1 /* ssl/s3_lib.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * 114 * Portions of the attached software ("Contribution") are developed by 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 116 * 117 * The Contribution is licensed pursuant to the OpenSSL open source 118 * license provided above. 119 * 120 * ECC cipher suite support in OpenSSL originally written by 121 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 122 * 123 */ 124 /* ==================================================================== 125 * Copyright 2005 Nokia. All rights reserved. 126 * 127 * The portions of the attached software ("Contribution") is developed by 128 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 129 * license. 130 * 131 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 132 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 133 * support (see RFC 4279) to OpenSSL. 134 * 135 * No patent licenses or other rights except those expressly stated in 136 * the OpenSSL open source license shall be deemed granted or received 137 * expressly, by implication, estoppel, or otherwise. 138 * 139 * No assurances are provided by Nokia that the Contribution does not 140 * infringe the patent or other intellectual property rights of any third 141 * party or that the license provides you with all the necessary rights 142 * to make use of the Contribution. 143 * 144 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 145 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 146 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 147 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 148 * OTHERWISE. 149 */ 150 151 #include <stdio.h> 152 #include <openssl/objects.h> 153 #include "ssl_locl.h" 154 #include "kssl_lcl.h" 155 #include <openssl/md5.h> 156 #ifndef OPENSSL_NO_DH 157 # include <openssl/dh.h> 158 #endif 159 160 const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT; 161 162 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) 163 164 /* list of available SSLv3 ciphers (sorted by id) */ 165 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 166 167 /* The RSA ciphers */ 168 /* Cipher 01 */ 169 { 170 1, 171 SSL3_TXT_RSA_NULL_MD5, 172 SSL3_CK_RSA_NULL_MD5, 173 SSL_kRSA, 174 SSL_aRSA, 175 SSL_eNULL, 176 SSL_MD5, 177 SSL_SSLV3, 178 SSL_NOT_EXP | SSL_STRONG_NONE, 179 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 180 0, 181 0, 182 }, 183 184 /* Cipher 02 */ 185 { 186 1, 187 SSL3_TXT_RSA_NULL_SHA, 188 SSL3_CK_RSA_NULL_SHA, 189 SSL_kRSA, 190 SSL_aRSA, 191 SSL_eNULL, 192 SSL_SHA1, 193 SSL_SSLV3, 194 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 195 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 196 0, 197 0, 198 }, 199 200 /* Cipher 03 */ 201 { 202 1, 203 SSL3_TXT_RSA_RC4_40_MD5, 204 SSL3_CK_RSA_RC4_40_MD5, 205 SSL_kRSA, 206 SSL_aRSA, 207 SSL_RC4, 208 SSL_MD5, 209 SSL_SSLV3, 210 SSL_EXPORT | SSL_EXP40, 211 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 212 40, 213 128, 214 }, 215 216 /* Cipher 04 */ 217 { 218 1, 219 SSL3_TXT_RSA_RC4_128_MD5, 220 SSL3_CK_RSA_RC4_128_MD5, 221 SSL_kRSA, 222 SSL_aRSA, 223 SSL_RC4, 224 SSL_MD5, 225 SSL_SSLV3, 226 SSL_NOT_EXP | SSL_MEDIUM, 227 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 228 128, 229 128, 230 }, 231 232 /* Cipher 05 */ 233 { 234 1, 235 SSL3_TXT_RSA_RC4_128_SHA, 236 SSL3_CK_RSA_RC4_128_SHA, 237 SSL_kRSA, 238 SSL_aRSA, 239 SSL_RC4, 240 SSL_SHA1, 241 SSL_SSLV3, 242 SSL_NOT_EXP | SSL_MEDIUM, 243 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 244 128, 245 128, 246 }, 247 248 /* Cipher 06 */ 249 { 250 1, 251 SSL3_TXT_RSA_RC2_40_MD5, 252 SSL3_CK_RSA_RC2_40_MD5, 253 SSL_kRSA, 254 SSL_aRSA, 255 SSL_RC2, 256 SSL_MD5, 257 SSL_SSLV3, 258 SSL_EXPORT | SSL_EXP40, 259 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 260 40, 261 128, 262 }, 263 264 /* Cipher 07 */ 265 #ifndef OPENSSL_NO_IDEA 266 { 267 1, 268 SSL3_TXT_RSA_IDEA_128_SHA, 269 SSL3_CK_RSA_IDEA_128_SHA, 270 SSL_kRSA, 271 SSL_aRSA, 272 SSL_IDEA, 273 SSL_SHA1, 274 SSL_SSLV3, 275 SSL_NOT_EXP | SSL_MEDIUM, 276 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 277 128, 278 128, 279 }, 280 #endif 281 282 /* Cipher 08 */ 283 { 284 1, 285 SSL3_TXT_RSA_DES_40_CBC_SHA, 286 SSL3_CK_RSA_DES_40_CBC_SHA, 287 SSL_kRSA, 288 SSL_aRSA, 289 SSL_DES, 290 SSL_SHA1, 291 SSL_SSLV3, 292 SSL_EXPORT | SSL_EXP40, 293 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 294 40, 295 56, 296 }, 297 298 /* Cipher 09 */ 299 { 300 1, 301 SSL3_TXT_RSA_DES_64_CBC_SHA, 302 SSL3_CK_RSA_DES_64_CBC_SHA, 303 SSL_kRSA, 304 SSL_aRSA, 305 SSL_DES, 306 SSL_SHA1, 307 SSL_SSLV3, 308 SSL_NOT_EXP | SSL_LOW, 309 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 310 56, 311 56, 312 }, 313 314 /* Cipher 0A */ 315 { 316 1, 317 SSL3_TXT_RSA_DES_192_CBC3_SHA, 318 SSL3_CK_RSA_DES_192_CBC3_SHA, 319 SSL_kRSA, 320 SSL_aRSA, 321 SSL_3DES, 322 SSL_SHA1, 323 SSL_SSLV3, 324 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 325 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 326 112, 327 168, 328 }, 329 330 /* The DH ciphers */ 331 /* Cipher 0B */ 332 { 333 0, 334 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 335 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 336 SSL_kDHd, 337 SSL_aDH, 338 SSL_DES, 339 SSL_SHA1, 340 SSL_SSLV3, 341 SSL_EXPORT | SSL_EXP40, 342 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 343 40, 344 56, 345 }, 346 347 /* Cipher 0C */ 348 { 349 1, 350 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 351 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 352 SSL_kDHd, 353 SSL_aDH, 354 SSL_DES, 355 SSL_SHA1, 356 SSL_SSLV3, 357 SSL_NOT_EXP | SSL_LOW, 358 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 359 56, 360 56, 361 }, 362 363 /* Cipher 0D */ 364 { 365 1, 366 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 367 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 368 SSL_kDHd, 369 SSL_aDH, 370 SSL_3DES, 371 SSL_SHA1, 372 SSL_SSLV3, 373 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 374 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 375 112, 376 168, 377 }, 378 379 /* Cipher 0E */ 380 { 381 0, 382 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 383 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 384 SSL_kDHr, 385 SSL_aDH, 386 SSL_DES, 387 SSL_SHA1, 388 SSL_SSLV3, 389 SSL_EXPORT | SSL_EXP40, 390 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 391 40, 392 56, 393 }, 394 395 /* Cipher 0F */ 396 { 397 1, 398 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 399 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 400 SSL_kDHr, 401 SSL_aDH, 402 SSL_DES, 403 SSL_SHA1, 404 SSL_SSLV3, 405 SSL_NOT_EXP | SSL_LOW, 406 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 407 56, 408 56, 409 }, 410 411 /* Cipher 10 */ 412 { 413 1, 414 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 415 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 416 SSL_kDHr, 417 SSL_aDH, 418 SSL_3DES, 419 SSL_SHA1, 420 SSL_SSLV3, 421 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 422 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 423 112, 424 168, 425 }, 426 427 /* The Ephemeral DH ciphers */ 428 /* Cipher 11 */ 429 { 430 1, 431 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 432 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 433 SSL_kEDH, 434 SSL_aDSS, 435 SSL_DES, 436 SSL_SHA1, 437 SSL_SSLV3, 438 SSL_EXPORT | SSL_EXP40, 439 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 440 40, 441 56, 442 }, 443 444 /* Cipher 12 */ 445 { 446 1, 447 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 448 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 449 SSL_kEDH, 450 SSL_aDSS, 451 SSL_DES, 452 SSL_SHA1, 453 SSL_SSLV3, 454 SSL_NOT_EXP | SSL_LOW, 455 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 456 56, 457 56, 458 }, 459 460 /* Cipher 13 */ 461 { 462 1, 463 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 464 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 465 SSL_kEDH, 466 SSL_aDSS, 467 SSL_3DES, 468 SSL_SHA1, 469 SSL_SSLV3, 470 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 471 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 472 112, 473 168, 474 }, 475 476 /* Cipher 14 */ 477 { 478 1, 479 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 