/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/rand.h>
#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
+#define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs)
/*
* The list of available ciphers, mostly organized into the following
* EC
* PSK
* SRP (within that: RSA EC PSK)
- * Cipher families: Chacha/poly, Camellila, Gost, IDEA, SEED
+ * Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
* Weak ciphers
*/
static SSL_CIPHER ssl3_ciphers[] = {
SSL_AES128GCM,
SSL_AEAD,
TLS1_3_VERSION, TLS1_3_VERSION,
+ SSL_kANY,
+ SSL_aANY,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_3_TXT_AES_256_GCM_SHA384,
+ TLS1_3_CK_AES_256_GCM_SHA384,
+ SSL_kANY,
+ SSL_aANY,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_3_VERSION, TLS1_3_VERSION,
0, 0,
SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ SSL_HANDSHAKE_MAC_SHA384,
+ 256,
+ 256,
+ },
+#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+ {
+ 1,
+ TLS1_3_TXT_CHACHA20_POLY1305_SHA256,
+ TLS1_3_CK_CHACHA20_POLY1305_SHA256,
+ SSL_kANY,
+ SSL_aANY,
+ SSL_CHACHA20POLY1305,
+ SSL_AEAD,
+ TLS1_3_VERSION, TLS1_3_VERSION,
+ 0, 0,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256,
+ 256,
+ 256,
+ },
+#endif
+ {
+ 1,
+ TLS1_3_TXT_AES_128_CCM_SHA256,
+ TLS1_3_CK_AES_128_CCM_SHA256,
+ SSL_kANY,
+ SSL_aANY,
+ SSL_AES128CCM,
+ SSL_AEAD,
+ TLS1_3_VERSION, TLS1_3_VERSION,
+ 0, 0,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_3_TXT_AES_128_CCM_8_SHA256,
+ TLS1_3_CK_AES_128_CCM_8_SHA256,
+ SSL_kANY,
+ SSL_aANY,
+ SSL_AES128CCM8,
+ SSL_AEAD,
+ TLS1_3_VERSION, TLS1_3_VERSION,
+ 0, 0,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256,
128,
128,
},
};
+/*
+ * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
+ * values stuffed into the ciphers field of the wire protocol for signalling
+ * purposes.
+ */
+static SSL_CIPHER ssl3_scsvs[] = {
+ {
+ 0,
+ "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
+ SSL3_CK_SCSV,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ },
+ {
+ 0,
+ "TLS_FALLBACK_SCSV",
+ SSL3_CK_FALLBACK_SCSV,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ },
+};
+
static int cipher_compare(const void *a, const void *b)
{
const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
void ssl_sort_cipher_list(void)
{
- qsort(ssl3_ciphers, OSSL_NELEM(ssl3_ciphers), sizeof ssl3_ciphers[0],
+ qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof ssl3_ciphers[0],
cipher_compare);
+ qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof ssl3_scsvs[0], cipher_compare);
}
const SSL3_ENC_METHOD SSLv3_enc_data = {
case SSL_CTRL_SET_CURRENT_CERT:
if (larg == SSL_CERT_SET_SERVER) {
- CERT_PKEY *cpk;
const SSL_CIPHER *cipher;
if (!s->server)
return 0;
cipher = s->s3->tmp.new_cipher;
- if (!cipher)
+ if (cipher == NULL)
return 0;
/*
* No certificate for unauthenticated ciphersuites or using SRP
*/
if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
return 2;
- cpk = ssl_get_server_send_pkey(s);
- if (!cpk)
+ if (s->s3->tmp.cert == NULL)
return 0;
- s->cert->key = cpk;
+ s->cert->key = s->s3->tmp.cert;
return 1;
}
return ssl_cert_set_current(s->cert, larg);
const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
{
SSL_CIPHER c;
+ const SSL_CIPHER *cp;
c.id = id;
- return OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+ cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+ if (cp != NULL)
+ return cp;
+ return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
}
/*
const SSL_CIPHER *c, *ret = NULL;
STACK_OF(SSL_CIPHER) *prio, *allow;
int i, ii, ok;
- unsigned long alg_k, alg_a, mask_k, mask_a;
+ unsigned long alg_k = 0, alg_a = 0, mask_k, mask_a;
/* Let's see which ciphers we can support */