Remove OPENSSL_NO_EC guards from libssl

Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13916)
2025-05-08 07:29:41 +00:00 · 2021-01-15 16:54:28 +00:00 · 2021-01-15 16:54:28 +00:00 · 462f4f4bc0
commit 462f4f4bc0
parent 54e3efff81
19 changed files with 22 additions and 167 deletions
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@ -1264,6 +1264,7 @@ SSL_R_BLOCK_CIPHER_PAD_IS_WRONG:129:block cipher pad is wrong
 SSL_R_BN_LIB:130:bn lib
 SSL_R_CALLBACK_FAILED:234:callback failed
 SSL_R_CANNOT_CHANGE_CIPHER:109:cannot change cipher
 SSL_R_CANNOT_GET_GROUP_NAME:299:cannot get group name
 SSL_R_CA_DN_LENGTH_MISMATCH:131:ca dn length mismatch
 SSL_R_CA_KEY_TOO_SMALL:397:ca key too small
 SSL_R_CA_MD_TOO_WEAK:398:ca md too weak
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@ -66,6 +66,7 @@
 # define SSL_R_BN_LIB                                     130
 # define SSL_R_CALLBACK_FAILED                            234
 # define SSL_R_CANNOT_CHANGE_CIPHER                       109
 # define SSL_R_CANNOT_GET_GROUP_NAME                      299
 # define SSL_R_CA_DN_LENGTH_MISMATCH                      131
 # define SSL_R_CA_KEY_TOO_SMALL                           397
 # define SSL_R_CA_MD_TOO_WEAK                             398
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@ -3484,7 +3484,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                                           &s->ext.supportedgroups_len,
                                           parg);
        }
-#endif
+#endif                          /* !OPENSSL_NO_DEPRECATED_3_0 */
    case SSL_CTRL_SET_TLSEXT_HOSTNAME:
        /*
         * This API is only used for a client to set what SNI it will request
@ -3718,7 +3718,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
            return 1;
        }
 #ifndef OPENSSL_NO_EC
    case SSL_CTRL_GET_EC_POINT_FORMATS:
        {
            const unsigned char **pformat = parg;
@ -3728,7 +3727,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
            *pformat = s->ext.peer_ecpointformats;
            return (int)s->ext.peer_ecpointformats_len;
        }
 #endif
    default:
        break;
@ -3801,7 +3799,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
                                           &ctx->ext.supportedgroups_len,
                                           parg);
        }
-#endif
+#endif                          /* !OPENSSL_NO_DEPRECATED_3_0 */
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
        ctx->ext.servername_arg = parg;
        break;
@ -4266,14 +4264,12 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
                        "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
                        ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
 #ifndef OPENSSL_NO_EC
            /*
             * if we are considering an ECC cipher suite that uses an ephemeral
             * EC key check it
             */
            if (alg_k & SSL_kECDHE)
                ok = ok && tls1_check_ec_tmp_key(s, c->id);
 #endif                          /* OPENSSL_NO_EC */
            if (!ok)
                continue;
@ -4284,14 +4280,14 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
            if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
                              c->strength_bits, 0, (void *)c))
                continue;
-#if !defined(OPENSSL_NO_EC)
+
            if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
                && s->s3.is_probably_safari) {
                if (!ret)
                    ret = sk_SSL_CIPHER_value(allow, ii);
                continue;
            }
-#endif
+
            if (prefer_sha256) {
                const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@ -1245,7 +1245,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
    return retval;
 }
 #ifndef OPENSSL_NO_EC
 static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
                                    const char **prule_str)
 {
@ -1276,7 +1275,7 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
        ERR_raise(ERR_LIB_SSL, SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE);
        return 0;
    }
-# ifndef OPENSSL_NO_EC
+
    switch (suiteb_flags) {
    case SSL_CERT_FLAG_SUITEB_128_LOS:
        if (suiteb_comb2)
@ -1293,12 +1292,7 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
        break;
    }
    return 1;
 # else
    ERR_raise(ERR_LIB_SSL, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE);
    return 0;
 # endif
 }
 #endif
 static int ciphersuite_cb(const char *elem, int len, void *arg)
 {
