/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ * Copyright 2005 Nokia. All rights reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* https://www.openssl.org/source/license.html
*/
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
#include <stdio.h>
#include <ctype.h>
#include <openssl/objects.h>
#include <openssl/comp.h>
#include <openssl/engine.h>
#include <openssl/crypto.h>
+#include <openssl/conf.h>
+#include "internal/nelem.h"
#include "ssl_locl.h"
#include "internal/thread_once.h"
+#include "internal/cryptlib.h"
#define SSL_ENC_DES_IDX 0
#define SSL_ENC_3DES_IDX 1
#define SSL_ENC_AES256CCM8_IDX 17
#define SSL_ENC_GOST8912_IDX 18
#define SSL_ENC_CHACHA_IDX 19
-#define SSL_ENC_NUM_IDX 20
+#define SSL_ENC_ARIA128GCM_IDX 20
+#define SSL_ENC_ARIA256GCM_IDX 21
+#define SSL_ENC_NUM_IDX 22
/* NB: make sure indices in these tables match values above */
{SSL_AES256CCM, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM_IDX 15 */
{SSL_AES128CCM8, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM8_IDX 16 */
{SSL_AES256CCM8, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM8_IDX 17 */
- {SSL_eGOST2814789CNT12, NID_gost89_cnt_12}, /* SSL_ENC_GOST8912_IDX */
- {SSL_CHACHA20POLY1305, NID_chacha20_poly1305},
+ {SSL_eGOST2814789CNT12, NID_gost89_cnt_12}, /* SSL_ENC_GOST8912_IDX 18 */
+ {SSL_CHACHA20POLY1305, NID_chacha20_poly1305}, /* SSL_ENC_CHACHA_IDX 19 */
+ {SSL_ARIA128GCM, NID_aria_128_gcm}, /* SSL_ENC_ARIA128GCM_IDX 20 */
+ {SSL_ARIA256GCM, NID_aria_256_gcm}, /* SSL_ENC_ARIA256GCM_IDX 21 */
};
-static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
- NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL
-};
+static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX];
#define SSL_COMP_NULL_IDX 0
#define SSL_COMP_ZLIB_IDX 1
{SSL_kRSAPSK, NID_kx_rsa_psk},
{SSL_kPSK, NID_kx_psk},
{SSL_kSRP, NID_kx_srp},
- {SSL_kGOST, NID_kx_gost}
+ {SSL_kGOST, NID_kx_gost},
+ {SSL_kANY, NID_kx_any}
};
static const ssl_cipher_table ssl_cipher_table_auth[] = {
{SSL_aGOST01, NID_auth_gost01},
{SSL_aGOST12, NID_auth_gost12},
{SSL_aSRP, NID_auth_srp},
- {SSL_aNULL, NID_auth_null}
+ {SSL_aNULL, NID_auth_null},
+ {SSL_aANY, NID_auth_any}
};
/* *INDENT-ON* */
static const SSL_CIPHER cipher_aliases[] = {
/* "ALL" doesn't include eNULL (must be specifically enabled) */
- {0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL},
+ {0, SSL_TXT_ALL, NULL, 0, 0, 0, ~SSL_eNULL},
/* "COMPLEMENTOFALL" */
- {0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL},
+ {0, SSL_TXT_CMPALL, NULL, 0, 0, 0, SSL_eNULL},
/*
* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
* ALL!)
