Skip to content

Commit

Permalink
Remove unused group_id parameter in TLS 1.3 cipher suite selection
Browse files Browse the repository at this point in the history
This is a remnant of when we tried to correlate AEAD selection with
post-quantum curves. Also remove a redundant call to
tls1_get_shared_group. We already saved the result in hs->new_session,
so there's no need to compute it again.

Change-Id: I2425ad40bf664f4d248e1dcf610f574a6cad68bc
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66689
Commit-Queue: David Benjamin <[email protected]>
Reviewed-by: Bob Beck <[email protected]>
(cherry picked from commit 860db9e98f23c6e2692afb143a04987cc232e1f5)
  • Loading branch information
davidben authored and skmcgrail committed Dec 3, 2024
1 parent d3c6e4e commit 4fdca57
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 16 deletions.
4 changes: 2 additions & 2 deletions ssl/internal.h
Original file line number Diff line number Diff line change
Expand Up @@ -747,13 +747,13 @@ bool ssl_cipher_requires_server_key_exchange(const SSL_CIPHER *cipher);
size_t ssl_cipher_get_record_split_len(const SSL_CIPHER *cipher);

// ssl_choose_tls13_cipher returns an |SSL_CIPHER| corresponding with the best
// available from |client_cipher_suites| compatible with |version|, |group_id| and
// available from |client_cipher_suites| compatible with |version|, and
// configured |tls13_ciphers|. It returns NULL if there isn't a compatible
// cipher. |has_aes_hw| indicates if the choice should be made as if support for
// AES in hardware is available.
const SSL_CIPHER *ssl_choose_tls13_cipher(
const STACK_OF(SSL_CIPHER) *client_cipher_suites, bool has_aes_hw, uint16_t version,
uint16_t group_id, const STACK_OF(SSL_CIPHER) *tls13_ciphers);
const STACK_OF(SSL_CIPHER) *tls13_ciphers);


// Transcript layer.
Expand Down
2 changes: 1 addition & 1 deletion ssl/s3_both.cc
Original file line number Diff line number Diff line change
Expand Up @@ -687,7 +687,7 @@ class CipherScorer {

const SSL_CIPHER *ssl_choose_tls13_cipher(
const STACK_OF(SSL_CIPHER) *client_cipher_suites, bool has_aes_hw, uint16_t version,
uint16_t group_id, const STACK_OF(SSL_CIPHER) *tls13_ciphers) {
const STACK_OF(SSL_CIPHER) *tls13_ciphers) {

const SSL_CIPHER *best = nullptr;
CipherScorer scorer(has_aes_hw);
Expand Down
17 changes: 4 additions & 13 deletions ssl/tls13_server.cc
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ static int ssl_ext_supported_versions_add_serverhello(SSL_HANDSHAKE *hs,
return 1;
}

static const SSL_CIPHER *choose_tls13_cipher(const SSL *ssl, uint16_t group_id) {
static const SSL_CIPHER *choose_tls13_cipher(const SSL *ssl) {
STACK_OF(SSL_CIPHER) *tls13_ciphers = nullptr;
if (ssl->ctx->tls13_cipher_list &&
ssl->ctx->tls13_cipher_list.get()->ciphers &&
Expand All @@ -122,7 +122,7 @@ static const SSL_CIPHER *choose_tls13_cipher(const SSL *ssl, uint16_t group_id)
ssl->config->aes_hw_override
? ssl->config->aes_hw_override_value
: EVP_has_aes_hardware(),
ssl_protocol_version(ssl), group_id, tls13_ciphers);
ssl_protocol_version(ssl), tls13_ciphers);
}

static bool add_new_session_tickets(SSL_HANDSHAKE *hs, bool *out_sent_tickets) {
Expand Down Expand Up @@ -227,21 +227,14 @@ static enum ssl_hs_wait_t do_select_parameters(SSL_HANDSHAKE *hs) {
client_hello.session_id_len);
hs->session_id_len = client_hello.session_id_len;

uint16_t group_id;
if (!tls1_get_shared_group(hs, &group_id)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SHARED_GROUP);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
return ssl_hs_error;
}

if (!ssl_parse_client_cipher_list(ssl, &client_hello, &ssl->client_cipher_suites)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SHARED_CIPHER);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
return ssl_hs_error;
}

// Negotiate the cipher suite.
hs->new_cipher = choose_tls13_cipher(ssl, group_id);
hs->new_cipher = choose_tls13_cipher(ssl);
if (hs->new_cipher == NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SHARED_CIPHER);
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
Expand Down Expand Up @@ -581,22 +574,20 @@ static enum ssl_hs_wait_t do_send_hello_retry_request(SSL_HANDSHAKE *hs) {

ScopedCBB cbb;
CBB body, session_id, extensions;
uint16_t group_id;
if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_SERVER_HELLO) ||
!CBB_add_u16(&body, TLS1_2_VERSION) ||
!CBB_add_bytes(&body, kHelloRetryRequest, SSL3_RANDOM_SIZE) ||
!CBB_add_u8_length_prefixed(&body, &session_id) ||
!CBB_add_bytes(&session_id, hs->session_id, hs->session_id_len) ||
!CBB_add_u16(&body, SSL_CIPHER_get_protocol_id(hs->new_cipher)) ||
!CBB_add_u8(&body, 0 /* no compression */) ||
!tls1_get_shared_group(hs, &group_id) ||
!CBB_add_u16_length_prefixed(&body, &extensions) ||
!CBB_add_u16(&extensions, TLSEXT_TYPE_supported_versions) ||
!CBB_add_u16(&extensions, 2 /* length */) ||
!CBB_add_u16(&extensions, ssl->version) ||
!CBB_add_u16(&extensions, TLSEXT_TYPE_key_share) ||
!CBB_add_u16(&extensions, 2 /* length */) ||
!CBB_add_u16(&extensions, group_id)) {
!CBB_add_u16(&extensions, hs->new_session->group_id)) {
return ssl_hs_error;
}
if (hs->ech_is_inner) {
Expand Down

0 comments on commit 4fdca57

Please sign in to comment.