1 /* ssl/s3_lib.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * 114 * Portions of the attached software ("Contribution") are developed by 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 116 * 117 * The Contribution is licensed pursuant to the OpenSSL open source 118 * license provided above. 119 * 120 * ECC cipher suite support in OpenSSL originally written by 121 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 122 * 123 */ 124 /* ==================================================================== 125 * Copyright 2005 Nokia. All rights reserved. 126 * 127 * The portions of the attached software ("Contribution") is developed by 128 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 129 * license. 130 * 131 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 132 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 133 * support (see RFC 4279) to OpenSSL. 134 * 135 * No patent licenses or other rights except those expressly stated in 136 * the OpenSSL open source license shall be deemed granted or received 137 * expressly, by implication, estoppel, or otherwise. 138 * 139 * No assurances are provided by Nokia that the Contribution does not 140 * infringe the patent or other intellectual property rights of any third 141 * party or that the license provides you with all the necessary rights 142 * to make use of the Contribution. 143 * 144 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 145 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 146 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 147 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 148 * OTHERWISE. 149 */ 150 151 #include <stdio.h> 152 #include <openssl/objects.h> 153 #include "ssl_locl.h" 154 #include "kssl_lcl.h" 155 #include <openssl/md5.h> 156 #ifndef OPENSSL_NO_DH 157 # include <openssl/dh.h> 158 #endif 159 160 const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT; 161 162 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) 163 164 /* list of available SSLv3 ciphers (sorted by id) */ 165 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 166 167 /* The RSA ciphers */ 168 /* Cipher 01 */ 169 { 170 1, 171 SSL3_TXT_RSA_NULL_MD5, 172 SSL3_CK_RSA_NULL_MD5, 173 SSL_kRSA, 174 SSL_aRSA, 175 SSL_eNULL, 176 SSL_MD5, 177 SSL_SSLV3, 178 SSL_NOT_EXP | SSL_STRONG_NONE, 179 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 180 0, 181 0, 182 }, 183 184 /* Cipher 02 */ 185 { 186 1, 187 SSL3_TXT_RSA_NULL_SHA, 188 SSL3_CK_RSA_NULL_SHA, 189 SSL_kRSA, 190 SSL_aRSA, 191 SSL_eNULL, 192 SSL_SHA1, 193 SSL_SSLV3, 194 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 195 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 196 0, 197 0, 198 }, 199 200 /* Cipher 03 */ 201 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 202 { 203 1, 204 SSL3_TXT_RSA_RC4_40_MD5, 205 SSL3_CK_RSA_RC4_40_MD5, 206 SSL_kRSA, 207 SSL_aRSA, 208 SSL_RC4, 209 SSL_MD5, 210 SSL_SSLV3, 211 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 212 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 213 40, 214 128, 215 }, 216 #endif 217 218 /* Cipher 04 */ 219 { 220 1, 221 SSL3_TXT_RSA_RC4_128_MD5, 222 SSL3_CK_RSA_RC4_128_MD5, 223 SSL_kRSA, 224 SSL_aRSA, 225 SSL_RC4, 226 SSL_MD5, 227 SSL_SSLV3, 228 SSL_NOT_EXP | SSL_MEDIUM, 229 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 230 128, 231 128, 232 }, 233 234 /* Cipher 05 */ 235 { 236 1, 237 SSL3_TXT_RSA_RC4_128_SHA, 238 SSL3_CK_RSA_RC4_128_SHA, 239 SSL_kRSA, 240 SSL_aRSA, 241 SSL_RC4, 242 SSL_SHA1, 243 SSL_SSLV3, 244 SSL_NOT_EXP | SSL_MEDIUM, 245 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 246 128, 247 128, 248 }, 249 250 /* Cipher 06 */ 251 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 252 { 253 1, 254 SSL3_TXT_RSA_RC2_40_MD5, 255 SSL3_CK_RSA_RC2_40_MD5, 256 SSL_kRSA, 257 SSL_aRSA, 258 SSL_RC2, 259 SSL_MD5, 260 SSL_SSLV3, 261 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 262 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 263 40, 264 128, 265 }, 266 #endif 267 268 /* Cipher 07 */ 269 #ifndef OPENSSL_NO_IDEA 270 { 271 1, 272 SSL3_TXT_RSA_IDEA_128_SHA, 273 SSL3_CK_RSA_IDEA_128_SHA, 274 SSL_kRSA, 275 SSL_aRSA, 276 SSL_IDEA, 277 SSL_SHA1, 278 SSL_SSLV3, 279 SSL_NOT_EXP | SSL_MEDIUM, 280 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 281 128, 282 128, 283 }, 284 #endif 285 286 /* Cipher 08 */ 287 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 288 { 289 1, 290 SSL3_TXT_RSA_DES_40_CBC_SHA, 291 SSL3_CK_RSA_DES_40_CBC_SHA, 292 SSL_kRSA, 293 SSL_aRSA, 294 SSL_DES, 295 SSL_SHA1, 296 SSL_SSLV3, 297 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 298 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 299 40, 300 56, 301 }, 302 #endif 303 304 /* Cipher 09 */ 305 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 306 { 307 1, 308 SSL3_TXT_RSA_DES_64_CBC_SHA, 309 SSL3_CK_RSA_DES_64_CBC_SHA, 310 SSL_kRSA, 311 SSL_aRSA, 312 SSL_DES, 313 SSL_SHA1, 314 SSL_SSLV3, 315 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 316 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 317 56, 318 56, 319 }, 320 #endif 321 322 /* Cipher 0A */ 323 { 324 1, 325 SSL3_TXT_RSA_DES_192_CBC3_SHA, 326 SSL3_CK_RSA_DES_192_CBC3_SHA, 327 SSL_kRSA, 328 SSL_aRSA, 329 SSL_3DES, 330 SSL_SHA1, 331 SSL_SSLV3, 332 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 333 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 334 112, 335 168, 336 }, 337 338 /* The DH ciphers */ 339 /* Cipher 0B */ 340 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 341 { 342 0, 343 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 344 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 345 SSL_kDHd, 346 SSL_aDH, 347 SSL_DES, 348 SSL_SHA1, 349 SSL_SSLV3, 350 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 351 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 352 40, 353 56, 354 }, 355 #endif 356 357 /* Cipher 0C */ 358 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 359 { 360 1, 361 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 362 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 363 SSL_kDHd, 364 SSL_aDH, 365 SSL_DES, 366 SSL_SHA1, 367 SSL_SSLV3, 368 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 369 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 370 56, 371 56, 372 }, 373 #endif 374 375 /* Cipher 0D */ 376 { 377 1, 378 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 379 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 380 SSL_kDHd, 381 SSL_aDH, 382 SSL_3DES, 383 SSL_SHA1, 384 SSL_SSLV3, 385 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 386 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 387 112, 388 168, 389 }, 390 391 /* Cipher 0E */ 392 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 393 { 394 0, 395 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 396 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 397 SSL_kDHr, 398 SSL_aDH, 399 SSL_DES, 400 SSL_SHA1, 401 SSL_SSLV3, 402 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 403 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 404 40, 405 56, 406 }, 407 #endif 408 409 /* Cipher 0F */ 410 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 411 { 412 1, 413 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 414 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 415 SSL_kDHr, 416 SSL_aDH, 417 SSL_DES, 418 SSL_SHA1, 419 SSL_SSLV3, 420 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 421 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 422 56, 423 56, 424 }, 425 #endif 426 427 /* Cipher 10 */ 428 { 429 1, 430 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 431 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 432 SSL_kDHr, 433 SSL_aDH, 434 SSL_3DES, 435 SSL_SHA1, 436 SSL_SSLV3, 437 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 438 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 439 112, 440 168, 441 }, 442 443 /* The Ephemeral DH ciphers */ 444 /* Cipher 11 */ 445 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 446 { 447 1, 448 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 449 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 450 SSL_kEDH, 451 SSL_aDSS, 452 SSL_DES, 453 SSL_SHA1, 454 SSL_SSLV3, 455 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 456 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 457 40, 458 56, 459 }, 460 #endif 461 462 /* Cipher 12 */ 463 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 464 { 465 1, 466 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 467 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 468 SSL_kEDH, 469 SSL_aDSS, 470 SSL_DES, 471 SSL_SHA1, 472 SSL_SSLV3, 473 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 474 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 475 56, 476 56, 477 }, 478 #endif 479 480 /* Cipher 13 */ 481 { 482 1, 483 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 484 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 485 SSL_kEDH, 486 SSL_aDSS, 487 SSL_3DES, 488 SSL_SHA1, 489 SSL_SSLV3, 490 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 491 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 492 112, 493 168, 494 }, 495 496 /* Cipher 14 */ 497 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 498 { 499 1, 500 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 501 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 502 SSL_kEDH, 503 SSL_aRSA, 504 SSL_DES, 505 SSL_SHA1, 506 SSL_SSLV3, 507 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 508 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 509 40, 510 56, 511 }, 512 #endif 513 514 /* Cipher 15 */ 515 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 516 { 517 1, 518 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 519 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 520 SSL_kEDH, 521 SSL_aRSA, 522 SSL_DES, 523 SSL_SHA1, 524 SSL_SSLV3, 525 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 526 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 527 56, 528 56, 529 }, 530 #endif 531 532 /* Cipher 16 */ 533 { 534 1, 535 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 536 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 537 SSL_kEDH, 538 SSL_aRSA, 539 SSL_3DES, 540 SSL_SHA1, 541 SSL_SSLV3, 542 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 543 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 544 112, 545 168, 546 }, 547 548 /* Cipher 17 */ 549 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 550 { 551 1, 552 SSL3_TXT_ADH_RC4_40_MD5, 553 SSL3_CK_ADH_RC4_40_MD5, 554 SSL_kEDH, 555 SSL_aNULL, 556 SSL_RC4, 557 SSL_MD5, 558 SSL_SSLV3, 559 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 560 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 561 40, 562 128, 563 }, 564 #endif 565 566 /* Cipher 18 */ 567 { 568 1, 569 SSL3_TXT_ADH_RC4_128_MD5, 570 SSL3_CK_ADH_RC4_128_MD5, 571 SSL_kEDH, 572 SSL_aNULL, 573 SSL_RC4, 574 SSL_MD5, 575 SSL_SSLV3, 576 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 577 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 578 128, 579 128, 580 }, 581 582 /* Cipher 19 */ 583 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 584 { 585 1, 586 SSL3_TXT_ADH_DES_40_CBC_SHA, 587 SSL3_CK_ADH_DES_40_CBC_SHA, 588 SSL_kEDH, 589 SSL_aNULL, 590 SSL_DES, 591 SSL_SHA1, 592 SSL_SSLV3, 593 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 594 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 595 40, 596 128, 597 }, 598 #endif 599 600 /* Cipher 1A */ 601 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 602 { 603 1, 604 SSL3_TXT_ADH_DES_64_CBC_SHA, 605 SSL3_CK_ADH_DES_64_CBC_SHA, 606 SSL_kEDH, 607 SSL_aNULL, 608 SSL_DES, 609 SSL_SHA1, 610 SSL_SSLV3, 611 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 612 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 613 56, 614 56, 615 }, 616 #endif 617 618 /* Cipher 1B */ 619 { 620 1, 621 SSL3_TXT_ADH_DES_192_CBC_SHA, 622 SSL3_CK_ADH_DES_192_CBC_SHA, 623 SSL_kEDH, 624 SSL_aNULL, 625 SSL_3DES, 626 SSL_SHA1, 627 SSL_SSLV3, 628 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 629 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 630 112, 631 168, 632 }, 633 634 /* Fortezza ciphersuite from SSL 3.0 spec */ 635 #if 0 636 /* Cipher 1C */ 637 { 638 0, 639 SSL3_TXT_FZA_DMS_NULL_SHA, 640 SSL3_CK_FZA_DMS_NULL_SHA, 641 SSL_kFZA, 642 SSL_aFZA, 643 SSL_eNULL, 644 SSL_SHA1, 645 SSL_SSLV3, 646 SSL_NOT_EXP | SSL_STRONG_NONE, 647 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 648 0, 649 0, 650 }, 651 652 /* Cipher 1D */ 653 { 654 0, 655 SSL3_TXT_FZA_DMS_FZA_SHA, 656 SSL3_CK_FZA_DMS_FZA_SHA, 657 SSL_kFZA, 658 SSL_aFZA, 659 SSL_eFZA, 660 SSL_SHA1, 661 SSL_SSLV3, 662 SSL_NOT_EXP | SSL_STRONG_NONE, 663 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 664 0, 665 0, 666 }, 667 668 /* Cipher 1E */ 669 { 670 0, 671 SSL3_TXT_FZA_DMS_RC4_SHA, 672 SSL3_CK_FZA_DMS_RC4_SHA, 673 SSL_kFZA, 674 SSL_aFZA, 675 SSL_RC4, 676 SSL_SHA1, 677 SSL_SSLV3, 678 SSL_NOT_EXP | SSL_MEDIUM, 679 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 680 128, 681 128, 682 }, 683 #endif 684 685 #ifndef OPENSSL_NO_KRB5 686 /* The Kerberos ciphers*/ 687 /* Cipher 1E */ 688 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 689 { 690 1, 691 SSL3_TXT_KRB5_DES_64_CBC_SHA, 692 SSL3_CK_KRB5_DES_64_CBC_SHA, 693 SSL_kKRB5, 694 SSL_aKRB5, 695 SSL_DES, 696 SSL_SHA1, 697 SSL_SSLV3, 698 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 699 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 700 56, 701 56, 702 }, 703 # endif 704 705 /* Cipher 1F */ 706 { 707 1, 708 SSL3_TXT_KRB5_DES_192_CBC3_SHA, 709 SSL3_CK_KRB5_DES_192_CBC3_SHA, 710 SSL_kKRB5, 711 