*/
- {0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT},
+ {0, SSL_TXT_CMPDEF, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT},
/*
* key exchange aliases (some of those using only a single bit here
* combine multiple key exchange algs according to the RFCs, e.g. kDHE
* combines DHE_DSS and DHE_RSA)
*/
- {0, SSL_TXT_kRSA, 0, SSL_kRSA},
+ {0, SSL_TXT_kRSA, NULL, 0, SSL_kRSA},
- {0, SSL_TXT_kEDH, 0, SSL_kDHE},
- {0, SSL_TXT_kDHE, 0, SSL_kDHE},
- {0, SSL_TXT_DH, 0, SSL_kDHE},
+ {0, SSL_TXT_kEDH, NULL, 0, SSL_kDHE},
+ {0, SSL_TXT_kDHE, NULL, 0, SSL_kDHE},
+ {0, SSL_TXT_DH, NULL, 0, SSL_kDHE},
- {0, SSL_TXT_kEECDH, 0, SSL_kECDHE},
- {0, SSL_TXT_kECDHE, 0, SSL_kECDHE},
- {0, SSL_TXT_ECDH, 0, SSL_kECDHE},
+ {0, SSL_TXT_kEECDH, NULL, 0, SSL_kECDHE},
+ {0, SSL_TXT_kECDHE, NULL, 0, SSL_kECDHE},
+ {0, SSL_TXT_ECDH, NULL, 0, SSL_kECDHE},
- {0, SSL_TXT_kPSK, 0, SSL_kPSK},
- {0, SSL_TXT_kRSAPSK, 0, SSL_kRSAPSK},
- {0, SSL_TXT_kECDHEPSK, 0, SSL_kECDHEPSK},
- {0, SSL_TXT_kDHEPSK, 0, SSL_kDHEPSK},
- {0, SSL_TXT_kSRP, 0, SSL_kSRP},
- {0, SSL_TXT_kGOST, 0, SSL_kGOST},
+ {0, SSL_TXT_kPSK, NULL, 0, SSL_kPSK},
+ {0, SSL_TXT_kRSAPSK, NULL, 0, SSL_kRSAPSK},
+ {0, SSL_TXT_kECDHEPSK, NULL, 0, SSL_kECDHEPSK},
+ {0, SSL_TXT_kDHEPSK, NULL, 0, SSL_kDHEPSK},
+ {0, SSL_TXT_kSRP, NULL, 0, SSL_kSRP},
+ {0, SSL_TXT_kGOST, NULL, 0, SSL_kGOST},
/* server authentication aliases */
- {0, SSL_TXT_aRSA, 0, 0, SSL_aRSA},
- {0, SSL_TXT_aDSS, 0, 0, SSL_aDSS},
- {0, SSL_TXT_DSS, 0, 0, SSL_aDSS},
- {0, SSL_TXT_aNULL, 0, 0, SSL_aNULL},
- {0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA},
- {0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA},
- {0, SSL_TXT_aPSK, 0, 0, SSL_aPSK},
- {0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01},
- {0, SSL_TXT_aGOST12, 0, 0, SSL_aGOST12},
- {0, SSL_TXT_aGOST, 0, 0, SSL_aGOST01 | SSL_aGOST12},
- {0, SSL_TXT_aSRP, 0, 0, SSL_aSRP},
+ {0, SSL_TXT_aRSA, NULL, 0, 0, SSL_aRSA},
+ {0, SSL_TXT_aDSS, NULL, 0, 0, SSL_aDSS},
+ {0, SSL_TXT_DSS, NULL, 0, 0, SSL_aDSS},
+ {0, SSL_TXT_aNULL, NULL, 0, 0, SSL_aNULL},
+ {0, SSL_TXT_aECDSA, NULL, 0, 0, SSL_aECDSA},
+ {0, SSL_TXT_ECDSA, NULL, 0, 0, SSL_aECDSA},
+ {0, SSL_TXT_aPSK, NULL, 0, 0, SSL_aPSK},
+ {0, SSL_TXT_aGOST01, NULL, 0, 0, SSL_aGOST01},
+ {0, SSL_TXT_aGOST12, NULL, 0, 0, SSL_aGOST12},
+ {0, SSL_TXT_aGOST, NULL, 0, 0, SSL_aGOST01 | SSL_aGOST12},
+ {0, SSL_TXT_aSRP, NULL, 0, 0, SSL_aSRP},
/* aliases combining key exchange and server authentication */
- {0, SSL_TXT_EDH, 0, SSL_kDHE, ~SSL_aNULL},
- {0, SSL_TXT_DHE, 0, SSL_kDHE, ~SSL_aNULL},
- {0, SSL_TXT_EECDH, 0, SSL_kECDHE, ~SSL_aNULL},
- {0, SSL_TXT_ECDHE, 0, SSL_kECDHE, ~SSL_aNULL},
- {0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL},
- {0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA},
- {0, SSL_TXT_ADH, 0, SSL_kDHE, SSL_aNULL},
- {0, SSL_TXT_AECDH, 0, SSL_kECDHE, SSL_aNULL},
- {0, SSL_TXT_PSK, 0, SSL_PSK},
- {0, SSL_TXT_SRP, 0, SSL_kSRP},
+ {0, SSL_TXT_EDH, NULL, 0, SSL_kDHE, ~SSL_aNULL},
+ {0, SSL_TXT_DHE, NULL, 0, SSL_kDHE, ~SSL_aNULL},
+ {0, SSL_TXT_EECDH, NULL, 0, SSL_kECDHE, ~SSL_aNULL},
+ {0, SSL_TXT_ECDHE, NULL, 0, SSL_kECDHE, ~SSL_aNULL},
+ {0, SSL_TXT_NULL, NULL, 0, 0, 0, SSL_eNULL},
+ {0, SSL_TXT_RSA, NULL, 0, SSL_kRSA, SSL_aRSA},
+ {0, SSL_TXT_ADH, NULL, 0, SSL_kDHE, SSL_aNULL},
+ {0, SSL_TXT_AECDH, NULL, 0, SSL_kECDHE, SSL_aNULL},
+ {0, SSL_TXT_PSK, NULL, 0, SSL_PSK},