480 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 481 SSL_kEDH, 482 SSL_aRSA, 483 SSL_DES, 484 SSL_SHA1, 485 SSL_SSLV3, 486 SSL_EXPORT | SSL_EXP40, 487 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 488 40, 489 56, 490 }, 491 492 /* Cipher 15 */ 493 { 494 1, 495 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 496 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 497 SSL_kEDH, 498 SSL_aRSA, 499 SSL_DES, 500 SSL_SHA1, 501 SSL_SSLV3, 502 SSL_NOT_EXP | SSL_LOW, 503 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 504 56, 505 56, 506 }, 507 508 /* Cipher 16 */ 509 { 510 1, 511 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 512 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 513 SSL_kEDH, 514 SSL_aRSA, 515 SSL_3DES, 516 SSL_SHA1, 517 SSL_SSLV3, 518 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 519 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 520 112, 521 168, 522 }, 523 524 /* Cipher 17 */ 525 { 526 1, 527 SSL3_TXT_ADH_RC4_40_MD5, 528 SSL3_CK_ADH_RC4_40_MD5, 529 SSL_kEDH, 530 SSL_aNULL, 531 SSL_RC4, 532 SSL_MD5, 533 SSL_SSLV3, 534 SSL_EXPORT | SSL_EXP40, 535 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 536 40, 537 128, 538 }, 539 540 /* Cipher 18 */ 541 { 542 1, 543 SSL3_TXT_ADH_RC4_128_MD5, 544 SSL3_CK_ADH_RC4_128_MD5, 545 SSL_kEDH, 546 SSL_aNULL, 547 SSL_RC4, 548 SSL_MD5, 549 SSL_SSLV3, 550 SSL_NOT_EXP | SSL_MEDIUM, 551 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 552 128, 553 128, 554 }, 555 556 /* Cipher 19 */ 557 { 558 1, 559 SSL3_TXT_ADH_DES_40_CBC_SHA, 560 SSL3_CK_ADH_DES_40_CBC_SHA, 561 SSL_kEDH, 562 SSL_aNULL, 563 SSL_DES, 564 SSL_SHA1, 565 SSL_SSLV3, 566 SSL_EXPORT | SSL_EXP40, 567 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 568 40, 569 128, 570 }, 571 572 /* Cipher 1A */ 573 { 574 1, 575 SSL3_TXT_ADH_DES_64_CBC_SHA, 576 SSL3_CK_ADH_DES_64_CBC_SHA, 577 SSL_kEDH, 578 SSL_aNULL, 579 SSL_DES, 580 SSL_SHA1, 581 SSL_SSLV3, 582 SSL_NOT_EXP | SSL_LOW, 583 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 584 56, 585 56, 586 }, 587 588 /* Cipher 1B */ 589 { 590 1, 591 SSL3_TXT_ADH_DES_192_CBC_SHA, 592 SSL3_CK_ADH_DES_192_CBC_SHA, 593 SSL_kEDH, 594 SSL_aNULL, 595 SSL_3DES, 596 SSL_SHA1, 597 SSL_SSLV3, 598 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 599 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 600 112, 601 168, 602 }, 603 604 /* Fortezza ciphersuite from SSL 3.0 spec */ 605 #if 0 606 /* Cipher 1C */ 607 { 608 0, 609 SSL3_TXT_FZA_DMS_NULL_SHA, 610 SSL3_CK_FZA_DMS_NULL_SHA, 611 SSL_kFZA, 612 SSL_aFZA, 613 SSL_eNULL, 614 SSL_SHA1, 615 SSL_SSLV3, 616 SSL_NOT_EXP | SSL_STRONG_NONE, 617 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 618 0, 619 0, 620 }, 621 622 /* Cipher 1D */ 623 { 624 0, 625 SSL3_TXT_FZA_DMS_FZA_SHA, 626 SSL3_CK_FZA_DMS_FZA_SHA, 627 SSL_kFZA, 628 SSL_aFZA, 629 SSL_eFZA, 630 SSL_SHA1, 631 SSL_SSLV3, 632 SSL_NOT_EXP | SSL_STRONG_NONE, 633 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 634 0, 635 0, 636 }, 637 638 /* Cipher 1E */ 639 { 640 0, 641 SSL3_TXT_FZA_DMS_RC4_SHA, 642 SSL3_CK_FZA_DMS_RC4_SHA, 643 SSL_kFZA, 644 SSL_aFZA, 645 SSL_RC4, 646 SSL_SHA1, 647 SSL_SSLV3, 648 SSL_NOT_EXP | SSL_MEDIUM, 649 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 650 128, 651 128, 652 }, 653 #endif 654 655 #ifndef OPENSSL_NO_KRB5 656 /* The Kerberos ciphers*/ 657 /* Cipher 1E */ 658 { 659 1, 660 SSL3_TXT_KRB5_DES_64_CBC_SHA, 661 SSL3_CK_KRB5_DES_64_CBC_SHA, 662 SSL_kKRB5, 663 SSL_aKRB5, 664 SSL_DES, 665 SSL_SHA1, 666 SSL_SSLV3, 667 SSL_NOT_EXP | SSL_LOW, 668 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 669 56, 670 56, 671 }, 672 673 /* Cipher 1F */ 674 { 675 1, 676 SSL3_TXT_KRB5_DES_192_CBC3_SHA, 677 SSL3_CK_KRB5_DES_192_CBC3_SHA, 678 SSL_kKRB5, 679 SSL_aKRB5, 680 SSL_3DES, 681 SSL_SHA1, 682 SSL_SSLV3, 683 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 684 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 685 112, 686 168, 687 }, 688 689 /* Cipher 20 */ 690 { 691 1, 692 SSL3_TXT_KRB5_RC4_128_SHA, 693 SSL3_CK_KRB5_RC4_128_SHA, 694 SSL_kKRB5, 695 SSL_aKRB5, 696 SSL_RC4, 697 SSL_SHA1, 