@ -1446,10 +1440,9 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_CTX *ctx,
     */
    if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
        return NULL;
-#ifndef OPENSSL_NO_EC
+
    if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
        return NULL;
 #endif
    /*
     * To reduce the work to do we only want to process the compiled
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@ -221,7 +221,6 @@ static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value)
    return cmd_Groups(cctx, value);
 }
 #ifndef OPENSSL_NO_EC
 /* ECDH temporary parameters */
 static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
 {
@ -236,20 +235,18 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
        strcmp(value, "auto") == 0)
        return 1;
-    nid = EC_curve_nist2nid(value);
+    /* ECDHParameters accepts a single group name */
-    if (nid == NID_undef)
+    if (strstr(value, ":") != NULL)
        nid = OBJ_sn2nid(value);
    if (nid == 0)
        return 0;
    if (cctx->ctx)
-        rv = SSL_CTX_set1_groups(cctx->ctx, &nid, 1);
+        rv = SSL_CTX_set1_groups_list(cctx->ctx, value);
    else if (cctx->ssl)
-        rv = SSL_set1_groups(cctx->ssl, &nid, 1);
+        rv = SSL_set1_groups_list(cctx->ssl, value);
    return rv > 0;
 }
-#endif
+
 static int cmd_CipherString(SSL_CONF_CTX *cctx, const char *value)
 {
    int rv = 1;
@ -700,9 +697,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
    SSL_CONF_CMD_STRING(ClientSignatureAlgorithms, "client_sigalgs", 0),
    SSL_CONF_CMD_STRING(Curves, "curves", 0),
    SSL_CONF_CMD_STRING(Groups, "groups", 0),
 #ifndef OPENSSL_NO_EC
    SSL_CONF_CMD_STRING(ECDHParameters, "named_curve", SSL_CONF_FLAG_SERVER),
 #endif
    SSL_CONF_CMD_STRING(CipherString, "cipher", 0),
    SSL_CONF_CMD_STRING(Ciphersuites, "ciphersuites", 0),
    SSL_CONF_CMD_STRING(Protocol, NULL, 0),
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@ -74,6 +74,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CALLBACK_FAILED), "callback failed"},
    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CANNOT_CHANGE_CIPHER),
    "cannot change cipher"},
    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CANNOT_GET_GROUP_NAME),
    "cannot get group name"},
    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CA_DN_LENGTH_MISMATCH),
    "ca dn length mismatch"},
    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CA_KEY_TOO_SMALL), "ca key too small"},
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@ -768,7 +768,6 @@ SSL *SSL_new(SSL_CTX *ctx)
    s->ext.ocsp.resp_len = 0;
    SSL_CTX_up_ref(ctx);
    s->session_ctx = ctx;
 #ifndef OPENSSL_NO_EC
    if (ctx->ext.ecpointformats) {
        s->ext.ecpointformats =
            OPENSSL_memdup(ctx->ext.ecpointformats,
@ -778,7 +777,6 @@ SSL *SSL_new(SSL_CTX *ctx)
        s->ext.ecpointformats_len =
            ctx->ext.ecpointformats_len;
    }
 #endif
    if (ctx->ext.supportedgroups) {
        s->ext.supportedgroups =
            OPENSSL_memdup(ctx->ext.supportedgroups,
@ -1212,10 +1210,8 @@ void SSL_free(SSL *s)
    OPENSSL_free(s->ext.hostname);
    SSL_CTX_free(s->session_ctx);
 #ifndef OPENSSL_NO_EC
    OPENSSL_free(s->ext.ecpointformats);
    OPENSSL_free(s->ext.peer_ecpointformats);
 #endif                          /* OPENSSL_NO_EC */
    OPENSSL_free(s->ext.supportedgroups);
    OPENSSL_free(s->ext.peer_supportedgroups);
    sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts, X509_EXTENSION_free);
@ -3392,9 +3388,7 @@ void SSL_CTX_free(SSL_CTX *a)
    tls_engine_finish(a->client_cert_engine);
 #endif
 #ifndef OPENSSL_NO_EC
    OPENSSL_free(a->ext.ecpointformats);
 #endif
    OPENSSL_free(a->ext.supportedgroups);
    OPENSSL_free(a->ext.supported_groups_default);
    OPENSSL_free(a->ext.alpn);
@ -3499,9 +3493,8 @@ void ssl_set_masks(SSL *s)
    uint32_t *pvalid = s->s3.tmp.valid_flags;
    int rsa_enc, rsa_sign, dh_tmp, dsa_sign;
    unsigned long mask_k, mask_a;
 #ifndef OPENSSL_NO_EC
    int have_ecc_cert, ecdsa_ok;
-#endif
+
    if (c == NULL)
        return;
@ -3512,9 +3505,7 @@ void ssl_set_masks(SSL *s)
    rsa_enc = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID;
    rsa_sign = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID;
    dsa_sign = pvalid[SSL_PKEY_DSA_SIGN] & CERT_PKEY_VALID;
 #ifndef OPENSSL_NO_EC
    have_ecc_cert = pvalid[SSL_PKEY_ECC] & CERT_PKEY_VALID;
 #endif
    mask_k = 0;
    mask_a = 0;
@ -3562,7 +3553,6 @@ void ssl_set_masks(SSL *s)
     * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
     * depending on the key usage extension.