SSL_aKRB5, 712 SSL_3DES, 713 SSL_SHA1, 714 SSL_SSLV3, 715 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 716 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 717 112, 718 168, 719 }, 720 721 /* Cipher 20 */ 722 { 723 1, 724 SSL3_TXT_KRB5_RC4_128_SHA, 725 SSL3_CK_KRB5_RC4_128_SHA, 726 SSL_kKRB5, 727 SSL_aKRB5, 728 SSL_RC4, 729 SSL_SHA1, 730 SSL_SSLV3, 731 SSL_NOT_EXP | SSL_MEDIUM, 732 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 733 128, 734 128, 735 }, 736 737 /* Cipher 21 */ 738 { 739 1, 740 SSL3_TXT_KRB5_IDEA_128_CBC_SHA, 741 SSL3_CK_KRB5_IDEA_128_CBC_SHA, 742 SSL_kKRB5, 743 SSL_aKRB5, 744 SSL_IDEA, 745 SSL_SHA1, 746 SSL_SSLV3, 747 SSL_NOT_EXP | SSL_MEDIUM, 748 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 749 128, 750 128, 751 }, 752 753 /* Cipher 22 */ 754 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 755 { 756 1, 757 SSL3_TXT_KRB5_DES_64_CBC_MD5, 758 SSL3_CK_KRB5_DES_64_CBC_MD5, 759 SSL_kKRB5, 760 SSL_aKRB5, 761 SSL_DES, 762 SSL_MD5, 763 SSL_SSLV3, 764 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 765 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 766 56, 767 56, 768 }, 769 # endif 770 771 /* Cipher 23 */ 772 { 773 1, 774 SSL3_TXT_KRB5_DES_192_CBC3_MD5, 775 SSL3_CK_KRB5_DES_192_CBC3_MD5, 776 SSL_kKRB5, 777 SSL_aKRB5, 778 SSL_3DES, 779 SSL_MD5, 780 SSL_SSLV3, 781 SSL_NOT_EXP | SSL_MEDIUM, 782 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 783 112, 784 168, 785 }, 786 787 /* Cipher 24 */ 788 { 789 1, 790 SSL3_TXT_KRB5_RC4_128_MD5, 791 SSL3_CK_KRB5_RC4_128_MD5, 792 SSL_kKRB5, 793 SSL_aKRB5, 794 SSL_RC4, 795 SSL_MD5, 796 SSL_SSLV3, 797 SSL_NOT_EXP | SSL_MEDIUM, 798 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 799 128, 800 128, 801 }, 802 803 /* Cipher 25 */ 804 { 805 1, 806 SSL3_TXT_KRB5_IDEA_128_CBC_MD5, 807 SSL3_CK_KRB5_IDEA_128_CBC_MD5, 808 SSL_kKRB5, 809 SSL_aKRB5, 810 SSL_IDEA, 811 SSL_MD5, 812 SSL_SSLV3, 813 SSL_NOT_EXP | SSL_MEDIUM, 814 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 815 128, 816 128, 817 }, 818 819 /* Cipher 26 */ 820 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 821 { 822 1, 823 SSL3_TXT_KRB5_DES_40_CBC_SHA, 824 SSL3_CK_KRB5_DES_40_CBC_SHA, 825 SSL_kKRB5, 826 SSL_aKRB5, 827 SSL_DES, 828 SSL_SHA1, 829 SSL_SSLV3, 830 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 831 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 832 40, 833 56, 834 }, 835 # endif 836 837 /* Cipher 27 */ 838 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 839 { 840 1, 841 SSL3_TXT_KRB5_RC2_40_CBC_SHA, 842 SSL3_CK_KRB5_RC2_40_CBC_SHA, 843 SSL_kKRB5, 844 SSL_aKRB5, 845 SSL_RC2, 846 SSL_SHA1, 847 SSL_SSLV3, 848 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 849 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 850 40, 851 128, 852 }, 853 # endif 854 855 /* Cipher 28 */ 856 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 857 { 858 1, 859 SSL3_TXT_KRB5_RC4_40_SHA, 860 SSL3_CK_KRB5_RC4_40_SHA, 861 SSL_kKRB5, 862 SSL_aKRB5, 863 SSL_RC4, 864 SSL_SHA1, 865 SSL_SSLV3, 866 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 867 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 868 40, 869 128, 870 }, 871 # endif 872 873 /* Cipher 29 */ 874 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 875 { 876 1, 877 SSL3_TXT_KRB5_DES_40_CBC_MD5, 878 SSL3_CK_KRB5_DES_40_CBC_MD5, 879 SSL_kKRB5, 880 SSL_aKRB5, 881 SSL_DES, 882 SSL_MD5, 883 SSL_SSLV3, 884 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 885 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 886 40, 887 56, 888 }, 889 # endif 890 891 /* Cipher 2A */ 892 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 893 { 894 1, 895 SSL3_TXT_KRB5_RC2_40_CBC_MD5, 896 SSL3_CK_KRB5_RC2_40_CBC_MD5, 897 SSL_kKRB5, 898 SSL_aKRB5, 899 SSL_RC2, 900 SSL_MD5, 901 SSL_SSLV3, 902 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 903 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 904 40, 905 128, 906 }, 907 # endif 908 909 /* Cipher 2B */ 910 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 911 { 912 1, 913 SSL3_TXT_KRB5_RC4_40_MD5, 914 SSL3_CK_KRB5_RC4_40_MD5, 915 SSL_kKRB5, 916 SSL_aKRB5, 917 SSL_RC4, 918 SSL_MD5, 919 SSL_SSLV3, 920 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 921 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 922 40, 923 128, 924 }, 925 # endif 926 #endif /* OPENSSL_NO_KRB5 */ 927 928 /* New AES ciphersuites */ 929 /* Cipher 2F */ 930 { 931 1, 932 TLS1_TXT_RSA_WITH_AES_128_SHA, 933 TLS1_CK_RSA_WITH_AES_128_SHA, 934 SSL_kRSA, 935 SSL_aRSA, 936 SSL_AES128, 937 SSL_SHA1, 938 SSL_TLSV1, 939 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 940 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 941 128, 942 128, 943 }, 944 /* Cipher 30 */ 945 { 946 1, 947 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 948 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 949 SSL_kDHd, 950 SSL_aDH, 951 SSL_AES128, 952 SSL_SHA1, 953 SSL_TLSV1, 954 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 955 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 956 128, 957 128, 958 }, 959 /* Cipher 31 */ 960 { 961 1, 962 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 963 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 964 SSL_kDHr, 965 SSL_aDH, 966 SSL_AES128, 967 SSL_SHA1, 968 SSL_TLSV1, 969 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 970 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 971 128, 972 128, 973 }, 974 /* Cipher 32 */ 975 { 976 1, 977 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 978 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 979 SSL_kEDH, 980 SSL_aDSS, 981 SSL_AES128, 982 SSL_SHA1, 983 SSL_TLSV1, 984 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 985 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 986 128, 987 128, 988 }, 989 /* Cipher 33 */ 990 { 991 1, 992 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 993 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 994 SSL_kEDH, 995 SSL_aRSA, 996 SSL_AES128, 997 SSL_SHA1, 998 SSL_TLSV1, 999 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1000 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1001 128, 1002 128, 1003 }, 1004 /* Cipher 34 */ 1005 { 1006 1, 1007 TLS1_TXT_ADH_WITH_AES_128_SHA, 1008 TLS1_CK_ADH_WITH_AES_128_SHA, 1009 SSL_kEDH, 1010 SSL_aNULL, 1011 SSL_AES128, 1012 SSL_SHA1, 1013 SSL_TLSV1, 1014 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1015 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1016 128, 1017 128, 1018 }, 1019 1020 /* Cipher 35 */ 1021 { 1022 1, 1023 TLS1_TXT_RSA_WITH_AES_256_SHA, 1024 TLS1_CK_RSA_WITH_AES_256_SHA, 1025 SSL_kRSA, 1026 SSL_aRSA, 1027 SSL_AES256, 1028 SSL_SHA1, 1029 SSL_TLSV1, 1030 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1031 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1032 256, 1033 256, 1034 }, 1035 /* Cipher 36 */ 1036 { 1037 1, 1038 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 1039 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 1040 SSL_kDHd, 1041 SSL_aDH, 1042 SSL_AES256, 1043 SSL_SHA1, 1044 SSL_TLSV1, 1045 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1046 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1047 256, 1048 256, 1049 }, 1050 1051 /* Cipher 37 */ 1052 { 1053 1, 1054 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 1055 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 1056 SSL_kDHr, 1057 SSL_aDH, 1058 SSL_AES256, 1059 SSL_SHA1, 1060 SSL_TLSV1, 1061 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1062 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1063 256, 1064 256, 1065 }, 1066 1067 /* Cipher 38 */ 1068 { 1069 1, 1070 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 1071 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 1072 SSL_kEDH, 1073 SSL_aDSS, 1074 SSL_AES256, 1075 SSL_SHA1, 1076 SSL_TLSV1, 1077 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1078 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1079 256, 1080 256, 1081 }, 1082 1083 /* Cipher 39 */ 1084 { 1085 1, 1086 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 1087 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 1088 SSL_kEDH, 1089 SSL_aRSA, 1090 SSL_AES256, 1091 SSL_SHA1, 1092 SSL_TLSV1, 1093 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1094 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1095 256, 1096 256, 1097 }, 1098 1099 /* Cipher 3A */ 1100 { 1101 1, 1102 TLS1_TXT_ADH_WITH_AES_256_SHA, 1103 TLS1_CK_ADH_WITH_AES_256_SHA, 1104 SSL_kEDH, 1105 SSL_aNULL, 1106 SSL_AES256, 1107 SSL_SHA1, 1108 SSL_TLSV1, 1109 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1110 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1111 256, 1112 256, 1113 }, 1114 1115 /* TLS v1.2 ciphersuites */ 1116 /* Cipher 3B */ 1117 { 1118 1, 1119 TLS1_TXT_RSA_WITH_NULL_SHA256, 1120 TLS1_CK_RSA_WITH_NULL_SHA256, 1121 SSL_kRSA, 1122 SSL_aRSA, 1123 SSL_eNULL, 1124 SSL_SHA256, 1125 SSL_TLSV1_2, 1126 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 1127 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1128 0, 1129 0, 1130 }, 1131 1132 /* Cipher 3C */ 1133 { 1134 1, 1135 TLS1_TXT_RSA_WITH_AES_128_SHA256, 1136 TLS1_CK_RSA_WITH_AES_128_SHA256, 1137 SSL_kRSA, 1138 SSL_aRSA, 1139 SSL_AES128, 1140 SSL_SHA256, 1141 SSL_TLSV1_2, 1142 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1143 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1144 128, 1145 128, 1146 }, 1147 1148 /* Cipher 3D */ 1149 { 1150 1, 1151 TLS1_TXT_RSA_WITH_AES_256_SHA256, 1152 TLS1_CK_RSA_WITH_AES_256_SHA256, 1153 SSL_kRSA, 1154 SSL_aRSA, 1155 SSL_AES256, 1156 SSL_SHA256, 1157 SSL_TLSV1_2, 1158 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1159 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1160 256, 1161 256, 1162 }, 1163 1164 /* Cipher 3E */ 1165 { 1166 1, 1167 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, 1168 TLS1_CK_DH_DSS_WITH_AES_128_SHA256, 1169 SSL_kDHd, 1170 SSL_aDH, 1171 SSL_AES128, 1172 SSL_SHA256, 1173 SSL_TLSV1_2, 1174 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1175 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1176 128, 1177 128, 1178 }, 1179 1180 /* Cipher 3F */ 1181 { 1182 1, 1183 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, 1184 TLS1_CK_DH_RSA_WITH_AES_128_SHA256, 1185 SSL_kDHr, 1186 SSL_aDH, 1187 SSL_AES128, 1188 SSL_SHA256, 1189 SSL_TLSV1_2, 1190 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1191 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1192 128, 1193 128, 1194 }, 1195 1196 /* Cipher 40 */ 1197 { 1198 1, 1199 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 1200 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 1201 SSL_kEDH, 1202 SSL_aDSS, 1203 SSL_AES128, 1204 SSL_SHA256, 1205 SSL_TLSV1_2, 1206 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1207 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1208 128, 1209 128, 1210 }, 1211 1212 #ifndef OPENSSL_NO_CAMELLIA 1213 /* Camellia ciphersuites from RFC4132 (128-bit portion) */ 1214 1215 /* Cipher 41 */ 1216 { 1217 1, 1218 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 1219 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 1220 SSL_kRSA, 1221 SSL_aRSA, 1222 SSL_CAMELLIA128, 1223 SSL_SHA1, 1224 SSL_TLSV1, 1225 SSL_NOT_EXP | SSL_HIGH, 1226 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1227 128, 1228 128, 1229 }, 1230 1231 /* Cipher 42 */ 1232 { 1233 1, 1234 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1235 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1236 SSL_kDHd, 1237 SSL_aDH, 1238 SSL_CAMELLIA128, 1239 SSL_SHA1, 1240 SSL_TLSV1, 1241 SSL_NOT_EXP | SSL_HIGH, 1242 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1243 128, 1244 128, 1245 }, 1246 1247 /* Cipher 43 */ 1248 { 1249 1, 1250 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1251 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1252 SSL_kDHr, 1253 SSL_aDH, 1254 SSL_CAMELLIA128, 1255 SSL_SHA1, 1256 SSL_TLSV1, 1257 SSL_NOT_EXP | SSL_HIGH, 1258 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1259 128, 1260 128, 1261 }, 1262 1263 /* Cipher 44 */ 1264 { 1265 1, 1266 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1267 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1268 SSL_kEDH, 1269 SSL_aDSS, 1270 SSL_CAMELLIA128, 1271 SSL_SHA1, 1272 SSL_TLSV1, 1273 SSL_NOT_EXP | SSL_HIGH, 1274 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1275 128, 1276 128, 1277 }, 1278 1279 /* Cipher 45 */ 1280 { 1281 1, 1282 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1283 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1284 SSL_kEDH, 1285 SSL_aRSA, 1286 SSL_CAMELLIA128, 1287 SSL_SHA1, 1288 SSL_TLSV1, 1289 SSL_NOT_EXP | SSL_HIGH, 1290 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1291 128, 1292 128, 1293 }, 1294 1295 /* Cipher 46 */ 1296 { 1297 1, 1298 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 1299 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 1300 SSL_kEDH, 1301 SSL_aNULL, 1302 SSL_CAMELLIA128, 1303 SSL_SHA1, 1304 SSL_TLSV1, 1305 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH, 1306 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1307 128, 1308 128, 1309 }, 1310 #endif /* OPENSSL_NO_CAMELLIA */ 1311 1312 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1313 /* New TLS Export CipherSuites from expired ID */ 1314 # if 0 1315 /* Cipher 60 */ 1316 { 1317 1, 1318 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5, 1319 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5, 1320 SSL_kRSA, 1321 SSL_aRSA, 1322 SSL_RC4, 1323 SSL_MD5, 1324 SSL_TLSV1, 1325 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1326 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1327 