698 SSL_SSLV3, 699 SSL_NOT_EXP | SSL_MEDIUM, 700 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 701 128, 702 128, 703 }, 704 705 /* Cipher 21 */ 706 { 707 1, 708 SSL3_TXT_KRB5_IDEA_128_CBC_SHA, 709 SSL3_CK_KRB5_IDEA_128_CBC_SHA, 710 SSL_kKRB5, 711 SSL_aKRB5, 712 SSL_IDEA, 713 SSL_SHA1, 714 SSL_SSLV3, 715 SSL_NOT_EXP | SSL_MEDIUM, 716 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 717 128, 718 128, 719 }, 720 721 /* Cipher 22 */ 722 { 723 1, 724 SSL3_TXT_KRB5_DES_64_CBC_MD5, 725 SSL3_CK_KRB5_DES_64_CBC_MD5, 726 SSL_kKRB5, 727 SSL_aKRB5, 728 SSL_DES, 729 SSL_MD5, 730 SSL_SSLV3, 731 SSL_NOT_EXP | SSL_LOW, 732 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 733 56, 734 56, 735 }, 736 737 /* Cipher 23 */ 738 { 739 1, 740 SSL3_TXT_KRB5_DES_192_CBC3_MD5, 741 SSL3_CK_KRB5_DES_192_CBC3_MD5, 742 SSL_kKRB5, 743 SSL_aKRB5, 744 SSL_3DES, 745 SSL_MD5, 746 SSL_SSLV3, 747 SSL_NOT_EXP | SSL_HIGH, 748 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 749 112, 750 168, 751 }, 752 753 /* Cipher 24 */ 754 { 755 1, 756 SSL3_TXT_KRB5_RC4_128_MD5, 757 SSL3_CK_KRB5_RC4_128_MD5, 758 SSL_kKRB5, 759 SSL_aKRB5, 760 SSL_RC4, 761 SSL_MD5, 762 SSL_SSLV3, 763 SSL_NOT_EXP | SSL_MEDIUM, 764 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 765 128, 766 128, 767 }, 768 769 /* Cipher 25 */ 770 { 771 1, 772 SSL3_TXT_KRB5_IDEA_128_CBC_MD5, 773 SSL3_CK_KRB5_IDEA_128_CBC_MD5, 774 SSL_kKRB5, 775 SSL_aKRB5, 776 SSL_IDEA, 777 SSL_MD5, 778 SSL_SSLV3, 779 SSL_NOT_EXP | SSL_MEDIUM, 780 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 781 128, 782 128, 783 }, 784 785 /* Cipher 26 */ 786 { 787 1, 788 SSL3_TXT_KRB5_DES_40_CBC_SHA, 789 SSL3_CK_KRB5_DES_40_CBC_SHA, 790 SSL_kKRB5, 791 SSL_aKRB5, 792 SSL_DES, 793 SSL_SHA1, 794 SSL_SSLV3, 795 SSL_EXPORT | SSL_EXP40, 796 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 797 40, 798 56, 799 }, 800 801 /* Cipher 27 */ 802 { 803 1, 804 SSL3_TXT_KRB5_RC2_40_CBC_SHA, 805 SSL3_CK_KRB5_RC2_40_CBC_SHA, 806 SSL_kKRB5, 807 SSL_aKRB5, 808 SSL_RC2, 809 SSL_SHA1, 810 SSL_SSLV3, 811 SSL_EXPORT | SSL_EXP40, 812 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 813 40, 814 128, 815 }, 816 817 /* Cipher 28 */ 818 { 819 1, 820 SSL3_TXT_KRB5_RC4_40_SHA, 821 SSL3_CK_KRB5_RC4_40_SHA, 822 SSL_kKRB5, 823 SSL_aKRB5, 824 SSL_RC4, 825 SSL_SHA1, 826 SSL_SSLV3, 827 SSL_EXPORT | SSL_EXP40, 828 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 829 40, 830 128, 831 }, 832 833 /* Cipher 29 */ 834 { 835 1, 836 SSL3_TXT_KRB5_DES_40_CBC_MD5, 837 SSL3_CK_KRB5_DES_40_CBC_MD5, 838 SSL_kKRB5, 839 SSL_aKRB5, 840 SSL_DES, 841 SSL_MD5, 842 SSL_SSLV3, 843 SSL_EXPORT | SSL_EXP40, 844 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 845 40, 846 56, 847 }, 848 849 /* Cipher 2A */ 850 { 851 1, 852 SSL3_TXT_KRB5_RC2_40_CBC_MD5, 853 SSL3_CK_KRB5_RC2_40_CBC_MD5, 854 SSL_kKRB5, 855 SSL_aKRB5, 856 SSL_RC2, 857 SSL_MD5, 858 SSL_SSLV3, 859 SSL_EXPORT | SSL_EXP40, 860 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 861 40, 862 128, 863 }, 864 865 /* Cipher 2B */ 866 { 867 1, 868 SSL3_TXT_KRB5_RC4_40_MD5, 869 SSL3_CK_KRB5_RC4_40_MD5, 870 SSL_kKRB5, 871 SSL_aKRB5, 872 SSL_RC4, 873 SSL_MD5, 874 SSL_SSLV3, 875 SSL_EXPORT | SSL_EXP40, 876 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 877 40, 878 128, 879 }, 880 #endif /* OPENSSL_NO_KRB5 */ 881 882 /* New AES ciphersuites */ 883 /* Cipher 2F */ 884 { 885 1, 886 TLS1_TXT_RSA_WITH_AES_128_SHA, 887 TLS1_CK_RSA_WITH_AES_128_SHA, 888 SSL_kRSA, 889 SSL_aRSA, 890 SSL_AES128, 891 SSL_SHA1, 892 SSL_TLSV1, 893 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 894 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 895 128, 896 128, 897 }, 898 /* Cipher 30 */ 899 { 900 1, 901 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 902 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 903 SSL_kDHd, 904 SSL_aDH, 905 SSL_AES128, 906 SSL_SHA1, 907 SSL_TLSV1, 908 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 909 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 910 128, 911 128, 912 }, 913 /* Cipher 31 */ 914 { 915 1, 916 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 917 