     */
 #ifndef OPENSSL_NO_EC
    if (have_ecc_cert) {
        uint32_t ex_kusage;
        ex_kusage = X509_get_key_usage(c->pkeys[SSL_PKEY_ECC].x509);
@ -3583,11 +3573,8 @@ void ssl_set_masks(SSL *s)
            && pvalid[SSL_PKEY_ED448] & CERT_PKEY_EXPLICIT_SIGN
            && TLS1_get_version(s) == TLS1_2_VERSION)
            mask_a |= SSL_aECDSA;
 #endif
 #ifndef OPENSSL_NO_EC
    mask_k |= SSL_kECDHE;
 #endif
 #ifndef OPENSSL_NO_PSK
    mask_k |= SSL_kPSK;
@ -3604,8 +3591,6 @@ void ssl_set_masks(SSL *s)
    s->s3.tmp.mask_a = mask_a;
 }
 #ifndef OPENSSL_NO_EC
 int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
 {
    if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aECDSA) {
@ -3618,8 +3603,6 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
    return 1;                   /* all checks are ok */
 }
 #endif
 int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
                                   size_t *serverinfo_length)
 {
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@ -1051,11 +1051,9 @@ struct ssl_ctx_st {
        /* RFC 4366 Maximum Fragment Length Negotiation */
        uint8_t max_fragment_len_mode;
 # ifndef OPENSSL_NO_EC
        /* EC extension values inherited by SSL structure */
        size_t ecpointformats_len;
        unsigned char *ecpointformats;
 # endif                         /* OPENSSL_NO_EC */
        size_t supportedgroups_len;
        uint16_t *supportedgroups;
@ -1407,14 +1405,12 @@ struct ssl_st {
        /* used by the client to know if it actually sent alpn */
        int alpn_sent;
 # ifndef OPENSSL_NO_EC
        /*
         * This is set to true if we believe that this is a version of Safari
         * running on OS X 10.6 or newer. We wish to know this because Safari on
         * 10.8 .. 10.8.3 has broken ECDHE-ECDSA support.
         */
        char is_probably_safari;
 # endif                         /* !OPENSSL_NO_EC */
        /* For clients: peer temporary key */
        /* The group_id for the key exchange key */
@ -1595,7 +1591,6 @@ struct ssl_st {
        int ticket_expected;
        /* TLS 1.3 tickets requested by the application. */
        int extra_tickets_expected;
 # ifndef OPENSSL_NO_EC
        size_t ecpointformats_len;
        /* our list */
        unsigned char *ecpointformats;
@ -1603,7 +1598,6 @@ struct ssl_st {
        size_t peer_ecpointformats_len;
        /* peer's list */
        unsigned char *peer_ecpointformats;
 # endif                         /* OPENSSL_NO_EC */
        size_t supportedgroups_len;
        /* our list */
        uint16_t *supportedgroups;
@ -1929,14 +1923,12 @@ typedef struct dtls1_state_st {
 } DTLS1_STATE;
 # ifndef OPENSSL_NO_EC
 /*
 * From ECC-TLS draft, used in encoding the curve type in ECParameters
 */
 #  define EXPLICIT_PRIME_CURVE_TYPE  1
 #  define EXPLICIT_CHAR2_CURVE_TYPE  2
 #  define NAMED_CURVE_TYPE           3
 # endif                         /* OPENSSL_NO_EC */
 struct cert_pkey_st {
    X509 *x509;
@ -2644,9 +2636,7 @@ __owur int tls1_alert_code(int code);
 __owur int tls13_alert_code(int code);
 __owur int ssl3_alert_code(int code);
 #  ifndef OPENSSL_NO_EC
 __owur int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
 #  endif
 SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
@ -2663,11 +2653,9 @@ __owur EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id);
 __owur int tls_valid_group(SSL *s, uint16_t group_id, int minversion,
                           int maxversion, int isec, int *okfortls13);
 __owur EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id);
 #  ifndef OPENSSL_NO_EC
 void tls1_get_formatlist(SSL *s, const unsigned char **pformats,
                         size_t *num_formats);
 __owur int tls1_check_ec_tmp_key(SSL *s, unsigned long id);
 #  endif                        /* OPENSSL_NO_EC */
 __owur int tls_group_allowed(SSL *s, uint16_t curve, int op);
 void tls1_get_supported_groups(SSL *s, const uint16_t **pgroups,