+ {0, SSL_TXT_SRP, NULL, 0, SSL_kSRP},
/* symmetric encryption aliases */
- {0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES},
- {0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4},
- {0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2},
- {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA},
- {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED},
- {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL},
- {0, SSL_TXT_GOST, 0, 0, 0, SSL_eGOST2814789CNT | SSL_eGOST2814789CNT12},
- {0, SSL_TXT_AES128, 0, 0, 0,
+ {0, SSL_TXT_3DES, NULL, 0, 0, 0, SSL_3DES},
+ {0, SSL_TXT_RC4, NULL, 0, 0, 0, SSL_RC4},
+ {0, SSL_TXT_RC2, NULL, 0, 0, 0, SSL_RC2},
+ {0, SSL_TXT_IDEA, NULL, 0, 0, 0, SSL_IDEA},
+ {0, SSL_TXT_SEED, NULL, 0, 0, 0, SSL_SEED},
+ {0, SSL_TXT_eNULL, NULL, 0, 0, 0, SSL_eNULL},
+ {0, SSL_TXT_GOST, NULL, 0, 0, 0, SSL_eGOST2814789CNT | SSL_eGOST2814789CNT12},
+ {0, SSL_TXT_AES128, NULL, 0, 0, 0,
SSL_AES128 | SSL_AES128GCM | SSL_AES128CCM | SSL_AES128CCM8},
- {0, SSL_TXT_AES256, 0, 0, 0,
+ {0, SSL_TXT_AES256, NULL, 0, 0, 0,
SSL_AES256 | SSL_AES256GCM | SSL_AES256CCM | SSL_AES256CCM8},
- {0, SSL_TXT_AES, 0, 0, 0, SSL_AES},
- {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM},
- {0, SSL_TXT_AES_CCM, 0, 0, 0,
+ {0, SSL_TXT_AES, NULL, 0, 0, 0, SSL_AES},
+ {0, SSL_TXT_AES_GCM, NULL, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM},
+ {0, SSL_TXT_AES_CCM, NULL, 0, 0, 0,
SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8},
- {0, SSL_TXT_AES_CCM_8, 0, 0, 0, SSL_AES128CCM8 | SSL_AES256CCM8},
- {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128},
- {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256},
- {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA},
- {0, SSL_TXT_CHACHA20, 0, 0, 0, SSL_CHACHA20},
+ {0, SSL_TXT_AES_CCM_8, NULL, 0, 0, 0, SSL_AES128CCM8 | SSL_AES256CCM8},
+ {0, SSL_TXT_CAMELLIA128, NULL, 0, 0, 0, SSL_CAMELLIA128},
+ {0, SSL_TXT_CAMELLIA256, NULL, 0, 0, 0, SSL_CAMELLIA256},
+ {0, SSL_TXT_CAMELLIA, NULL, 0, 0, 0, SSL_CAMELLIA},
+ {0, SSL_TXT_CHACHA20, NULL, 0, 0, 0, SSL_CHACHA20},
+
+ {0, SSL_TXT_ARIA, NULL, 0, 0, 0, SSL_ARIA},
+ {0, SSL_TXT_ARIA_GCM, NULL, 0, 0, 0, SSL_ARIA128GCM | SSL_ARIA256GCM},
+ {0, SSL_TXT_ARIA128, NULL, 0, 0, 0, SSL_ARIA128GCM},
+ {0, SSL_TXT_ARIA256, NULL, 0, 0, 0, SSL_ARIA256GCM},
/* MAC aliases */
- {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5},
- {0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1},
- {0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1},
- {0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94},
- {0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC | SSL_GOST89MAC12},
- {0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256},
- {0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384},
- {0, SSL_TXT_GOST12, 0, 0, 0, 0, SSL_GOST12_256},
+ {0, SSL_TXT_MD5, NULL, 0, 0, 0, 0, SSL_MD5},
+ {0, SSL_TXT_SHA1, NULL, 0, 0, 0, 0, SSL_SHA1},
+ {0, SSL_TXT_SHA, NULL, 0, 0, 0, 0, SSL_SHA1},
+ {0, SSL_TXT_GOST94, NULL, 0, 0, 0, 0, SSL_GOST94},
+ {0, SSL_TXT_GOST89MAC, NULL, 0, 0, 0, 0, SSL_GOST89MAC | SSL_GOST89MAC12},
+ {0, SSL_TXT_SHA256, NULL, 0, 0, 0, 0, SSL_SHA256},
+ {0, SSL_TXT_SHA384, NULL, 0, 0, 0, 0, SSL_SHA384},
+ {0, SSL_TXT_GOST12, NULL, 0, 0, 0, 0, SSL_GOST12_256},
/* protocol version aliases */
- {0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL3_VERSION},
