{0,SSL_TXT_CMPALL,0, 0,0,SSL_eNULL,0,0,0,0,0,0},
/* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in ALL!) */
- {0,SSL_TXT_CMPDEF,0, SSL_kEDH|SSL_kEECDH,SSL_aNULL,~SSL_eNULL,0,0,0,0,0,0},
+ {0,SSL_TXT_CMPDEF,0, SSL_kDHE|SSL_kECDHE,SSL_aNULL,~SSL_eNULL,0,0,0,0,0,0},
/* key exchange aliases
* (some of those using only a single bit here combine
* multiple key exchange algs according to the RFCs,
- * e.g. kEDH combines DHE_DSS and DHE_RSA) */
+ * e.g. kDHE combines DHE_DSS and DHE_RSA) */
{0,SSL_TXT_kRSA,0, SSL_kRSA, 0,0,0,0,0,0,0,0},
- {0,SSL_TXT_kDHr,0, SSL_kDHr, 0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
- {0,SSL_TXT_kDHd,0, SSL_kDHd, 0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
- {0,SSL_TXT_kDH,0, SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
- {0,SSL_TXT_kEDH,0, SSL_kEDH, 0,0,0,0,0,0,0,0},
- {0,SSL_TXT_DH,0, SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_kDHr,0, SSL_kDHr, 0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_kDHd,0, SSL_kDHd, 0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_kDH,0, SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_kEDH,0, SSL_kDHE, 0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_kDHE,0, SSL_kDHE, 0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_DH,0, SSL_kDHr|SSL_kDHd|SSL_kDHE,0,0,0,0,0,0,0,0},
{0,SSL_TXT_kKRB5,0, SSL_kKRB5, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_kECDHr,0, SSL_kECDHr,0,0,0,0,0,0,0,0},
{0,SSL_TXT_kECDHe,0, SSL_kECDHe,0,0,0,0,0,0,0,0},
{0,SSL_TXT_kECDH,0, SSL_kECDHr|SSL_kECDHe,0,0,0,0,0,0,0,0},
- {0,SSL_TXT_kEECDH,0, SSL_kEECDH,0,0,0,0,0,0,0,0},
- {0,SSL_TXT_ECDH,0, SSL_kECDHr|SSL_kECDHe|SSL_kEECDH,0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_kEECDH,0, SSL_kECDHE,0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_kECDHE,0, SSL_kECDHE,0,0,0,0,0,0,0,0},
+ {0,SSL_TXT_ECDH,0, SSL_kECDHr|SSL_kECDHe|SSL_kECDHE,0,0,0,0,0,0,0,0},
{0,SSL_TXT_kPSK,0, SSL_kPSK, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_kSRP,0, SSL_kSRP, 0,0,0,0,0,0,0,0},
{0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0},
/* aliases combining key exchange and server authentication */
- {0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0},
- {0,SSL_TXT_EECDH,0, SSL_kEECDH,~SSL_aNULL,0,0,0,0,0,0,0},
+ {0,SSL_TXT_EDH,0, SSL_kDHE,~SSL_aNULL,0,0,0,0,0,0,0},
+ {0,SSL_TXT_DHE,0, SSL_kDHE,~SSL_aNULL,0,0,0,0,0,0,0},
+ {0,SSL_TXT_EECDH,0, SSL_kECDHE,~SSL_aNULL,0,0,0,0,0,0,0},
+ {0,SSL_TXT_ECDHE,0, SSL_kECDHE,~SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_NULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0},
{0,SSL_TXT_KRB5,0, SSL_kKRB5,SSL_aKRB5,0,0,0,0,0,0,0},
{0,SSL_TXT_RSA,0, SSL_kRSA,SSL_aRSA,0,0,0,0,0,0,0},
- {0,SSL_TXT_ADH,0, SSL_kEDH,SSL_aNULL,0,0,0,0,0,0,0},
- {0,SSL_TXT_AECDH,0, SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0},
+ {0,SSL_TXT_ADH,0, SSL_kDHE,SSL_aNULL,0,0,0,0,0,0,0},
+ {0,SSL_TXT_AECDH,0, SSL_kECDHE,SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_PSK,0, SSL_kPSK,SSL_aPSK,0,0,0,0,0,0,0},
{0,SSL_TXT_SRP,0, SSL_kSRP,0,0,0,0,0,0,0,0},
{0,SSL_TXT_SSLV2,0, 0,0,0,0,SSL_SSLV2, 0,0,0,0},
{0,SSL_TXT_SSLV3,0, 0,0,0,0,SSL_SSLV3, 0,0,0,0},
{0,SSL_TXT_TLSV1,0, 0,0,0,0,SSL_TLSV1, 0,0,0,0},
+ {0,SSL_TXT_TLSV1_2,0, 0,0,0,0,SSL_TLSV1_2, 0,0,0,0},
/* export flag */
{0,SSL_TXT_EXP,0, 0,0,0,0,0,SSL_EXPORT,0,0,0},
{0,SSL_TXT_HIGH,0, 0,0,0,0,0,SSL_HIGH, 0,0,0},
/* FIPS 140-2 approved ciphersuite */
{0,SSL_TXT_FIPS,0, 0,0,~SSL_eNULL,0,0,SSL_FIPS, 0,0,0},
+
+ /* "EDH-" aliases to "DHE-" labels (for backward compatibility) */
+ {0,SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,0,
+ SSL_kDHE,SSL_aDSS,SSL_DES,SSL_SHA1,SSL_SSLV3,SSL_EXPORT|SSL_EXP40,0,0,0,},
+ {0,SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,0,
+ SSL_kDHE,SSL_aDSS,SSL_DES,SSL_SHA1,SSL_SSLV3,SSL_NOT_EXP|SSL_LOW,0,0,0,},
+ {0,SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,0,
+ SSL_kDHE,SSL_aDSS,SSL_3DES,SSL_SHA1,SSL_SSLV3,SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,0,0,0,},
+ {0,SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,0,
+ SSL_kDHE,SSL_aRSA,SSL_DES,SSL_SHA1,SSL_SSLV3,SSL_EXPORT|SSL_EXP40,0,0,0,},
+ {0,SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,0,
+ SSL_kDHE,SSL_aRSA,SSL_DES,SSL_SHA1,SSL_SSLV3,SSL_NOT_EXP|SSL_LOW,0,0,0,},
+ {0,SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,0,
+ SSL_kDHE,SSL_aRSA,SSL_3DES,SSL_SHA1,SSL_SSLV3,SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,0,0,0,},
+
};
/* Search for public key algorithm with given name and
* return its pkey_id if it is available. Otherwise return 0
sk_SSL_COMP_push(ssl_comp_methods,comp);
}
}
+ sk_SSL_COMP_sort(ssl_comp_methods);
}
MemCheck_on();
}
#endif
int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
- const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COMP **comp)
+ const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COMP **comp, int use_etm)
{
int i;
const SSL_CIPHER *c;
{
const EVP_CIPHER *evp;
- if (s->ssl_version >= TLS1_VERSION &&
- c->algorithm_enc == SSL_RC4 &&
+ if (use_etm)
+ return 1;
+
+ if (s->ssl_version>>8 != TLS1_VERSION_MAJOR ||
+ s->ssl_version < TLS1_VERSION)
+ return 1;
+
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return 1;
+#endif
+
+ if (c->algorithm_enc == SSL_RC4 &&
c->algorithm_mac == SSL_MD5 &&
(evp=EVP_get_cipherbyname("RC4-HMAC-MD5")))
*enc = evp, *md = NULL;
- else if (s->ssl_version >= TLS1_VERSION &&
- c->algorithm_enc == SSL_AES128 &&
+ else if (c->algorithm_enc == SSL_AES128 &&
c->algorithm_mac == SSL_SHA1 &&
(evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
*enc = evp, *md = NULL;
- else if (s->ssl_version >= TLS1_VERSION &&
- c->algorithm_enc == SSL_AES256 &&
+ else if (c->algorithm_enc == SSL_AES256 &&
c->algorithm_mac == SSL_SHA1 &&
(evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
*enc = evp, *md = NULL;
+ else if (c->algorithm_enc == SSL_AES128 &&
+ c->algorithm_mac == SSL_SHA256 &&
+ (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA256")))
+ *enc = evp, *md = NULL;
+ else if (c->algorithm_enc == SSL_AES256 &&
+ c->algorithm_mac == SSL_SHA256 &&
+ (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256")))
+ *enc = evp, *md = NULL;
return(1);
}
else
#ifdef OPENSSL_NO_DSA
*auth |= SSL_aDSS;
#endif
- *mkey |= SSL_kDHr|SSL_kDHd; /* no such ciphersuites supported! */
- *auth |= SSL_aDH;
#ifdef OPENSSL_NO_DH
- *mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
+ *mkey |= SSL_kDHr|SSL_kDHd|SSL_kDHE;
*auth |= SSL_aDH;
#endif
#ifdef OPENSSL_NO_KRB5
*enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
*enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128:0;
*enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256:0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == NULL) ? SSL_AES128GCM:0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM:0;
*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128:0;
*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256:0;
*enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT:0;
#ifdef CIPHER_DEBUG
printf("\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n", cp->name, cp->algorithm_mkey, cp->algorithm_auth, cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl, cp->algo_strength);
#endif
-
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+ if (cipher_id && cipher_id != cp->id)
+ continue;
+#endif
if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
continue;
if (alg_auth && !(alg_auth & cp->algorithm_auth))
while ( ((ch >= 'A') && (ch <= 'Z')) ||
((ch >= '0') && (ch <= '9')) ||
((ch >= 'a') && (ch <= 'z')) ||
- (ch == '-'))
+ (ch == '-') || (ch == '.'))
#else
- while ( isalnum(ch) || (ch == '-'))
+ while ( isalnum(ch) || (ch == '-') || (ch == '.'))
#endif
{
ch = *(++l);
return(retval);
}
+#ifndef OPENSSL_NO_EC
+static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
+ const char **prule_str)
+ {
+ unsigned int suiteb_flags = 0, suiteb_comb2 = 0;
+ if (!strcmp(*prule_str, "SUITEB128"))
+ suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
+ else if (!strcmp(*prule_str, "SUITEB128ONLY"))
+ suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY;
+ else if (!strcmp(*prule_str, "SUITEB128C2"))
+ {
+ suiteb_comb2 = 1;
+ suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
+ }
+ else if (!strcmp(*prule_str, "SUITEB192"))
+ suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS;
+
+ if (suiteb_flags)
+ {
+ c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS;
+ c->cert_flags |= suiteb_flags;
+ }
+ else
+ suiteb_flags = c->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS;
+
+ if (!suiteb_flags)
+ return 1;
+ /* Check version: if TLS 1.2 ciphers allowed we can use Suite B */
+
+ if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS))
+ {
+ if (meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
+ SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
+ SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
+ else
+ SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
+ SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
+ return 0;
+ }
+
+ switch(suiteb_flags)
+ {
+ case SSL_CERT_FLAG_SUITEB_128_LOS:
+ if (suiteb_comb2)
+ *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";
+ else
+ *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384";
+ break;
+ case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:
+ *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256";
+ break;
+ case SSL_CERT_FLAG_SUITEB_192_LOS:
+ *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";
+ break;
+ }
+ /* Set auto ECDH parameter determination */
+ c->ecdh_tmp_auto = 1;
+ return 1;
+ }
+#endif
+
STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
STACK_OF(SSL_CIPHER) **cipher_list,
STACK_OF(SSL_CIPHER) **cipher_list_by_id,
- const char *rule_str)
+ const char *rule_str, CERT *c)
{
int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl;
*/
if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
return NULL;
+#ifndef OPENSSL_NO_EC
+ if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
+ return NULL;
+#endif
/*
* To reduce the work to do we only want to process the compiled
/* Now arrange all ciphers by preference: */
/* Everything else being equal, prefer ephemeral ECDH over other key exchange mechanisms */
- ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
- ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
+ ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
+ ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
/* AES is our preferred symmetric cipher */
ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
case SSL_kKRB5:
kx="KRB5";
break;
- case SSL_kEDH:
+ case SSL_kDHE:
kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
break;
case SSL_kECDHr:
case SSL_kECDHe:
kx="ECDH/ECDSA";
break;
- case SSL_kEECDH:
+ case SSL_kECDHE:
kx="ECDH";
break;
case SSL_kPSK:
return(ssl_comp_methods);
}
+void SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) *meths)
+ {
+ ssl_comp_methods = meths;
+ }
+
int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
{
SSL_COMP *comp;
return comp->name;
return NULL;
}
-
#endif
+/* For a cipher return the index corresponding to the certificate type */
+int ssl_cipher_get_cert_index(const SSL_CIPHER *c)
+ {
+ unsigned long alg_k, alg_a;
+
+ alg_k = c->algorithm_mkey;
+ alg_a = c->algorithm_auth;
+
+ if (alg_k & (SSL_kECDHr|SSL_kECDHe))
+ {
+ /* we don't need to look at SSL_kECDHE
+ * since no certificate is needed for
+ * anon ECDH and for authenticated
+ * ECDHE, the check for the auth
+ * algorithm will set i correctly
+ * NOTE: For ECDH-RSA, we need an ECC
+ * not an RSA cert but for ECDHE-RSA
+ * we need an RSA cert. Placing the
+ * checks for SSL_kECDH before RSA
+ * checks ensures the correct cert is chosen.
+ */
+ return SSL_PKEY_ECC;
+ }
+ else if (alg_a & SSL_aECDSA)
+ return SSL_PKEY_ECC;
+ else if (alg_k & SSL_kDHr)
+ return SSL_PKEY_DH_RSA;
+ else if (alg_k & SSL_kDHd)
+ return SSL_PKEY_DH_DSA;
+ else if (alg_a & SSL_aDSS)
+ return SSL_PKEY_DSA_SIGN;
+ else if (alg_a & SSL_aRSA)
+ return SSL_PKEY_RSA_ENC;
+ else if (alg_a & SSL_aKRB5)
+ /* VRS something else here? */
+ return -1;
+ else if (alg_a & SSL_aGOST94)
+ return SSL_PKEY_GOST94;
+ else if (alg_a & SSL_aGOST01)
+ return SSL_PKEY_GOST01;
+ return -1;
+ }
+
+const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr)
+ {
+ const SSL_CIPHER *c;
+ c = ssl->method->get_cipher_by_char(ptr);
+ if (c == NULL || c->valid == 0)
+ return NULL;
+ return c;
+ }
+
+const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr)
+ {
+ return ssl->method->get_cipher_by_char(ptr);
+ }
projects / openssl.git / blobdiff