@ -2719,9 +2707,7 @@ __owur int tls1_set_peer_legacy_sigalg(SSL *s, const EVP_PKEY *pkey);
 __owur int tls1_lookup_md(SSL_CTX *ctx, const SIGALG_LOOKUP *lu,
                          const EVP_MD **pmd);
 __owur size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs);
 #  ifndef OPENSSL_NO_EC
 __owur int tls_check_sigalg_curve(const SSL *s, int curve);
 #  endif
 __owur int tls12_check_peer_sigalg(SSL *s, uint16_t, EVP_PKEY *pkey);
 __owur int ssl_set_client_disabled(SSL *s);
 __owur int ssl_cipher_disabled(const SSL *s, const SSL_CIPHER *c, int op, int echde);
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@ -239,12 +239,12 @@ static int ssl_set_cert(CERT *c, X509 *x)
        ERR_raise(ERR_LIB_SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
        return 0;
    }
-#ifndef OPENSSL_NO_EC
+
    if (i == SSL_PKEY_ECC && !EVP_PKEY_can_sign(pkey)) {
        ERR_raise(ERR_LIB_SSL, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
        return 0;
    }
-#endif
+
    if (c->pkeys[i].privatekey != NULL) {
        /*
         * The return code from EVP_PKEY_copy_parameters is deliberately
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@ -17,9 +17,7 @@
 static int final_renegotiate(SSL *s, unsigned int context, int sent);
 static int init_server_name(SSL *s, unsigned int context);
 static int final_server_name(SSL *s, unsigned int context, int sent);
 #ifndef OPENSSL_NO_EC
 static int final_ec_pt_formats(SSL *s, unsigned int context, int sent);
 #endif
 static int init_session_ticket(SSL *s, unsigned int context);
 #ifndef OPENSSL_NO_OCSP
 static int init_status_request(SSL *s, unsigned int context);
@ -151,7 +149,6 @@ static const EXTENSION_DEFINITION ext_defs[] = {
 #else
    INVALID_EXTENSION,
 #endif
 #ifndef OPENSSL_NO_EC
    {
        TLSEXT_TYPE_ec_point_formats,
        SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO
@ -160,9 +157,6 @@ static const EXTENSION_DEFINITION ext_defs[] = {
        tls_construct_stoc_ec_pt_formats, tls_construct_ctos_ec_pt_formats,
        final_ec_pt_formats
    },
 #else
    INVALID_EXTENSION,
 #endif
    {
        /*
         * "supported_groups" is spread across several specifications.
@ -1008,7 +1002,6 @@ static int final_server_name(SSL *s, unsigned int context, int sent)
    }
 }
 #ifndef OPENSSL_NO_EC
 static int final_ec_pt_formats(SSL *s, unsigned int context, int sent)
 {
    unsigned long alg_k, alg_a;
@ -1046,7 +1039,6 @@ static int final_ec_pt_formats(SSL *s, unsigned int context, int sent)
    return 1;
 }
 #endif
 static int init_session_ticket(SSL *s, unsigned int context)
 {
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@ -151,7 +151,6 @@ static int use_ecc(SSL *s, int min_version, int max_version)
    return 0;
 }
 #ifndef OPENSSL_NO_EC
 EXT_RETURN tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt,
                                            unsigned int context, X509 *x,
                                            size_t chainidx)
@ -182,7 +181,6 @@ EXT_RETURN tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt,
    return EXT_RETURN_SENT;
 }
 #endif
 EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
                                               unsigned int context, X509 *x,
@ -1312,7 +1310,6 @@ int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, unsigned int context,
    return 1;
 }
 #ifndef OPENSSL_NO_EC
 int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
                                 X509 *x, size_t chainidx)
 {
@ -1350,7 +1347,6 @@ int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
    return 1;
 }
 #endif
 int tls_parse_stoc_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
                                  X509 *x, size_t chainidx)
--- a/ssl/statem/extensions_cust.c
+++ b/ssl/statem/extensions_cust.c
@ -488,11 +488,9 @@ int SSL_extension_supported(unsigned int ext_type)
    switch (ext_type) {
        /* Internally supported extensions. */
    case TLSEXT_TYPE_application_layer_protocol_negotiation:
 #ifndef OPENSSL_NO_EC
    case TLSEXT_TYPE_ec_point_formats:
    case TLSEXT_TYPE_supported_groups:
    case TLSEXT_TYPE_key_share:
 #endif
 #ifndef OPENSSL_NO_NEXTPROTONEG
    case TLSEXT_TYPE_next_proto_neg:
 #endif
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@ -228,7 +228,6 @@ int tls_parse_ctos_srp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
 }
 #endif
 #ifndef OPENSSL_NO_EC
 int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
                                 X509 *x, size_t chainidx)
 {
@ -251,7 +250,6 @@ int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
    return 1;
 }
 #endif                          /* OPENSSL_NO_EC */
 int tls_parse_ctos_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
                                  X509 *x, size_t chainidx)
@ -1303,7 +1301,6 @@ EXT_RETURN tls_construct_stoc_maxfragmentlen(SSL *s, WPACKET *pkt,
    return EXT_RETURN_SENT;
 }
 #ifndef OPENSSL_NO_EC
 EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt,
                                            unsigned int context, X509 *x,
                                            size_t chainidx)
@ -1329,7 +1326,6 @@ EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt,
    return EXT_RETURN_SENT;
 }
 #endif
 EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
                                               unsigned int context, X509 *x,
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@ -2111,7 +2111,6 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
 static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
 {
 #ifndef OPENSSL_NO_EC
    PACKET encoded_pt;
    unsigned int curve_type, curve_id;
@ -2164,10 +2163,6 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey)
    /* else anonymous ECDH, so no certificate or pkey. */
    return 1;
 #else
    SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
    return 0;
 #endif
 }
 MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
@ -2959,7 +2954,6 @@ static int tls_construct_cke_dhe(SSL *s, WPACKET *pkt)
 static int tls_construct_cke_ecdhe(SSL *s, WPACKET *pkt)
 {
 #ifndef OPENSSL_NO_EC
    unsigned char *encodedPoint = NULL;
    size_t encoded_pt_len = 0;
    EVP_PKEY *ckey = NULL, *skey = NULL;
@ -3000,10 +2994,6 @@ static int tls_construct_cke_ecdhe(SSL *s, WPACKET *pkt)
    OPENSSL_free(encodedPoint);
    EVP_PKEY_free(ckey);
    return ret;
 #else
    SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
    return 0;
 #endif
 }
 static int tls_construct_cke_gost(SSL *s, WPACKET *pkt)
@ -3550,14 +3540,13 @@ int ssl3_check_cert_and_algorithm(SSL *s)
        return 0;
    }
 #ifndef OPENSSL_NO_EC
    if (clu->amask & SSL_aECDSA) {
        if (ssl_check_srvr_ecc_cert_and_alg(s->session->peer, s))
            return 1;
        SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_BAD_ECC_CERT);
        return 0;
    }
-#endif
+
    if (alg_k & (SSL_kRSA | SSL_kRSAPSK) && idx != SSL_PKEY_RSA) {
        SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
                 SSL_R_MISSING_RSA_ENCRYPTING_CERT);
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@ -1521,9 +1521,7 @@ static int ssl_method_error(const SSL *s, const SSL_METHOD *method)
 static int is_tls13_capable(const SSL *s)
 {
    int i;
 #ifndef OPENSSL_NO_EC
    int curve;
 #endif
    if (!ossl_assert(s->ctx != NULL) || !ossl_assert(s->session_ctx != NULL))
        return 0;
@ -1557,7 +1555,6 @@ static int is_tls13_capable(const SSL *s)
        }
        if (!ssl_has_cert(s, i))
            continue;
 #ifndef OPENSSL_NO_EC
        if (i != SSL_PKEY_ECC)
            return 1;
        /*
@ -1568,9 +1565,6 @@ static int is_tls13_capable(const SSL *s)
        curve = ssl_get_EC_curve_nid(s->cert->pkeys[SSL_PKEY_ECC].privatekey);
        if (tls_check_sigalg_curve(s, curve))
            return 1;
 #else
        return 1;
 #endif
    }
    return 0;
--- a/ssl/statem/statem_local.h
+++ b/ssl/statem/statem_local.h