- {0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, TLS1_VERSION},
- {0, "TLSv1.0", 0, 0, 0, 0, 0, TLS1_VERSION},
- {0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, TLS1_2_VERSION},
+ {0, SSL_TXT_SSLV3, NULL, 0, 0, 0, 0, 0, SSL3_VERSION},
+ {0, SSL_TXT_TLSV1, NULL, 0, 0, 0, 0, 0, TLS1_VERSION},
+ {0, "TLSv1.0", NULL, 0, 0, 0, 0, 0, TLS1_VERSION},
+ {0, SSL_TXT_TLSV1_2, NULL, 0, 0, 0, 0, 0, TLS1_2_VERSION},
/* strength classes */
- {0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_LOW},
- {0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_MEDIUM},
- {0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_HIGH},
+ {0, SSL_TXT_LOW, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_LOW},
+ {0, SSL_TXT_MEDIUM, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_MEDIUM},
+ {0, SSL_TXT_HIGH, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_HIGH},
/* FIPS 140-2 approved ciphersuite */
- {0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, SSL_FIPS},
+ {0, SSL_TXT_FIPS, NULL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, SSL_FIPS},
/* "EDH-" aliases to "DHE-" labels (for backward compatibility) */
- {0, SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 0,
+ {0, SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, NULL, 0,
SSL_kDHE, SSL_aDSS, SSL_3DES, SSL_SHA1, 0, 0, 0, 0, SSL_HIGH | SSL_FIPS},
- {0, SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 0,
+ {0, SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, NULL, 0,
SSL_kDHE, SSL_aRSA, SSL_3DES, SSL_SHA1, 0, 0, 0, 0, SSL_HIGH | SSL_FIPS},
};
int pkey_id = 0;
ameth = EVP_PKEY_asn1_find_str(NULL, pkey_name, -1);
if (ameth && EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,
- ameth) > 0) {
+ ameth) > 0)
return pkey_id;
- }
return 0;
}
static uint32_t disabled_mkey_mask;
static uint32_t disabled_auth_mask;
-void ssl_load_ciphers(void)
+int ssl_load_ciphers(void)
{
size_t i;
const ssl_cipher_table *t;
disabled_enc_mask |= t->mask;
}
}
-#ifdef SSL_FORBID_ENULL
- disabled_enc_mask |= SSL_eNULL;
-#endif
disabled_mac_mask = 0;
for (i = 0, t = ssl_cipher_table_mac; i < SSL_MD_NUM_IDX; i++, t++) {
const EVP_MD *md = EVP_get_digestbynid(t->nid);
disabled_mac_mask |= t->mask;
} else {
int tmpsize = EVP_MD_size(md);
- OPENSSL_assert(tmpsize >= 0);
+ if (!ossl_assert(tmpsize >= 0))
+ return 0;
ssl_mac_secret_size[i] = tmpsize;
}
}
/* Make sure we can access MD5 and SHA1 */
- OPENSSL_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL);
- OPENSSL_assert(ssl_digest_methods[SSL_MD_SHA1_IDX] != NULL);
+ if (!ossl_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL))
+ return 0;
+ if (!ossl_assert(ssl_digest_methods[SSL_MD_SHA1_IDX] != NULL))
+ return 0;
disabled_mkey_mask = 0;
disabled_auth_mask = 0;
disabled_mkey_mask |= SSL_kDHE | SSL_kDHEPSK;
#endif
#ifdef OPENSSL_NO_EC
- disabled_mkey_mask |= SSL_kECDHEPSK;
+ disabled_mkey_mask |= SSL_kECDHE | SSL_kECDHEPSK;
disabled_auth_mask |= SSL_aECDSA;
#endif
#ifdef OPENSSL_NO_PSK
* present, disable appropriate auth and key exchange
*/
ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac");
- if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
+ if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX])
ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
- } else {
+ else
disabled_mac_mask |= SSL_GOST89MAC;
- }
ssl_mac_pkey_id[SSL_MD_GOST89MAC12_IDX] =
