kECDHEPSK;
+ else
+ EVP_KEYEXCH_free(kex);
+ sig = EVP_SIGNATURE_fetch(ctx->libctx, "ECDSA", ctx->propq);
+ if (sig == NULL)
+ ctx->disabled_auth_mask |= SSL_aECDSA;
+ else
+ EVP_SIGNATURE_free(sig);
+ ERR_pop_to_mark();
+
#ifdef OPENSSL_NO_PSK
ctx->disabled_mkey_mask |= SSL_PSK;
ctx->disabled_auth_mask |= SSL_aPSK;
@@ -1226,7 +1245,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
return retval;
}
-#ifndef OPENSSL_NO_EC
static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
const char **prule_str)
{
@@ -1257,7 +1275,7 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
ERR_raise(ERR_LIB_SSL, SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE);
return 0;
}
-# ifndef OPENSSL_NO_EC
+
switch (suiteb_flags) {
case SSL_CERT_FLAG_SUITEB_128_LOS:
if (suiteb_comb2)
@@ -1274,12 +1292,7 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
break;
}
return 1;
-# else
- ERR_raise(ERR_LIB_SSL, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE);
- return 0;
-# endif
}
-#endif
static int ciphersuite_cb(const char *elem, int len, void *arg)
{
@@ -1427,10 +1440,9 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
*/
if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
return NULL;
-#ifndef OPENSSL_NO_EC
+
if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
return NULL;
-#endif
/*
* To reduce the work to do we only want to process the compiled
@@ -2203,8 +2215,6 @@ const char *OSSL_default_cipher_list(void)
const char *OSSL_default_ciphersuites(void)
{
return "TLS_AES_256_GCM_SHA384:"
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
"TLS_CHACHA20_POLY1305_SHA256:"
-#endif
"TLS_AES_128_GCM_SHA256";
}
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 2e8240c73b..edd3fd7640 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -221,12 +221,10 @@ static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value)
return cmd_Groups(cctx, value);
}
-#ifndef OPENSSL_NO_EC
/* ECDH temporary parameters */
static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
{
int rv = 1;
- int nid;
/* Ignore values supported by 1.0.2 for the automatic selection */
if ((cctx->flags & SSL_CONF_FLAG_FILE)
@@ -237,20 +235,18 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
strcmp(value, "auto") == 0)
return 1;
- nid = EC_curve_nist2nid(value);
- if (nid == NID_undef)
- nid = OBJ_sn2nid(value);
- if (nid == 0)
+ /* ECDHParameters accepts a single group name */
+ if (strstr(value, ":") != NULL)
return 0;
if (cctx->ctx)
- rv = SSL_CTX_set1_groups(cctx->ctx, &nid, 1);
+ rv = SSL_CTX_set1_groups_list(cctx->ctx, value);
else if (cctx->ssl)
- rv = SSL_set1_groups(cctx->ssl, &nid, 1);
+ rv = SSL_set1_groups_list(cctx->ssl, value);
return rv > 0;
}
-#endif
+
static int cmd_CipherString(SSL_CONF_CTX *cctx, const char *value)
{
int rv = 1;
@@ -701,9 +697,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
SSL_CONF_CMD_STRING(ClientSignatureAlgorithms, "client_sigalgs", 0),
SSL_CONF_CMD_STRING(Curves, "curves", 0),
SSL_CONF_CMD_STRING(Groups, "groups", 0),
-#ifndef OPENSSL_NO_EC
SSL_CONF_CMD_STRING(ECDHParameters, "named_curve", SSL_CONF_FLAG_SERVER),
-#endif
SSL_CONF_CMD_STRING(CipherString, "cipher", 0),
SSL_CONF_CMD_STRING(Ciphersuites, "ciphersuites", 0),
SSL_CONF_CMD_STRING(Protocol, NULL, 0),
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 879b276520..357cfc7d94 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -74,6 +74,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CALLBACK_FAILED), "callback failed"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CANNOT_CHANGE_CIPHER),
"cannot change cipher"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CANNOT_GET_GROUP_NAME),
+ "cannot get group name"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CA_DN_LENGTH_MISMATCH),
"ca dn length mismatch"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CA_KEY_TOO_SMALL), "ca key too small"},
@@ -299,6 +301,7 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SUITABLE_DIGEST_ALGORITHM),
"no suitable digest algorithm"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SUITABLE_GROUPS), "no suitable groups"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SUITABLE_KEY_SHARE),
"no suitable key share"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM),
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 5adc6f71a9..554fc3533d 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -768,7 +768,6 @@ SSL *SSL_new(SSL_CTX *ctx)
s->ext.ocsp.resp_len = 0;
SSL_CTX_up_ref(ctx);
s->session_ctx = ctx;
-#ifndef OPENSSL_NO_EC
if (ctx->ext.ecpointformats) {
s->ext.ecpointformats =
OPENSSL_memdup(ctx->ext.ecpointformats,
@@ -778,7 +777,6 @@ SSL *SSL_new(SSL_CTX *ctx)
s->ext.ecpointformats_len =
ctx->ext.ecpointformats_len;
}
-#endif
if (ctx->ext.supportedgroups) {
s->ext.supportedgroups =
OPENSSL_memdup(ctx->ext.supportedgroups,
@@ -1212,10 +1210,8 @@ void SSL_free(SSL *s)
OPENSSL_free(s->ext.hostname);
SSL_CTX_free(s->session_ctx);
-#ifndef OPENSSL_NO_EC
OPENSSL_free(s->ext.ecpointformats);
OPENSSL_free(s->ext.peer_ecpointformats);
-#endif /* OPENSSL_NO_EC */
OPENSSL_free(s->ext.supportedgroups);
OPENSSL_free(s->ext.peer_supportedgroups);
sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts, X509_EXTENSION_free);
@@ -3392,10 +3388,9 @@ void SSL_CTX_free(SSL_CTX *a)
tls_engine_finish(a->client_cert_engine);
#endif
-#ifndef OPENSSL_NO_EC
OPENSSL_free(a->ext.ecpointformats);
-#endif
OPENSSL_free(a->ext.supportedgroups);
+ OPENSSL_free(a->ext.supported_groups_default);
OPENSSL_free(a->ext.alpn);
OPENSSL_secure_free(a->ext.secure);
@@ -3498,24 +3493,19 @@ void ssl_set_masks(SSL *s)
uint32_t *pvalid = s->s3.tmp.valid_flags;
int rsa_enc, rsa_sign, dh_tmp, dsa_sign;
unsigned long mask_k, mask_a;
-#ifndef OPENSSL_NO_EC
int have_ecc_cert, ecdsa_ok;
-#endif
+
if (c == NULL)
return;
dh_tmp = (c->dh_tmp != NULL
-#ifndef OPENSSL_NO_DH
|| c->dh_tmp_cb != NULL
-#endif
|| c->dh_tmp_auto);
rsa_enc = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID;
rsa_sign = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID;
dsa_sign = pvalid[SSL_PKEY_DSA_SIGN] & CERT_PKEY_VALID;
-#ifndef OPENSSL_NO_EC
have_ecc_cert = pvalid[SSL_PKEY_ECC] & CERT_PKEY_VALID;
-#endif
mask_k = 0;
mask_a = 0;
@@ -3563,7 +3553,6 @@ void ssl_set_masks(SSL *s)
* An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
* depending on the key usage extension.
*/
-#ifndef OPENSSL_NO_EC
if (have_ecc_cert) {
uint32_t ex_kusage;
ex_kusage = X509_get_key_usage(c->pkeys[SSL_PKEY_ECC].x509);
@@ -3584,11 +3573,8 @@ void ssl_set_masks(SSL *s)
&& pvalid[SSL_PKEY_ED448] & CERT_PKEY_EXPLICIT_SIGN
&& TLS1_get_version(s) == TLS1_2_VERSION)
mask_a |= SSL_aECDSA;
-#endif
-#ifndef OPENSSL_NO_EC
mask_k |= SSL_kECDHE;
-#endif
#ifndef OPENSSL_NO_PSK
mask_k |= SSL_kPSK;
@@ -3605,8 +3591,6 @@ void ssl_set_masks(SSL *s)
s->s3.tmp.mask_a = mask_a;
}
-#ifndef OPENSSL_NO_EC
-
int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
{
if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aECDSA) {
@@ -3619,8 +3603,6 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
return 1; /* all checks are ok */
}
-#endif
-
int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
size_t *serverinfo_length)
{
@@ -4483,27 +4465,6 @@ int SSL_want(const SSL *s)
return s->rwstate;
}
-/**
- * \brief Set the callback for generating temporary DH keys.
- * \param ctx the SSL context.
- * \param dh the callback
- */
-
-#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
- DH *(*dh) (SSL *ssl, int is_export,
- int keylength))
-{
- SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-
-void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
- int keylength))
-{
- SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-#endif
-
#ifndef OPENSSL_NO_PSK
int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
{
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 1b8a43d131..5956b6c834 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -1051,15 +1051,15 @@ struct ssl_ctx_st {
/* RFC 4366 Maximum Fragment Length Negotiation */
uint8_t max_fragment_len_mode;
-# ifndef OPENSSL_NO_EC
/* EC extension values inherited by SSL structure */
size_t ecpointformats_len;
unsigned char *ecpointformats;
-# endif /* OPENSSL_NO_EC */
size_t supportedgroups_len;
uint16_t *supportedgroups;
+ uint16_t *supported_groups_default;
+ size_t supported_groups_default_len;
/*
* ALPN information (we are in the process of transitioning from NPN to
* ALPN.)
@@ -1405,14 +1405,12 @@ struct ssl_st {
/* used by the client to know if it actually sent alpn */
int alpn_sent;
-# ifndef OPENSSL_NO_EC
/*
* This is set to true if we believe that this is a version of Safari
* running on OS X 10.6 or newer. We wish to know this because Safari on
* 10.8 .. 10.8.3 has broken ECDHE-ECDSA support.
*/
char is_probably_safari;
-# endif /* !OPENSSL_NO_EC */
/* For clients: peer temporary key */
/* The group_id for the key exchange key */
@@ -1593,7 +1591,6 @@ struct ssl_st {
int ticket_expected;
/* TLS 1.3 tickets requested by the application. */
int extra_tickets_expected;
-# ifndef OPENSSL_NO_EC
size_t ecpointformats_len;
/* our list */
unsigned char *ecpointformats;
@@ -1601,7 +1598,6 @@ struct ssl_st {
size_t peer_ecpointformats_len;
/* peer's list */
unsigned char *peer_ecpointformats;
-# endif /* OPENSSL_NO_EC */
size_t supportedgroups_len;
/* our list */
uint16_t *supportedgroups;
@@ -1927,14 +1923,12 @@ typedef struct dtls1_state_st {
} DTLS1_STATE;
-# ifndef OPENSSL_NO_EC
/*
* From ECC-TLS draft, used in encoding the curve type in ECParameters
*/
# define EXPLICIT_PRIME_CURVE_TYPE 1
# define EXPLICIT_CHAR2_CURVE_TYPE 2
# define NAMED_CURVE_TYPE 3
-# endif /* OPENSSL_NO_EC */
struct cert_pkey_st {
X509 *x509;
@@ -2009,9 +2003,7 @@ typedef struct cert_st {
CERT_PKEY *key;
EVP_PKEY *dh_tmp;
-#ifndef OPENSSL_NO_DH
DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize);
-#endif
int dh_tmp_auto;
/* Flags related to certificates */
uint32_t cert_flags;
@@ -2644,9 +2636,7 @@ __owur int tls1_alert_code(int code);
__owur int tls13_alert_code(int code);
__owur int ssl3_alert_code(int code);
-# ifndef OPENSSL_NO_EC
__owur int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
-# endif
SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
@@ -2661,13 +2651,11 @@ __owur int tls1_set_groups_list(SSL_CTX *ctx, uint16_t **pext, size_t *pextlen,
const char *str);
__owur EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id);
__owur int tls_valid_group(SSL *s, uint16_t group_id, int minversion,
- int maxversion);
+ int maxversion, int isec, int *okfortls13);
__owur EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id);
-# ifndef OPENSSL_NO_EC
void tls1_get_formatlist(SSL *s, const unsigned char **pformats,
size_t *num_formats);
__owur int tls1_check_ec_tmp_key(SSL *s, unsigned long id);
-# endif /* OPENSSL_NO_EC */
__owur int tls_group_allowed(SSL *s, uint16_t curve, int op);
void tls1_get_supported_groups(SSL *s, const uint16_t **pgroups,
@@ -2719,9 +2707,7 @@ __owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey);
__owur int tls1_lookup_md(SSL_CTX *ctx, const SIGALG_LOOKUP *lu,
const EVP_MD **pmd);
__owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs);
-# ifndef OPENSSL_NO_EC
__owur int tls_check_sigalg_curve(const SSL *s, int curve);
-# endif
__owur int tls12_check_peer_sigalg(SSL *s, uint16_t, EVP_PKEY *pkey);
__owur int ssl_set_client_disabled(SSL *s);
__owur int ssl_cipher_disabled(const SSL *s, const SSL_CIPHER *c, int op, int echde);
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 7c64a994e8..b78d751818 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -239,12 +239,12 @@ static int ssl_set_cert(CERT *c, X509 *x)
ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
return 0;
}
-#ifndef OPENSSL_NO_EC
+
if (i == SSL_PKEY_ECC && !EVP_PKEY_can_sign(pkey)) {
ERR_raise(ERR_LIB_SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
return 0;
}
-#endif
+
if (c->pkeys[i].privatekey != NULL) {
/*
* The return code from EVP_PKEY_copy_parameters is deliberately
diff --git a/ssl/sslerr.h b/ssl/sslerr.h
index ed70efc264..3ad54e4dcc 100644
--- a/ssl/sslerr.h
+++ b/ssl/sslerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 1a3435a949..13e5f5a8e5 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -17,9 +17,7 @@
static int final_renegotiate(SSL *s, unsigned int context, int sent);
static int init_server_name(SSL *s, unsigned int context);
static int final_server_name(SSL *s, unsigned int context, int sent);
-#ifndef OPENSSL_NO_EC
static int final_ec_pt_formats(SSL *s, unsigned int context, int sent);
-#endif
static int init_session_ticket(SSL *s, unsigned int context);
#ifndef OPENSSL_NO_OCSP
static int init_status_request(SSL *s, unsigned int context);
@@ -151,7 +149,6 @@ static const EXTENSION_DEFINITION ext_defs[] = {
#else
INVALID_EXTENSION,
#endif
-#ifndef OPENSSL_NO_EC
{
TLSEXT_TYPE_ec_point_formats,
SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO
@@ -160,10 +157,6 @@ static const EXTENSION_DEFINITION ext_defs[] = {
tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats,
final_ec_pt_formats
},
-#else
- INVALID_EXTENSION,
-#endif
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
{
/*
* "supported_groups" is spread across several specifications.
@@ -197,9 +190,6 @@ static const EXTENSION_DEFINITION ext_defs[] = {
tls_construct_stoc_supported_groups,
tls_construct_ctos_supported_groups, NULL
},
-#else
- INVALID_EXTENSION,
-#endif
{
TLSEXT_TYPE_session_ticket,
SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO
@@ -1012,7 +1002,6 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
}
}
-#ifndef OPENSSL_NO_EC
static int final_ec_pt_formats(SSL *s, unsigned int context, int sent)
{
unsigned long alg_k, alg_a;
@@ -1050,7 +1039,6 @@ static int final_ec_pt_formats(SSL *s, unsigned int context, int sent)
return 1;
}
-#endif
static int init_session_ticket(SSL *s, unsigned int context)
{
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 14dd7cfc76..3e4353b90e 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -108,7 +108,6 @@ EXT_RETURN tls_construct_ctos_srp(SSL *s, WPACKET *pkt, unsigned int context,
}
#endif
-#ifndef OPENSSL_NO_EC
static int use_ecc(SSL *s, int min_version, int max_version)
{
int i, end, ret = 0;
@@ -144,7 +143,7 @@ static int use_ecc(SSL *s, int min_version, int max_version)
for (j = 0; j < num_groups; j++) {
uint16_t ctmp = pgroups[j];
- if (tls_valid_group(s, ctmp, min_version, max_version)
+ if (tls_valid_group(s, ctmp, min_version, max_version, 1, NULL)
&& tls_group_allowed(s, ctmp, SSL_SECOP_CURVE_SUPPORTED))
return 1;
}
@@ -182,15 +181,13 @@ EXT_RETURN tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt,
return EXT_RETURN_SENT;
}
-#endif
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
size_t chainidx)
{
const uint16_t *pgroups = NULL;
- size_t num_groups = 0, i;
+ size_t num_groups = 0, i, tls13added = 0, added = 0;
int min_version, max_version, reason;
reason = ssl_get_min_max_version(s, &min_version, &max_version, NULL);
@@ -199,13 +196,13 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
return EXT_RETURN_FAIL;
}
-#if defined(OPENSSL_NO_EC)
- if (SSL_IS_DTLS(s) || max_version < TLS1_3_VERSION)
- return EXT_RETURN_NOT_SENT;
-#else
- if (!use_ecc(s, min_version, max_version) && max_version < TLS1_3_VERSION)
+ /*
+ * We only support EC groups in TLSv1.2 or below, and in DTLS. Therefore
+ * if we don't have EC support then we don't send this extension.
+ */
+ if (!use_ecc(s, min_version, max_version)
+ && (SSL_IS_DTLS(s) || max_version < TLS1_3_VERSION))
return EXT_RETURN_NOT_SENT;
-#endif
/*
* Add TLS extension supported_groups to the ClientHello message
@@ -223,23 +220,30 @@ EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
/* Copy group ID if supported */
for (i = 0; i < num_groups; i++) {
uint16_t ctmp = pgroups[i];
+ int okfortls13;
- if (tls_valid_group(s, ctmp, min_version, max_version)
+ if (tls_valid_group(s, ctmp, min_version, max_version, 0, &okfortls13)
&& tls_group_allowed(s, ctmp, SSL_SECOP_CURVE_SUPPORTED)) {
if (!WPACKET_put_bytes_u16(pkt, ctmp)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return EXT_RETURN_FAIL;
}
+ if (okfortls13 && max_version == TLS1_3_VERSION)
+ tls13added++;
+ added++;
}
}
if (!WPACKET_close(pkt) || !WPACKET_close(pkt)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ if (added == 0 || (tls13added == 0 && max_version == TLS1_3_VERSION))
+ SSLfatal_data(s, SSL_AD_INTERNAL_ERROR, SSL_R_NO_SUITABLE_GROUPS,
+ "No groups enabled for max supported SSL/TLS version");
+ else
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return EXT_RETURN_FAIL;
}
return EXT_RETURN_SENT;
}
-#endif
EXT_RETURN tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
@@ -1306,7 +1310,6 @@ int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, unsigned int context,
return 1;
}
-#ifndef OPENSSL_NO_EC
int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx)
{
@@ -1344,7 +1347,6 @@ int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
return 1;
}
-#endif
int tls_parse_stoc_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx)
diff --git a/ssl/statem/extensions_cust.c b/ssl/statem/extensions_cust.c
index 2bc17db1bf..738051e1da 100644
--- a/ssl/statem/extensions_cust.c
+++ b/ssl/statem/extensions_cust.c
@@ -488,11 +488,9 @@ int SSL_extension_supported(unsigned int ext_type)
switch (ext_type) {
/* Internally supported extensions. */
case TLSEXT_TYPE_application_layer_protocol_negotiation:
-#ifndef OPENSSL_NO_EC
case TLSEXT_TYPE_ec_point_formats:
case TLSEXT_TYPE_supported_groups:
case TLSEXT_TYPE_key_share:
-#endif
#ifndef OPENSSL_NO_NEXTPROTONEG
case TLSEXT_TYPE_next_proto_neg:
#endif
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 2a6d89558b..56fcbd03c1 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -228,7 +228,6 @@ int tls_parse_ctos_srp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
}
#endif
-#ifndef OPENSSL_NO_EC
int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx)
{
@@ -251,7 +250,6 @@ int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
return 1;
}
-#endif /* OPENSSL_NO_EC */
int tls_parse_ctos_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx)
@@ -893,7 +891,6 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
return 1;
}
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
int tls_parse_ctos_supported_groups(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx)
{
@@ -921,7 +918,6 @@ int tls_parse_ctos_supported_groups(SSL *s, PACKET *pkt, unsigned int context,
return 1;
}
-#endif
int tls_parse_ctos_ems(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
size_t chainidx)
@@ -1305,7 +1301,6 @@ EXT_RETURN tls_construct_stoc_maxfragmentlen(SSL *s, WPACKET *pkt,
return EXT_RETURN_SENT;
}
-#ifndef OPENSSL_NO_EC
EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
size_t chainidx)
@@ -1331,9 +1326,7 @@ EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt,
return EXT_RETURN_SENT;
}
-#endif
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
size_t chainidx)
@@ -1358,7 +1351,7 @@ EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
for (i = 0; i < numgroups; i++) {
uint16_t group = groups[i];
- if (tls_valid_group(s, group, version, version)
+ if (tls_valid_group(s, group, version, version, 0, NULL)
&& tls_group_allowed(s, group, SSL_SECOP_CURVE_SUPPORTED)) {
if (first) {
/*
@@ -1393,7 +1386,6 @@ EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
return EXT_RETURN_SENT;
}
-#endif
EXT_RETURN tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 35e45d59a1..cff522604f 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1725,11 +1725,7 @@ static MSG_PROCESS_RETURN tls_process_as_hello_retry_request(SSL *s,
OPENSSL_free(extensions);
extensions = NULL;
- if (s->ext.tls13_cookie_len == 0
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
- && s->s3.tmp.pkey != NULL
-#endif
- ) {
+ if (s->ext.tls13_cookie_len == 0 && s->s3.tmp.pkey != NULL) {
/*
* We didn't receive a cookie or a new key_share so the next
* ClientHello will not change
@@ -2115,7 +2111,6 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
{
-#ifndef OPENSSL_NO_EC
PACKET encoded_pt;
unsigned int curve_type, curve_id;
@@ -2168,10 +2163,6 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
/* else anonymous ECDH, so no certificate or pkey. */
return 1;
-#else
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- return 0;
-#endif
}
MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
@@ -2186,10 +2177,8 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
save_param_start = *pkt;
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
EVP_PKEY_free(s->s3.peer_tmp);
s->s3.peer_tmp = NULL;
-#endif
if (alg_k & SSL_PSK) {
if (!tls_process_ske_psk_preamble(s, pkt)) {
@@ -2965,7 +2954,6 @@ static int tls_construct_cke_dhe(SSL *s, WPACKET *pkt)
static int tls_construct_cke_ecdhe(SSL *s, WPACKET *pkt)
{
-#ifndef OPENSSL_NO_EC
unsigned char *encodedPoint = NULL;
size_t encoded_pt_len = 0;
EVP_PKEY *ckey = NULL, *skey = NULL;
@@ -3006,10 +2994,6 @@ static int tls_construct_cke_ecdhe(SSL *s, WPACKET *pkt)
OPENSSL_free(encodedPoint);
EVP_PKEY_free(ckey);
return ret;
-#else
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- return 0;
-#endif
}
static int tls_construct_cke_gost(SSL *s, WPACKET *pkt)
@@ -3556,25 +3540,23 @@ int ssl3_check_cert_and_algorithm(SSL *s)
return 0;
}
-#ifndef OPENSSL_NO_EC
if (clu->amask & SSL_aECDSA) {
if (ssl_check_srvr_ecc_cert_and_alg(s->session->peer, s))
return 1;
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_BAD_ECC_CERT);
return 0;
}
-#endif
+
if (alg_k & (SSL_kRSA | SSL_kRSAPSK) && idx != SSL_PKEY_RSA) {
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
SSL_R_MISSING_RSA_ENCRYPTING_CERT);
return 0;
}
-#ifndef OPENSSL_NO_DH
+
if ((alg_k & SSL_kDHE) && (s->s3.peer_tmp == NULL)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
return 0;
}
-#endif
return 1;
}
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index d5def193a0..6e491c978a 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -1521,9 +1521,7 @@ static int ssl_method_error(const SSL *s, const SSL_METHOD *method)
static int is_tls13_capable(const SSL *s)
{
int i;
-#ifndef OPENSSL_NO_EC
int curve;
-#endif
if (!ossl_assert(s->ctx != NULL) || !ossl_assert(s->session_ctx != NULL))
return 0;
@@ -1557,7 +1555,6 @@ static int is_tls13_capable(const SSL *s)
}
if (!ssl_has_cert(s, i))
continue;
-#ifndef OPENSSL_NO_EC
if (i != SSL_PKEY_ECC)
return 1;
/*
@@ -1568,9 +1565,6 @@ static int is_tls13_capable(const SSL *s)
curve = ssl_get_EC_curve_nid(s->cert->pkeys[SSL_PKEY_ECC].privatekey);
if (tls_check_sigalg_curve(s, curve))
return 1;
-#else
- return 1;
-#endif
}
return 0;
diff --git a/ssl/statem/statem_local.h b/ssl/statem/statem_local.h
index 839a7010c9..c277a8e9c5 100644
--- a/ssl/statem/statem_local.h
+++ b/ssl/statem/statem_local.h
@@ -205,10 +205,8 @@ int tls_parse_ctos_srp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
#endif
int tls_parse_ctos_early_data(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_EC
int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
-#endif
int tls_parse_ctos_supported_groups(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidxl);
int tls_parse_ctos_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
@@ -258,11 +256,9 @@ EXT_RETURN tls_construct_stoc_early_data(SSL *s, WPACKET *pkt,
EXT_RETURN tls_construct_stoc_maxfragmentlen(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
size_t chainidx);
-#ifndef OPENSSL_NO_EC
EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
size_t chainidx);
-#endif
EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
size_t chainidx);
@@ -319,11 +315,9 @@ EXT_RETURN tls_construct_ctos_maxfragmentlen(SSL *s, WPACKET *pkt, unsigned int
EXT_RETURN tls_construct_ctos_srp(SSL *s, WPACKET *pkt, unsigned int context, X509 *x,
size_t chainidx);
#endif
-#ifndef OPENSSL_NO_EC
EXT_RETURN tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
size_t chainidx);
-#endif
EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
size_t chainidx);
@@ -387,10 +381,8 @@ int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
int tls_parse_stoc_maxfragmentlen(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
-#ifndef OPENSSL_NO_EC
int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
-#endif
int tls_parse_stoc_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
#ifndef OPENSSL_NO_OCSP
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 8ae8ddc052..956348613b 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1306,7 +1306,6 @@ int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt)
return 1;
}
-#ifndef OPENSSL_NO_EC
/*-
* ssl_check_for_safari attempts to fingerprint Safari using OS X
* SecureTransport using the TLS extension block in |hello|.
@@ -1368,7 +1367,6 @@ static void ssl_check_for_safari(SSL *s, const CLIENTHELLO_MSG *hello)
s->s3.is_probably_safari = PACKET_equal(&tmppkt, kSafariExtensionsBlock,
ext_len);
}
-#endif /* !OPENSSL_NO_EC */
MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
{
@@ -1853,10 +1851,8 @@ static int tls_early_post_process_client_hello(SSL *s)
goto err;
}
-#ifndef OPENSSL_NO_EC
if (s->options & SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
ssl_check_for_safari(s, clienthello);
-#endif /* !OPENSSL_NO_EC */
/* TLS extensions */
if (!tls_parse_all_extensions(s, SSL_EXT_CLIENT_HELLO,
@@ -2420,11 +2416,9 @@ int tls_construct_server_done(SSL *s, WPACKET *pkt)
int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
{
EVP_PKEY *pkdh = NULL;
-#ifndef OPENSSL_NO_EC
unsigned char *encodedPoint = NULL;
size_t encodedlen = 0;
int curve_id = 0;
-#endif
const SIGALG_LOOKUP *lu = s->s3.tmp.sigalg;
int i;
unsigned long type;
@@ -2466,7 +2460,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
} else {
pkdhp = cert->dh_tmp;
}
-#if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
+#if !defined(OPENSSL_NO_DEPRECATED_3_0)
if ((pkdhp == NULL) && (s->cert->dh_tmp_cb != NULL)) {
pkdh = ssl_dh_to_pkey(s->cert->dh_tmp_cb(s, 0, 1024));
if (pkdh == NULL) {
@@ -2510,9 +2504,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
- } else
-#ifndef OPENSSL_NO_EC
- if (type & (SSL_kECDHE | SSL_kECDHEPSK)) {
+ } else if (type & (SSL_kECDHE | SSL_kECDHEPSK)) {
if (s->s3.tmp.pkey != NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
@@ -2550,7 +2542,6 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
r[2] = NULL;
r[3] = NULL;
} else
-#endif /* !OPENSSL_NO_EC */
#ifndef OPENSSL_NO_SRP
if (type & SSL_kSRP) {
if ((s->srp_ctx.N == NULL) ||
@@ -2638,7 +2629,6 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
BN_bn2bin(r[i], binval);
}
-#ifndef OPENSSL_NO_EC
if (type & (SSL_kECDHE | SSL_kECDHEPSK)) {
/*
* We only support named (not generic) curves. In this situation, the
@@ -2656,7 +2646,6 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
OPENSSL_free(encodedPoint);
encodedPoint = NULL;
}
-#endif
/* not anonymous */
if (lu != NULL) {
@@ -2717,9 +2706,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
ret = 1;
err:
EVP_PKEY_free(pkdh);
-#ifndef OPENSSL_NO_EC
OPENSSL_free(encodedPoint);
-#endif
EVP_MD_CTX_free(md_ctx);
if (freer) {
BN_free(r[0]);
@@ -3004,7 +2991,6 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt)
static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)
{
-#ifndef OPENSSL_NO_EC
EVP_PKEY *skey = s->s3.tmp.pkey;
EVP_PKEY *ckey = NULL;
int ret = 0;
@@ -3057,11 +3043,6 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)
EVP_PKEY_free(ckey);
return ret;
-#else
- /* Should never happen */
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- return 0;
-#endif
}
static int tls_process_cke_srp(SSL *s, PACKET *pkt)
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 67d148473e..531872bfb0 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -597,10 +597,8 @@ int tls1_setup_key_block(SSL *s)
if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3.need_empty_fragments = 0;
-#ifndef OPENSSL_NO_RC4
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3.need_empty_fragments = 0;
-#endif
}
}
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 7328c8e2b1..a7b5a6cc3f 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -185,25 +185,19 @@ static struct {
{NID_ffdhe8192, OSSL_TLS_GROUP_ID_ffdhe8192}
};
-#ifndef OPENSSL_NO_EC
static const unsigned char ecformats_default[] = {
TLSEXT_ECPOINTFORMAT_uncompressed,
TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime,
TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2
};
-#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
/* The default curves */
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
static const uint16_t supported_groups_default[] = {
-# ifndef OPENSSL_NO_EC
29, /* X25519 (29) */
23, /* secp256r1 (23) */
30, /* X448 (30) */
25, /* secp521r1 (25) */
24, /* secp384r1 (24) */
-# endif
-# ifndef OPENSSL_NO_GOST
34, /* GC256A (34) */
35, /* GC256B (35) */
36, /* GC256C (36) */
@@ -211,23 +205,17 @@ static const uint16_t supported_groups_default[] = {
38, /* GC512A (38) */
39, /* GC512B (39) */
40, /* GC512C (40) */
-# endif
-# ifndef OPENSSL_NO_DH
0x100, /* ffdhe2048 (0x100) */
0x101, /* ffdhe3072 (0x101) */
0x102, /* ffdhe4096 (0x102) */
0x103, /* ffdhe6144 (0x103) */
0x104, /* ffdhe8192 (0x104) */
-# endif
};
-#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
-#ifndef OPENSSL_NO_EC
static const uint16_t suiteb_curves[] = {
TLSEXT_curve_P_256,
TLSEXT_curve_P_384
};
-#endif
struct provider_group_data_st {
SSL_CTX *ctx;
@@ -398,29 +386,47 @@ static int discover_provider_groups(OSSL_PROVIDER *provider, void *vctx)
int ssl_load_groups(SSL_CTX *ctx)
{
- return OSSL_PROVIDER_do_all(ctx->libctx, discover_provider_groups, ctx);
+ size_t i, j, num_deflt_grps = 0;
+ uint16_t tmp_supp_groups[OSSL_NELEM(supported_groups_default)];
+
+ if (!OSSL_PROVIDER_do_all(ctx->libctx, discover_provider_groups, ctx))
+ return 0;
+
+ for (i = 0; i < OSSL_NELEM(supported_groups_default); i++) {
+ for (j = 0; j < ctx->group_list_len; j++) {
+ if (ctx->group_list[j].group_id == supported_groups_default[i]) {
+ tmp_supp_groups[num_deflt_grps++] = ctx->group_list[j].group_id;
+ break;
+ }
+ }
+ }
+
+ if (num_deflt_grps == 0)
+ return 1;
+
+ ctx->ext.supported_groups_default
+ = OPENSSL_malloc(sizeof(uint16_t) * num_deflt_grps);
+
+ if (ctx->ext.supported_groups_default == NULL) {
+ ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ memcpy(ctx->ext.supported_groups_default,
+ tmp_supp_groups,
+ num_deflt_grps * sizeof(tmp_supp_groups[0]));
+ ctx->ext.supported_groups_default_len = num_deflt_grps;
+
+ return 1;
}
static uint16_t tls1_group_name2id(SSL_CTX *ctx, const char *name)
{
size_t i;
- int nid = NID_undef;
-
- /* See if we can identify a nid for this name */
-#ifndef OPENSSL_NO_EC
- nid = EC_curve_nist2nid(name);
-#endif
- if (nid == NID_undef)
- nid = OBJ_sn2nid(name);
- if (nid == NID_undef)
- nid = OBJ_ln2nid(name);
for (i = 0; i < ctx->group_list_len; i++) {
if (strcmp(ctx->group_list[i].tlsname, name) == 0
- || (nid != NID_undef
- && nid == tls1_group_id2nid(ctx->group_list[i].group_id,
- 0))
- )
+ || strcmp(ctx->group_list[i].realname, name) == 0)
return ctx->group_list[i].group_id;
}
@@ -484,10 +490,8 @@ uint16_t tls1_nid2group_id(int nid)
void tls1_get_supported_groups(SSL *s, const uint16_t **pgroups,
size_t *pgroupslen)
{
-#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
/* For Suite B mode only include P-256, P-384 */
switch (tls1_suiteb(s)) {
-# ifndef OPENSSL_NO_EC
case SSL_CERT_FLAG_SUITEB_128_LOS:
*pgroups = suiteb_curves;
*pgroupslen = OSSL_NELEM(suiteb_curves);
@@ -502,29 +506,28 @@ void tls1_get_supported_groups(SSL *s, const uint16_t **pgroups,
*pgroups = suiteb_curves + 1;
*pgroupslen = 1;
break;
-# endif
default:
if (s->ext.supportedgroups == NULL) {
- *pgroups = supported_groups_default;
- *pgroupslen = OSSL_NELEM(supported_groups_default);
+ *pgroups = s->ctx->ext.supported_groups_default;
+ *pgroupslen = s->ctx->ext.supported_groups_default_len;
} else {
*pgroups = s->ext.supportedgroups;
*pgroupslen = s->ext.supportedgroups_len;
}
break;
}
-#else
- *pgroups = NULL;
- *pgroupslen = 0;
-#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
}
-int tls_valid_group(SSL *s, uint16_t group_id, int minversion, int maxversion)
+int tls_valid_group(SSL *s, uint16_t group_id, int minversion, int maxversion,
+ int isec, int *okfortls13)
{
const TLS_GROUP_INFO *ginfo = tls1_group_id_lookup(s->ctx, group_id);
int ret;
+ if (okfortls13 != NULL)
+ okfortls13 = 0;
+
if (ginfo == NULL)
return 0;
@@ -546,7 +549,14 @@ int tls_valid_group(SSL *s, uint16_t group_id, int minversion, int maxversion)
ret = (minversion <= ginfo->maxtls);
if (ginfo->mintls > 0)
ret &= (maxversion >= ginfo->mintls);
+ if (ret && okfortls13 != NULL && maxversion == TLS1_3_VERSION)
+ *okfortls13 = (ginfo->maxtls == 0)
+ || (ginfo->maxtls >= TLS1_3_VERSION);
}
+ ret &= !isec
+ || strcmp(ginfo->algorithm, "EC") == 0
+ || strcmp(ginfo->algorithm, "X25519") == 0
+ || strcmp(ginfo->algorithm, "X448") == 0;
return ret;
}
@@ -795,7 +805,6 @@ int tls1_check_group_id(SSL *s, uint16_t group_id, int check_own_groups)
return tls1_in_list(group_id, groups, groups_len);
}
-#ifndef OPENSSL_NO_EC
void tls1_get_formatlist(SSL *s, const unsigned char **pformats,
size_t *num_formats)
{
@@ -948,24 +957,13 @@ int tls1_check_ec_tmp_key(SSL *s, unsigned long cid)
return 0;
}
-#else
-
-static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
-{
- return 1;
-}
-
-#endif /* OPENSSL_NO_EC */
-
/* Default sigalg schemes */
static const uint16_t tls12_sigalgs[] = {
-#ifndef OPENSSL_NO_EC
TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
TLSEXT_SIGALG_ecdsa_secp384r1_sha384,
TLSEXT_SIGALG_ecdsa_secp521r1_sha512,
TLSEXT_SIGALG_ed25519,
TLSEXT_SIGALG_ed448,
-#endif
TLSEXT_SIGALG_rsa_pss_pss_sha256,
TLSEXT_SIGALG_rsa_pss_pss_sha384,
@@ -978,20 +976,19 @@ static const uint16_t tls12_sigalgs[] = {
TLSEXT_SIGALG_rsa_pkcs1_sha384,
TLSEXT_SIGALG_rsa_pkcs1_sha512,
-#ifndef OPENSSL_NO_EC
TLSEXT_SIGALG_ecdsa_sha224,
TLSEXT_SIGALG_ecdsa_sha1,
-#endif
+
TLSEXT_SIGALG_rsa_pkcs1_sha224,
TLSEXT_SIGALG_rsa_pkcs1_sha1,
-#ifndef OPENSSL_NO_DSA
+
TLSEXT_SIGALG_dsa_sha224,
TLSEXT_SIGALG_dsa_sha1,
TLSEXT_SIGALG_dsa_sha256,
TLSEXT_SIGALG_dsa_sha384,
TLSEXT_SIGALG_dsa_sha512,
-#endif
+
#ifndef OPENSSL_NO_GOST
TLSEXT_SIGALG_gostr34102012_256_intrinsic,
TLSEXT_SIGALG_gostr34102012_512_intrinsic,
@@ -1001,15 +998,13 @@ static const uint16_t tls12_sigalgs[] = {
#endif
};
-#ifndef OPENSSL_NO_EC
+
static const uint16_t suiteb_sigalgs[] = {
TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
TLSEXT_SIGALG_ecdsa_secp384r1_sha384
};
-#endif
static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
-#ifndef OPENSSL_NO_EC
{"ecdsa_secp256r1_sha256", TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
NID_sha256, SSL_MD_SHA256_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
NID_ecdsa_with_SHA256, NID_X9_62_prime256v1, 1},
@@ -1031,7 +1026,6 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
{NULL, TLSEXT_SIGALG_ecdsa_sha1,
NID_sha1, SSL_MD_SHA1_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
NID_ecdsa_with_SHA1, NID_undef, 1},
-#endif
{"rsa_pss_rsae_sha256", TLSEXT_SIGALG_rsa_pss_rsae_sha256,
NID_sha256, SSL_MD_SHA256_IDX, EVP_PKEY_RSA_PSS, SSL_PKEY_RSA,
NID_undef, NID_undef, 1},
@@ -1065,7 +1059,6 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
{"rsa_pkcs1_sha1", TLSEXT_SIGALG_rsa_pkcs1_sha1,
NID_sha1, SSL_MD_SHA1_IDX, EVP_PKEY_RSA, SSL_PKEY_RSA,
NID_sha1WithRSAEncryption, NID_undef, 1},
-#ifndef OPENSSL_NO_DSA
{NULL, TLSEXT_SIGALG_dsa_sha256,
NID_sha256, SSL_MD_SHA256_IDX, EVP_PKEY_DSA, SSL_PKEY_DSA_SIGN,
NID_dsa_with_SHA256, NID_undef, 1},
@@ -1081,7 +1074,6 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
{NULL, TLSEXT_SIGALG_dsa_sha1,
NID_sha1, SSL_MD_SHA1_IDX, EVP_PKEY_DSA, SSL_PKEY_DSA_SIGN,
NID_dsaWithSHA1, NID_undef, 1},
-#endif
#ifndef OPENSSL_NO_GOST
{NULL, TLSEXT_SIGALG_gostr34102012_256_intrinsic,
NID_id_GostR3411_2012_256, SSL_MD_GOST12_256_IDX,
@@ -1193,8 +1185,11 @@ static const SIGALG_LOOKUP *tls1_lookup_sigalg(const SSL *s, uint16_t sigalg)
/* cache should have the same number of elements as sigalg_lookup_tbl */
i < OSSL_NELEM(sigalg_lookup_tbl);
lu++, i++) {
- if (lu->sigalg == sigalg)
+ if (lu->sigalg == sigalg) {
+ if (!lu->enabled)
+ return NULL;
return lu;
+ }
}
return NULL;
}
@@ -1300,6 +1295,8 @@ static const SIGALG_LOOKUP *tls1_get_legacy_sigalg(const SSL *s, int idx)
if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) {
const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(s, tls_default_sigalg[idx]);
+ if (lu == NULL)
+ return NULL;
if (!tls1_lookup_md(s->ctx, lu, NULL))
return NULL;
if (!tls12_sigalg_allowed(s, SSL_SECOP_SIGALG_SUPPORTED, lu))
@@ -1331,7 +1328,6 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs)
* If Suite B mode use Suite B sigalgs only, ignore any other
* preferences.
*/
-#ifndef OPENSSL_NO_EC
switch (tls1_suiteb(s)) {
case SSL_CERT_FLAG_SUITEB_128_LOS:
*psigs = suiteb_sigalgs;
@@ -1345,7 +1341,6 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs)
*psigs = suiteb_sigalgs + 1;
return 1;
}
-#endif
/*
* We use client_sigalgs (if not NULL) if we're a server
* and sending a certificate request or if we're a client and
@@ -1363,7 +1358,6 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs)
}
}
-#ifndef OPENSSL_NO_EC
/*
* Called by servers only. Checks that we have a sig alg that supports the
* specified EC curve.
@@ -1394,7 +1388,6 @@ int tls_check_sigalg_curve(const SSL *s, int curve)
return 0;
}
-#endif
/*
* Return the number of security bits for the signature algorithm, or 0 on
@@ -1487,7 +1480,6 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
return 0;
}
-#ifndef OPENSSL_NO_EC
if (pkeyid == EVP_PKEY_EC) {
/* Check point compression is permitted */
@@ -1526,7 +1518,6 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_WRONG_SIGNATURE_TYPE);
return 0;
}
-#endif
/* Check signature matches a type we sent */
sent_sigslen = tls12_get_psigalgs(s, 1, &sent_sigs);
@@ -2140,7 +2131,8 @@ int tls12_copy_sigalgs(SSL *s, WPACKET *pkt,
for (i = 0; i < psiglen; i++, psig++) {
const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(s, *psig);
- if (!tls12_sigalg_allowed(s, SSL_SECOP_SIGALG_SUPPORTED, lu))
+ if (lu == NULL
+ || !tls12_sigalg_allowed(s, SSL_SECOP_SIGALG_SUPPORTED, lu))
continue;
if (!WPACKET_put_bytes_u16(pkt, *psig))
return 0;
@@ -2170,7 +2162,8 @@ static size_t tls12_shared_sigalgs(SSL *s, const SIGALG_LOOKUP **shsig,
const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(s, *ptmp);
/* Skip disabled hashes or signature algorithms */
- if (!tls12_sigalg_allowed(s, SSL_SECOP_SIGALG_SHARED, lu))
+ if (lu == NULL
+ || !tls12_sigalg_allowed(s, SSL_SECOP_SIGALG_SHARED, lu))
continue;
for (j = 0, atmp = allow; j < allowlen; j++, atmp++) {
if (*ptmp == *atmp) {
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 58695a0b69..19ec1eabf5 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -1181,7 +1181,6 @@ static int ssl_print_server_keyex(BIO *bio, int indent, const SSL *ssl,
return 0;
break;
-# ifndef OPENSSL_NO_EC
case SSL_kECDHE:
case SSL_kECDHEPSK:
if (msglen < 1)
@@ -1207,7 +1206,6 @@ static int ssl_print_server_keyex(BIO *bio, int indent, const SSL *ssl,
return 0;
}
break;
-# endif
case SSL_kPSK:
case SSL_kRSAPSK:
diff --git a/ssl/tls_depr.c b/ssl/tls_depr.c
index 7ecb61e79c..0b21ff7669 100644
--- a/ssl/tls_depr.c
+++ b/ssl/tls_depr.c
@@ -144,9 +144,9 @@ HMAC_CTX *ssl_hmac_get0_HMAC_CTX(SSL_HMAC *ctx)
}
/* Some deprecated public APIs pass DH objects */
-# ifndef OPENSSL_NO_DH
EVP_PKEY *ssl_dh_to_pkey(DH *dh)
{
+# ifndef OPENSSL_NO_DH
EVP_PKEY *ret;
if (dh == NULL)
@@ -157,14 +157,16 @@ EVP_PKEY *ssl_dh_to_pkey(DH *dh)
return NULL;
}
return ret;
-}
+# else
+ return NULL;
# endif
+}
/* Some deprecated public APIs pass EC_KEY objects */
-# ifndef OPENSSL_NO_EC
int ssl_set_tmp_ecdh_groups(uint16_t **pext, size_t *pextlen,
void *key)
{
+# ifndef OPENSSL_NO_EC
const EC_GROUP *group = EC_KEY_get0_group((const EC_KEY *)key);
int nid;
@@ -176,6 +178,28 @@ int ssl_set_tmp_ecdh_groups(uint16_t **pext, size_t *pextlen,
if (nid == NID_undef)
return 0;
return tls1_set_groups(pext, pextlen, &nid, 1);
+# else
+ return 0;
+# endif
+}
+
+/*
+ * Set the callback for generating temporary DH keys.
+ * ctx: the SSL context.
+ * dh: the callback
+ */
+# if !defined(OPENSSL_NO_DH)
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+ DH *(*dh) (SSL *ssl, int is_export,
+ int keylength))
+{
+ SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
+}
+
+void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
+ int keylength))
+{
+ SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
}
# endif
-#endif
+#endif /* OPENSSL_NO_DEPRECATED */
diff --git a/test/cipher_overhead_test.c b/test/cipher_overhead_test.c
index 04be8d71cf..2231a215fd 100644
--- a/test/cipher_overhead_test.c
+++ b/test/cipher_overhead_test.c
@@ -11,6 +11,25 @@
#include "testutil.h"
#include "../ssl/ssl_local.h"
+static int cipher_enabled(const SSL_CIPHER *ciph)
+{
+ /*
+ * ssl_cipher_get_overhead() actually works with AEAD ciphers even if the
+ * underlying implementation is not present.
+ */
+ if ((ciph->algorithm_mac & SSL_AEAD) != 0)
+ return 1;
+
+ if (ciph->algorithm_enc != SSL_eNULL
+ && EVP_get_cipherbynid(SSL_CIPHER_get_cipher_nid(ciph)) == NULL)
+ return 0;
+
+ if (EVP_get_digestbynid(SSL_CIPHER_get_digest_nid(ciph)) == NULL)
+ return 0;
+
+ return 1;
+}
+
static int cipher_overhead(void)
{
int ret = 1, i, n = ssl3_num_ciphers();
@@ -21,6 +40,10 @@ static int cipher_overhead(void)
ciph = ssl3_get_cipher(i);
if (!ciph->min_dtls)
continue;
+ if (!cipher_enabled(ciph)) {
+ TEST_skip("Skipping disabled cipher %s", ciph->name);
+ continue;
+ }
if (!TEST_true(ssl_cipher_get_overhead(ciph, &mac, &in, &blk, &ex))) {
TEST_info("Failed getting %s", ciph->name);
ret = 0;
diff --git a/test/helpers/ssltestlib.c b/test/helpers/ssltestlib.c
index 2366c3db4d..e339d7972c 100644
--- a/test/helpers/ssltestlib.c
+++ b/test/helpers/ssltestlib.c
@@ -685,18 +685,19 @@ static int always_retry_puts(BIO *bio, const char *str)
}
int create_ssl_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm,
-const SSL_METHOD *cm,
- int min_proto_version, int max_proto_version,
- SSL_CTX **sctx, SSL_CTX **cctx, char *certfile,
- char *privkeyfile)
+ const SSL_METHOD *cm, int min_proto_version,
+ int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx,
+ char *certfile, char *privkeyfile)
{
SSL_CTX *serverctx = NULL;
SSL_CTX *clientctx = NULL;
- if (*sctx != NULL)
- serverctx = *sctx;
- else if (!TEST_ptr(serverctx = SSL_CTX_new_ex(libctx, NULL, sm)))
- goto err;
+ if (sctx != NULL) {
+ if (*sctx != NULL)
+ serverctx = *sctx;
+ else if (!TEST_ptr(serverctx = SSL_CTX_new_ex(libctx, NULL, sm)))
+ goto err;
+ }
if (cctx != NULL) {
if (*cctx != NULL)
@@ -705,12 +706,25 @@ const SSL_METHOD *cm,
goto err;
}
- if ((min_proto_version > 0
- && !TEST_true(SSL_CTX_set_min_proto_version(serverctx,
- min_proto_version)))
- || (max_proto_version > 0
- && !TEST_true(SSL_CTX_set_max_proto_version(serverctx,
- max_proto_version))))
+#if !defined(OPENSSL_NO_TLS1_3) \
+ && defined(OPENSSL_NO_EC) \
+ && defined(OPENSSL_NO_DH)
+ /*
+ * There are no usable built-in TLSv1.3 groups if ec and dh are both
+ * disabled
+ */
+ if (max_proto_version == 0
+ && (sm == TLS_server_method() || cm == TLS_client_method()))
+ max_proto_version = TLS1_2_VERSION;
+#endif
+
+ if (serverctx != NULL
+ && ((min_proto_version > 0
+ && !TEST_true(SSL_CTX_set_min_proto_version(serverctx,
+ min_proto_version)))
+ || (max_proto_version > 0
+ && !TEST_true(SSL_CTX_set_max_proto_version(serverctx,
+ max_proto_version)))))
goto err;
if (clientctx != NULL
&& ((min_proto_version > 0
@@ -721,7 +735,7 @@ const SSL_METHOD *cm,
max_proto_version)))))
goto err;
- if (certfile != NULL && privkeyfile != NULL) {
+ if (serverctx != NULL && certfile != NULL && privkeyfile != NULL) {
if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile,
SSL_FILETYPE_PEM), 1)
|| !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx,
@@ -731,13 +745,14 @@ const SSL_METHOD *cm,
goto err;
}
- *sctx = serverctx;
+ if (sctx != NULL)
+ *sctx = serverctx;
if (cctx != NULL)
*cctx = clientctx;
return 1;
err:
- if (*sctx == NULL)
+ if (sctx != NULL && *sctx == NULL)
SSL_CTX_free(serverctx);
if (cctx != NULL && *cctx == NULL)
SSL_CTX_free(clientctx);
diff --git a/test/recipes/70-test_comp.t b/test/recipes/70-test_comp.t
index 2ac168c252..abd41d756c 100644
--- a/test/recipes/70-test_comp.t
+++ b/test/recipes/70-test_comp.t
@@ -65,7 +65,8 @@ SKIP: {
}
SKIP: {
- skip "TLSv1.3 disabled", 2 if disabled("tls1_3");
+ skip "TLSv1.3 disabled", 2
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
#Test 3: Check that sending multiple compression methods in a TLSv1.3
# ClientHello fails
$proxy->clear();
diff --git a/test/recipes/70-test_key_share.t b/test/recipes/70-test_key_share.t
index b5b01907c6..7ecba99ee8 100644
--- a/test/recipes/70-test_key_share.t
+++ b/test/recipes/70-test_key_share.t
@@ -60,6 +60,9 @@ plan skip_all => "$test_name needs the sock feature enabled"
plan skip_all => "$test_name needs TLS1.3 enabled"
if disabled("tls1_3");
+plan skip_all => "$test_name needs EC or DH enabled"
+ if disabled("ec") && disabled("dh");
+
$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
my $proxy = TLSProxy::Proxy->new(
diff --git a/test/recipes/70-test_sslcbcpadding.t b/test/recipes/70-test_sslcbcpadding.t
index a293ab1e8d..273093244c 100644
--- a/test/recipes/70-test_sslcbcpadding.t
+++ b/test/recipes/70-test_sslcbcpadding.t
@@ -43,6 +43,7 @@ my @test_offsets = (0, 128, 254, 255);
# Test that maximally-padded records are accepted.
my $bad_padding_offset = -1;
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->serverconnects(1 + scalar(@test_offsets));
$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
plan tests => 1 + scalar(@test_offsets);
@@ -55,6 +56,7 @@ foreach my $offset (@test_offsets) {
$bad_padding_offset = $offset;
$fatal_alert = 0;
$proxy->clearClient();
+ $proxy->clientflags("-no_tls1_3");
$proxy->clientstart();
ok($fatal_alert, "Invalid padding byte $bad_padding_offset");
}
diff --git a/test/recipes/70-test_sslextension.t b/test/recipes/70-test_sslextension.t
index 9be001edc2..2d6262f2d4 100644
--- a/test/recipes/70-test_sslextension.t
+++ b/test/recipes/70-test_sslextension.t
@@ -197,6 +197,7 @@ ok($fatal_alert, "Duplicate ClientHello extension");
$fatal_alert = 0;
$proxy->clear();
$proxy->filter(\&inject_duplicate_extension_serverhello);
+$proxy->clientflags("-no_tls1_3");
$proxy->start();
ok($fatal_alert, "Duplicate ServerHello extension");
@@ -207,6 +208,7 @@ SKIP: {
$proxy->clear();
$proxy->filter(\&extension_filter);
$proxy->ciphers("AES128-SHA:\@SECLEVEL=0");
+ $proxy->clientflags("-no_tls1_3");
$proxy->start();
ok(TLSProxy::Message->success, "Zero extension length test");
@@ -244,7 +246,8 @@ SKIP: {
}
SKIP: {
- skip "TLS 1.3 disabled", 1 if disabled("tls1_3");
+ skip "TLS 1.3 disabled", 1
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
#Test 7: Inject an unsolicited extension (TLSv1.3)
$fatal_alert = 0;
$proxy->clear();
@@ -260,5 +263,6 @@ SKIP: {
# ignore it in a ClientHello
$proxy->clear();
$proxy->filter(\&inject_cryptopro_extension);
+$proxy->clientflags("-no_tls1_3");
$proxy->start();
ok(TLSProxy::Message->success(), "Cryptopro extension in ClientHello");
diff --git a/test/recipes/70-test_sslrecords.t b/test/recipes/70-test_sslrecords.t
index 151216c57d..4a0e3e6b78 100644
--- a/test/recipes/70-test_sslrecords.t
+++ b/test/recipes/70-test_sslrecords.t
@@ -43,6 +43,7 @@ my $fatal_alert = 0; # set by filters at expected fatal alerts
my $content_type = TLSProxy::Record::RT_APPLICATION_DATA;
my $inject_recs_num = 1;
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
plan tests => 20;
ok($fatal_alert, "Out of context empty records test");
@@ -51,6 +52,7 @@ ok($fatal_alert, "Out of context empty records test");
$proxy->clear();
$content_type = TLSProxy::Record::RT_HANDSHAKE;
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->start();
ok(TLSProxy::Message->success(), "In context empty records test");
@@ -60,6 +62,7 @@ $proxy->clear();
#We allow 32 consecutive in context empty records
$inject_recs_num = 33;
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->start();
ok($fatal_alert, "Too many in context empty records test");
@@ -70,6 +73,7 @@ $fatal_alert = 0;
$proxy->clear();
$proxy->filter(\&add_frag_alert_filter);
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->start();
ok($fatal_alert, "Fragmented alert records test");
@@ -92,6 +96,7 @@ my $sslv2testtype = TLSV1_2_IN_SSLV2;
$proxy->clear();
$proxy->filter(\&add_sslv2_filter);
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->ciphers("AES128-SHA:\@SECLEVEL=0");
$proxy->start();
ok(TLSProxy::Message->success(), "TLSv1.2 in SSLv2 ClientHello test");
@@ -102,6 +107,7 @@ ok(TLSProxy::Message->success(), "TLSv1.2 in SSLv2 ClientHello test");
$sslv2testtype = SSLV2_IN_SSLV2;
$proxy->clear();
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->ciphers("AES128-SHA:\@SECLEVEL=0");
$proxy->start();
ok(TLSProxy::Message->fail(), "SSLv2 in SSLv2 ClientHello test");
@@ -112,6 +118,7 @@ ok(TLSProxy::Message->fail(), "SSLv2 in SSLv2 ClientHello test");
$sslv2testtype = FRAGMENTED_IN_TLSV1_2;
$proxy->clear();
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->ciphers("AES128-SHA:\@SECLEVEL=0");
$proxy->start();
ok(TLSProxy::Message->success(), "Fragmented ClientHello in TLSv1.2 test");
@@ -121,6 +128,7 @@ ok(TLSProxy::Message->success(), "Fragmented ClientHello in TLSv1.2 test");
$sslv2testtype = FRAGMENTED_IN_SSLV2;
$proxy->clear();
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->ciphers("AES128-SHA:\@SECLEVEL=0");
$proxy->start();
ok(TLSProxy::Message->fail(), "Fragmented ClientHello in TLSv1.2/SSLv2 test");
@@ -130,6 +138,7 @@ ok(TLSProxy::Message->fail(), "Fragmented ClientHello in TLSv1.2/SSLv2 test");
$sslv2testtype = ALERT_BEFORE_SSLV2;
$proxy->clear();
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->ciphers("AES128-SHA:\@SECLEVEL=0");
$proxy->start();
ok(TLSProxy::Message->fail(), "Alert before SSLv2 ClientHello test");
@@ -140,6 +149,7 @@ ok(TLSProxy::Message->fail(), "Alert before SSLv2 ClientHello test");
$fatal_alert = 0;
$proxy->clear();
$proxy->serverflags("-tls1_2");
+$proxy->clientflags("-no_tls1_3");
$proxy->filter(\&add_unknown_record_type);
$proxy->start();
ok($fatal_alert, "Unrecognised record type in TLS1.2");
@@ -166,7 +176,8 @@ ok($fatal_alert, "Changed record version in TLS1.2");
#TLS1.3 specific tests
SKIP: {
- skip "TLSv1.3 disabled", 8 if disabled("tls1_3");
+ skip "TLSv1.3 disabled", 8
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
#Test 13: Sending a different record version in TLS1.3 should fail
$proxy->clear();
diff --git a/test/recipes/70-test_sslsigalgs.t b/test/recipes/70-test_sslsigalgs.t
index 3548704138..609c88e716 100644
--- a/test/recipes/70-test_sslsigalgs.t
+++ b/test/recipes/70-test_sslsigalgs.t
@@ -54,13 +54,15 @@ use constant {
# the sigalgs
#Test 1: Default sig algs should succeed
+$proxy->clientflags("-no_tls1_3") if disabled("ec") && disabled("dh");
$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
plan tests => 26;
ok(TLSProxy::Message->success, "Default sigalgs");
my $testtype;
SKIP: {
- skip "TLSv1.3 disabled", 6 if disabled("tls1_3");
+ skip "TLSv1.3 disabled", 6
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
$proxy->filter(\&sigalgs_filter);
@@ -237,7 +239,10 @@ SKIP: {
my ($dsa_status, $sha1_status, $sha224_status);
SKIP: {
- skip "TLSv1.3 disabled", 2 if disabled("tls1_3") || disabled("dsa");
+ skip "TLSv1.3 disabled", 2
+ if disabled("tls1_3")
+ || disabled("dsa")
+ || (disabled("ec") && disabled("dh"));
#Test 20: signature_algorithms with 1.3-only ClientHello
$testtype = PURE_SIGALGS;
$dsa_status = $sha1_status = $sha224_status = 0;
@@ -263,7 +268,8 @@ SKIP: {
}
SKIP: {
- skip "TLSv1.3 disabled", 3 if disabled("tls1_3");
+ skip "TLSv1.3 disabled", 5
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
#Test 22: Insert signature_algorithms_cert that match normal sigalgs
$testtype = SIGALGS_CERT_ALL;
$proxy->clear();
@@ -284,10 +290,7 @@ SKIP: {
$proxy->filter(\&modify_sigalgs_cert_filter);
$proxy->start();
ok(TLSProxy::Message->fail, "No matching certificate for sigalgs_cert");
-}
-SKIP: {
- skip "TLS 1.3 disabled", 2 if disabled("tls1_3");
#Test 25: Send an unrecognized signature_algorithms_cert
# We should be able to skip over the unrecognized value and use a
# valid one that appears later in the list.
diff --git a/test/recipes/70-test_sslsignature.t b/test/recipes/70-test_sslsignature.t
index a7d33503ed..147dd38bf2 100644
--- a/test/recipes/70-test_sslsignature.t
+++ b/test/recipes/70-test_sslsignature.t
@@ -45,12 +45,14 @@ $proxy->filter(\&signature_filter);
#Test 1: No corruption should succeed
my $testtype = NO_CORRUPTION;
+$proxy->clientflags("-no_tls1_3") if disabled("ec") && disabled("dh");
$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
plan tests => 4;
ok(TLSProxy::Message->success, "No corruption");
SKIP: {
- skip "TLSv1.3 disabled", 1 if disabled("tls1_3");
+ skip "TLSv1.3 disabled", 1
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
#Test 2: Corrupting a server CertVerify signature in TLSv1.3 should fail
$proxy->clear();
diff --git a/test/recipes/70-test_sslversions.t b/test/recipes/70-test_sslversions.t
index 864f4f5283..0a67fe1006 100644
--- a/test/recipes/70-test_sslversions.t
+++ b/test/recipes/70-test_sslversions.t
@@ -37,7 +37,10 @@ plan skip_all => "$test_name needs the sock feature enabled"
if disabled("sock");
plan skip_all => "$test_name needs TLS1.3, TLS1.2 and TLS1.1 enabled"
- if disabled("tls1_3") || disabled("tls1_2") || disabled("tls1_1");
+ if disabled("tls1_3")
+ || (disabled("ec") && disabled("dh"))
+ || disabled("tls1_2")
+ || disabled("tls1_1");
$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
diff --git a/test/recipes/70-test_tls13alerts.t b/test/recipes/70-test_tls13alerts.t
index 205955fad8..c6c9d25f8d 100644
--- a/test/recipes/70-test_tls13alerts.t
+++ b/test/recipes/70-test_tls13alerts.t
@@ -24,7 +24,7 @@ plan skip_all => "$test_name needs the sock feature enabled"
if disabled("sock");
plan skip_all => "$test_name needs TLS1.3 enabled"
- if disabled("tls1_3");
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
diff --git a/test/recipes/70-test_tls13cookie.t b/test/recipes/70-test_tls13cookie.t
index aef2cf8848..2036583fda 100644
--- a/test/recipes/70-test_tls13cookie.t
+++ b/test/recipes/70-test_tls13cookie.t
@@ -24,7 +24,7 @@ plan skip_all => "$test_name needs the sock feature enabled"
if disabled("sock");
plan skip_all => "$test_name needs TLS1.3 enabled"
- if disabled("tls1_3");
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
diff --git a/test/recipes/70-test_tls13downgrade.t b/test/recipes/70-test_tls13downgrade.t
index f8dc8543be..63902a58e6 100644
--- a/test/recipes/70-test_tls13downgrade.t
+++ b/test/recipes/70-test_tls13downgrade.t
@@ -24,7 +24,9 @@ plan skip_all => "$test_name needs the sock feature enabled"
if disabled("sock");
plan skip_all => "$test_name needs TLS1.3 and TLS1.2 enabled"
- if disabled("tls1_3") || disabled("tls1_2");
+ if disabled("tls1_3")
+ || (disabled("ec") && disabled("dh"))
+ || disabled("tls1_2");
$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
diff --git a/test/recipes/70-test_tls13hrr.t b/test/recipes/70-test_tls13hrr.t
index 8f6e54e235..0423bc3c36 100644
--- a/test/recipes/70-test_tls13hrr.t
+++ b/test/recipes/70-test_tls13hrr.t
@@ -24,7 +24,7 @@ plan skip_all => "$test_name needs the sock feature enabled"
if disabled("sock");
plan skip_all => "$test_name needs TLS1.3 enabled"
- if disabled("tls1_3");
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
diff --git a/test/recipes/70-test_tls13kexmodes.t b/test/recipes/70-test_tls13kexmodes.t
index 6648376c0c..da4f3f3865 100644
--- a/test/recipes/70-test_tls13kexmodes.t
+++ b/test/recipes/70-test_tls13kexmodes.t
@@ -26,7 +26,7 @@ plan skip_all => "$test_name needs the sock feature enabled"
if disabled("sock");
plan skip_all => "$test_name needs TLSv1.3 enabled"
- if disabled("tls1_3");
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
plan skip_all => "$test_name needs EC enabled"
if disabled("ec");
diff --git a/test/recipes/70-test_tls13psk.t b/test/recipes/70-test_tls13psk.t
index 66582b7d8e..2f750d858b 100644
--- a/test/recipes/70-test_tls13psk.t
+++ b/test/recipes/70-test_tls13psk.t
@@ -25,7 +25,7 @@ plan skip_all => "$test_name needs the sock feature enabled"
if disabled("sock");
plan skip_all => "$test_name needs TLSv1.3 enabled"
- if disabled("tls1_3");
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
diff --git a/test/recipes/70-test_tlsextms.t b/test/recipes/70-test_tlsextms.t
index 55ef58e202..d567b15552 100644
--- a/test/recipes/70-test_tlsextms.t
+++ b/test/recipes/70-test_tlsextms.t
@@ -56,9 +56,7 @@ my $proxy = TLSProxy::Proxy->new(
setrmextms(0, 0);
$proxy->clientflags("-no_tls1_3");
$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
-my $numtests = 9;
-$numtests++ if (!disabled("tls1_3"));
-plan tests => $numtests;
+plan tests => 10;
checkmessages(1, "Default extended master secret test", 1, 1, 1);
#Test 2: If client omits extended master secret extension, server should too.
@@ -175,11 +173,14 @@ $proxy->clientstart();
ok(TLSProxy::Message->fail(), "Server inconsistent session resumption 2");
unlink $session;
-#Test 10: In TLS1.3 we should not negotiate extended master secret
-#Expected result: ClientHello extension seen; ServerHello extension not seen
-# TLS1.3 handshake (will appear as abbreviated handshake
-# because of no CKE message)
-if (!disabled("tls1_3")) {
+SKIP: {
+ skip "TLS 1.3 disabled", 1
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
+
+ #Test 10: In TLS1.3 we should not negotiate extended master secret
+ #Expected result: ClientHello extension seen; ServerHello extension not seen
+ # TLS1.3 handshake (will appear as abbreviated handshake
+ # because of no CKE message)
clearall();
setrmextms(0, 0);
$proxy->start();
diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
index 24e75ae1c9..99dbdea1bb 100644
--- a/test/recipes/80-test_ssl_new.t
+++ b/test/recipes/80-test_ssl_new.t
@@ -43,13 +43,16 @@ plan tests => 30 # = scalar @conf_srcs
# verify generated sources in the default configuration.
my $is_default_tls = (disabled("ssl3") && !disabled("tls1") &&
!disabled("tls1_1") && !disabled("tls1_2") &&
- !disabled("tls1_3"));
+ !disabled("tls1_3") && (!disabled("ec") || !disabled("dh")));
my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2"));
my @all_pre_tls1_3 = ("ssl3", "tls1", "tls1_1", "tls1_2");
my $no_tls = alldisabled(available_protocols("tls"));
my $no_tls_below1_3 = $no_tls || (disabled("tls1_2") && !disabled("tls1_3"));
+if (!$no_tls && $no_tls_below1_3 && disabled("ec") && disabled("dh")) {
+ $no_tls = 1;
+}
my $no_pre_tls1_3 = alldisabled(@all_pre_tls1_3);
my $no_dtls = alldisabled(available_protocols("dtls"));
my $no_npn = disabled("nextprotoneg");
@@ -105,13 +108,13 @@ my %skip = (
"18-dtls-renegotiate.cnf" => $no_dtls,
"19-mac-then-encrypt.cnf" => $no_pre_tls1_3,
"20-cert-select.cnf" => disabled("tls1_2") || $no_ec,
- "21-key-update.cnf" => disabled("tls1_3"),
+ "21-key-update.cnf" => disabled("tls1_3") || ($no_ec && $no_dh),
"22-compression.cnf" => disabled("zlib") || $no_tls,
"23-srp.cnf" => (disabled("tls1") && disabled ("tls1_1")
&& disabled("tls1_2")) || disabled("srp"),
- "24-padding.cnf" => disabled("tls1_3"),
+ "24-padding.cnf" => disabled("tls1_3") || ($no_ec && $no_dh),
"25-cipher.cnf" => disabled("ec") || disabled("tls1_2"),
- "26-tls13_client_auth.cnf" => disabled("tls1_3"),
+ "26-tls13_client_auth.cnf" => disabled("tls1_3") || ($no_ec && $no_dh),
"29-dtls-sctp-label-bug.cnf" => disabled("sctp") || disabled("sock"),
);
diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
index 975d1a9fd6..2f3d5d1c8c 100644
--- a/test/recipes/80-test_ssl_old.t
+++ b/test/recipes/80-test_ssl_old.t
@@ -33,6 +33,8 @@ my ($no_rsa, $no_dsa, $no_dh, $no_ec, $no_psk,
anydisabled qw/rsa dsa dh ec psk
ssl3 tls1 tls1_1 tls1_2 tls1_3
dtls dtls1 dtls1_2 ct/;
+#If ec and dh are disabled then don't use TLSv1.3
+$no_tls1_3 = 1 if (!$no_tls1_3 && $no_ec && $no_dh);
my $no_anytls = alldisabled(available_protocols("tls"));
my $no_anydtls = alldisabled(available_protocols("dtls"));
diff --git a/test/recipes/90-test_tls13ccs.t b/test/recipes/90-test_tls13ccs.t
index 1281c362d6..3bd65b8ba0 100644
--- a/test/recipes/90-test_tls13ccs.t
+++ b/test/recipes/90-test_tls13ccs.t
@@ -14,7 +14,7 @@ my $test_name = "test_tls13ccs";
setup($test_name);
plan skip_all => "$test_name is not supported in this build"
- if disabled("tls1_3");
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
plan tests => 1;
diff --git a/test/recipes/90-test_tls13encryption.t b/test/recipes/90-test_tls13encryption.t
index 145e1b9f8c..45b7b8a9aa 100644
--- a/test/recipes/90-test_tls13encryption.t
+++ b/test/recipes/90-test_tls13encryption.t
@@ -13,7 +13,7 @@ my $test_name = "tls13encryption";
setup($test_name);
plan skip_all => "$test_name is not supported in this build"
- if disabled("tls1_3");
+ if disabled("tls1_3") || (disabled("ec") && disabled("dh"));
plan tests => 1;
diff --git a/test/recipes/90-test_tls13secrets.t b/test/recipes/90-test_tls13secrets.t
index ba437f59b8..13af681bf0 100644
--- a/test/recipes/90-test_tls13secrets.t
+++ b/test/recipes/90-test_tls13secrets.t
@@ -13,7 +13,9 @@ my $test_name = "tls13secrets";
setup($test_name);
plan skip_all => "$test_name is not supported in this build"
- if disabled("tls1_3") || disabled("shared");
+ if disabled("tls1_3")
+ || disabled("shared")
+ || (disabled("ec") && disabled("dh"));
plan tests => 1;
diff --git a/test/recordlentest.c b/test/recordlentest.c
index 5388db7ddd..daf19bb8f3 100644
--- a/test/recordlentest.c
+++ b/test/recordlentest.c
@@ -94,7 +94,8 @@ static int test_record_overflow(int idx)
|| idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_NOT_OK)
return 1;
#endif
-#ifdef OPENSSL_NO_TLS1_3
+#if defined(OPENSSL_NO_TLS1_3) \
+ || (defined(OPENSSL_NO_EC) && defined(OPENSSL_NO_DH))
if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_OK
|| idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK)
return 1;
diff --git a/test/servername_test.c b/test/servername_test.c
index 14088211c9..d6fb7b5bb6 100644
--- a/test/servername_test.c
+++ b/test/servername_test.c
@@ -31,6 +31,13 @@ static const char *host = "dummy-host";
static char *cert = NULL;
static char *privkey = NULL;
+#if defined(OPENSSL_NO_TLS1_3) || \
+ (defined(OPENSSL_NO_EC) && defined(OPENSSL_NO_DH))
+static int maxversion = TLS1_2_VERSION;
+#else
+static int maxversion = 0;
+#endif
+
static int get_sni_from_client_hello(BIO *bio, char **sni)
{
long len;
@@ -101,6 +108,10 @@ static int client_setup_sni_before_state(void)
if (!TEST_ptr(ctx))
goto end;
+ if (maxversion > 0
+ && !TEST_true(SSL_CTX_set_max_proto_version(ctx, maxversion)))
+ goto end;
+
con = SSL_new(ctx);
if (!TEST_ptr(con))
goto end;
@@ -149,6 +160,10 @@ static int client_setup_sni_after_state(void)
if (!TEST_ptr(ctx))
goto end;
+ if (maxversion > 0
+ && !TEST_true(SSL_CTX_set_max_proto_version(ctx, maxversion)))
+ goto end;
+
con = SSL_new(ctx);
if (!TEST_ptr(con))
goto end;
diff --git a/test/ssl-tests/04-client_auth.cnf.in b/test/ssl-tests/04-client_auth.cnf.in
index ad0ae7ae18..d908ad1c7d 100644
--- a/test/ssl-tests/04-client_auth.cnf.in
+++ b/test/ssl-tests/04-client_auth.cnf.in
@@ -116,7 +116,9 @@ sub generate_tests() {
test => {
"ExpectedResult" => "ServerFail",
"ExpectedServerAlert" =>
- ($protocol_name eq "flex" && !disabled("tls1_3"))
+ ($protocol_name eq "flex"
+ && !disabled("tls1_3")
+ && (!disabled("ec") || !disabled("dh")))
? "CertificateRequired" : "HandshakeFailure",
"Method" => $method,
},
diff --git a/test/ssl-tests/27-ticket-appdata.cnf.in b/test/ssl-tests/27-ticket-appdata.cnf.in
index 719c98a107..d9e861933f 100644
--- a/test/ssl-tests/27-ticket-appdata.cnf.in
+++ b/test/ssl-tests/27-ticket-appdata.cnf.in
@@ -96,4 +96,5 @@ our @tests13 = (
our @tests = ();
push @tests, @tests12 unless disabled("tls1_2");
-push @tests, @tests13 unless disabled("tls1_3");
+push @tests, @tests13 unless disabled("tls1_3")
+ || (disabled("ec") && disabled("dh"));
diff --git a/test/ssl-tests/protocol_version.pm b/test/ssl-tests/protocol_version.pm
index 0f0bd2e7cc..70c5722469 100644
--- a/test/ssl-tests/protocol_version.pm
+++ b/test/ssl-tests/protocol_version.pm
@@ -64,7 +64,10 @@ sub max_prot_enabled {
my $max_enabled;
foreach my $i (0..$#protocols) {
- if (!$is_disabled[$i]) {
+ if (!$is_disabled[$i]
+ && ($protocols[$i] ne "TLSv1.3"
+ || !disabled("ec")
+ || !disabled("dh"))) {
$max_enabled = $i;
}
}
@@ -172,7 +175,11 @@ sub generate_version_tests {
}
}
}
- return @tests if disabled("tls1_3") || disabled("tls1_2") || $dtls;
+ return @tests
+ if disabled("tls1_3")
+ || disabled("tls1_2")
+ || (disabled("ec") && disabled("dh"))
+ || $dtls;
#Add some version/ciphersuite sanity check tests
push @tests, {
@@ -307,7 +314,7 @@ sub generate_resumption_tests {
}
}
- if (!disabled("tls1_3") && !$dtls) {
+ if (!disabled("tls1_3") && (!disabled("ec") || !disabled("dh")) && !$dtls) {
push @client_tests, {
"name" => "resumption-with-hrr",
"client" => {
@@ -332,7 +339,9 @@ sub generate_resumption_tests {
sub expected_result {
my ($c_min, $c_max, $s_min, $s_max, $min_enabled, $max_enabled,
$protocols) = @_;
+ my @prots = @$protocols;
+ my $orig_c_max = $c_max;
# Adjust for "undef" (no limit).
$c_min = $c_min == 0 ? 0 : $c_min - 1;
$c_max = $c_max == scalar @$protocols ? $c_max - 1 : $c_max;
@@ -346,7 +355,11 @@ sub expected_result {
$c_max = min $c_max, $max_enabled;
$s_max = min $s_max, $max_enabled;
- if ($c_min > $c_max) {
+ if ($c_min > $c_max
+ || ($orig_c_max != scalar @$protocols
+ && $prots[$orig_c_max] eq "TLSv1.3"
+ && $c_max != $orig_c_max
+ && !disabled("tls1_3"))) {
# Client should fail to even send a hello.
return ("ClientFail", undef);
} elsif ($s_min > $s_max) {
@@ -356,7 +369,6 @@ sub expected_result {
# Server doesn't support the client range.
return ("ServerFail", undef);
} elsif ($c_min > $s_max) {
- my @prots = @$protocols;
if ($prots[$c_max] eq "TLSv1.3") {
# Client will have sent supported_versions, so server will know
# that there are no overlapping versions.
diff --git a/test/ssl_old_test.c b/test/ssl_old_test.c
index 48f0e8dae7..ad9a4a256c 100644
--- a/test/ssl_old_test.c
+++ b/test/ssl_old_test.c
@@ -1321,7 +1321,12 @@ int main(int argc, char *argv[])
max_version = TLS1_2_VERSION;
} else {
min_version = 0;
+# if defined(OPENSSL_NO_EC) && defined(OPENSSL_NO_DH)
+ /* We only have ec and dh based built-in groups for TLSv1.3 */
+ max_version = TLS1_2_VERSION;
+# else
max_version = 0;
+# endif
}
#endif
#ifndef OPENSSL_NO_DTLS
diff --git a/test/ssl_test.c b/test/ssl_test.c
index 042a05e453..cefcfb569f 100644
--- a/test/ssl_test.c
+++ b/test/ssl_test.c
@@ -436,8 +436,17 @@ static int test_handshake(int idx)
}
#endif
if (test_ctx->method == SSL_TEST_METHOD_TLS) {
+#if !defined(OPENSSL_NO_TLS1_3) \
+ && defined(OPENSSL_NO_EC) \
+ && defined(OPENSSL_NO_DH)
+ /* Without ec or dh there are no built-in groups for TLSv1.3 */
+ int maxversion = TLS1_2_VERSION;
+#else
+ int maxversion = 0;
+#endif
+
server_ctx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method());
- if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
+ if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, maxversion)))
goto err;
/* SNI on resumption isn't supported/tested yet. */
if (test_ctx->extra.server.servername_callback !=
@@ -445,21 +454,24 @@ static int test_handshake(int idx)
if (!TEST_ptr(server2_ctx =
SSL_CTX_new_ex(libctx, NULL, TLS_server_method())))
goto err;
- if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, 0)))
+ if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx,
+ maxversion)))
goto err;
}
client_ctx = SSL_CTX_new_ex(libctx, NULL, TLS_client_method());
- if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
+ if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, maxversion)))
goto err;
if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
resume_server_ctx = SSL_CTX_new_ex(libctx, NULL,
TLS_server_method());
- if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
+ if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx,
+ maxversion)))
goto err;
resume_client_ctx = SSL_CTX_new_ex(libctx, NULL,
TLS_client_method());
- if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
+ if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx,
+ maxversion)))
goto err;
if (!TEST_ptr(resume_server_ctx)
|| !TEST_ptr(resume_client_ctx))
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 51d1bdd8de..7cae297a17 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -39,6 +39,16 @@
#include "internal/ktls.h"
#include "../ssl/ssl_local.h"
+#undef OSSL_NO_USABLE_TLS1_3
+#if defined(OPENSSL_NO_TLS1_3) \
+ || (defined(OPENSSL_NO_EC) && defined(OPENSSL_NO_DH))
+/*
+ * If we don't have ec or dh then there are no built-in groups that are usable
+ * with TLSv1.3
+ */
+# define OSSL_NO_USABLE_TLS1_3
+#endif
+
/* Defined in filterprov.c */
OSSL_provider_init_fn filter_provider_init;
int filter_provider_set_filter(int operation, const char *name);
@@ -52,7 +62,7 @@ int tls_provider_init(const OSSL_CORE_HANDLE *handle,
static OSSL_LIB_CTX *libctx = NULL;
static OSSL_PROVIDER *defctxnull = NULL;
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
static SSL_SESSION *clientpsk = NULL;
static SSL_SESSION *serverpsk = NULL;
@@ -351,7 +361,7 @@ static int test_keylog_output(char *buffer, const SSL *ssl,
return 1;
}
-#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3)
+#if !defined(OPENSSL_NO_TLS1_2) || defined(OSSL_NO_USABLE_TLS1_3)
static int test_keylog(void)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
@@ -432,7 +442,7 @@ end:
}
#endif
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
static int test_keylog_no_master_key(void)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
@@ -957,7 +967,7 @@ static int execute_test_large_message(const SSL_METHOD *smeth,
}
#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_KTLS) && \
- !(defined(OPENSSL_NO_TLS1_3) && defined(OPENSSL_NO_TLS1_2))
+ !(defined(OSSL_NO_USABLE_TLS1_3) && defined(OPENSSL_NO_TLS1_2))
#define TLS_CIPHER_MAX_REC_SEQ_SIZE 8
/* sock must be connected */
static int ktls_chk_platform(int sock)
@@ -1272,14 +1282,14 @@ end:
return testresult;
}
-#if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3)
+#if !defined(OPENSSL_NO_TLS1_2) || !defined(OSSL_NO_USABLE_TLS1_3)
static int test_ktls(int test)
{
int cis_ktls_tx, cis_ktls_rx, sis_ktls_tx, sis_ktls_rx;
int tlsver, testresult;
if (test > 15) {
-#if defined(OPENSSL_NO_TLS1_3)
+#if defined(OSSL_NO_USABLE_TLS1_3)
return 1;
#else
test -= 16;
@@ -1302,7 +1312,7 @@ static int test_ktls(int test)
if (cis_ktls_rx || sis_ktls_rx)
return 1;
#endif
-#if !defined(OPENSSL_NO_TLS1_3)
+#if !defined(OSSL_NO_USABLE_TLS1_3)
if (tlsver == TLS1_3_VERSION && (cis_ktls_rx || sis_ktls_rx))
return 1;
#endif
@@ -1332,7 +1342,7 @@ static int test_ktls_sendfile_anytls(int tst)
int tlsver;
if (tst > 2) {
-#if defined(OPENSSL_NO_TLS1_3)
+#if defined(OSSL_NO_USABLE_TLS1_3)
return 1;
#else
tst -= 3;
@@ -1481,7 +1491,7 @@ static int test_cleanse_plaintext(void)
#endif
-#if !defined(OPENSSL_NO_TLS1_3)
+#if !defined(OSSL_NO_USABLE_TLS1_3)
if (!TEST_true(execute_cleanse_plaintext(TLS_server_method(),
TLS_client_method(),
TLS1_3_VERSION,
@@ -1676,7 +1686,7 @@ static int test_tlsext_status_type(void)
}
#endif
-#if !defined(OPENSSL_NO_TLS1_3) || !defined(OPENSSL_NO_TLS1_2)
+#if !defined(OSSL_NO_USABLE_TLS1_3) || !defined(OPENSSL_NO_TLS1_2)
static int new_called, remove_called, get_called;
static int new_session_cb(SSL *ssl, SSL_SESSION *sess)
@@ -1992,11 +2002,11 @@ static int execute_test_session(int maxprot, int use_int_cache,
return testresult;
}
-#endif /* !defined(OPENSSL_NO_TLS1_3) || !defined(OPENSSL_NO_TLS1_2) */
+#endif /* !defined(OSSL_NO_USABLE_TLS1_3) || !defined(OPENSSL_NO_TLS1_2) */
static int test_session_with_only_int_cache(void)
{
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
if (!execute_test_session(TLS1_3_VERSION, 1, 0, 0))
return 0;
#endif
@@ -2010,7 +2020,7 @@ static int test_session_with_only_int_cache(void)
static int test_session_with_only_ext_cache(void)
{
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
if (!execute_test_session(TLS1_3_VERSION, 0, 1, 0))
return 0;
#endif
@@ -2024,7 +2034,7 @@ static int test_session_with_only_ext_cache(void)
static int test_session_with_both_cache(void)
{
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
if (!execute_test_session(TLS1_3_VERSION, 1, 1, 0))
return 0;
#endif
@@ -2038,7 +2048,7 @@ static int test_session_with_both_cache(void)
static int test_session_wo_ca_names(void)
{
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
if (!execute_test_session(TLS1_3_VERSION, 1, 0, SSL_OP_DISABLE_TLSEXT_CA_NAMES))
return 0;
#endif
@@ -2051,7 +2061,7 @@ static int test_session_wo_ca_names(void)
}
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
static SSL_SESSION *sesscache[6];
static int do_cache;
@@ -2492,7 +2502,7 @@ static int test_extra_tickets(int idx)
#define TOTAL_NO_CONN_SSL_SET_BIO_TESTS (3 * 3 * 3 * 3)
#define TOTAL_CONN_SUCCESS_SSL_SET_BIO_TESTS (2 * 2)
-#if !defined(OPENSSL_NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_2)
+#if !defined(OSSL_NO_USABLE_TLS1_3) && !defined(OPENSSL_NO_TLS1_2)
# define TOTAL_CONN_FAIL_SSL_SET_BIO_TESTS (2 * 2)
#else
# define TOTAL_CONN_FAIL_SSL_SET_BIO_TESTS 0
@@ -2721,7 +2731,7 @@ static int test_ssl_bio_change_wbio(void)
return execute_test_ssl_bio(0, CHANGE_WBIO);
}
-#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3)
+#if !defined(OPENSSL_NO_TLS1_2) || defined(OSSL_NO_USABLE_TLS1_3)
typedef struct {
/* The list of sig algs */
const int *list;
@@ -2852,7 +2862,7 @@ static int test_set_sigalgs(int idx)
}
#endif
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
static int psk_client_cb_cnt = 0;
static int psk_server_cb_cnt = 0;
@@ -5048,7 +5058,7 @@ static int test_stateless(void)
return testresult;
}
-#endif /* OPENSSL_NO_TLS1_3 */
+#endif /* OSSL_NO_USABLE_TLS1_3 */
static int clntaddoldcb = 0;
static int clntparseoldcb = 0;
@@ -5183,7 +5193,7 @@ static int test_custom_exts(int tst)
SSL_SESSION *sess = NULL;
unsigned int context;
-#if defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_TLS1_3)
+#if defined(OPENSSL_NO_TLS1_2) && !defined(OSSL_NO_USABLE_TLS1_3)
/* Skip tests for TLSv1.2 and below in this case */
if (tst < 3)
return 1;
@@ -5478,7 +5488,7 @@ static int test_export_key_mat(int tst)
if (tst == 2)
return 1;
#endif
-#ifdef OPENSSL_NO_TLS1_3
+#ifdef OSSL_NO_USABLE_TLS1_3
if (tst >= 3)
return 1;
#endif
@@ -5604,7 +5614,7 @@ static int test_export_key_mat(int tst)
return testresult;
}
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
/*
* Test that SSL_export_keying_material_early() produces expected
* results. There are no test vectors so all we do is test that both
@@ -5823,7 +5833,7 @@ static int test_key_update_in_write(int tst)
return testresult;
}
-#endif /* OPENSSL_NO_TLS1_3 */
+#endif /* OSSL_NO_USABLE_TLS1_3 */
static int test_ssl_clear(int idx)
{
@@ -5942,14 +5952,15 @@ static const unsigned char max_fragment_len_test[] = {
static int test_max_fragment_len_ext(int idx_tst)
{
- SSL_CTX *ctx;
+ SSL_CTX *ctx = NULL;
SSL *con = NULL;
int testresult = 0, MFL_mode = 0;
BIO *rbio, *wbio;
- ctx = SSL_CTX_new_ex(libctx, NULL, TLS_method());
- if (!TEST_ptr(ctx))
- goto end;
+ if (!TEST_true(create_ssl_ctx_pair(libctx, NULL, TLS_client_method(),
+ TLS1_VERSION, 0, NULL, &ctx, NULL,
+ NULL)))
+ return 0;
if (!TEST_true(SSL_CTX_set_tlsext_max_fragment_length(
ctx, max_fragment_len_test[idx_tst])))
@@ -5968,7 +5979,6 @@ static int test_max_fragment_len_ext(int idx_tst)
}
SSL_set_bio(con, rbio, wbio);
- SSL_set_connect_state(con);
if (!TEST_int_le(SSL_connect(con), 0)) {
/* This shouldn't succeed because we don't have a server! */
@@ -5990,7 +6000,7 @@ end:
return testresult;
}
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
static int test_pha_key_update(void)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
@@ -6432,7 +6442,7 @@ static int test_info_callback(int tst)
return 1;
#endif
} else {
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
tlsvers = TLS1_3_VERSION;
#else
return 1;
@@ -6444,7 +6454,7 @@ static int test_info_callback(int tst)
info_cb_this_state = -1;
info_cb_offset = tst;
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
if (tst >= 4) {
SSL_SESSION *sess = NULL;
size_t written, readbytes;
@@ -6603,7 +6613,7 @@ static struct {
* We can't establish a connection (even in TLSv1.1) with these ciphersuites if
* TLSv1.3 is enabled but TLSv1.2 is disabled.
*/
-#if defined(OPENSSL_NO_TLS1_3) || !defined(OPENSSL_NO_TLS1_2)
+#if defined(OSSL_NO_USABLE_TLS1_3) || !defined(OPENSSL_NO_TLS1_2)
{
TLS1_2_VERSION,
"AES128-SHA:AES256-SHA",
@@ -6649,7 +6659,7 @@ static struct {
* This test combines TLSv1.3 and TLSv1.2 ciphersuites so they must both be
* enabled.
*/
-#if !defined(OPENSSL_NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_2) \
+#if !defined(OSSL_NO_USABLE_TLS1_3) && !defined(OPENSSL_NO_TLS1_2) \
&& !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
{
TLS1_3_VERSION,
@@ -6662,7 +6672,7 @@ static struct {
"TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:AES256-SHA"
},
#endif
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
{
TLS1_3_VERSION,
"AES128-SHA",
@@ -6907,7 +6917,7 @@ static int test_ticket_callbacks(int tst)
if (tst % 2 == 0)
return 1;
#endif
-#ifdef OPENSSL_NO_TLS1_3
+#ifdef OSSL_NO_USABLE_TLS1_3
if (tst % 2 == 1)
return 1;
#endif
@@ -7124,7 +7134,7 @@ static int test_shutdown(int tst)
if (tst <= 1)
return 1;
#endif
-#ifdef OPENSSL_NO_TLS1_3
+#ifdef OSSL_NO_USABLE_TLS1_3
if (tst >= 2)
return 1;
#endif
@@ -7259,7 +7269,7 @@ static int test_shutdown(int tst)
return testresult;
}
-#if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3)
+#if !defined(OPENSSL_NO_TLS1_2) || !defined(OSSL_NO_USABLE_TLS1_3)
static int cert_cb_cnt;
static int cert_cb(SSL *s, void *arg)
@@ -7440,7 +7450,7 @@ static int test_cert_cb(int tst)
#ifndef OPENSSL_NO_TLS1_2
testresult &= test_cert_cb_int(TLS1_2_VERSION, tst);
#endif
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
testresult &= test_cert_cb_int(TLS1_3_VERSION, tst);
#endif
@@ -7498,7 +7508,7 @@ static int test_client_cert_cb(int tst)
if (tst == 0)
return 1;
#endif
-#ifdef OPENSSL_NO_TLS1_3
+#ifdef OSSL_NO_USABLE_TLS1_3
if (tst == 1)
return 1;
#endif
@@ -7537,7 +7547,7 @@ static int test_client_cert_cb(int tst)
return testresult;
}
-#if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3)
+#if !defined(OPENSSL_NO_TLS1_2) || !defined(OSSL_NO_USABLE_TLS1_3)
/*
* Test setting certificate authorities on both client and server.
*
@@ -7664,7 +7674,7 @@ static int test_ca_names(int tst)
#ifndef OPENSSL_NO_TLS1_2
testresult &= test_ca_names_int(TLS1_2_VERSION, tst);
#endif
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
testresult &= test_ca_names_int(TLS1_3_VERSION, tst);
#endif
@@ -7794,7 +7804,7 @@ static int test_servername(int tst)
if (tst <= 4)
return 1;
#endif
-#ifdef OPENSSL_NO_TLS1_3
+#ifdef OSSL_NO_USABLE_TLS1_3
if (tst >= 5)
return 1;
#endif
@@ -7925,7 +7935,7 @@ static int test_servername(int tst)
}
#if !defined(OPENSSL_NO_EC) \
- && (!defined(OPENSSL_NO_TLS1_3) || !defined(OPENSSL_NO_TLS1_2))
+ && (!defined(OSSL_NO_USABLE_TLS1_3) || !defined(OPENSSL_NO_TLS1_2))
/*
* Test that if signature algorithms are not available, then we do not offer or
* accept them.
@@ -8062,10 +8072,11 @@ static int test_sigalgs_available(int idx)
}
#endif /*
* !defined(OPENSSL_NO_EC) \
- * && (!defined(OPENSSL_NO_TLS1_3) || !defined(OPENSSL_NO_TLS1_2))
+ * && (!defined(OSSL_NO_USABLE_TLS1_3) || !defined(OPENSSL_NO_TLS1_2))
*/
#ifndef OPENSSL_NO_TLS1_3
+/* This test can run in TLSv1.3 even if ec and dh are disabled */
static int test_pluggable_group(int idx)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
@@ -8489,7 +8500,7 @@ static int test_dh_auto(int idx)
# endif /* OPENSSL_NO_DH */
#endif /* OPENSSL_NO_TLS1_2 */
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
/*
* Test that setting an SNI callback works with TLSv1.3. Specifically we check
* that it works even without a certificate configured for the original
@@ -8667,7 +8678,7 @@ int setup_tests(void)
goto err;
#if !defined(OPENSSL_NO_KTLS) && !defined(OPENSSL_NO_SOCK)
-# if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3)
+# if !defined(OPENSSL_NO_TLS1_2) || !defined(OSSL_NO_USABLE_TLS1_3)
ADD_ALL_TESTS(test_ktls, 32);
ADD_ALL_TESTS(test_ktls_sendfile_anytls, 6);
# endif
@@ -8685,7 +8696,7 @@ int setup_tests(void)
ADD_TEST(test_session_with_only_ext_cache);
ADD_TEST(test_session_with_both_cache);
ADD_TEST(test_session_wo_ca_names);
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
ADD_ALL_TESTS(test_stateful_tickets, 3);
ADD_ALL_TESTS(test_stateless_tickets, 3);
ADD_TEST(test_psk_tickets);
@@ -8696,11 +8707,11 @@ int setup_tests(void)
ADD_TEST(test_ssl_bio_pop_ssl_bio);
ADD_TEST(test_ssl_bio_change_rbio);
ADD_TEST(test_ssl_bio_change_wbio);
-#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3)
+#if !defined(OPENSSL_NO_TLS1_2) || defined(OSSL_NO_USABLE_TLS1_3)
ADD_ALL_TESTS(test_set_sigalgs, OSSL_NELEM(testsigalgs) * 2);
ADD_TEST(test_keylog);
#endif
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
ADD_TEST(test_keylog_no_master_key);
#endif
ADD_TEST(test_client_cert_verify_cb);
@@ -8709,7 +8720,7 @@ int setup_tests(void)
ADD_TEST(test_no_ems);
ADD_TEST(test_ccs_change_cipher);
#endif
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
ADD_ALL_TESTS(test_early_data_read_write, 3);
/*
* We don't do replay tests for external PSK. Replay protection isn't used
@@ -8728,7 +8739,7 @@ int setup_tests(void)
ADD_ALL_TESTS(test_early_data_tls1_2, 3);
# endif
#endif
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
ADD_ALL_TESTS(test_set_ciphersuite, 10);
ADD_TEST(test_ciphersuite_change);
ADD_ALL_TESTS(test_tls13_ciphersuite, 4);
@@ -8752,7 +8763,7 @@ int setup_tests(void)
#endif
ADD_ALL_TESTS(test_serverinfo, 8);
ADD_ALL_TESTS(test_export_key_mat, 6);
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
ADD_ALL_TESTS(test_export_key_mat_early, 3);
ADD_TEST(test_key_update);
ADD_ALL_TESTS(test_key_update_in_write, 2);
@@ -8776,7 +8787,7 @@ int setup_tests(void)
#endif
ADD_ALL_TESTS(test_servername, 10);
#if !defined(OPENSSL_NO_EC) \
- && (!defined(OPENSSL_NO_TLS1_3) || !defined(OPENSSL_NO_TLS1_2))
+ && (!defined(OSSL_NO_USABLE_TLS1_3) || !defined(OPENSSL_NO_TLS1_2))
ADD_ALL_TESTS(test_sigalgs_available, 6);
#endif
#ifndef OPENSSL_NO_TLS1_3
@@ -8789,7 +8800,7 @@ int setup_tests(void)
ADD_ALL_TESTS(test_dh_auto, 7);
# endif
#endif
-#ifndef OPENSSL_NO_TLS1_3
+#ifndef OSSL_NO_USABLE_TLS1_3
ADD_TEST(test_sni_tls13);
#endif
return 1;
More information about the openssl-commits
mailing list