56, 1328 128, 1329 }, 1330 1331 /* Cipher 61 */ 1332 { 1333 1, 1334 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1335 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1336 SSL_kRSA, 1337 SSL_aRSA, 1338 SSL_RC2, 1339 SSL_MD5, 1340 SSL_TLSV1, 1341 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1342 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1343 56, 1344 128, 1345 }, 1346 # endif 1347 1348 /* Cipher 62 */ 1349 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1350 { 1351 1, 1352 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1353 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1354 SSL_kRSA, 1355 SSL_aRSA, 1356 SSL_DES, 1357 SSL_SHA1, 1358 SSL_TLSV1, 1359 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1360 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1361 56, 1362 56, 1363 }, 1364 # endif 1365 1366 /* Cipher 63 */ 1367 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1368 { 1369 1, 1370 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1371 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1372 SSL_kEDH, 1373 SSL_aDSS, 1374 SSL_DES, 1375 SSL_SHA1, 1376 SSL_TLSV1, 1377 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1378 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1379 56, 1380 56, 1381 }, 1382 # endif 1383 1384 /* Cipher 64 */ 1385 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1386 { 1387 1, 1388 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, 1389 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA, 1390 SSL_kRSA, 1391 SSL_aRSA, 1392 SSL_RC4, 1393 SSL_SHA1, 1394 SSL_TLSV1, 1395 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1396 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1397 56, 1398 128, 1399 }, 1400 # endif 1401 1402 /* Cipher 65 */ 1403 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1404 { 1405 1, 1406 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1407 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1408 SSL_kEDH, 1409 SSL_aDSS, 1410 SSL_RC4, 1411 SSL_SHA1, 1412 SSL_TLSV1, 1413 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1414 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1415 56, 1416 128, 1417 }, 1418 # endif 1419 1420 /* Cipher 66 */ 1421 { 1422 1, 1423 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 1424 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 1425 SSL_kEDH, 1426 SSL_aDSS, 1427 SSL_RC4, 1428 SSL_SHA1, 1429 SSL_TLSV1, 1430 SSL_NOT_EXP | SSL_MEDIUM, 1431 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1432 128, 1433 128, 1434 }, 1435 #endif 1436 1437 /* TLS v1.2 ciphersuites */ 1438 /* Cipher 67 */ 1439 { 1440 1, 1441 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 1442 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 1443 SSL_kEDH, 1444 SSL_aRSA, 1445 SSL_AES128, 1446 SSL_SHA256, 1447 SSL_TLSV1_2, 1448 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1449 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1450 128, 1451 128, 1452 }, 1453 1454 /* Cipher 68 */ 1455 { 1456 1, 1457 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, 1458 TLS1_CK_DH_DSS_WITH_AES_256_SHA256, 1459 SSL_kDHd, 1460 SSL_aDH, 1461 SSL_AES256, 1462 SSL_SHA256, 1463 SSL_TLSV1_2, 1464 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1465 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1466 256, 1467 256, 1468 }, 1469 1470 /* Cipher 69 */ 1471 { 1472 1, 1473 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, 1474 TLS1_CK_DH_RSA_WITH_AES_256_SHA256, 1475 SSL_kDHr, 1476 SSL_aDH, 1477 SSL_AES256, 1478 SSL_SHA256, 1479 SSL_TLSV1_2, 1480 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1481 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1482 256, 1483 256, 1484 }, 1485 1486 /* Cipher 6A */ 1487 { 1488 1, 1489 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 1490 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 1491 SSL_kEDH, 1492 SSL_aDSS, 1493 SSL_AES256, 1494 SSL_SHA256, 1495 SSL_TLSV1_2, 1496 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1497 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1498 256, 1499 256, 1500 }, 1501 1502 /* Cipher 6B */ 1503 { 1504 1, 1505 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 1506 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 1507 SSL_kEDH, 1508 SSL_aRSA, 1509 SSL_AES256, 1510 SSL_SHA256, 1511 SSL_TLSV1_2, 1512 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1513 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1514 256, 1515 256, 1516 }, 1517 1518 /* Cipher 6C */ 1519 { 1520 1, 1521 TLS1_TXT_ADH_WITH_AES_128_SHA256, 1522 TLS1_CK_ADH_WITH_AES_128_SHA256, 1523 SSL_kEDH, 1524 SSL_aNULL, 1525 SSL_AES128, 1526 SSL_SHA256, 1527 SSL_TLSV1_2, 1528 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1529 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1530 128, 1531 128, 1532 }, 1533 1534 /* Cipher 6D */ 1535 { 1536 1, 1537 TLS1_TXT_ADH_WITH_AES_256_SHA256, 1538 TLS1_CK_ADH_WITH_AES_256_SHA256, 1539 SSL_kEDH, 1540 SSL_aNULL, 1541 SSL_AES256, 1542 SSL_SHA256, 1543 SSL_TLSV1_2, 1544 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1545 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1546 256, 1547 256, 1548 }, 1549 1550 /* GOST Ciphersuites */ 1551 1552 { 1553 1, 1554 "GOST94-GOST89-GOST89", 1555 0x3000080, 1556 SSL_kGOST, 1557 SSL_aGOST94, 1558 SSL_eGOST2814789CNT, 1559 SSL_GOST89MAC, 1560 SSL_TLSV1, 1561 SSL_NOT_EXP | SSL_HIGH, 1562 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1563 256, 1564 256}, 1565 { 1566 1, 1567 "GOST2001-GOST89-GOST89", 1568 0x3000081, 1569 SSL_kGOST, 1570 SSL_aGOST01, 1571 SSL_eGOST2814789CNT, 1572 SSL_GOST89MAC, 1573 SSL_TLSV1, 1574 SSL_NOT_EXP | SSL_HIGH, 1575 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1576 256, 1577 256}, 1578 { 1579 1, 1580 "GOST94-NULL-GOST94", 1581 0x3000082, 1582 SSL_kGOST, 1583 SSL_aGOST94, 1584 SSL_eNULL, 1585 SSL_GOST94, 1586 SSL_TLSV1, 1587 SSL_NOT_EXP | SSL_STRONG_NONE, 1588 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1589 0, 1590 0}, 1591 { 1592 1, 1593 "GOST2001-NULL-GOST94", 1594 0x3000083, 1595 SSL_kGOST, 1596 SSL_aGOST01, 1597 SSL_eNULL, 1598 SSL_GOST94, 1599 SSL_TLSV1, 1600 SSL_NOT_EXP | SSL_STRONG_NONE, 1601 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1602 0, 1603 0}, 1604 1605 #ifndef OPENSSL_NO_CAMELLIA 1606 /* Camellia ciphersuites from RFC4132 (256-bit portion) */ 1607 1608 /* Cipher 84 */ 1609 { 1610 1, 1611 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1612 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1613 SSL_kRSA, 1614 SSL_aRSA, 1615 SSL_CAMELLIA256, 1616 SSL_SHA1, 1617 SSL_TLSV1, 1618 SSL_NOT_EXP | SSL_HIGH, 1619 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1620 256, 1621 256, 1622 }, 1623 /* Cipher 85 */ 1624 { 1625 1, 1626 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1627 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1628 SSL_kDHd, 1629 SSL_aDH, 1630 SSL_CAMELLIA256, 1631 SSL_SHA1, 1632 SSL_TLSV1, 1633 SSL_NOT_EXP | SSL_HIGH, 1634 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1635 256, 1636 256, 1637 }, 1638 1639 /* Cipher 86 */ 1640 { 1641 1, 1642 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1643 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1644 SSL_kDHr, 1645 SSL_aDH, 1646 SSL_CAMELLIA256, 1647 SSL_SHA1, 1648 SSL_TLSV1, 1649 SSL_NOT_EXP | SSL_HIGH, 1650 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1651 256, 1652 256, 1653 }, 1654 1655 /* Cipher 87 */ 1656 { 1657 1, 1658 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1659 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1660 SSL_kEDH, 1661 SSL_aDSS, 1662 SSL_CAMELLIA256, 1663 SSL_SHA1, 1664 SSL_TLSV1, 1665 SSL_NOT_EXP | SSL_HIGH, 1666 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1667 256, 1668 256, 1669 }, 1670 1671 /* Cipher 88 */ 1672 { 1673 1, 1674 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1675 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1676 SSL_kEDH, 1677 SSL_aRSA, 1678 SSL_CAMELLIA256, 1679 SSL_SHA1, 1680 SSL_TLSV1, 1681 SSL_NOT_EXP | SSL_HIGH, 1682 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1683 256, 1684 256, 1685 }, 1686 1687 /* Cipher 89 */ 1688 { 1689 1, 1690 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1691 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1692 SSL_kEDH, 1693 SSL_aNULL, 1694 SSL_CAMELLIA256, 1695 SSL_SHA1, 1696 SSL_TLSV1, 1697 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH, 1698 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1699 256, 1700 256, 1701 }, 1702 #endif /* OPENSSL_NO_CAMELLIA */ 1703 1704 #ifndef OPENSSL_NO_PSK 1705 /* Cipher 8A */ 1706 { 1707 1, 1708 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1709 TLS1_CK_PSK_WITH_RC4_128_SHA, 1710 SSL_kPSK, 1711 SSL_aPSK, 1712 SSL_RC4, 1713 SSL_SHA1, 1714 SSL_TLSV1, 1715 SSL_NOT_EXP | SSL_MEDIUM, 1716 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1717 128, 1718 128, 1719 }, 1720 1721 /* Cipher 8B */ 1722 { 1723 1, 1724 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1725 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1726 SSL_kPSK, 1727 SSL_aPSK, 1728 SSL_3DES, 1729 SSL_SHA1, 1730 SSL_TLSV1, 1731 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 1732 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1733 112, 1734 168, 1735 }, 1736 1737 /* Cipher 8C */ 1738 { 1739 1, 1740 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1741 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1742 SSL_kPSK, 1743 SSL_aPSK, 1744 SSL_AES128, 1745 SSL_SHA1, 1746 SSL_TLSV1, 1747 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1748 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1749 128, 1750 128, 1751 }, 1752 1753 /* Cipher 8D */ 1754 { 1755 1, 1756 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1757 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1758 SSL_kPSK, 1759 SSL_aPSK, 1760 SSL_AES256, 1761 SSL_SHA1, 1762 SSL_TLSV1, 1763 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1764 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1765 256, 1766 256, 1767 }, 1768 #endif /* OPENSSL_NO_PSK */ 1769 1770 #ifndef OPENSSL_NO_SEED 1771 /* SEED ciphersuites from RFC4162 */ 1772 1773 /* Cipher 96 */ 1774 { 1775 1, 1776 TLS1_TXT_RSA_WITH_SEED_SHA, 1777 TLS1_CK_RSA_WITH_SEED_SHA, 1778 SSL_kRSA, 1779 SSL_aRSA, 1780 SSL_SEED, 1781 SSL_SHA1, 1782 SSL_TLSV1, 1783 SSL_NOT_EXP | SSL_MEDIUM, 1784 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1785 128, 1786 128, 1787 }, 1788 1789 /* Cipher 97 */ 1790 { 1791 1, 1792 TLS1_TXT_DH_DSS_WITH_SEED_SHA, 1793 TLS1_CK_DH_DSS_WITH_SEED_SHA, 1794 SSL_kDHd, 1795 SSL_aDH, 1796 SSL_SEED, 1797 SSL_SHA1, 1798 SSL_TLSV1, 1799 SSL_NOT_EXP | SSL_MEDIUM, 1800 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1801 128, 1802 128, 1803 }, 1804 1805 /* Cipher 98 */ 1806 { 1807 1, 1808 TLS1_TXT_DH_RSA_WITH_SEED_SHA, 1809 TLS1_CK_DH_RSA_WITH_SEED_SHA, 1810 SSL_kDHr, 1811 SSL_aDH, 1812 SSL_SEED, 1813 SSL_SHA1, 1814 SSL_TLSV1, 1815 SSL_NOT_EXP | SSL_MEDIUM, 1816 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1817 128, 1818 128, 1819 }, 1820 1821 /* Cipher 99 */ 1822 { 1823 1, 1824 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 1825 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 1826 SSL_kEDH, 1827 SSL_aDSS, 1828 SSL_SEED, 1829 SSL_SHA1, 1830 SSL_TLSV1, 1831 SSL_NOT_EXP | SSL_MEDIUM, 1832 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1833 128, 1834 128, 1835 }, 1836 1837 /* Cipher 9A */ 1838 { 1839 1, 1840 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 1841 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 1842 SSL_kEDH, 1843 SSL_aRSA, 1844 SSL_SEED, 1845 SSL_SHA1, 1846 SSL_TLSV1, 1847 SSL_NOT_EXP | SSL_MEDIUM, 1848 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1849 128, 1850 128, 1851 }, 1852 1853 /* Cipher 9B */ 1854 { 1855 1, 1856 TLS1_TXT_ADH_WITH_SEED_SHA, 1857 TLS1_CK_ADH_WITH_SEED_SHA, 1858 SSL_kEDH, 1859 SSL_aNULL, 1860 SSL_SEED, 1861 SSL_SHA1, 1862 SSL_TLSV1, 1863 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 1864 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1865 128, 1866 128, 1867 }, 1868 1869 #endif /* OPENSSL_NO_SEED */ 1870 1871 /* GCM ciphersuites from RFC5288 */ 1872 1873 /* Cipher 9C */ 1874 { 1875 1, 1876 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1877 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1878 SSL_kRSA, 1879 SSL_aRSA, 1880 SSL_AES128GCM, 1881 SSL_AEAD, 1882 SSL_TLSV1_2, 1883 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1884 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1885 128, 1886 128, 1887 }, 1888 1889 /* Cipher 9D */ 1890 { 1891 1, 1892 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1893 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1894 SSL_kRSA, 1895 SSL_aRSA, 1896 SSL_AES256GCM, 1897 SSL_AEAD, 1898 SSL_TLSV1_2, 1899 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1900 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1901 256, 1902 256, 1903 }, 1904 1905 /* Cipher 9E */ 1906 { 1907 1, 1908 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1909 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1910 SSL_kEDH, 1911 SSL_aRSA, 1912 SSL_AES128GCM, 1913 SSL_AEAD, 1914 SSL_TLSV1_2, 1915 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1916 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1917 128, 1918 128, 1919 }, 1920 1921 /* Cipher 9F */ 1922 { 1923 1, 1924 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1925 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1926 SSL_kEDH, 1927 SSL_aRSA, 1928 SSL_AES256GCM, 1929 SSL_AEAD, 1930 SSL_TLSV1_2, 1931 