get_optional_pkey_id("gost-mac-12");
- if (ssl_mac_pkey_id[SSL_MD_GOST89MAC12_IDX]) {
+ if (ssl_mac_pkey_id[SSL_MD_GOST89MAC12_IDX])
ssl_mac_secret_size[SSL_MD_GOST89MAC12_IDX] = 32;
- } else {
+ else
disabled_mac_mask |= SSL_GOST89MAC12;
- }
if (!get_optional_pkey_id("gost2001"))
disabled_auth_mask |= SSL_aGOST01 | SSL_aGOST12;
if ((disabled_auth_mask & (SSL_aGOST01 | SSL_aGOST12)) ==
(SSL_aGOST01 | SSL_aGOST12))
disabled_mkey_mask |= SSL_kGOST;
+
+ return 1;
}
#ifndef OPENSSL_NO_COMP
c = s->cipher;
if (c == NULL)
- return (0);
+ return 0;
if (comp != NULL) {
SSL_COMP ctmp;
#ifndef OPENSSL_NO_COMP
ctmp.id = s->compress_meth;
if (ssl_comp_methods != NULL) {
i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp);
- if (i >= 0)
- *comp = sk_SSL_COMP_value(ssl_comp_methods, i);
- else
- *comp = NULL;
+ *comp = sk_SSL_COMP_value(ssl_comp_methods, i);
}
/* If were only interested in comp then return success */
if ((enc == NULL) && (md == NULL))
i = ssl_cipher_info_lookup(ssl_cipher_table_cipher, c->algorithm_enc);
- if (i == -1)
+ if (i == -1) {
*enc = NULL;
- else {
+ } else {
if (i == SSL_ENC_NULL_IDX)
*enc = EVP_enc_null();
else
s->ssl_version < TLS1_VERSION)
return 1;
- if (FIPS_mode())
- return 1;
-
if (c->algorithm_enc == SSL_RC4 &&
c->algorithm_mac == SSL_MD5 &&
(evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
c->algorithm_mac == SSL_SHA256 &&
(evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256")))
*enc = evp, *md = NULL;
- return (1);
- } else
- return (0);
+ return 1;
+ } else {
+ return 0;
+ }
}
const EVP_MD *ssl_md(int idx)
/* drop those that use any of that is not available */
if (c == NULL || !c->valid)
continue;
- if (FIPS_mode() && (c->algo_strength & SSL_FIPS))
- continue;
if ((c->algorithm_mkey & disabled_mkey) ||
(c->algorithm_auth & disabled_auth) ||
(c->algorithm_enc & disabled_enc) ||
co_list[co_list_num].prev = NULL;
co_list[co_list_num].active = 0;
co_list_num++;
- /*
- * if (!sk_push(ca_list,(char *)c)) goto err;
- */
}
/*
number_uses = OPENSSL_zalloc(sizeof(int) * (max_strength_bits + 1));
if (number_uses == NULL) {
SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE);
- return (0);
+ return 0;
}
/*
tail_p);
OPENSSL_free(number_uses);
- return (1);
+ return 1;
}
static int ssl_cipher_process_rulestr(const char *rule_str,
retval = 1;
l = rule_str;
- for (;;) {
+ for ( ; ; ) {
ch = *l;
if (ch == '\0')
((ch >= 'a') && (ch <= 'z')) ||
(ch == '-') || (ch == '.') || (ch == '='))
#else
- while (isalnum(ch) || (ch == '-') || (ch == '.') || (ch == '='))
+ while (isalnum((unsigned char)ch) || (ch == '-') || (ch == '.')
+ || (ch == '='))
#endif
{
ch = *(++l);
if (ch == '+') {
multi = 1;
l++;
- } else
+ } else {
multi = 0;
+ }
/*
* Now search for the cipher alias in the ca_list. Be careful
found = 0;
break;
}
- } else
+ } else {
alg_mkey = ca_list[j]->algorithm_mkey;
+ }
}
if (ca_list[j]->algorithm_auth) {
found = 0;
break;
}
- } else
+ } else {
alg_auth = ca_list[j]->algorithm_auth;
+ }
}
if (ca_list[j]->algorithm_enc) {
found = 0;
break;
}
- } else
+ } else {
alg_enc = ca_list[j]->algorithm_enc;
+ }
}
if (ca_list[j]->algorithm_mac) {
found = 0;
break;
}
- } else
+ } else {
alg_mac = ca_list[j]->algorithm_mac;
+ }
}
if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
found = 0;
break;
}
- } else
+ } else {
algo_strength = ca_list[j]->algo_strength & SSL_STRONG_MASK;
+ }
}