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 918 SSL_kDHr, 919 SSL_aDH, 920 SSL_AES128, 921 SSL_SHA1, 922 SSL_TLSV1, 923 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 924 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 925 128, 926 128, 927 }, 928 /* Cipher 32 */ 929 { 930 1, 931 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 932 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 933 SSL_kEDH, 934 SSL_aDSS, 935 SSL_AES128, 936 SSL_SHA1, 937 SSL_TLSV1, 938 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 939 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 940 128, 941 128, 942 }, 943 /* Cipher 33 */ 944 { 945 1, 946 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 947 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 948 SSL_kEDH, 949 SSL_aRSA, 950 SSL_AES128, 951 SSL_SHA1, 952 SSL_TLSV1, 953 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 954 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 955 128, 956 128, 957 }, 958 /* Cipher 34 */ 959 { 960 1, 961 TLS1_TXT_ADH_WITH_AES_128_SHA, 962 TLS1_CK_ADH_WITH_AES_128_SHA, 963 SSL_kEDH, 964 SSL_aNULL, 965 SSL_AES128, 966 SSL_SHA1, 967 SSL_TLSV1, 968 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 969 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 970 128, 971 128, 972 }, 973 974 /* Cipher 35 */ 975 { 976 1, 977 TLS1_TXT_RSA_WITH_AES_256_SHA, 978 TLS1_CK_RSA_WITH_AES_256_SHA, 979 SSL_kRSA, 980 SSL_aRSA, 981 SSL_AES256, 982 SSL_SHA1, 983 SSL_TLSV1, 984 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 985 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 986 256, 987 256, 988 }, 989 /* Cipher 36 */ 990 { 991 1, 992 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 993 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 994 SSL_kDHd, 995 SSL_aDH, 996 SSL_AES256, 997 SSL_SHA1, 998 SSL_TLSV1, 999 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1000 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1001 256, 1002 256, 1003 }, 1004 1005 /* Cipher 37 */ 1006 { 1007 1, 1008 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 1009 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 1010 SSL_kDHr, 1011 SSL_aDH, 1012 SSL_AES256, 1013 SSL_SHA1, 1014 SSL_TLSV1, 1015 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1016 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1017 256, 1018 256, 1019 }, 1020 1021 /* Cipher 38 */ 1022 { 1023 1, 1024 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 1025 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 1026 SSL_kEDH, 1027 SSL_aDSS, 1028 SSL_AES256, 1029 SSL_SHA1, 1030 SSL_TLSV1, 1031 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1032 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1033 256, 1034 256, 1035 }, 1036 1037 /* Cipher 39 */ 1038 { 1039 1, 1040 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 1041 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 1042 SSL_kEDH, 1043 SSL_aRSA, 1044 SSL_AES256, 1045 SSL_SHA1, 1046 SSL_TLSV1, 1047 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1048 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1049 256, 1050 256, 1051 }, 1052 1053 /* Cipher 3A */ 1054 { 1055 1, 1056 TLS1_TXT_ADH_WITH_AES_256_SHA, 1057 TLS1_CK_ADH_WITH_AES_256_SHA, 1058 SSL_kEDH, 1059 SSL_aNULL, 1060 SSL_AES256, 1061 SSL_SHA1, 1062 SSL_TLSV1, 1063 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1064 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1065 256, 1066 256, 1067 }, 1068 1069 /* TLS v1.2 ciphersuites */ 1070 /* Cipher 3B */ 1071 { 1072 1, 1073 TLS1_TXT_RSA_WITH_NULL_SHA256, 1074 TLS1_CK_RSA_WITH_NULL_SHA256, 1075 SSL_kRSA, 1076 SSL_aRSA, 1077 SSL_eNULL, 1078 SSL_SHA256, 1079 SSL_TLSV1_2, 1080 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 1081 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1082 0, 1083 0, 1084 }, 1085 1086 /* Cipher 3C */ 1087 { 1088 1, 1089 TLS1_TXT_RSA_WITH_AES_128_SHA256, 1090 TLS1_CK_RSA_WITH_AES_128_SHA256, 1091 SSL_kRSA, 1092 SSL_aRSA, 1093 SSL_AES128, 1094 SSL_SHA256, 1095 SSL_TLSV1_2, 1096 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1097 