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1932 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1933 256, 1934 256, 1935 }, 1936 1937 /* Cipher A0 */ 1938 { 1939 1, 1940 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1941 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1942 SSL_kDHr, 1943 SSL_aDH, 1944 SSL_AES128GCM, 1945 SSL_AEAD, 1946 SSL_TLSV1_2, 1947 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1948 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1949 128, 1950 128, 1951 }, 1952 1953 /* Cipher A1 */ 1954 { 1955 1, 1956 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1957 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1958 SSL_kDHr, 1959 SSL_aDH, 1960 SSL_AES256GCM, 1961 SSL_AEAD, 1962 SSL_TLSV1_2, 1963 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1964 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1965 256, 1966 256, 1967 }, 1968 1969 /* Cipher A2 */ 1970 { 1971 1, 1972 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 1973 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 1974 SSL_kEDH, 1975 SSL_aDSS, 1976 SSL_AES128GCM, 1977 SSL_AEAD, 1978 SSL_TLSV1_2, 1979 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1980 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1981 128, 1982 128, 1983 }, 1984 1985 /* Cipher A3 */ 1986 { 1987 1, 1988 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 1989 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 1990 SSL_kEDH, 1991 SSL_aDSS, 1992 SSL_AES256GCM, 1993 SSL_AEAD, 1994 SSL_TLSV1_2, 1995 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1996 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1997 256, 1998 256, 1999 }, 2000 2001 /* Cipher A4 */ 2002 { 2003 1, 2004 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 2005 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 2006 SSL_kDHd, 2007 SSL_aDH, 2008 SSL_AES128GCM, 2009 SSL_AEAD, 2010 SSL_TLSV1_2, 2011 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2012 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2013 128, 2014 128, 2015 }, 2016 2017 /* Cipher A5 */ 2018 { 2019 1, 2020 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 2021 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 2022 SSL_kDHd, 2023 SSL_aDH, 2024 SSL_AES256GCM, 2025 SSL_AEAD, 2026 SSL_TLSV1_2, 2027 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2028 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2029 256, 2030 256, 2031 }, 2032 2033 /* Cipher A6 */ 2034 { 2035 1, 2036 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 2037 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 2038 SSL_kEDH, 2039 SSL_aNULL, 2040 SSL_AES128GCM, 2041 SSL_AEAD, 2042 SSL_TLSV1_2, 2043 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2044 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2045 128, 2046 128, 2047 }, 2048 2049 /* Cipher A7 */ 2050 { 2051 1, 2052 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 2053 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 2054 SSL_kEDH, 2055 SSL_aNULL, 2056 SSL_AES256GCM, 2057 SSL_AEAD, 2058 SSL_TLSV1_2, 2059 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2060 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2061 256, 2062 256, 2063 }, 2064 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL 2065 { 2066 1, 2067 "SCSV", 2068 SSL3_CK_SCSV, 2069 0, 2070 0, 2071 0, 2072 0, 2073 0, 2074 0, 2075 0, 2076 0, 2077 0}, 2078 #endif 2079 2080 #ifndef OPENSSL_NO_ECDH 2081 /* Cipher C001 */ 2082 { 2083 1, 2084 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 2085 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 2086 SSL_kECDHe, 2087 SSL_aECDH, 2088 SSL_eNULL, 2089 SSL_SHA1, 2090 SSL_TLSV1, 2091 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2092 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2093 0, 2094 0, 2095 }, 2096 2097 /* Cipher C002 */ 2098 { 2099 1, 2100 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 2101 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 2102 SSL_kECDHe, 2103 SSL_aECDH, 2104 SSL_RC4, 2105 SSL_SHA1, 2106 SSL_TLSV1, 2107 SSL_NOT_EXP | SSL_MEDIUM, 2108 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2109 128, 2110 128, 2111 }, 2112 2113 /* Cipher C003 */ 2114 { 2115 1, 2116 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2117 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2118 SSL_kECDHe, 2119 SSL_aECDH, 2120 SSL_3DES, 2121 SSL_SHA1, 2122 SSL_TLSV1, 2123 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2124 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2125 112, 2126 168, 2127 }, 2128 2129 /* Cipher C004 */ 2130 { 2131 1, 2132 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2133 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2134 SSL_kECDHe, 2135 SSL_aECDH, 2136 SSL_AES128, 2137 SSL_SHA1, 2138 SSL_TLSV1, 2139 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2140 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2141 128, 2142 128, 2143 }, 2144 2145 /* Cipher C005 */ 2146 { 2147 1, 2148 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2149 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2150 SSL_kECDHe, 2151 SSL_aECDH, 2152 SSL_AES256, 2153 SSL_SHA1, 2154 SSL_TLSV1, 2155 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2156 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2157 256, 2158 256, 2159 }, 2160 2161 /* Cipher C006 */ 2162 { 2163 1, 2164 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 2165 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 2166 SSL_kEECDH, 2167 SSL_aECDSA, 2168 SSL_eNULL, 2169 SSL_SHA1, 2170 SSL_TLSV1, 2171 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2172 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2173 0, 2174 0, 2175 }, 2176 2177 /* Cipher C007 */ 2178 { 2179 1, 2180 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 2181 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 2182 SSL_kEECDH, 2183 SSL_aECDSA, 2184 SSL_RC4, 2185 SSL_SHA1, 2186 SSL_TLSV1, 2187 SSL_NOT_EXP | SSL_MEDIUM, 2188 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2189 128, 2190 128, 2191 }, 2192 2193 /* Cipher C008 */ 2194 { 2195 1, 2196 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2197 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2198 SSL_kEECDH, 2199 SSL_aECDSA, 2200 SSL_3DES, 2201 SSL_SHA1, 2202 SSL_TLSV1, 2203 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2204 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2205 112, 2206 168, 2207 }, 2208 2209 /* Cipher C009 */ 2210 { 2211 1, 2212 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2213 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2214 SSL_kEECDH, 2215 SSL_aECDSA, 2216 SSL_AES128, 2217 SSL_SHA1, 2218 SSL_TLSV1, 2219 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2220 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2221 128, 2222 128, 2223 }, 2224 2225 /* Cipher C00A */ 2226 { 2227 1, 2228 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2229 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2230 SSL_kEECDH, 2231 SSL_aECDSA, 2232 SSL_AES256, 2233 SSL_SHA1, 2234 SSL_TLSV1, 2235 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2236 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2237 256, 2238 256, 2239 }, 2240 2241 /* Cipher C00B */ 2242 { 2243 1, 2244 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 2245 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 2246 SSL_kECDHr, 2247 SSL_aECDH, 2248 SSL_eNULL, 2249 SSL_SHA1, 2250 SSL_TLSV1, 2251 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2252 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2253 0, 2254 0, 2255 }, 2256 2257 /* Cipher C00C */ 2258 { 2259 1, 2260 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 2261 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 2262 SSL_kECDHr, 2263 SSL_aECDH, 2264 SSL_RC4, 2265 SSL_SHA1, 2266 SSL_TLSV1, 2267 SSL_NOT_EXP | SSL_MEDIUM, 2268 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2269 128, 2270 128, 2271 }, 2272 2273 /* Cipher C00D */ 2274 { 2275 1, 2276 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2277 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2278 SSL_kECDHr, 2279 SSL_aECDH, 2280 SSL_3DES, 2281 SSL_SHA1, 2282 SSL_TLSV1, 2283 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2284 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2285 112, 2286 168, 2287 }, 2288 2289 /* Cipher C00E */ 2290 { 2291 1, 2292 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 2293 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 2294 SSL_kECDHr, 2295 SSL_aECDH, 2296 SSL_AES128, 2297 SSL_SHA1, 2298 SSL_TLSV1, 2299 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2300 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2301 128, 2302 128, 2303 }, 2304 2305 /* Cipher C00F */ 2306 { 2307 1, 2308 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 2309 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 2310 SSL_kECDHr, 2311 SSL_aECDH, 2312 SSL_AES256, 2313 SSL_SHA1, 2314 SSL_TLSV1, 2315 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2316 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2317 256, 2318 256, 2319 }, 2320 2321 /* Cipher C010 */ 2322 { 2323 1, 2324 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 2325 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 2326 SSL_kEECDH, 2327 SSL_aRSA, 2328 SSL_eNULL, 2329 SSL_SHA1, 2330 SSL_TLSV1, 2331 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2332 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2333 0, 2334 0, 2335 }, 2336 2337 /* Cipher C011 */ 2338 { 2339 1, 2340 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 2341 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 2342 SSL_kEECDH, 2343 SSL_aRSA, 2344 SSL_RC4, 2345 SSL_SHA1, 2346 SSL_TLSV1, 2347 SSL_NOT_EXP | SSL_MEDIUM, 2348 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2349 128, 2350 128, 2351 }, 2352 2353 /* Cipher C012 */ 2354 { 2355 1, 2356 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2357 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2358 SSL_kEECDH, 2359 SSL_aRSA, 2360 SSL_3DES, 2361 SSL_SHA1, 2362 SSL_TLSV1, 2363 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2364 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2365 112, 2366 168, 2367 }, 2368 2369 /* Cipher C013 */ 2370 { 2371 1, 2372 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2373 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2374 SSL_kEECDH, 2375 SSL_aRSA, 2376 SSL_AES128, 2377 SSL_SHA1, 2378 SSL_TLSV1, 2379 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2380 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2381 128, 2382 128, 2383 }, 2384 2385 /* Cipher C014 */ 2386 { 2387 1, 2388 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2389 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2390 SSL_kEECDH, 2391 SSL_aRSA, 2392 SSL_AES256, 2393 SSL_SHA1, 2394 SSL_TLSV1, 2395 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2396 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2397 256, 2398 256, 2399 }, 2400 2401 /* Cipher C015 */ 2402 { 2403 1, 2404 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 2405 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 2406 SSL_kEECDH, 2407 SSL_aNULL, 2408 SSL_eNULL, 2409 SSL_SHA1, 2410 SSL_TLSV1, 2411 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2412 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2413 0, 2414 0, 2415 }, 2416 2417 /* Cipher C016 */ 2418 { 2419 1, 2420 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 2421 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 2422 SSL_kEECDH, 2423 SSL_aNULL, 2424 SSL_RC4, 2425 SSL_SHA1, 2426 SSL_TLSV1, 2427 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 2428 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2429 128, 2430 128, 2431 }, 2432 2433 /* Cipher C017 */ 2434 { 2435 1, 2436 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 2437 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 2438 SSL_kEECDH, 2439 SSL_aNULL, 2440 SSL_3DES, 2441 SSL_SHA1, 2442 SSL_TLSV1, 2443 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2444 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2445 112, 2446 168, 2447 }, 2448 2449 /* Cipher C018 */ 2450 { 2451 1, 2452 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 2453 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 2454 SSL_kEECDH, 2455 SSL_aNULL, 2456 SSL_AES128, 2457 SSL_SHA1, 2458 SSL_TLSV1, 2459 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2460 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2461 128, 2462 128, 2463 }, 2464 2465 /* Cipher C019 */ 2466 { 2467 1, 2468 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 2469 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 2470 SSL_kEECDH, 2471 SSL_aNULL, 2472 SSL_AES256, 2473 SSL_SHA1, 2474 SSL_TLSV1, 2475 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2476 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2477 256, 2478 256, 2479 }, 2480 #endif /* OPENSSL_NO_ECDH */ 2481 2482 #ifndef OPENSSL_NO_SRP 2483 /* Cipher C01A */ 2484 { 2485 1, 2486 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2487 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2488 SSL_kSRP, 2489 SSL_aSRP, 2490 SSL_3DES, 2491 SSL_SHA1, 2492 SSL_TLSV1, 2493 SSL_NOT_EXP | SSL_MEDIUM, 2494 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2495 112, 2496 168, 2497 }, 2498 2499 /* Cipher C01B */ 2500 { 2501 1, 2502 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2503 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2504 SSL_kSRP, 2505 SSL_aRSA, 2506 SSL_3DES, 2507 SSL_SHA1, 2508 SSL_TLSV1, 2509 SSL_NOT_EXP | SSL_MEDIUM, 2510 