commit 7e06de5d2d1b53c57c0c81e8d6ba4122b64cf626
author Matthew Braithwaite <mab@google.com> Mon Apr 10 15:52:14 2017 -0700
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Tue Apr 11 23:41:31 2017 +0000
tree 3c83743c185bcb8805e719000137181bbc0b5af1
parent cb3af3e9c1ddf69d3f96f9f59d57e8e4375a7e78

Really remove DHE ciphersuites from TLS.

This follows up on cedc6f18 by removing support for the
-DBORINGSSL_ENABLE_DHE_TLS compile flag, and the code needed to
support it.

Change-Id: I53b6aa7a0eddd23ace8b770edb2a31b18ba2ce26
Reviewed-on: https://boringssl-review.googlesource.com/14886
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/ssl_cipher.c

diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c
index 4ade583..cb62edd 100644
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c
@@ -193,19 +193,6 @@
      SSL_HANDSHAKE_MAC_DEFAULT,
     },
 
-#ifdef BORINGSSL_ENABLE_DHE_TLS
-    /* Cipher 33 */
-    {
-     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
-     TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
-     SSL_kDHE,
-     SSL_aRSA,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_HANDSHAKE_MAC_DEFAULT,
-    },
-#endif
-
     /* Cipher 35 */
     {
      TLS1_TXT_RSA_WITH_AES_256_SHA,
@@ -217,19 +204,6 @@
      SSL_HANDSHAKE_MAC_DEFAULT,
     },
 
-#ifdef BORINGSSL_ENABLE_DHE_TLS
-    /* Cipher 39 */
-    {
-     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
-     TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
-     SSL_kDHE,
-     SSL_aRSA,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_HANDSHAKE_MAC_DEFAULT,
-    },
-#endif
-
 
     /* TLS v1.2 ciphersuites */
 
@@ -255,30 +229,6 @@
      SSL_HANDSHAKE_MAC_SHA256,
     },
 
-#ifdef BORINGSSL_ENABLE_DHE_TLS
-    /* Cipher 67 */
-    {
-     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
-     TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
-     SSL_kDHE,
-     SSL_aRSA,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_HANDSHAKE_MAC_SHA256,
-    },
-
-    /* Cipher 6B */
-    {
-     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
-     TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
-     SSL_kDHE,
-     SSL_aRSA,
-     SSL_AES256,
-     SSL_SHA256,
-     SSL_HANDSHAKE_MAC_SHA256,
-    },
-#endif
-
     /* PSK cipher suites. */
 
     /* Cipher 8C */
@@ -327,30 +277,6 @@
      SSL_HANDSHAKE_MAC_SHA384,
     },
 
-#ifdef BORINGSSL_ENABLE_DHE_TLS
-    /* Cipher 9E */
-    {
-     TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
-     SSL_kDHE,
-     SSL_aRSA,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_HANDSHAKE_MAC_SHA256,
-    },
-
-    /* Cipher 9F */
-    {
-     TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
-     SSL_kDHE,
-     SSL_aRSA,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_HANDSHAKE_MAC_SHA384,
-    },
-#endif
-
     /* TLS 1.3 suites. */
 
     /* Cipher 1301 */
@@ -626,16 +552,9 @@
 
     /* key exchange aliases
      * (some of those using only a single bit here combine
-     * multiple key exchange algs according to the RFCs,
-     * e.g. kEDH combines DHE_DSS and DHE_RSA) */
+     * multiple key exchange algs according to the RFCs. */
     {"kRSA", SSL_kRSA, ~0u, ~0u, ~0u, 0},
 
-#ifdef BORINGSSL_ENABLE_DHE_TLS
-    {"kDHE", SSL_kDHE, ~0u, ~0u, ~0u, 0},
-    {"kEDH", SSL_kDHE, ~0u, ~0u, ~0u, 0},
-    {"DH", SSL_kDHE, ~0u, ~0u, ~0u, 0},
-#endif
-
     {"kECDHE", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
     {"kEECDH", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
     {"ECDH", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
@@ -649,10 +568,6 @@
     {"aPSK", ~0u, SSL_aPSK, ~0u, ~0u, 0},
 
     /* aliases combining key exchange and server authentication */
-#ifdef BORINGSSL_ENABLE_DHE_TLS
-    {"DHE", SSL_kDHE, ~0u, ~0u, ~0u, 0},
-    {"EDH", SSL_kDHE, ~0u, ~0u, ~0u, 0},
-#endif
     {"ECDHE", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
     {"EECDH", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
     {"RSA", SSL_kRSA, SSL_aRSA, ~SSL_eNULL, ~0u, 0},
@@ -1485,10 +1400,6 @@
   return (cipher->algorithm_auth & SSL_aECDSA) != 0;
 }
 
-int SSL_CIPHER_is_DHE(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_mkey & SSL_kDHE) != 0;
-}
-
 int SSL_CIPHER_is_ECDHE(const SSL_CIPHER *cipher) {
   return (cipher->algorithm_mkey & SSL_kECDHE) != 0;
 }
@@ -1537,15 +1448,6 @@
     case SSL_kRSA:
       return "RSA";
 
-    case SSL_kDHE:
-      switch (cipher->algorithm_auth) {
-        case SSL_aRSA:
-          return "DHE_RSA";
-        default:
-          assert(0);
-          return "UNKNOWN";
-      }
-
     case SSL_kECDHE:
       switch (cipher->algorithm_auth) {
         case SSL_aECDSA:
@@ -1705,10 +1607,6 @@
       kx = "RSA";
       break;
 
-    case SSL_kDHE:
-      kx = "DH";
-      break;
-
     case SSL_kECDHE:
       kx = "ECDH";
       break;
@@ -1849,8 +1747,7 @@
 
 int ssl_cipher_requires_server_key_exchange(const SSL_CIPHER *cipher) {
   /* Ephemeral Diffie-Hellman key exchanges require a ServerKeyExchange. */
-  if (cipher->algorithm_mkey & SSL_kDHE ||
-      cipher->algorithm_mkey & SSL_kECDHE) {
+  if (cipher->algorithm_mkey & SSL_kECDHE) {
     return 1;
   }