if (ca_list[j]->algo_strength & SSL_DEFAULT_MASK) {
found = 0;
break;
}
- } else
+ } else {
algo_strength |=
ca_list[j]->algo_strength & SSL_DEFAULT_MASK;
+ }
}
if (ca_list[j]->valid) {
*/
if (rule == CIPHER_SPECIAL) { /* special command */
ok = 0;
- if ((buflen == 8) && strncmp(buf, "STRENGTH", 8) == 0)
+ if ((buflen == 8) && strncmp(buf, "STRENGTH", 8) == 0) {
ok = ssl_cipher_strength_sort(head_p, tail_p);
- else if (buflen == 10 && strncmp(buf, "SECLEVEL=", 9) == 0) {
+ } else if (buflen == 10 && strncmp(buf, "SECLEVEL=", 9) == 0) {
int level = buf[9] - '0';
if (level < 0 || level > 5) {
SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
c->sec_level = level;
ok = 1;
}
- } else
+ } else {
SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND);
+ }
if (ok == 0)
retval = 0;
/*
break; /* done */
}
- return (retval);
+ return retval;
}
#ifndef OPENSSL_NO_EC
if (suiteb_flags) {
c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS;
c->cert_flags |= suiteb_flags;
- } else
+ } else {
suiteb_flags = c->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS;
+ }
if (!suiteb_flags)
return 1;
}
#endif
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK_OF(SSL_CIPHER)
- **cipher_list, STACK_OF(SSL_CIPHER)
- **cipher_list_by_id,
- const char *rule_str, CERT *c)
+static int ciphersuite_cb(const char *elem, int len, void *arg)
+{
+ STACK_OF(SSL_CIPHER) *ciphersuites = (STACK_OF(SSL_CIPHER) *)arg;
+ const SSL_CIPHER *cipher;
+ /* Arbitrary sized temp buffer for the cipher name. Should be big enough */
+ char name[80];
+
+ if (len > (int)(sizeof(name) - 1)) {
+ SSLerr(SSL_F_CIPHERSUITE_CB, SSL_R_NO_CIPHER_MATCH);
+ return 0;
+ }
+
+ memcpy(name, elem, len);
+ name[len] = '\0';
+
+ cipher = ssl3_get_cipher_by_std_name(name);
+ if (cipher == NULL) {
+ SSLerr(SSL_F_CIPHERSUITE_CB, SSL_R_NO_CIPHER_MATCH);
+ return 0;
+ }
+
+ if (!sk_SSL_CIPHER_push(ciphersuites, cipher)) {
+ SSLerr(SSL_F_CIPHERSUITE_CB, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+
+ return 1;
+}
+
+static __owur int set_ciphersuites(STACK_OF(SSL_CIPHER) **currciphers, const char *str)
+{
+ STACK_OF(SSL_CIPHER) *newciphers = sk_SSL_CIPHER_new_null();
+
+ if (newciphers == NULL)
+ return 0;
+
+ /* Parse the list. We explicitly allow an empty list */
+ if (*str != '\0'
+ && !CONF_parse_list(str, ':', 1, ciphersuite_cb, newciphers)) {
+ sk_SSL_CIPHER_free(newciphers);
+ return 0;
+ }
+ sk_SSL_CIPHER_free(*currciphers);
+ *currciphers = newciphers;
+
+ return 1;
+}
+
+static int update_cipher_list_by_id(STACK_OF(SSL_CIPHER) **cipher_list_by_id,
+ STACK_OF(SSL_CIPHER) *cipherstack)
{
- int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
+ STACK_OF(SSL_CIPHER) *tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
+
+ if (tmp_cipher_list == NULL) {
+ return 0;
+ }
+
+ sk_SSL_CIPHER_free(*cipher_list_by_id);
+ *cipher_list_by_id = tmp_cipher_list;
+
+ (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id, ssl_cipher_ptr_id_cmp);
+ sk_SSL_CIPHER_sort(*cipher_list_by_id);
+
+ return 1;
+}
+
+static int update_cipher_list(STACK_OF(SSL_CIPHER) **cipher_list,
+ STACK_OF(SSL_CIPHER) **cipher_list_by_id,
+ STACK_OF(SSL_CIPHER) *tls13_ciphersuites)
+{
+ int i;
+ STACK_OF(SSL_CIPHER) *tmp_cipher_list = sk_SSL_CIPHER_dup(*cipher_list);
+
+ if (tmp_cipher_list == NULL)
+ return 0;
+
+ /*
+ * Delete any existing TLSv1.3 ciphersuites. These are always first in the
+ * list.
+ */
+ while (sk_SSL_CIPHER_num(tmp_cipher_list) > 0
+ && sk_SSL_CIPHER_value(tmp_cipher_list, 0)->min_tls
+ == TLS1_3_VERSION)
+ sk_SSL_CIPHER_delete(tmp_cipher_list, 0);
+
+ /* Insert the new TLSv1.3 ciphersuites */
+ for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++)
+ sk_SSL_CIPHER_insert(tmp_cipher_list,
+ sk_SSL_CIPHER_value(tls13_ciphersuites, i), i);
+
+ if (!update_cipher_list_by_id(cipher_list_by_id, tmp_cipher_list))
+ return 0;
+
+ sk_SSL_CIPHER_free(*cipher_list);
+ *cipher_list = tmp_cipher_list;
+
+ return 1;
+}
+
+int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str)
+{
+ int ret = set_ciphersuites(&(ctx->tls13_ciphersuites), str);
+
+ if (ret && ctx->cipher_list != NULL) {
+ /* We already have a cipher_list, so we need to update it */
+ return update_cipher_list(&ctx->cipher_list, &ctx->cipher_list_by_id,
+ ctx->tls13_ciphersuites);
+ }
+
+ return ret;
+}
+
+int SSL_set_ciphersuites(SSL *s, const char *str)
+{
+ int ret = set_ciphersuites(&(s->tls13_ciphersuites), str);
+
+ if (ret && s->cipher_list != NULL) {
+ /* We already have a cipher_list, so we need to update it */
+ return update_cipher_list(&s->cipher_list, &s->cipher_list_by_id,
+ s->tls13_ciphersuites);
+ }
+
+ return ret;
+}
+
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
+ STACK_OF(SSL_CIPHER) *tls13_ciphersuites,
+ STACK_OF(SSL_CIPHER) **cipher_list,
+ STACK_OF(SSL_CIPHER) **cipher_list_by_id,
+ const char *rule_str,
+ CERT *c)
+{
+ int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases, i;
uint32_t disabled_mkey, disabled_auth, disabled_enc, disabled_mac;
- STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
+ STACK_OF(SSL_CIPHER) *cipherstack;
const char *rule_p;
CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
const SSL_CIPHER **ca_list = NULL;
co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
if (co_list == NULL) {
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
- return (NULL); /* Failure */
+ return NULL; /* Failure */
}
ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
&tail);
- /*
- * ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1,
- * &head, &tail);
- */
ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
&tail);
ssl_cipher_apply_rule(0, SSL_kPSK, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
&tail);
- /* RC4 is sort-of broken -- move the the end */
+ /* RC4 is sort-of broken -- move to the end */
ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head,
&tail);
if (ca_list == NULL) {
OPENSSL_free(co_list);
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
- return (NULL); /* Failure */
+ return NULL; /* Failure */
}
ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
disabled_mkey, disabled_auth, disabled_enc,
if (!ok) { /* Rule processing failure */
OPENSSL_free(co_list);
- return (NULL);
+ return NULL;
}
/*
*/
if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
OPENSSL_free(co_list);
- return (NULL);
+ return NULL;
+ }
+
+ /* Add TLSv1.3 ciphers first - we always prefer those if possible */
+ for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {
+ if (!sk_SSL_CIPHER_push(cipherstack,
+ sk_SSL_CIPHER_value(tls13_ciphersuites, i))) {
+ sk_SSL_CIPHER_free(cipherstack);
+ return NULL;
+ }
}
/*
* to the resulting precedence to the STACK_OF(SSL_CIPHER).
*/
for (curr = head; curr != NULL; curr = curr->next) {
- if (curr->active
- && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) {
+ if (curr->active) {
if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) {
OPENSSL_free(co_list);
sk_SSL_CIPHER_free(cipherstack);
}
OPENSSL_free(co_list); /* Not needed any longer */
- tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
- if (tmp_cipher_list == NULL) {
+ if (!update_cipher_list_by_id(cipher_list_by_id, cipherstack)) {
sk_SSL_CIPHER_free(cipherstack);
return NULL;
}
sk_SSL_CIPHER_free(*cipher_list);
*cipher_list = cipherstack;
- if (*cipher_list_by_id != NULL)
- sk_SSL_CIPHER_free(*cipher_list_by_id);
- *cipher_list_by_id = tmp_cipher_list;
- (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id, ssl_cipher_ptr_id_cmp);
- sk_SSL_CIPHER_sort(*cipher_list_by_id);
- return (cipherstack);
+ return cipherstack;
}
char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
if (buf == NULL) {
len = 128;
- buf = OPENSSL_malloc(len);
- if (buf == NULL)
+ if ((buf = OPENSSL_malloc(len)) == NULL) {
+ SSLerr(SSL_F_SSL_CIPHER_DESCRIPTION, ERR_R_MALLOC_FAILURE);
return NULL;
- } else if (len < 128)
+ }
+ } else if (len < 128) {
return NULL;
+ }
alg_mkey = cipher->algorithm_mkey;
alg_auth = cipher->algorithm_auth;
case SSL_kGOST:
kx = "GOST";
break;
+ case SSL_kANY:
+ kx = "any";
+ break;
default:
kx = "unknown";
}
case (SSL_aGOST12 | SSL_aGOST01):
au = "GOST12";
break;
+ case SSL_aANY:
+ au = "any";
+ break;
default:
au = "unknown";
break;
case SSL_CAMELLIA256:
enc = "Camellia(256)";
break;
+ case SSL_ARIA128GCM:
+ enc = "ARIAGCM(128)";
+ break;
+ case SSL_ARIA256GCM:
+ enc = "ARIAGCM(256)";
+ break;
case SSL_SEED:
enc = "SEED(128)";
break;
BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac);
- return (buf);
+ return buf;
}
const char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
{
if (c != NULL)
- return (c->name);
- return ("(NONE)");
+ return c->name;
+ return "(NONE)";
+}
+
+/* return the actual cipher being used in RFC standard name */
+const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c)
+{
+ if (c != NULL)
+ return c->stdname;
+ return "(NONE)";
+}
+
+/* return the OpenSSL name based on given RFC standard name */
+const char *OPENSSL_cipher_name(const char *stdname)
+{
+ const SSL_CIPHER *c;
+
+ if (stdname == NULL)
+ return "(NONE)";
+ c = ssl3_get_cipher_by_std_name(stdname);
+ return SSL_CIPHER_get_name(c);
}
/* number of bits for symmetric cipher */
return c->id;
}
+uint16_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c)
+{
+ return c->id & 0xFFFF;
+}
+
SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
{
SSL_COMP *ctmp;
int i, nn;
if ((n == 0) || (sk == NULL))
- return (NULL);
+ return NULL;
nn = sk_SSL_COMP_num(sk);
for (i = 0; i < nn; i++) {
ctmp = sk_SSL_COMP_value(sk, i);
if (ctmp->id == n)
- return (ctmp);
+ return ctmp;
}
- return (NULL);
+ return NULL;
}
#ifdef OPENSSL_NO_COMP
STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
{
load_builtin_compressions();
- return (ssl_comp_methods);
+ return ssl_comp_methods;
}
STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
if (id < 193 || id > 255) {
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
- return 0;
+ return 1;
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
if (comp == NULL) {
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
- return (1);
+ return 1;
}
comp->id = id;
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
SSL_R_DUPLICATE_COMPRESSION_ID);
- return (1);
+ return 1;
}
if (ssl_comp_methods == NULL || !sk_SSL_COMP_push(ssl_comp_methods, comp)) {
OPENSSL_free(comp);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
- return (1);
+ return 1;
}
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
- return (0);
+ return 0;
}
#endif
#endif
}
-/* For a cipher return the index corresponding to the certificate type */
-int ssl_cipher_get_cert_index(const SSL_CIPHER *c)
-{
- uint32_t alg_a;
-
- alg_a = c->algorithm_auth;
-
- if (alg_a & SSL_aECDSA)
- return SSL_PKEY_ECC;
- else if (alg_a & SSL_aDSS)
- return SSL_PKEY_DSA_SIGN;
- else if (alg_a & SSL_aRSA)
- return SSL_PKEY_RSA_ENC;
- else if (alg_a & SSL_aGOST12)
- return SSL_PKEY_GOST_EC;
- else if (alg_a & SSL_aGOST01)
- return SSL_PKEY_GOST01;
-
- return -1;
-}
-
-const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr)
+const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr,
+ int all)
{
const SSL_CIPHER *c = ssl->method->get_cipher_by_char(ptr);
- if (c == NULL || c->valid == 0)
+ if (c == NULL || (!all && c->valid == 0))
return NULL;
return c;
}
return ssl_cipher_table_auth[i].nid;
}
+const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c)
+{
+ int idx = c->algorithm2 & SSL_HANDSHAKE_MAC_MASK;
+
+ if (idx < 0 || idx >= SSL_MD_NUM_IDX)
+ return NULL;
+ return ssl_digest_methods[idx];
+}
+
int SSL_CIPHER_is_aead(const SSL_CIPHER *c)
{
return (c->algorithm_mac & SSL_AEAD) ? 1 : 0;
/* Some hard-coded numbers for the CCM/Poly1305 MAC overhead
* because there are no handy #defines for those. */
- if (c->algorithm_enc & SSL_AESGCM) {
+ if (c->algorithm_enc & (SSL_AESGCM | SSL_ARIAGCM)) {
out = EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
} else if (c->algorithm_enc & (SSL_AES128CCM | SSL_AES256CCM)) {
out = EVP_CCM_TLS_EXPLICIT_IV_LEN + 16;
return 1;
}
+
+int ssl_cert_is_disabled(size_t idx)
+{
+ const SSL_CERT_LOOKUP *cl = ssl_cert_lookup_by_idx(idx);
+
+ if (cl == NULL || (cl->amask & disabled_auth_mask) != 0)
+ return 1;
+ return 0;
+}
projects / openssl.git / blobdiff