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2511 112, 2512 168, 2513 }, 2514 2515 /* Cipher C01C */ 2516 { 2517 1, 2518 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2519 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2520 SSL_kSRP, 2521 SSL_aDSS, 2522 SSL_3DES, 2523 SSL_SHA1, 2524 SSL_TLSV1, 2525 SSL_NOT_EXP | SSL_MEDIUM, 2526 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2527 112, 2528 168, 2529 }, 2530 2531 /* Cipher C01D */ 2532 { 2533 1, 2534 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, 2535 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, 2536 SSL_kSRP, 2537 SSL_aSRP, 2538 SSL_AES128, 2539 SSL_SHA1, 2540 SSL_TLSV1, 2541 SSL_NOT_EXP | SSL_HIGH, 2542 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2543 128, 2544 128, 2545 }, 2546 2547 /* Cipher C01E */ 2548 { 2549 1, 2550 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2551 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2552 SSL_kSRP, 2553 SSL_aRSA, 2554 SSL_AES128, 2555 SSL_SHA1, 2556 SSL_TLSV1, 2557 SSL_NOT_EXP | SSL_HIGH, 2558 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2559 128, 2560 128, 2561 }, 2562 2563 /* Cipher C01F */ 2564 { 2565 1, 2566 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2567 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2568 SSL_kSRP, 2569 SSL_aDSS, 2570 SSL_AES128, 2571 SSL_SHA1, 2572 SSL_TLSV1, 2573 SSL_NOT_EXP | SSL_HIGH, 2574 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2575 128, 2576 128, 2577 }, 2578 2579 /* Cipher C020 */ 2580 { 2581 1, 2582 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, 2583 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, 2584 SSL_kSRP, 2585 SSL_aSRP, 2586 SSL_AES256, 2587 SSL_SHA1, 2588 SSL_TLSV1, 2589 SSL_NOT_EXP | SSL_HIGH, 2590 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2591 256, 2592 256, 2593 }, 2594 2595 /* Cipher C021 */ 2596 { 2597 1, 2598 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2599 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2600 SSL_kSRP, 2601 SSL_aRSA, 2602 SSL_AES256, 2603 SSL_SHA1, 2604 SSL_TLSV1, 2605 SSL_NOT_EXP | SSL_HIGH, 2606 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2607 256, 2608 256, 2609 }, 2610 2611 /* Cipher C022 */ 2612 { 2613 1, 2614 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2615 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2616 SSL_kSRP, 2617 SSL_aDSS, 2618 SSL_AES256, 2619 SSL_SHA1, 2620 SSL_TLSV1, 2621 SSL_NOT_EXP | SSL_HIGH, 2622 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2623 256, 2624 256, 2625 }, 2626 #endif /* OPENSSL_NO_SRP */ 2627 #ifndef OPENSSL_NO_ECDH 2628 2629 /* HMAC based TLS v1.2 ciphersuites from RFC5289 */ 2630 2631 /* Cipher C023 */ 2632 { 2633 1, 2634 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 2635 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 2636 SSL_kEECDH, 2637 SSL_aECDSA, 2638 SSL_AES128, 2639 SSL_SHA256, 2640 SSL_TLSV1_2, 2641 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2642 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2643 128, 2644 128, 2645 }, 2646 2647 /* Cipher C024 */ 2648 { 2649 1, 2650 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 2651 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 2652 SSL_kEECDH, 2653 SSL_aECDSA, 2654 SSL_AES256, 2655 SSL_SHA384, 2656 SSL_TLSV1_2, 2657 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2658 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2659 256, 2660 256, 2661 }, 2662 2663 /* Cipher C025 */ 2664 { 2665 1, 2666 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256, 2667 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256, 2668 SSL_kECDHe, 2669 SSL_aECDH, 2670 SSL_AES128, 2671 SSL_SHA256, 2672 SSL_TLSV1_2, 2673 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2674 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2675 128, 2676 128, 2677 }, 2678 2679 /* Cipher C026 */ 2680 { 2681 1, 2682 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384, 2683 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384, 2684 SSL_kECDHe, 2685 SSL_aECDH, 2686 SSL_AES256, 2687 SSL_SHA384, 2688 SSL_TLSV1_2, 2689 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2690 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2691 256, 2692 256, 2693 }, 2694 2695 /* Cipher C027 */ 2696 { 2697 1, 2698 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 2699 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 2700 SSL_kEECDH, 2701 SSL_aRSA, 2702 SSL_AES128, 2703 SSL_SHA256, 2704 SSL_TLSV1_2, 2705 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2706 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2707 128, 2708 128, 2709 }, 2710 2711 /* Cipher C028 */ 2712 { 2713 1, 2714 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 2715 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 2716 SSL_kEECDH, 2717 SSL_aRSA, 2718 SSL_AES256, 2719 SSL_SHA384, 2720 SSL_TLSV1_2, 2721 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2722 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2723 256, 2724 256, 2725 }, 2726 2727 /* Cipher C029 */ 2728 { 2729 1, 2730 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, 2731 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, 2732 SSL_kECDHr, 2733 SSL_aECDH, 2734 SSL_AES128, 2735 SSL_SHA256, 2736 SSL_TLSV1_2, 2737 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2738 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2739 128, 2740 128, 2741 }, 2742 2743 /* Cipher C02A */ 2744 { 2745 1, 2746 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, 2747 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, 2748 SSL_kECDHr, 2749 SSL_aECDH, 2750 SSL_AES256, 2751 SSL_SHA384, 2752 SSL_TLSV1_2, 2753 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2754 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2755 256, 2756 256, 2757 }, 2758 2759 /* GCM based TLS v1.2 ciphersuites from RFC5289 */ 2760 2761 /* Cipher C02B */ 2762 { 2763 1, 2764 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2765 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2766 SSL_kEECDH, 2767 SSL_aECDSA, 2768 SSL_AES128GCM, 2769 SSL_AEAD, 2770 SSL_TLSV1_2, 2771 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2772 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2773 128, 2774 128, 2775 }, 2776 2777 /* Cipher C02C */ 2778 { 2779 1, 2780 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2781 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2782 SSL_kEECDH, 2783 SSL_aECDSA, 2784 SSL_AES256GCM, 2785 SSL_AEAD, 2786 SSL_TLSV1_2, 2787 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2788 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2789 256, 2790 256, 2791 }, 2792 2793 /* Cipher C02D */ 2794 { 2795 1, 2796 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2797 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2798 SSL_kECDHe, 2799 SSL_aECDH, 2800 SSL_AES128GCM, 2801 SSL_AEAD, 2802 SSL_TLSV1_2, 2803 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2804 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2805 128, 2806 128, 2807 }, 2808 2809 /* Cipher C02E */ 2810 { 2811 1, 2812 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2813 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2814 SSL_kECDHe, 2815 SSL_aECDH, 2816 SSL_AES256GCM, 2817 SSL_AEAD, 2818 SSL_TLSV1_2, 2819 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2820 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2821 256, 2822 256, 2823 }, 2824 2825 /* Cipher C02F */ 2826 { 2827 1, 2828 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2829 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2830 SSL_kEECDH, 2831 SSL_aRSA, 2832 SSL_AES128GCM, 2833 SSL_AEAD, 2834 SSL_TLSV1_2, 2835 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2836 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2837 128, 2838 128, 2839 }, 2840 2841 /* Cipher C030 */ 2842 { 2843 1, 2844 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2845 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2846 SSL_kEECDH, 2847 SSL_aRSA, 2848 SSL_AES256GCM, 2849 SSL_AEAD, 2850 SSL_TLSV1_2, 2851 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2852 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2853 256, 2854 256, 2855 }, 2856 2857 /* Cipher C031 */ 2858 { 2859 1, 2860 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2861 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2862 SSL_kECDHr, 2863 SSL_aECDH, 2864 SSL_AES128GCM, 2865 SSL_AEAD, 2866 SSL_TLSV1_2, 2867 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2868 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2869 128, 2870 128, 2871 }, 2872 2873 /* Cipher C032 */ 2874 { 2875 1, 2876 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2877 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2878 SSL_kECDHr, 2879 SSL_aECDH, 2880 SSL_AES256GCM, 2881 SSL_AEAD, 2882 SSL_TLSV1_2, 2883 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2884 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2885 256, 2886 256, 2887 }, 2888 2889 #endif /* OPENSSL_NO_ECDH */ 2890 2891 #ifdef TEMP_GOST_TLS 2892 /* Cipher FF00 */ 2893 { 2894 1, 2895 "GOST-MD5", 2896 0x0300ff00, 2897 SSL_kRSA, 2898 SSL_aRSA, 2899 SSL_eGOST2814789CNT, 2900 SSL_MD5, 2901 SSL_TLSV1, 2902 SSL_NOT_EXP | SSL_HIGH, 2903 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2904 256, 2905 256, 2906 }, 2907 { 2908 1, 2909 "GOST-GOST94", 2910 0x0300ff01, 2911 SSL_kRSA, 2912 SSL_aRSA, 2913 SSL_eGOST2814789CNT, 2914 SSL_GOST94, 2915 SSL_TLSV1, 2916 SSL_NOT_EXP | SSL_HIGH, 2917 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2918 256, 2919 256}, 2920 { 2921 1, 2922 "GOST-GOST89MAC", 2923 0x0300ff02, 2924 SSL_kRSA, 2925 SSL_aRSA, 2926 SSL_eGOST2814789CNT, 2927 SSL_GOST89MAC, 2928 SSL_TLSV1, 2929 SSL_NOT_EXP | SSL_HIGH, 2930 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2931 256, 2932 256}, 2933 { 2934 1, 2935 "GOST-GOST89STREAM", 2936 0x0300ff03, 2937 SSL_kRSA, 2938 SSL_aRSA, 2939 SSL_eGOST2814789CNT, 2940 SSL_GOST89MAC, 2941 SSL_TLSV1, 2942 SSL_NOT_EXP | SSL_HIGH, 2943 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC, 2944 256, 2945 256}, 2946 #endif 2947 2948 /* end of list */ 2949 }; 2950 2951 SSL3_ENC_METHOD SSLv3_enc_data = { 2952 ssl3_enc, 2953 n_ssl3_mac, 2954 ssl3_setup_key_block, 2955 ssl3_generate_master_secret, 2956 ssl3_change_cipher_state, 2957 ssl3_final_finish_mac, 2958 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, 2959 ssl3_cert_verify_mac, 2960 SSL3_MD_CLIENT_FINISHED_CONST, 4, 2961 SSL3_MD_SERVER_FINISHED_CONST, 4, 2962 ssl3_alert_code, 2963 (int (*)(SSL *, unsigned char *, size_t, const char *, 2964 size_t, const unsigned char *, size_t, 2965 int use_context))ssl_undefined_function, 2966 0, 2967 SSL3_HM_HEADER_LENGTH, 2968 ssl3_set_handshake_header, 2969 ssl3_handshake_write 2970 }; 2971 2972 long ssl3_default_timeout(void) 2973 { 2974 /* 2975 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for 2976 * http, the cache would over fill 2977 */ 2978 return (60 * 60 * 2); 2979 } 2980 2981 int ssl3_num_ciphers(void) 2982 { 2983 return (SSL3_NUM_CIPHERS); 2984 } 2985 2986 const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 2987 { 2988 if (u < SSL3_NUM_CIPHERS) 2989 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u])); 2990 else 2991 return (NULL); 2992 } 2993 2994 int ssl3_pending(const SSL *s) 2995 { 2996 if (s->rstate == SSL_ST_READ_BODY) 2997 return 0; 2998 2999 return (s->s3->rrec.type == 3000 SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 3001 } 3002 3003 void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) 3004 { 3005 unsigned char *p = (unsigned char *)s->init_buf->data; 3006 *(p++) = htype; 3007 l2n3(len, p); 3008 s->init_num = (int)len + SSL3_HM_HEADER_LENGTH; 3009 s->init_off = 0; 3010 } 3011 3012 int ssl3_handshake_write(SSL *s) 3013 { 3014 return ssl3_do_write(s, SSL3_RT_HANDSHAKE); 3015 } 3016 3017 int ssl3_new(SSL *s) 3018 { 3019 SSL3_STATE *s3; 3020 3021 if ((s3 = OPENSSL_malloc(sizeof(*s3))) == NULL) 3022 goto err; 3023 memset(s3, 0, sizeof(*s3)); 3024 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 3025 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); 3026 3027 s->s3 = s3; 3028 3029 #ifndef OPENSSL_NO_SRP 3030 SSL_SRP_CTX_init(s); 3031 #endif 3032 s->method->ssl_clear(s); 3033 return (1); 3034 err: 3035 return (0); 3036 } 3037 3038 void ssl3_free(SSL *s) 3039 { 3040 if (s == NULL || s->s3 == NULL) 3041 return; 3042 3043 #ifdef TLSEXT_TYPE_opaque_prf_input 3044 if (s->s3->client_opaque_prf_input != NULL) 3045 OPENSSL_free(s->s3->client_opaque_prf_input); 3046 if (s->s3->server_opaque_prf_input != NULL) 3047 OPENSSL_free(s->s3->server_opaque_prf_input); 3048 #endif 3049 3050 ssl3_cleanup_key_block(s); 3051 if (s->s3->rbuf.buf != NULL) 3052 ssl3_release_read_buffer(s); 3053 if (s->s3->wbuf.buf != NULL) 3054 ssl3_release_write_buffer(s); 3055 if (s->s3->rrec.comp != NULL) 3056 OPENSSL_free(s->s3->rrec.comp); 3057 #ifndef OPENSSL_NO_DH 3058 if (s->s3->tmp.dh != NULL) 3059 DH_free(s->s3->tmp.dh); 3060 #endif 3061 #ifndef OPENSSL_NO_ECDH 3062 if (s->s3->tmp.ecdh != NULL) 3063 EC_KEY_free(s->s3->tmp.ecdh); 3064 #endif 3065 3066 if (s->s3->tmp.ca_names != NULL) 3067 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3068 if (s->s3->handshake_buffer) { 3069 BIO_free(s->s3->handshake_buffer); 3070 } 3071 if (s->s3->handshake_dgst) 3072 ssl3_free_digest_list(s); 3073 #ifndef OPENSSL_NO_TLSEXT 3074 if (s->s3->alpn_selected) 3075 OPENSSL_free(s->s3->alpn_selected); 3076 #endif 3077 3078 #ifndef OPENSSL_NO_SRP 3079 SSL_SRP_CTX_free(s); 3080 #endif 3081 OPENSSL_cleanse(s->s3, sizeof(*s->s3)); 3082 OPENSSL_free(s->s3); 3083 