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1098 128, 1099 128, 1100 }, 1101 1102 /* Cipher 3D */ 1103 { 1104 1, 1105 TLS1_TXT_RSA_WITH_AES_256_SHA256, 1106 TLS1_CK_RSA_WITH_AES_256_SHA256, 1107 SSL_kRSA, 1108 SSL_aRSA, 1109 SSL_AES256, 1110 SSL_SHA256, 1111 SSL_TLSV1_2, 1112 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1113 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1114 256, 1115 256, 1116 }, 1117 1118 /* Cipher 3E */ 1119 { 1120 1, 1121 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, 1122 TLS1_CK_DH_DSS_WITH_AES_128_SHA256, 1123 SSL_kDHd, 1124 SSL_aDH, 1125 SSL_AES128, 1126 SSL_SHA256, 1127 SSL_TLSV1_2, 1128 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1129 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1130 128, 1131 128, 1132 }, 1133 1134 /* Cipher 3F */ 1135 { 1136 1, 1137 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, 1138 TLS1_CK_DH_RSA_WITH_AES_128_SHA256, 1139 SSL_kDHr, 1140 SSL_aDH, 1141 SSL_AES128, 1142 SSL_SHA256, 1143 SSL_TLSV1_2, 1144 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1145 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1146 128, 1147 128, 1148 }, 1149 1150 /* Cipher 40 */ 1151 { 1152 1, 1153 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 1154 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 1155 SSL_kEDH, 1156 SSL_aDSS, 1157 SSL_AES128, 1158 SSL_SHA256, 1159 SSL_TLSV1_2, 1160 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1161 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1162 128, 1163 128, 1164 }, 1165 1166 #ifndef OPENSSL_NO_CAMELLIA 1167 /* Camellia ciphersuites from RFC4132 (128-bit portion) */ 1168 1169 /* Cipher 41 */ 1170 { 1171 1, 1172 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 1173 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 1174 SSL_kRSA, 1175 SSL_aRSA, 1176 SSL_CAMELLIA128, 1177 SSL_SHA1, 1178 SSL_TLSV1, 1179 SSL_NOT_EXP | SSL_HIGH, 1180 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1181 128, 1182 128, 1183 }, 1184 1185 /* Cipher 42 */ 1186 { 1187 1, 1188 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1189 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1190 SSL_kDHd, 1191 SSL_aDH, 1192 SSL_CAMELLIA128, 1193 SSL_SHA1, 1194 SSL_TLSV1, 1195 SSL_NOT_EXP | SSL_HIGH, 1196 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1197 128, 1198 128, 1199 }, 1200 1201 /* Cipher 43 */ 1202 { 1203 1, 1204 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1205 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1206 SSL_kDHr, 1207 SSL_aDH, 1208 SSL_CAMELLIA128, 1209 SSL_SHA1, 1210 SSL_TLSV1, 1211 SSL_NOT_EXP | SSL_HIGH, 1212 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1213 128, 1214 128, 1215 }, 1216 1217 /* Cipher 44 */ 1218 { 1219 1, 1220 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1221 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1222 SSL_kEDH, 1223 SSL_aDSS, 1224 SSL_CAMELLIA128, 1225 SSL_SHA1, 1226 SSL_TLSV1, 1227 SSL_NOT_EXP | SSL_HIGH, 1228 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1229 128, 1230 128, 1231 }, 1232 1233 /* Cipher 45 */ 1234 { 1235 1, 1236 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1237 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1238 SSL_kEDH, 1239 SSL_aRSA, 1240 SSL_CAMELLIA128, 1241 SSL_SHA1, 1242 SSL_TLSV1, 1243 SSL_NOT_EXP | SSL_HIGH, 1244 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1245 128, 1246 128, 1247 }, 1248 1249 /* Cipher 46 */ 1250 { 1251 1, 1252 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 1253 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 1254 SSL_kEDH, 1255 SSL_aNULL, 1256 SSL_CAMELLIA128, 1257 SSL_SHA1, 1258 SSL_TLSV1, 1259 SSL_NOT_EXP | SSL_HIGH, 1260 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1261 128, 1262 128, 1263 }, 1264 #endif /* OPENSSL_NO_CAMELLIA */ 1265 1266 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1267 /* New TLS Export CipherSuites from expired ID */ 1268 # if 0 1269 /* Cipher 60 */ 1270 { 1271 1, 1272 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5, 1273 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5, 1274 SSL_kRSA, 