@ -205,10 +205,8 @@ int tls_parse_ctos_srp(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
 #endif
 int tls_parse_ctos_early_data(SSL *s, PACKET *pkt, unsigned int context,
                              X509 *x, size_t chainidx);
 #ifndef OPENSSL_NO_EC
 int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
                                 X509 *x, size_t chainidx);
 #endif
 int tls_parse_ctos_supported_groups(SSL *s, PACKET *pkt, unsigned int context,
                                    X509 *x, size_t chainidxl);
 int tls_parse_ctos_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
@ -258,11 +256,9 @@ EXT_RETURN tls_construct_stoc_early_data(SSL *s, WPACKET *pkt,
 EXT_RETURN tls_construct_stoc_maxfragmentlen(SSL *s, WPACKET *pkt,
                                             unsigned int context, X509 *x,
                                             size_t chainidx);
 #ifndef OPENSSL_NO_EC
 EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt,
                                            unsigned int context, X509 *x,
                                            size_t chainidx);
 #endif
 EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt,
                                               unsigned int context, X509 *x,
                                               size_t chainidx);
@ -319,11 +315,9 @@ EXT_RETURN tls_construct_ctos_maxfragmentlen(SSL *s, WPACKET *pkt, unsigned int
 EXT_RETURN tls_construct_ctos_srp(SSL *s, WPACKET *pkt, unsigned int context, X509 *x,
                           size_t chainidx);
 #endif
 #ifndef OPENSSL_NO_EC
 EXT_RETURN tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt,
                                            unsigned int context, X509 *x,
                                            size_t chainidx);
 #endif
 EXT_RETURN tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt,
                                               unsigned int context, X509 *x,
                                               size_t chainidx);
@ -387,10 +381,8 @@ int tls_parse_stoc_early_data(SSL *s, PACKET *pkt, unsigned int context,
                              X509 *x, size_t chainidx);
 int tls_parse_stoc_maxfragmentlen(SSL *s, PACKET *pkt, unsigned int context,
                                  X509 *x, size_t chainidx);
 #ifndef OPENSSL_NO_EC
 int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
                                 X509 *x, size_t chainidx);
 #endif
 int tls_parse_stoc_session_ticket(SSL *s, PACKET *pkt, unsigned int context,
                                  X509 *x, size_t chainidx);
 #ifndef OPENSSL_NO_OCSP
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@ -1306,7 +1306,6 @@ int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt)
    return 1;
 }
 #ifndef OPENSSL_NO_EC
 /*-
 * ssl_check_for_safari attempts to fingerprint Safari using OS X
 * SecureTransport using the TLS extension block in |hello|.
@ -1368,7 +1367,6 @@ static void ssl_check_for_safari(SSL *s, const CLIENTHELLO_MSG *hello)
    s->s3.is_probably_safari = PACKET_equal(&tmppkt, kSafariExtensionsBlock,
                                             ext_len);
 }
 #endif                          /* !OPENSSL_NO_EC */
 MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
 {
@ -1853,10 +1851,8 @@ static int tls_early_post_process_client_hello(SSL *s)
        goto err;
    }
 #ifndef OPENSSL_NO_EC
    if (s->options & SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
        ssl_check_for_safari(s, clienthello);
 #endif                          /* !OPENSSL_NO_EC */
    /* TLS extensions */
    if (!tls_parse_all_extensions(s, SSL_EXT_CLIENT_HELLO,
@ -2420,11 +2416,9 @@ int tls_construct_server_done(SSL *s, WPACKET *pkt)
 int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
 {
    EVP_PKEY *pkdh = NULL;
 #ifndef OPENSSL_NO_EC
    unsigned char *encodedPoint = NULL;
    size_t encodedlen = 0;
    int curve_id = 0;
 #endif
    const SIGALG_LOOKUP *lu = s->s3.tmp.sigalg;