s->s3 = NULL; 3084 } 3085 3086 void ssl3_clear(SSL *s) 3087 { 3088 unsigned char *rp, *wp; 3089 size_t rlen, wlen; 3090 int init_extra; 3091 3092 #ifdef TLSEXT_TYPE_opaque_prf_input 3093 if (s->s3->client_opaque_prf_input != NULL) 3094 OPENSSL_free(s->s3->client_opaque_prf_input); 3095 s->s3->client_opaque_prf_input = NULL; 3096 if (s->s3->server_opaque_prf_input != NULL) 3097 OPENSSL_free(s->s3->server_opaque_prf_input); 3098 s->s3->server_opaque_prf_input = NULL; 3099 #endif 3100 3101 ssl3_cleanup_key_block(s); 3102 if (s->s3->tmp.ca_names != NULL) 3103 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3104 3105 if (s->s3->rrec.comp != NULL) { 3106 OPENSSL_free(s->s3->rrec.comp); 3107 s->s3->rrec.comp = NULL; 3108 } 3109 #ifndef OPENSSL_NO_DH 3110 if (s->s3->tmp.dh != NULL) { 3111 DH_free(s->s3->tmp.dh); 3112 s->s3->tmp.dh = NULL; 3113 } 3114 #endif 3115 #ifndef OPENSSL_NO_ECDH 3116 if (s->s3->tmp.ecdh != NULL) { 3117 EC_KEY_free(s->s3->tmp.ecdh); 3118 s->s3->tmp.ecdh = NULL; 3119 } 3120 #endif 3121 #ifndef OPENSSL_NO_TLSEXT 3122 # ifndef OPENSSL_NO_EC 3123 s->s3->is_probably_safari = 0; 3124 # endif /* !OPENSSL_NO_EC */ 3125 #endif /* !OPENSSL_NO_TLSEXT */ 3126 3127 rp = s->s3->rbuf.buf; 3128 wp = s->s3->wbuf.buf; 3129 rlen = s->s3->rbuf.len; 3130 wlen = s->s3->wbuf.len; 3131 init_extra = s->s3->init_extra; 3132 if (s->s3->handshake_buffer) { 3133 BIO_free(s->s3->handshake_buffer); 3134 s->s3->handshake_buffer = NULL; 3135 } 3136 if (s->s3->handshake_dgst) { 3137 ssl3_free_digest_list(s); 3138 } 3139 #if !defined(OPENSSL_NO_TLSEXT) 3140 if (s->s3->alpn_selected) { 3141 OPENSSL_free(s->s3->alpn_selected); 3142 s->s3->alpn_selected = NULL; 3143 } 3144 #endif 3145 memset(s->s3, 0, sizeof(*s->s3)); 3146 s->s3->rbuf.buf = rp; 3147 s->s3->wbuf.buf = wp; 3148 s->s3->rbuf.len = rlen; 3149 s->s3->wbuf.len = wlen; 3150 s->s3->init_extra = init_extra; 3151 3152 ssl_free_wbio_buffer(s); 3153 3154 s->packet_length = 0; 3155 s->s3->renegotiate = 0; 3156 s->s3->total_renegotiations = 0; 3157 s->s3->num_renegotiations = 0; 3158 s->s3->in_read_app_data = 0; 3159 s->version = SSL3_VERSION; 3160 3161 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 3162 if (s->next_proto_negotiated) { 3163 OPENSSL_free(s->next_proto_negotiated); 3164 s->next_proto_negotiated = NULL; 3165 s->next_proto_negotiated_len = 0; 3166 } 3167 #endif 3168 } 3169 3170 #ifndef OPENSSL_NO_SRP 3171 static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg) 3172 { 3173 return BUF_strdup(s->srp_ctx.info); 3174 } 3175 #endif 3176 3177 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, 3178 size_t len); 3179 3180 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 3181 { 3182 int ret = 0; 3183 3184 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3185 if ( 3186 # ifndef OPENSSL_NO_RSA 3187 cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || 3188 # endif 3189 # ifndef OPENSSL_NO_DSA 3190 cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB || 3191 # endif 3192 0) { 3193 if (!ssl_cert_inst(&s->cert)) { 3194 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 3195 return (0); 3196 } 3197 } 3198 #endif 3199 3200 switch (cmd) { 3201 case SSL_CTRL_GET_SESSION_REUSED: 3202 ret = s->hit; 3203 break; 3204 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 3205 break; 3206 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 3207 ret = s->s3->num_renegotiations; 3208 break; 3209 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 3210 ret = s->s3->num_renegotiations; 3211 s->s3->num_renegotiations = 0; 3212 break; 3213 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 3214 ret = s->s3->total_renegotiations; 3215 break; 3216 case SSL_CTRL_GET_FLAGS: 3217 ret = (int)(s->s3->flags); 3218 break; 3219 #ifndef OPENSSL_NO_RSA 3220 case SSL_CTRL_NEED_TMP_RSA: 3221 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 3222 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3223 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3224 (512 / 8)))) 3225 ret = 1; 3226 break; 3227 case SSL_CTRL_SET_TMP_RSA: 3228 { 3229 RSA *rsa = (RSA *)parg; 3230 if (rsa == NULL) { 3231 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3232 return (ret); 3233 } 3234 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) { 3235 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); 3236 return (ret); 3237 } 3238 if (s->cert->rsa_tmp != NULL) 3239 RSA_free(s->cert->rsa_tmp); 3240 s->cert->rsa_tmp = rsa; 3241 ret = 1; 3242 } 3243 break; 3244 case SSL_CTRL_SET_TMP_RSA_CB: 3245 { 3246 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3247 return (ret); 3248 } 3249 break; 3250 #endif 3251 #ifndef OPENSSL_NO_DH 3252 case SSL_CTRL_SET_TMP_DH: 3253 { 3254 DH *dh = (DH *)parg; 3255 if (dh == NULL) { 3256 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3257 return (ret); 3258 } 3259 if ((dh = DHparams_dup(dh)) == NULL) { 3260 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3261 return (ret); 3262 } 3263 if (s->cert->dh_tmp != NULL) 3264 DH_free(s->cert->dh_tmp); 3265 s->cert->dh_tmp = dh; 3266 ret = 1; 3267 } 3268 break; 3269 case SSL_CTRL_SET_TMP_DH_CB: 3270 { 3271 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3272 return (ret); 3273 } 3274 break; 3275 #endif 3276 #ifndef OPENSSL_NO_ECDH 3277 case SSL_CTRL_SET_TMP_ECDH: 3278 { 3279 EC_KEY *ecdh = NULL; 3280 3281 if (parg == NULL) { 3282 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3283 return (ret); 3284 } 3285 if (!EC_KEY_up_ref((EC_KEY *)parg)) { 3286 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3287 return (ret); 3288 } 3289 ecdh = (EC_KEY *)parg; 3290 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) { 3291 if (!EC_KEY_generate_key(ecdh)) { 3292 EC_KEY_free(ecdh); 3293 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3294 return (ret); 3295 } 3296 } 3297 if (s->cert->ecdh_tmp != NULL) 3298 EC_KEY_free(s->cert->ecdh_tmp); 3299 s->cert->ecdh_tmp = ecdh; 3300 ret = 1; 3301 } 3302 break; 3303 case SSL_CTRL_SET_TMP_ECDH_CB: 3304 { 3305 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3306 return (ret); 3307 } 3308 break; 3309 #endif /* !OPENSSL_NO_ECDH */ 3310 #ifndef OPENSSL_NO_TLSEXT 3311 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 3312 if (larg == TLSEXT_NAMETYPE_host_name) { 3313 size_t len; 3314 3315 if (s->tlsext_hostname != NULL) 3316 OPENSSL_free(s->tlsext_hostname); 3317 s->tlsext_hostname = NULL; 3318 3319 ret = 1; 3320 if (parg == NULL) 3321 break; 3322 len = strlen((char *)parg); 3323 if (len == 0 || len > TLSEXT_MAXLEN_host_name) { 3324 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 3325 return 0; 3326 } 3327 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) { 3328 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 3329 return 0; 3330 } 3331 } else { 3332 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 3333 return 0; 3334 } 3335 break; 3336 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 3337 s->tlsext_debug_arg = parg; 3338 ret = 1; 3339 break; 3340 3341 # ifdef TLSEXT_TYPE_opaque_prf_input 3342 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3343 if (larg > 12288) { /* actual internal limit is 2^16 for the 3344 * complete hello message * (including the 3345 * cert chain and everything) */ 3346 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3347 break; 3348 } 3349 if (s->tlsext_opaque_prf_input != NULL) 3350 OPENSSL_free(s->tlsext_opaque_prf_input); 3351 if ((size_t)larg == 0) 3352 s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte 3353 * just to get 3354 * non-NULL */ 3355 else 3356 s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); 3357 if (s->tlsext_opaque_prf_input != NULL) { 3358 s->tlsext_opaque_prf_input_len = (size_t)larg; 3359 ret = 1; 3360 } else 3361 s->tlsext_opaque_prf_input_len = 0; 3362 break; 3363 # endif 3364 3365 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3366 s->tlsext_status_type = larg; 3367 ret = 1; 3368 break; 3369 3370 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 3371 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; 3372 ret = 1; 3373 break; 3374 3375 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 3376 s->tlsext_ocsp_exts = parg; 3377 ret = 1; 3378 break; 3379 3380 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 3381 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; 3382 ret = 1; 3383 break; 3384 3385 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 3386 s->tlsext_ocsp_ids = parg; 3387 ret = 1; 3388 break; 3389 3390 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 3391 *(unsigned char **)parg = s->tlsext_ocsp_resp; 3392 return s->tlsext_ocsp_resplen; 3393 3394 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 3395 if (s->tlsext_ocsp_resp) 3396 OPENSSL_free(s->tlsext_ocsp_resp); 3397 s->tlsext_ocsp_resp = parg; 3398 s->tlsext_ocsp_resplen = larg; 3399 ret = 1; 3400 break; 3401 3402 # ifndef OPENSSL_NO_HEARTBEATS 3403 case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT: 3404 if (SSL_IS_DTLS(s)) 3405 ret = dtls1_heartbeat(s); 3406 else 3407 ret = tls1_heartbeat(s); 3408 break; 3409 3410 case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING: 3411 ret = s->tlsext_hb_pending; 3412 break; 3413 3414 case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS: 3415 if (larg) 3416 s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3417 else 3418 s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3419 ret = 1; 3420 break; 3421 # endif 3422 3423 #endif /* !OPENSSL_NO_TLSEXT */ 3424 3425 case SSL_CTRL_CHAIN: 3426 if (larg) 3427 return ssl_cert_set1_chain(s->cert, (STACK_OF(X509) *)parg); 3428 else 3429 return ssl_cert_set0_chain(s->cert, (STACK_OF(X509) *)parg); 3430 3431 case SSL_CTRL_CHAIN_CERT: 3432 if (larg) 3433 return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg); 3434 else 3435 return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg); 3436 3437 case SSL_CTRL_GET_CHAIN_CERTS: 3438 *(STACK_OF(X509) **)parg = s->cert->key->chain; 3439 break; 3440 3441 case SSL_CTRL_SELECT_CURRENT_CERT: 3442 return ssl_cert_select_current(s->cert, (X509 *)parg); 3443 3444 case SSL_CTRL_SET_CURRENT_CERT: 3445 if (larg == SSL_CERT_SET_SERVER) { 3446 CERT_PKEY *cpk; 3447 const SSL_CIPHER *cipher; 3448 if (!s->server) 3449 return 0; 3450 cipher = s->s3->tmp.new_cipher; 3451 if (!cipher) 3452 return 0; 3453 /* 3454 * No certificate for unauthenticated ciphersuites or using SRP 3455 * authentication 3456 */ 3457 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP)) 3458 return 2; 3459 cpk = ssl_get_server_send_pkey(s); 3460 if (!cpk) 3461 return 0; 3462 s->cert->key = cpk; 3463 return 1; 3464 } 3465 return ssl_cert_set_current(s->cert, larg); 3466 3467 #ifndef OPENSSL_NO_EC 3468 case SSL_CTRL_GET_CURVES: 3469 { 3470 unsigned char *clist; 3471 size_t clistlen; 3472 if (!s->session) 3473 return 0; 3474 clist = s->session->tlsext_ellipticcurvelist; 3475 clistlen = s->session->tlsext_ellipticcurvelist_length / 2; 3476 if (parg) { 3477 size_t i; 3478 int *cptr = parg; 3479 unsigned int cid, nid; 3480 for (i = 0; i < clistlen; i++) { 3481 n2s(clist, cid); 3482 nid = tls1_ec_curve_id2nid(cid); 3483 if (nid != 0) 3484 cptr[i] = nid; 3485 else 3486 cptr[i] = TLSEXT_nid_unknown | cid; 3487 } 3488 } 3489 return (int)clistlen; 3490 } 3491 3492 case SSL_CTRL_SET_CURVES: 3493 return tls1_set_curves(&s->tlsext_ellipticcurvelist, 3494 &s->tlsext_ellipticcurvelist_length, 3495 parg, larg); 3496 3497 case SSL_CTRL_SET_CURVES_LIST: 3498 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist, 3499 &s->tlsext_ellipticcurvelist_length, 3500 parg); 3501 3502 case SSL_CTRL_GET_SHARED_CURVE: 3503 return tls1_shared_curve(s, larg); 3504 3505 # ifndef OPENSSL_NO_ECDH 3506 case SSL_CTRL_SET_ECDH_AUTO: 3507 s->cert->ecdh_tmp_auto = larg; 3508 return 1; 3509 # endif 3510 #endif 3511 case SSL_CTRL_SET_SIGALGS: 3512 return tls1_set_sigalgs(s->cert, parg, larg, 0); 3513 3514 case SSL_CTRL_SET_SIGALGS_LIST: 3515 return tls1_set_sigalgs_list(s->cert, parg, 0); 3516 3517 case SSL_CTRL_SET_CLIENT_SIGALGS: 3518 return tls1_set_sigalgs(s->cert, parg, larg, 1); 3519 3520 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3521 return tls1_set_sigalgs_list(s->cert, parg, 1); 3522 3523 case SSL_CTRL_GET_CLIENT_CERT_TYPES: 3524 { 3525 const unsigned char **pctype = parg; 3526 if (s->server || !s->s3->tmp.cert_req) 3527 return 0; 3528 if (s->cert->ctypes) { 3529 if (pctype) 3530 *pctype = s->cert->ctypes; 3531 return (int)s->cert->ctype_num; 3532 } 3533 if (pctype) 3534 *pctype = (unsigned char *)s->s3->tmp.ctype; 3535 return s->s3->tmp.ctype_num; 3536 } 3537 3538 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3539 if (!s->server) 3540 return 0; 3541 return ssl3_set_req_cert_type(s->cert, parg, larg); 3542 3543 case SSL_CTRL_BUILD_CERT_CHAIN: 3544 return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg); 3545 3546 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3547 return ssl_cert_set_cert_store(s->cert, parg, 0, larg); 3548 3549 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3550 return ssl_cert_set_cert_store(s->cert, parg, 1, larg); 3551 3552 case SSL_CTRL_GET_PEER_SIGNATURE_NID: 3553 if (SSL_USE_SIGALGS(s)) { 3554 if (s->session && s->session->sess_cert) { 3555 const EVP_MD *sig; 3556 sig = s->session->sess_cert->peer_key->digest; 3557 if (sig) { 3558 *(int *)parg = EVP_MD_type(sig); 3559 return 1; 3560 } 3561 } 3562 return 0; 3563 } 3564 /* Might want to do something here for other versions */ 3565 else 3566 return 0; 3567 3568 case SSL_CTRL_GET_SERVER_TMP_KEY: 3569 if (s->server || !s->session || !s->session->sess_cert) 3570 return 0; 3571 else { 3572 SESS_CERT *sc; 3573 EVP_PKEY *ptmp; 3574 int rv = 0; 3575 sc = s->session->sess_cert; 3576 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_ECDH) 3577 if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp) 3578 return 0; 3579 #endif 3580 ptmp = EVP_PKEY_new(); 3581 if (!ptmp) 3582 return 0; 3583 if (0) ; 3584 #ifndef OPENSSL_NO_RSA 3585 else if (sc->peer_rsa_tmp) 3586 rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp); 3587 #endif 3588 #ifndef OPENSSL_NO_DH 3589 else if (sc->peer_dh_tmp) 3590 rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp); 3591 #endif 3592 #ifndef OPENSSL_NO_ECDH 3593 else if (sc->peer_ecdh_tmp) 3594 rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp); 3595 #endif 3596 if (rv) { 3597 *(EVP_PKEY **)parg = ptmp; 3598 return 1; 3599 } 3600 EVP_PKEY_free(ptmp); 3601 return 0; 3602 } 3603 #ifndef OPENSSL_NO_EC 3604 case SSL_CTRL_GET_EC_POINT_FORMATS: 3605 { 3606 SSL_SESSION *sess = s->session; 3607 const unsigned char **pformat = parg; 3608 if (!sess || !sess->tlsext_ecpointformatlist) 3609 return 0; 3610 *pformat = sess->tlsext_ecpointformatlist; 3611 return (int)sess->tlsext_ecpointformatlist_length; 3612 } 3613 #endif 3614 3615 case SSL_CTRL_CHECK_PROTO_VERSION: 3616 /* 3617 * For library-internal use; checks that the current protocol is the 3618 * highest enabled version (according to s->ctx->method, as version 3619 * negotiation may have changed s->method). 