1275 SSL_aRSA, 1276 SSL_RC4, 1277 SSL_MD5, 1278 SSL_TLSV1, 1279 SSL_EXPORT | SSL_EXP56, 1280 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1281 56, 1282 128, 1283 }, 1284 1285 /* Cipher 61 */ 1286 { 1287 1, 1288 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1289 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1290 SSL_kRSA, 1291 SSL_aRSA, 1292 SSL_RC2, 1293 SSL_MD5, 1294 SSL_TLSV1, 1295 SSL_EXPORT | SSL_EXP56, 1296 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1297 56, 1298 128, 1299 }, 1300 # endif 1301 1302 /* Cipher 62 */ 1303 { 1304 1, 1305 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1306 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1307 SSL_kRSA, 1308 SSL_aRSA, 1309 SSL_DES, 1310 SSL_SHA1, 1311 SSL_TLSV1, 1312 SSL_EXPORT | SSL_EXP56, 1313 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1314 56, 1315 56, 1316 }, 1317 1318 /* Cipher 63 */ 1319 { 1320 1, 1321 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1322 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1323 SSL_kEDH, 1324 SSL_aDSS, 1325 SSL_DES, 1326 SSL_SHA1, 1327 SSL_TLSV1, 1328 SSL_EXPORT | SSL_EXP56, 1329 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1330 56, 1331 56, 1332 }, 1333 1334 /* Cipher 64 */ 1335 { 1336 1, 1337 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, 1338 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA, 1339 SSL_kRSA, 1340 SSL_aRSA, 1341 SSL_RC4, 1342 SSL_SHA1, 1343 SSL_TLSV1, 1344 SSL_EXPORT | SSL_EXP56, 1345 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1346 56, 1347 128, 1348 }, 1349 1350 /* Cipher 65 */ 1351 { 1352 1, 1353 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1354 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1355 SSL_kEDH, 1356 SSL_aDSS, 1357 SSL_RC4, 1358 SSL_SHA1, 1359 SSL_TLSV1, 1360 SSL_EXPORT | SSL_EXP56, 1361 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1362 56, 1363 128, 1364 }, 1365 1366 /* Cipher 66 */ 1367 { 1368 1, 1369 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 1370 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 1371 SSL_kEDH, 1372 SSL_aDSS, 1373 SSL_RC4, 1374 SSL_SHA1, 1375 SSL_TLSV1, 1376 SSL_NOT_EXP | SSL_MEDIUM, 1377 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1378 128, 1379 128, 1380 }, 1381 #endif 1382 1383 /* TLS v1.2 ciphersuites */ 1384 /* Cipher 67 */ 1385 { 1386 1, 1387 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 1388 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 1389 SSL_kEDH, 1390 SSL_aRSA, 1391 SSL_AES128, 1392 SSL_SHA256, 1393 SSL_TLSV1_2, 1394 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1395 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1396 128, 1397 128, 1398 }, 1399 1400 /* Cipher 68 */ 1401 { 1402 1, 1403 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, 1404 TLS1_CK_DH_DSS_WITH_AES_256_SHA256, 1405 SSL_kDHd, 1406 SSL_aDH, 1407 SSL_AES256, 1408 SSL_SHA256, 1409 SSL_TLSV1_2, 1410 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1411 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1412 256, 1413 256, 1414 }, 1415 1416 /* Cipher 69 */ 1417 { 1418 1, 1419 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, 1420 TLS1_CK_DH_RSA_WITH_AES_256_SHA256, 1421 SSL_kDHr, 1422 SSL_aDH, 1423 SSL_AES256, 1424 SSL_SHA256, 1425 SSL_TLSV1_2, 1426 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1427 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1428 256, 1429 256, 1430 }, 1431 1432 /* Cipher 6A */ 1433 { 1434 1, 1435 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 1436 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 1437 SSL_kEDH, 1438 SSL_aDSS, 1439 SSL_AES256, 1440 SSL_SHA256, 1441 SSL_TLSV1_2, 1442 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1443 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1444 256, 1445 256, 1446 }, 1447 1448 /* Cipher 6B */ 1449 { 1450 1, 1451 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 1452 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 1453 SSL_kEDH, 1454 SSL_aRSA, 1455 SSL_AES256, 1456 SSL_SHA256, 1457 SSL_TLSV1_2, 1458 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1459 