    int i;
    unsigned long type;
@ -2510,9 +2504,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
            SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
            goto err;
        }
-    } else
+    } else if (type & (SSL_kECDHE | SSL_kECDHEPSK)) {
 #ifndef OPENSSL_NO_EC
    if (type & (SSL_kECDHE | SSL_kECDHEPSK)) {
        if (s->s3.tmp.pkey != NULL) {
            SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
@ -2550,7 +2542,6 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
        r[2] = NULL;
        r[3] = NULL;
    } else
 #endif                          /* !OPENSSL_NO_EC */
 #ifndef OPENSSL_NO_SRP
    if (type & SSL_kSRP) {
        if ((s->srp_ctx.N == NULL) ||
@ -2638,7 +2629,6 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
        BN_bn2bin(r[i], binval);
    }
 #ifndef OPENSSL_NO_EC
    if (type & (SSL_kECDHE | SSL_kECDHEPSK)) {
        /*
         * We only support named (not generic) curves. In this situation, the
@ -2656,7 +2646,6 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
        OPENSSL_free(encodedPoint);
        encodedPoint = NULL;
    }
 #endif
    /* not anonymous */
    if (lu != NULL) {
@ -2717,9 +2706,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
    ret = 1;
 err:
    EVP_PKEY_free(pkdh);
 #ifndef OPENSSL_NO_EC
    OPENSSL_free(encodedPoint);
 #endif
    EVP_MD_CTX_free(md_ctx);
    if (freer) {
        BN_free(r[0]);
@ -3004,7 +2991,6 @@ static int tls_process_cke_dhe(SSL *s, PACKET *pkt)
 static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)
 {
 #ifndef OPENSSL_NO_EC
    EVP_PKEY *skey = s->s3.tmp.pkey;
    EVP_PKEY *ckey = NULL;
    int ret = 0;
@ -3057,11 +3043,6 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)
    EVP_PKEY_free(ckey);
    return ret;
 #else
    /* Should never happen */
    SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
    return 0;
 #endif
 }
 static int tls_process_cke_srp(SSL *s, PACKET *pkt)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -185,13 +185,11 @@ static struct {
    {NID_ffdhe8192, OSSL_TLS_GROUP_ID_ffdhe8192}
 };
 #ifndef OPENSSL_NO_EC
 static const unsigned char ecformats_default[] = {
    TLSEXT_ECPOINTFORMAT_uncompressed,
    TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime,
    TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2
 };
 #endif /* !defined(OPENSSL_NO_EC) */
 /* The default curves */
 static const uint16_t supported_groups_default[] = {
@ -214,12 +212,10 @@ static const uint16_t supported_groups_default[] = {
    0x104,                   /* ffdhe8192 (0x104) */
 };
 #ifndef OPENSSL_NO_EC
 static const uint16_t suiteb_curves[] = {
    TLSEXT_curve_P_256,
    TLSEXT_curve_P_384
 };
 #endif
 struct provider_group_data_st {
    SSL_CTX *ctx;
@ -427,16 +423,6 @@ int ssl_load_groups(SSL_CTX *ctx)
 static uint16_t tls1_group_name2id(SSL_CTX *ctx, const char *name)
 {
    size_t i;
    int nid = NID_undef;
    /* See if we can identify a nid for this name */
 #ifndef OPENSSL_NO_EC
    nid = EC_curve_nist2nid(name);
 #endif
    if (nid == NID_undef)
        nid = OBJ_sn2nid(name);
    if (nid == NID_undef)
        nid = OBJ_ln2nid(name);
    for (i = 0; i < ctx->group_list_len; i++) {
        if (strcmp(ctx->group_list[i].tlsname, name) == 0
@ -506,7 +492,6 @@ void tls1_get_supported_groups(SSL *s, const uint16_t **pgroups,
 {
    /* For Suite B mode only include P-256, P-384 */
    switch (tls1_suiteb(s)) {
 # ifndef OPENSSL_NO_EC
    case SSL_CERT_FLAG_SUITEB_128_LOS:
        *pgroups = suiteb_curves;
        *pgroupslen = OSSL_NELEM(suiteb_curves);
@ -521,7 +506,6 @@ void tls1_get_supported_groups(SSL *s, const uint16_t **pgroups,
        *pgroups = suiteb_curves + 1;
        *pgroupslen = 1;
        break;
 # endif
    default:
        if (s->ext.supportedgroups == NULL) {
@ -821,7 +805,6 @@ int tls1_check_group_id(SSL *s, uint16_t group_id, int check_own_groups)
    return tls1_in_list(group_id, groups, groups_len);