3620 */ 3621 if (s->version == s->ctx->method->version) 3622 return 1; 3623 /* 3624 * Apparently we're using a version-flexible SSL_METHOD (not at its 3625 * highest protocol version). 3626 */ 3627 if (s->ctx->method->version == SSLv23_method()->version) { 3628 #if TLS_MAX_VERSION != TLS1_2_VERSION 3629 # error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. 3630 #endif 3631 if (!(s->options & SSL_OP_NO_TLSv1_2)) 3632 return s->version == TLS1_2_VERSION; 3633 if (!(s->options & SSL_OP_NO_TLSv1_1)) 3634 return s->version == TLS1_1_VERSION; 3635 if (!(s->options & SSL_OP_NO_TLSv1)) 3636 return s->version == TLS1_VERSION; 3637 if (!(s->options & SSL_OP_NO_SSLv3)) 3638 return s->version == SSL3_VERSION; 3639 if (!(s->options & SSL_OP_NO_SSLv2)) 3640 return s->version == SSL2_VERSION; 3641 } 3642 return 0; /* Unexpected state; fail closed. */ 3643 3644 default: 3645 break; 3646 } 3647 return (ret); 3648 } 3649 3650 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 3651 { 3652 int ret = 0; 3653 3654 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3655 if ( 3656 # ifndef OPENSSL_NO_RSA 3657 cmd == SSL_CTRL_SET_TMP_RSA_CB || 3658 # endif 3659 # ifndef OPENSSL_NO_DSA 3660 cmd == SSL_CTRL_SET_TMP_DH_CB || 3661 # endif 3662 0) { 3663 if (!ssl_cert_inst(&s->cert)) { 3664 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); 3665 return (0); 3666 } 3667 } 3668 #endif 3669 3670 switch (cmd) { 3671 #ifndef OPENSSL_NO_RSA 3672 case SSL_CTRL_SET_TMP_RSA_CB: 3673 { 3674 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3675 } 3676 break; 3677 #endif 3678 #ifndef OPENSSL_NO_DH 3679 case SSL_CTRL_SET_TMP_DH_CB: 3680 { 3681 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3682 } 3683 break; 3684 #endif 3685 #ifndef OPENSSL_NO_ECDH 3686 case SSL_CTRL_SET_TMP_ECDH_CB: 3687 { 3688 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3689 } 3690 break; 3691 #endif 3692 #ifndef OPENSSL_NO_TLSEXT 3693 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3694 s->tlsext_debug_cb = (void (*)(SSL *, int, int, 3695 unsigned char *, int, void *))fp; 3696 break; 3697 #endif 3698 default: 3699 break; 3700 } 3701 return (ret); 3702 } 3703 3704 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3705 { 3706 CERT *cert; 3707 3708 cert = ctx->cert; 3709 3710 switch (cmd) { 3711 #ifndef OPENSSL_NO_RSA 3712 case SSL_CTRL_NEED_TMP_RSA: 3713 if ((cert->rsa_tmp == NULL) && 3714 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3715 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3716 (512 / 8))) 3717 ) 3718 return (1); 3719 else 3720 return (0); 3721 /* break; */ 3722 case SSL_CTRL_SET_TMP_RSA: 3723 { 3724 RSA *rsa; 3725 int i; 3726 3727 rsa = (RSA *)parg; 3728 i = 1; 3729 if (rsa == NULL) 3730 i = 0; 3731 else { 3732 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) 3733 i = 0; 3734 } 3735 if (!i) { 3736 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB); 3737 return (0); 3738 } else { 3739 if (cert->rsa_tmp != NULL) 3740 RSA_free(cert->rsa_tmp); 3741 cert->rsa_tmp = rsa; 3742 return (1); 3743 } 3744 } 3745 /* break; */ 3746 case SSL_CTRL_SET_TMP_RSA_CB: 3747 { 3748 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3749 return (0); 3750 } 3751 break; 3752 #endif 3753 #ifndef OPENSSL_NO_DH 3754 case SSL_CTRL_SET_TMP_DH: 3755 { 3756 DH *new = NULL, *dh; 3757 3758 dh = (DH *)parg; 3759 if ((new = DHparams_dup(dh)) == NULL) { 3760 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); 3761 return 0; 3762 } 3763 if (cert->dh_tmp != NULL) 3764 DH_free(cert->dh_tmp); 3765 cert->dh_tmp = new; 3766 return 1; 3767 } 3768 /* 3769 * break; 3770 */ 3771 case SSL_CTRL_SET_TMP_DH_CB: 3772 { 3773 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3774 return (0); 3775 } 3776 break; 3777 #endif 3778 #ifndef OPENSSL_NO_ECDH 3779 case SSL_CTRL_SET_TMP_ECDH: 3780 { 3781 EC_KEY *ecdh = NULL; 3782 3783 if (parg == NULL) { 3784 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3785 return 0; 3786 } 3787 ecdh = EC_KEY_dup((EC_KEY *)parg); 3788 if (ecdh == NULL) { 3789 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB); 3790 return 0; 3791 } 3792 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) { 3793 if (!EC_KEY_generate_key(ecdh)) { 3794 EC_KEY_free(ecdh); 3795 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3796 return 0; 3797 } 3798 } 3799 3800 if (cert->ecdh_tmp != NULL) { 3801 EC_KEY_free(cert->ecdh_tmp); 3802 } 3803 cert->ecdh_tmp = ecdh; 3804 return 1; 3805 } 3806 /* break; */ 3807 case SSL_CTRL_SET_TMP_ECDH_CB: 3808 { 3809 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3810 return (0); 3811 } 3812 break; 3813 #endif /* !OPENSSL_NO_ECDH */ 3814 #ifndef OPENSSL_NO_TLSEXT 3815 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 3816 ctx->tlsext_servername_arg = parg; 3817 break; 3818 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 3819 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 3820 { 3821 unsigned char *keys = parg; 3822 if (!keys) 3823 return 48; 3824 if (larg != 48) { 3825 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3826 return 0; 3827 } 3828 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 3829 memcpy(ctx->tlsext_tick_key_name, keys, 16); 3830 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 3831 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 3832 } else { 3833 memcpy(keys, ctx->tlsext_tick_key_name, 16); 3834 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 3835 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 3836 } 3837 return 1; 3838 } 3839 3840 # ifdef TLSEXT_TYPE_opaque_prf_input 3841 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG: 3842 ctx->tlsext_opaque_prf_input_callback_arg = parg; 3843 return 1; 3844 # endif 3845 3846 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 3847 ctx->tlsext_status_arg = parg; 3848 return 1; 3849 break; 3850 3851 # ifndef OPENSSL_NO_SRP 3852 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: 3853 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3854 if (ctx->srp_ctx.login != NULL) 3855 OPENSSL_free(ctx->srp_ctx.login); 3856 ctx->srp_ctx.login = NULL; 3857 if (parg == NULL) 3858 break; 3859 if (strlen((const char *)parg) > 255 3860 || strlen((const char *)parg) < 1) { 3861 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3862 return 0; 3863 } 3864 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) { 3865 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3866 return 0; 3867 } 3868 break; 3869 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3870 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3871 srp_password_from_info_cb; 3872 ctx->srp_ctx.info = parg; 3873 break; 3874 case SSL_CTRL_SET_SRP_ARG: 3875 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3876 ctx->srp_ctx.SRP_cb_arg = parg; 3877 break; 3878 3879 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH: 3880 ctx->srp_ctx.strength = larg; 3881 break; 3882 # endif 3883 3884 # ifndef OPENSSL_NO_EC 3885 case SSL_CTRL_SET_CURVES: 3886 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, 3887 &ctx->tlsext_ellipticcurvelist_length, 3888 parg, larg); 3889 3890 case SSL_CTRL_SET_CURVES_LIST: 3891 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist, 3892 &ctx->tlsext_ellipticcurvelist_length, 3893 parg); 3894 # ifndef OPENSSL_NO_ECDH 3895 case SSL_CTRL_SET_ECDH_AUTO: 3896 ctx->cert->ecdh_tmp_auto = larg; 3897 return 1; 3898 # endif 3899 # endif 3900 case SSL_CTRL_SET_SIGALGS: 3901 return tls1_set_sigalgs(ctx->cert, parg, larg, 0); 3902 3903 case SSL_CTRL_SET_SIGALGS_LIST: 3904 return tls1_set_sigalgs_list(ctx->cert, parg, 0); 3905 3906 case SSL_CTRL_SET_CLIENT_SIGALGS: 3907 return tls1_set_sigalgs(ctx->cert, parg, larg, 1); 3908 3909 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3910 return tls1_set_sigalgs_list(ctx->cert, parg, 1); 3911 3912 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3913 return ssl3_set_req_cert_type(ctx->cert, parg, larg); 3914 3915 case SSL_CTRL_BUILD_CERT_CHAIN: 3916 return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg); 3917 3918 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3919 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg); 3920 3921 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3922 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg); 3923 3924 #endif /* !OPENSSL_NO_TLSEXT */ 3925 3926 /* A Thawte special :-) */ 3927 case SSL_CTRL_EXTRA_CHAIN_CERT: 3928 if (ctx->extra_certs == NULL) { 3929 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) 3930 return (0); 3931 } 3932 sk_X509_push(ctx->extra_certs, (X509 *)parg); 3933 break; 3934 3935 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 3936 if (ctx->extra_certs == NULL && larg == 0) 3937 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3938 else 3939 *(STACK_OF(X509) **)parg = ctx->extra_certs; 3940 break; 3941 3942 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 3943 if (ctx->extra_certs) { 3944 sk_X509_pop_free(ctx->extra_certs, X509_free); 3945 ctx->extra_certs = NULL; 3946 } 3947 break; 3948 3949 case SSL_CTRL_CHAIN: 3950 if (larg) 3951 return ssl_cert_set1_chain(ctx->cert, (STACK_OF(X509) *)parg); 3952 else 3953 return ssl_cert_set0_chain(ctx->cert, (STACK_OF(X509) *)parg); 3954 3955 case SSL_CTRL_CHAIN_CERT: 3956 if (larg) 3957 return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg); 3958 else 3959 return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg); 3960 3961 case SSL_CTRL_GET_CHAIN_CERTS: 3962 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3963 break; 3964 3965 case SSL_CTRL_SELECT_CURRENT_CERT: 3966 return ssl_cert_select_current(ctx->cert, (X509 *)parg); 3967 3968 case SSL_CTRL_SET_CURRENT_CERT: 3969 return ssl_cert_set_current(ctx->cert, larg); 3970 3971 default: 3972 return (0); 3973 } 3974 return (1); 3975 } 3976 3977 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 3978 { 3979 CERT *cert; 3980 3981 cert = ctx->cert; 3982 3983 switch (cmd) { 3984 #ifndef OPENSSL_NO_RSA 3985 case SSL_CTRL_SET_TMP_RSA_CB: 3986 { 3987 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3988 } 3989 break; 3990 #endif 3991 #ifndef OPENSSL_NO_DH 3992 case SSL_CTRL_SET_TMP_DH_CB: 3993 { 3994 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3995 } 3996 break; 3997 #endif 3998 #ifndef OPENSSL_NO_ECDH 3999 case SSL_CTRL_SET_TMP_ECDH_CB: 4000 { 4001 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 4002 } 4003 break; 4004 #endif 4005 #ifndef OPENSSL_NO_TLSEXT 4006 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 4007 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp; 4008 break; 4009 4010 # ifdef TLSEXT_TYPE_opaque_prf_input 4011 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB: 4012 ctx->tlsext_opaque_prf_input_callback = 4013 (int (*)(SSL *, void *, size_t, void *))fp; 4014 break; 4015 # endif 4016 4017 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 4018 ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp; 4019 break; 4020 4021 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 4022 ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *, 4023 unsigned char *, 4024 EVP_CIPHER_CTX *, 4025 HMAC_CTX *, int))fp; 4026 break; 4027 4028 # ifndef OPENSSL_NO_SRP 4029 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: 4030 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 4031 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp; 4032 break; 4033 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB: 4034 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 4035 ctx->srp_ctx.TLS_ext_srp_username_callback = 4036 (int (*)(SSL *, int *, void *))fp; 4037 break; 4038 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB: 4039 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 4040 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 4041 (char *(*)(SSL *, void *))fp; 4042 break; 4043 # endif 4044 #endif 4045 default: 4046 return (0); 4047 } 4048 return (1); 4049 } 4050 4051 /* 4052 * This function needs to check if the ciphers required are actually 4053 * available 4054 */ 4055 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 4056 { 4057 SSL_CIPHER c; 4058 const SSL_CIPHER *cp; 4059 unsigned long id; 4060 4061 id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1]; 4062 c.id = id; 4063 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 4064 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES 4065 if (cp == NULL) 4066 fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]); 4067 #endif 4068 return cp; 4069 } 4070 4071 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 4072 { 4073 long l; 4074 4075 if (p != NULL) { 4076 l = c->id; 4077 if ((l & 0xff000000) != 0x03000000) 4078 return (0); 4079 p[0] = ((unsigned char)(l >> 8L)) & 0xFF; 4080 p[1] = ((unsigned char)(l)) & 0xFF; 4081 } 4082 return (2); 4083 } 4084 4085 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 4086 STACK_OF(SSL_CIPHER) *srvr) 4087 { 4088 SSL_CIPHER *c, *ret = NULL; 4089 STACK_OF(SSL_CIPHER) *prio, *allow; 4090 int i, ii, ok; 4091 CERT *cert; 4092 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a; 4093 4094 /* Let's see which ciphers we can support */ 4095 cert = s->cert; 4096 4097 #if 0 4098 /* 4099 * Do not set the compare functions, because this may lead to a 4100 * reordering by "id". We want to keep the original ordering. We may pay 4101 * a price in performance during sk_SSL_CIPHER_find(), but would have to 4102 * pay with the price of sk_SSL_CIPHER_dup(). 4103 */ 4104 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp); 4105 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp); 4106 #endif 4107 4108 #ifdef CIPHER_DEBUG 4109 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), 4110 (void *)srvr); 4111 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { 4112 c = sk_SSL_CIPHER_value(srvr, i); 4113 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4114 } 4115 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), 4116 (void *)clnt); 4117 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { 4118 c = sk_SSL_CIPHER_value(clnt, i); 4119 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4120 } 4121 #endif 4122 4123 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) { 4124 prio = srvr; 4125 allow = clnt; 4126 } else { 4127 prio = clnt; 4128 allow = srvr; 4129 } 4130 4131 tls1_set_cert_validity(s); 4132 4133 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) { 4134 c = sk_SSL_CIPHER_value(prio, i); 4135 4136 /* Skip TLS v1.2 only ciphersuites if not supported */ 4137 if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s)) 4138 continue; 4139 4140 ssl_set_cert_masks(cert, c); 4141 mask_k = cert->mask_k; 4142 mask_a = cert->mask_a; 4143 emask_k = cert->export_mask_k; 4144 emask_a = cert->export_mask_a; 4145 #ifndef OPENSSL_NO_SRP 4146 if (s->srp_ctx.srp_Mask & SSL_kSRP) { 4147 mask_k |= SSL_kSRP; 4148 emask_k |= SSL_kSRP; 4149 mask_a |= SSL_aSRP; 4150 emask_a |= SSL_aSRP; 4151 } 4152 #endif 4153 4154 #ifdef KSSL_DEBUG 4155 /* 4156 * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n", 4157 * i,c->algorithms); 4158 */ 4159 #endif /* KSSL_DEBUG */ 4160 4161 alg_k = c->algorithm_mkey; 4162 alg_a = c->algorithm_auth; 4163 4164 #ifndef OPENSSL_NO_KRB5 4165 if (alg_k & SSL_kKRB5) { 4166 if (!kssl_keytab_is_available(s->kssl_ctx)) 4167 continue; 4168 } 4169 #endif /* OPENSSL_NO_KRB5 */ 4170 #ifndef OPENSSL_NO_PSK 4171 /* with PSK there must be server callback set */ 4172 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL) 4173 continue; 4174 #endif /* OPENSSL_NO_PSK */ 4175 4176 if (SSL_C_IS_EXPORT(c)) { 4177 ok = (alg_k & emask_k) && (alg_a & emask_a); 4178 #ifdef CIPHER_DEBUG 4179 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n", 4180 ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name); 4181 #endif 4182 } else { 4183 ok = (alg_k & mask_k) && (alg_a & mask_a); 4184 #ifdef CIPHER_DEBUG 4185 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, 4186 alg_a, mask_k, mask_a, (void *)c, c->name); 4187 #endif 4188 } 4189 4190 #ifndef OPENSSL_NO_TLSEXT 4191 # ifndef OPENSSL_NO_EC 4192 # ifndef OPENSSL_NO_ECDH 4193 /* 4194 * if we are considering an ECC cipher suite that uses an ephemeral 4195 * EC key check it 4196 */ 4197 if (alg_k & SSL_kEECDH) 4198 ok = ok && tls1_check_ec_tmp_key(s, c->id); 4199 # endif /* OPENSSL_NO_ECDH */ 4200 # endif /* OPENSSL_NO_EC */ 4201 #endif /* OPENSSL_NO_TLSEXT */ 4202 4203 if (!ok) 4204 continue; 4205 ii = sk_SSL_CIPHER_find(allow, c); 4206 if (ii >= 0) { 4207 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) 4208 if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) 4209 && s->s3->is_probably_safari) { 4210 if (!ret) 4211 ret = sk_SSL_CIPHER_value(allow, ii); 4212 continue; 4213 } 4214 #endif 4215 ret = sk_SSL_CIPHER_value(allow, ii); 4216 break; 4217 } 4218 } 4219 return (ret); 4220 } 4221 4222 int ssl3_get_req_cert_type(SSL *s, unsigned char *p) 4223 { 4224 int ret = 0; 4225 const unsigned char *sig; 4226 size_t i, siglen; 4227 int have_rsa_sign = 0, have_dsa_sign = 0; 4228 #ifndef OPENSSL_NO_ECDSA 4229 int have_ecdsa_sign = 0; 4230 #endif 4231 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH) 4232 int nostrict = 1; 4233 #endif 4234 #if !defined(OPENSSL_NO_GOST) || !defined(OPENSSL_NO_DH) || \ 4235 !defined(OPENSSL_NO_ECDH) 4236 unsigned long alg_k; 4237 #endif 4238 4239 /* If we have custom certificate types set, use them */ 4240 if (s->cert->ctypes) { 4241 memcpy(p, s->cert->ctypes, s->cert->ctype_num); 4242 return (int)s->cert->ctype_num; 4243 } 4244 /* get configured sigalgs */ 4245 siglen = tls12_get_psigalgs(s, 1, &sig); 4246 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH) 4247 if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT) 4248 nostrict = 0; 4249 #endif 4250 for (i = 0; i < siglen; i += 2, sig += 2) { 4251 switch (sig[1]) { 4252 case TLSEXT_signature_rsa: 4253 have_rsa_sign = 1; 4254 break; 4255 4256 case TLSEXT_signature_dsa: 4257 have_dsa_sign = 1; 4258 break; 4259 #ifndef OPENSSL_NO_ECDSA 4260 case TLSEXT_signature_ecdsa: 4261 have_ecdsa_sign = 1; 4262 break; 4263 #endif 4264 } 4265 } 4266 4267 #if !defined(OPENSSL_NO_GOST) || !defined(OPENSSL_NO_DH) || \ 4268 !defined(OPENSSL_NO_ECDH) 4269 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 4270 #endif 4271 4272 #ifndef OPENSSL_NO_GOST 4273 if (s->version >= TLS1_VERSION) { 4274 if (alg_k & SSL_kGOST) { 4275 p[ret++] = TLS_CT_GOST94_SIGN; 4276 p[ret++] = TLS_CT_GOST01_SIGN; 4277 return (ret); 4278 } 4279 } 4280 #endif 4281 4282 #ifndef OPENSSL_NO_DH 4283 if (alg_k & (SSL_kDHr | SSL_kEDH)) { 4284 # ifndef OPENSSL_NO_RSA 4285 /* 4286 * Since this refers to a certificate signed with an RSA algorithm, 4287 * only check for rsa signing in strict mode. 4288 */ 4289 if (nostrict || have_rsa_sign) 4290 p[ret++] = SSL3_CT_RSA_FIXED_DH; 4291 # endif 4292 # ifndef OPENSSL_NO_DSA 4293 if (nostrict || have_dsa_sign) 4294 p[ret++] = SSL3_CT_DSS_FIXED_DH; 4295 # endif 4296 } 4297 if ((s->version == SSL3_VERSION) && 4298 (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) { 4299 # ifndef OPENSSL_NO_RSA 4300 p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; 4301 # endif 4302 # ifndef OPENSSL_NO_DSA 4303 p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; 4304 # endif 4305 } 4306 #endif /* !OPENSSL_NO_DH */ 4307 #ifndef OPENSSL_NO_RSA 4308 if (have_rsa_sign) 4309 p[ret++] = SSL3_CT_RSA_SIGN; 4310 #endif 4311 #ifndef OPENSSL_NO_DSA 4312 if (have_dsa_sign) 4313 p[ret++] = SSL3_CT_DSS_SIGN; 4314 #endif 4315 #ifndef OPENSSL_NO_ECDH 4316 if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { 4317 if (nostrict || have_rsa_sign) 4318 p[ret++] = TLS_CT_RSA_FIXED_ECDH; 4319 if (nostrict || have_ecdsa_sign) 4320 p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; 4321 } 4322 #endif 4323 4324 #ifndef OPENSSL_NO_ECDSA 4325 /* 4326 * ECDSA certs can be used with RSA cipher suites as well so we don't 4327 * need to check for SSL_kECDH or SSL_kEECDH 4328 */ 4329 if (s->version >= TLS1_VERSION) { 4330 if (have_ecdsa_sign) 4331 p[ret++] = TLS_CT_ECDSA_SIGN; 4332 } 4333 #endif 4334 return (ret); 4335 } 4336 4337 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len) 4338 { 4339 if (c->ctypes) { 4340 OPENSSL_free(c->ctypes); 4341 c->ctypes = NULL; 4342 } 4343 if (!p || !len) 4344 return 1; 4345 if (len > 0xff) 4346 return 0; 4347 c->ctypes = OPENSSL_malloc(len); 4348 if (!c->ctypes) 4349 return 0; 4350 memcpy(c->ctypes, p, len); 4351 c->ctype_num = len; 4352 return 1; 4353 } 4354 4355 int ssl3_shutdown(SSL *s) 4356 { 4357 int ret; 4358 4359 /* 4360 * Don't do anything much if we have not done the handshake or we don't 4361 * want to send messages :-) 4362 */ 4363 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) { 4364 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 4365 return (1); 4366 } 4367 4368 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { 4369 s->shutdown |= SSL_SENT_SHUTDOWN; 4370 #if 1 4371 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); 4372 #endif 4373 /* 4374 * our shutdown alert has been sent now, and if it still needs to be 4375 * written, s->s3->alert_dispatch will be true 4376 */ 4377 if (s->s3->alert_dispatch) 4378 return (-1); /* return WANT_WRITE */ 4379 } else if (s->s3->alert_dispatch) { 4380 /* resend it if not sent */ 4381 #if 1 4382 ret = s->method->ssl_dispatch_alert(s); 4383 if (ret == -1) { 4384 /* 4385 * we only get to return -1 here the 2nd/Nth invocation, we must 4386 * have already signalled return 0 upon a previous invoation, 4387 * return WANT_WRITE 4388 */ 4389 return (ret); 4390 } 4391 #endif 4392 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4393 /* 4394 * If we are waiting for a close from our peer, we are closed 4395 */ 4396 s->method->ssl_read_bytes(s, 0, NULL, 0, 0); 4397 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4398 return (-1); /* return WANT_READ */ 4399 } 4400 } 4401 4402 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) && 4403 !s->s3->alert_dispatch) 4404 return (1); 4405 else 4406 return (0); 4407 } 4408 4409 int ssl3_write(SSL *s, const void *buf, int len) 4410 { 4411 int ret, n; 4412 4413 #if 0 4414 if (s->shutdown & SSL_SEND_SHUTDOWN) { 4415 s->rwstate = SSL_NOTHING; 4416 return (0); 4417 } 4418 #endif 4419 clear_sys_error(); 4420 if (s->s3->renegotiate) 4421 ssl3_renegotiate_check(s); 4422 4423 /* 4424 * This is an experimental flag that sends the last handshake message in 4425 * the same packet as the first use data - used to see if it helps the 4426 * TCP protocol during session-id reuse 4427 */ 4428 /* The second test is because the buffer may have been removed */ 4429 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) { 4430 /* First time through, we write into the buffer */ 4431 if (s->s3->delay_buf_pop_ret == 0) { 4432 ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len); 4433 if (ret <= 0) 4434 return (ret); 4435 4436 s->s3->delay_buf_pop_ret = ret; 4437 } 4438 4439 s->rwstate = SSL_WRITING; 4440 n = BIO_flush(s->wbio); 4441 if (n <= 0) 4442 return (n); 4443 s->rwstate = SSL_NOTHING; 4444 4445 /* We have flushed the buffer, so remove it */ 4446 ssl_free_wbio_buffer(s); 4447 s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER; 4448 4449 ret = s->s3->delay_buf_pop_ret; 4450 s->s3->delay_buf_pop_ret = 0; 4451 } else { 4452 ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, 4453 buf, len); 4454 if (ret <= 0) 4455 return (ret); 4456 } 4457 4458 return (ret); 4459 } 4460 4461 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 4462 { 4463 int ret; 4464 4465 clear_sys_error(); 4466 if (s->s3->renegotiate) 4467 ssl3_renegotiate_check(s); 4468 s->s3->in_read_app_data = 1; 4469 ret = 4470 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4471 peek); 4472 if ((ret == -1) && (s->s3->in_read_app_data == 2)) { 4473 /* 4474 * ssl3_read_bytes decided to call s->handshake_func, which called 4475 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes 4476 * actually found application data and thinks that application data 4477 * makes sense here; so disable handshake processing and try to read 4478 * application data again. 4479 */ 4480 s->in_handshake++; 4481 ret = 4482 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4483 peek); 4484 s->in_handshake--; 4485 } else 4486 s->s3->in_read_app_data = 0; 4487 4488 return (ret); 4489 } 4490 4491 int ssl3_read(SSL *s, void *buf, int len) 4492 { 4493 return ssl3_read_internal(s, buf, len, 0); 4494 } 4495 4496 int ssl3_peek(SSL *s, void *buf, int len) 4497 { 4498 return ssl3_read_internal(s, buf, len, 1); 4499 } 4500 4501 int ssl3_renegotiate(SSL *s) 4502 { 4503 if (s->handshake_func == NULL) 4504 return (1); 4505 4506 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 4507 return (0); 4508 4509 s->s3->renegotiate = 1; 4510 return (1); 4511 } 4512 4513 int ssl3_renegotiate_check(SSL *s) 4514 { 4515 int ret = 0; 4516 4517 if (s->s3->renegotiate) { 4518 if ((s->s3->rbuf.left == 0) && 4519 (s->s3->wbuf.left == 0) && !SSL_in_init(s)) { 4520 /* 4521 * if we are the server, and we have sent a 'RENEGOTIATE' 4522 * message, we need to go to SSL_ST_ACCEPT. 4523 */ 4524 /* SSL_ST_ACCEPT */ 4525 s->state = SSL_ST_RENEGOTIATE; 4526 s->s3->renegotiate = 0; 4527 s->s3->num_renegotiations++; 4528 s->s3->total_renegotiations++; 4529 ret = 1; 4530 } 4531 } 4532 return (ret); 4533 } 4534 4535 /* 4536 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and 4537 * handshake macs if required. 4538 */ 4539 long ssl_get_algorithm2(SSL *s) 4540 { 4541 long alg2; 4542 if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL) 4543 return -1; 4544 alg2 = s->s3->tmp.new_cipher->algorithm2; 4545 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF 4546 && alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF)) 4547 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 4548 return alg2; 4549 } 4550