From e40c469ad3d8b7b6cd8b6e21dfc0227dc73492b5 Mon Sep 17 00:00:00 2001 From: Gergely Budai Date: Wed, 22 Jan 2014 11:22:20 +0100 Subject: [PATCH] The default ECDH curve list will be dynamically built in the ecp module based on ecp_supported_curves[]. --- include/polarssl/ecp.h | 7 +++++++ library/ecp.c | 43 +++++++++++++++++++++++++++++++++--------- library/ssl_tls.c | 42 +---------------------------------------- 3 files changed, 42 insertions(+), 50 deletions(-) diff --git a/include/polarssl/ecp.h b/include/polarssl/ecp.h index 1635b702f..e79b0bced 100644 --- a/include/polarssl/ecp.h +++ b/include/polarssl/ecp.h @@ -255,6 +255,13 @@ const ecp_curve_info *ecp_curve_info_from_tls_id( uint16_t tls_id ); */ const ecp_curve_info *ecp_curve_info_from_name( const char *name ); +/** + * \brief Get the default ECDH curve list + * + * \return The default ECDH curve list + */ +ecp_group_id *ecp_get_default_echd_curve_list( void ); + /** * \brief Initialize a point (as zero) */ diff --git a/library/ecp.c b/library/ecp.c index a27d30e2a..992c43697 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -114,27 +114,33 @@ typedef enum * - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2) * - size in bits * - readable name + * + * The sequence of elements in this list also determines the default preference + * of the curves used by an ECHDE handshake. + * We start with the most secure curves. From the same sized curves, we prefer + * the SECP ones because they are much faster. + * */ static const ecp_curve_info ecp_supported_curves[] = { -#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED) - { POLARSSL_ECP_DP_BP512R1, 28, 512, "brainpoolP512r1" }, -#endif -#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED) - { POLARSSL_ECP_DP_BP384R1, 27, 384, "brainpoolP384r1" }, -#endif -#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED) - { POLARSSL_ECP_DP_BP256R1, 26, 256, "brainpoolP256r1" }, -#endif #if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) { POLARSSL_ECP_DP_SECP521R1, 25, 521, "secp521r1" }, #endif +#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED) + { POLARSSL_ECP_DP_BP512R1, 28, 512, "brainpoolP512r1" }, +#endif #if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) { POLARSSL_ECP_DP_SECP384R1, 24, 384, "secp384r1" }, #endif +#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED) + { POLARSSL_ECP_DP_BP384R1, 27, 384, "brainpoolP384r1" }, +#endif #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) { POLARSSL_ECP_DP_SECP256R1, 23, 256, "secp256r1" }, #endif +#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED) + { POLARSSL_ECP_DP_BP256R1, 26, 256, "brainpoolP256r1" }, +#endif #if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) { POLARSSL_ECP_DP_SECP224R1, 21, 224, "secp224r1" }, #endif @@ -152,6 +158,8 @@ static const ecp_curve_info ecp_supported_curves[] = #endif { POLARSSL_ECP_DP_NONE, 0, 0, NULL }, }; +#define ECP_NUM_SUPPORTED_CURVES ( sizeof( ecp_supported_curves ) / \ + sizeof( ecp_curve_info ) ) /* * List of supported curves and associated info @@ -215,6 +223,23 @@ const ecp_curve_info *ecp_curve_info_from_name( const char *name ) return( NULL ); } +/* + * Get the default ECDH curve list + */ +ecp_group_id *ecp_get_default_echd_curve_list( void ) +{ + static ecp_group_id ecdh_default_curve_list[ECP_NUM_SUPPORTED_CURVES]; + int i; + + /* Build the list of default curves based on ecp_supported_curves[] */ + for( i = 0; i < ECP_NUM_SUPPORTED_CURVES; i++) + { + ecdh_default_curve_list[i] = ecp_supported_curves[i].grp_id; + } + + return ecdh_default_curve_list; +} + /* * Get the type of a curve */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 79b4bb75c..dd84daa08 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3325,46 +3325,6 @@ static int ssl_handshake_init( ssl_context *ssl ) */ int ssl_init( ssl_context *ssl ) { - -#if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) - /* - * ECDHE allowed curves and preference list - * - * We start with the most secure curves. From the same size curves, we prefer - * the SECP ones because they are much faster. - * - * TODO: Add the Montgomery curves - */ - static const ecp_group_id default_curve_list[] = - { -#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) - POLARSSL_ECP_DP_SECP521R1, -#endif -#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED) - POLARSSL_ECP_DP_BP512R1, -#endif -#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) - POLARSSL_ECP_DP_SECP384R1, -#endif -#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED) - POLARSSL_ECP_DP_BP384R1, -#endif -#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) - POLARSSL_ECP_DP_SECP256R1, -#endif -#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED) - POLARSSL_ECP_DP_BP256R1, -#endif -#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) - POLARSSL_ECP_DP_SECP224R1, -#endif -#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) - POLARSSL_ECP_DP_SECP192R1, -#endif - POLARSSL_ECP_DP_NONE - }; -#endif - int ret; int len = SSL_BUFFER_LEN; @@ -3426,7 +3386,7 @@ int ssl_init( ssl_context *ssl ) #if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) && \ defined(POLARSSL_SSL_SET_CURVES) - ssl->curve_list = default_curve_list; + ssl->curve_list = ecp_get_default_echd_curve_list( ); #endif if( ( ret = ssl_handshake_init( ssl ) ) != 0 )