 }
 #ifndef OPENSSL_NO_EC
 void tls1_get_formatlist(SSL *s, const unsigned char **pformats,
                         size_t *num_formats)
 {
@ -974,24 +957,13 @@ int tls1_check_ec_tmp_key(SSL *s, unsigned long cid)
    return 0;
 }
 #else
 static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
 {
    return 1;
 }
 #endif                          /* OPENSSL_NO_EC */
 /* Default sigalg schemes */
 static const uint16_t tls12_sigalgs[] = {
 #ifndef OPENSSL_NO_EC
    TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
    TLSEXT_SIGALG_ecdsa_secp384r1_sha384,
    TLSEXT_SIGALG_ecdsa_secp521r1_sha512,
    TLSEXT_SIGALG_ed25519,
    TLSEXT_SIGALG_ed448,
 #endif
    TLSEXT_SIGALG_rsa_pss_pss_sha256,
    TLSEXT_SIGALG_rsa_pss_pss_sha384,
@ -1004,10 +976,9 @@ static const uint16_t tls12_sigalgs[] = {
    TLSEXT_SIGALG_rsa_pkcs1_sha384,
    TLSEXT_SIGALG_rsa_pkcs1_sha512,
 #ifndef OPENSSL_NO_EC
    TLSEXT_SIGALG_ecdsa_sha224,
    TLSEXT_SIGALG_ecdsa_sha1,
-#endif
+
    TLSEXT_SIGALG_rsa_pkcs1_sha224,
    TLSEXT_SIGALG_rsa_pkcs1_sha1,
 #ifndef OPENSSL_NO_DSA
@ -1027,15 +998,13 @@ static const uint16_t tls12_sigalgs[] = {
 #endif
 };
-#ifndef OPENSSL_NO_EC
+
 static const uint16_t suiteb_sigalgs[] = {
    TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
    TLSEXT_SIGALG_ecdsa_secp384r1_sha384
 };
 #endif
 static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
 #ifndef OPENSSL_NO_EC
    {"ecdsa_secp256r1_sha256", TLSEXT_SIGALG_ecdsa_secp256r1_sha256,
     NID_sha256, SSL_MD_SHA256_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
     NID_ecdsa_with_SHA256, NID_X9_62_prime256v1, 1},
@ -1057,7 +1026,6 @@ static const SIGALG_LOOKUP sigalg_lookup_tbl[] = {
    {NULL, TLSEXT_SIGALG_ecdsa_sha1,
     NID_sha1, SSL_MD_SHA1_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
     NID_ecdsa_with_SHA1, NID_undef, 1},
 #endif
    {"rsa_pss_rsae_sha256", TLSEXT_SIGALG_rsa_pss_rsae_sha256,
     NID_sha256, SSL_MD_SHA256_IDX, EVP_PKEY_RSA_PSS, SSL_PKEY_RSA,
     NID_undef, NID_undef, 1},
@ -1362,7 +1330,6 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs)
     * If Suite B mode use Suite B sigalgs only, ignore any other
     * preferences.
     */
 #ifndef OPENSSL_NO_EC
    switch (tls1_suiteb(s)) {
    case SSL_CERT_FLAG_SUITEB_128_LOS:
        *psigs = suiteb_sigalgs;
@ -1376,7 +1343,6 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs)
        *psigs = suiteb_sigalgs + 1;
        return 1;
    }
 #endif
    /*
     *  We use client_sigalgs (if not NULL) if we're a server
     *  and sending a certificate request or if we're a client and
@ -1394,7 +1360,6 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const uint16_t **psigs)
    }
 }
 #ifndef OPENSSL_NO_EC
 /*
 * Called by servers only. Checks that we have a sig alg that supports the
 * specified EC curve.
@ -1425,7 +1390,6 @@ int tls_check_sigalg_curve(const SSL *s, int curve)
    return 0;
 }
 #endif
 /*
 * Return the number of security bits for the signature algorithm, or 0 on
@ -1518,7 +1482,6 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
        return 0;
    }
 #ifndef OPENSSL_NO_EC
    if (pkeyid == EVP_PKEY_EC) {
        /* Check point compression is permitted */
@ -1557,7 +1520,6 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
        SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_WRONG_SIGNATURE_TYPE);
        return 0;
    }
 #endif
    /* Check signature matches a type we sent */
    sent_sigslen = tls12_get_psigalgs(s, 1, &sent_sigs);
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@ -1181,7 +1181,6 @@ static int ssl_print_server_keyex(BIO *bio, int indent, const SSL *ssl,
            return 0;
        break;
 # ifndef OPENSSL_NO_EC
    case SSL_kECDHE:
    case SSL_kECDHEPSK:
        if (msglen < 1)
@ -1207,7 +1206,6 @@ static int ssl_print_server_keyex(BIO *bio, int indent, const SSL *ssl,
            return 0;
        }
        break;
 # endif
    case SSL_kPSK:
    case SSL_kRSAPSK: