Check EVP errors for handshake digests.

[openssl.git] / ssl / ssl_ciph.c
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c

index fbd0c212075c486b850606436b62ecdcda62df54..a5c417a9ed55ac713ffec5144e7f23087095d6e8 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -485,7 +485,7 @@ static void load_builtin_compressions(void)
  #endif
  
  int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
-            const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COMP **comp)
+            const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COMP **comp, int use_etm)
         {
         int i;
         const SSL_CIPHER *c;
@@ -617,6 +617,9 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
                 {
                 const EVP_CIPHER *evp;
  
+               if (use_etm)
+                       return 1;
+
                 if (s->ssl_version>>8 != TLS1_VERSION_MAJOR ||
                     s->ssl_version < TLS1_VERSION)
                         return 1;
@@ -638,6 +641,14 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
                          c->algorithm_mac == SSL_SHA1 &&
                          (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
                         *enc = evp, *md = NULL;
+               else if (c->algorithm_enc == SSL_AES128 &&
+                        c->algorithm_mac == SSL_SHA256 &&
+                        (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA256")))
+                       *enc = evp, *md = NULL;
+               else if (c->algorithm_enc == SSL_AES256 &&
+                        c->algorithm_mac == SSL_SHA256 &&
+                        (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256")))
+                       *enc = evp, *md = NULL;
                 return(1);
                 }
         else
@@ -1350,15 +1361,20 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
  
         return(retval);
         }
-
+#ifndef OPENSSL_NO_EC
  static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
                                         const char **prule_str)
         {
-       unsigned int suiteb_flags = 0;
+       unsigned int suiteb_flags = 0, suiteb_comb2 = 0;
         if (!strcmp(*prule_str, "SUITEB128"))
                 suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
         else if (!strcmp(*prule_str, "SUITEB128ONLY"))
                 suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY;
+       else if (!strcmp(*prule_str, "SUITEB128C2"))
+               {
+               suiteb_comb2 = 1;
+               suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
+               }
         else if (!strcmp(*prule_str, "SUITEB192"))
                 suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS;
  
@@ -1372,12 +1388,26 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
  
         if (!suiteb_flags)
                 return 1;
-       /* Check version */
+       /* Check version: if TLS 1.2 ciphers allowed we can use Suite B */
+
+       if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS))
+               {
+               if (meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
+                       SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
+                               SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
+               else
+                       SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
+                               SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
+               return 0;
+               }
  
         switch(suiteb_flags)
                 {
         case SSL_CERT_FLAG_SUITEB_128_LOS:
-               *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384";
+               if (suiteb_comb2)
+                       *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";
+               else
+                       *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384";
                 break;
         case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:
                 *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256";
@@ -1386,8 +1416,11 @@ static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
                 *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";
                 break;
                 }
+       /* Set auto ECDH parameter determination */
+       c->ecdh_tmp_auto = 1;
         return 1;
         }
+#endif
  
  
  STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
@@ -1407,10 +1440,10 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
          */
         if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
                 return NULL;
-
+#ifndef OPENSSL_NO_EC
         if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
                 return NULL;
-
+#endif
  
         /*
          * To reduce the work to do we only want to process the compiled