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1460 256, 1461 256, 1462 }, 1463 1464 /* Cipher 6C */ 1465 { 1466 1, 1467 TLS1_TXT_ADH_WITH_AES_128_SHA256, 1468 TLS1_CK_ADH_WITH_AES_128_SHA256, 1469 SSL_kEDH, 1470 SSL_aNULL, 1471 SSL_AES128, 1472 SSL_SHA256, 1473 SSL_TLSV1_2, 1474 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1475 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1476 128, 1477 128, 1478 }, 1479 1480 /* Cipher 6D */ 1481 { 1482 1, 1483 TLS1_TXT_ADH_WITH_AES_256_SHA256, 1484 TLS1_CK_ADH_WITH_AES_256_SHA256, 1485 SSL_kEDH, 1486 SSL_aNULL, 1487 SSL_AES256, 1488 SSL_SHA256, 1489 SSL_TLSV1_2, 1490 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1491 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1492 256, 1493 256, 1494 }, 1495 1496 /* GOST Ciphersuites */ 1497 1498 { 1499 1, 1500 "GOST94-GOST89-GOST89", 1501 0x3000080, 1502 SSL_kGOST, 1503 SSL_aGOST94, 1504 SSL_eGOST2814789CNT, 1505 SSL_GOST89MAC, 1506 SSL_TLSV1, 1507 SSL_NOT_EXP | SSL_HIGH, 1508 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1509 256, 1510 256}, 1511 { 1512 1, 1513 "GOST2001-GOST89-GOST89", 1514 0x3000081, 1515 SSL_kGOST, 1516 SSL_aGOST01, 1517 SSL_eGOST2814789CNT, 1518 SSL_GOST89MAC, 1519 SSL_TLSV1, 1520 SSL_NOT_EXP | SSL_HIGH, 1521 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1522 256, 1523 256}, 1524 { 1525 1, 1526 "GOST94-NULL-GOST94", 1527 0x3000082, 1528 SSL_kGOST, 1529 SSL_aGOST94, 1530 SSL_eNULL, 1531 SSL_GOST94, 1532 SSL_TLSV1, 1533 SSL_NOT_EXP | SSL_STRONG_NONE, 1534 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1535 0, 1536 0}, 1537 { 1538 1, 1539 "GOST2001-NULL-GOST94", 1540 0x3000083, 1541 SSL_kGOST, 1542 SSL_aGOST01, 1543 SSL_eNULL, 1544 SSL_GOST94, 1545 SSL_TLSV1, 1546 SSL_NOT_EXP | SSL_STRONG_NONE, 1547 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1548 0, 1549 0}, 1550 1551 #ifndef OPENSSL_NO_CAMELLIA 1552 /* Camellia ciphersuites from RFC4132 (256-bit portion) */ 1553 1554 /* Cipher 84 */ 1555 { 1556 1, 1557 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1558 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1559 SSL_kRSA, 1560 SSL_aRSA, 1561 SSL_CAMELLIA256, 1562 SSL_SHA1, 1563 SSL_TLSV1, 1564 SSL_NOT_EXP | SSL_HIGH, 1565 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1566 256, 1567 256, 1568 }, 1569 /* Cipher 85 */ 1570 { 1571 1, 1572 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1573 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1574 SSL_kDHd, 1575 SSL_aDH, 1576 SSL_CAMELLIA256, 1577 SSL_SHA1, 1578 SSL_TLSV1, 1579 SSL_NOT_EXP | SSL_HIGH, 1580 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1581 256, 1582 256, 1583 }, 1584 1585 /* Cipher 86 */ 1586 { 1587 1, 1588 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1589 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1590 SSL_kDHr, 1591 SSL_aDH, 1592 SSL_CAMELLIA256, 1593 SSL_SHA1, 1594 SSL_TLSV1, 1595 SSL_NOT_EXP | SSL_HIGH, 1596 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1597 256, 1598 256, 1599 }, 1600 1601 /* Cipher 87 */ 1602 { 1603 1, 1604 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1605 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1606 SSL_kEDH, 1607 SSL_aDSS, 1608 SSL_CAMELLIA256, 1609 SSL_SHA1, 1610 SSL_TLSV1, 1611 SSL_NOT_EXP | SSL_HIGH, 1612 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1613 256, 1614 256, 1615 }, 1616 1617 /* Cipher 88 */ 1618 { 1619 1, 1620 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1621 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1622 SSL_kEDH, 1623 SSL_aRSA, 1624 SSL_CAMELLIA256, 1625 SSL_SHA1, 1626 SSL_TLSV1, 1627 SSL_NOT_EXP | SSL_HIGH, 1628 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1629 256, 1630 256, 1631 }, 1632 1633 /* Cipher 89 */ 1634 { 1635 1, 1636 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1637 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1638 SSL_kEDH, 1639 SSL_aNULL, 1640 SSL_CAMELLIA256, 1641 SSL_SHA1, 1642 SSL_TLSV1, 1643 SSL_NOT_EXP | SSL_HIGH, 1644 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1645 256, 1646 256, 1647 }, 1648 #endif /* OPENSSL_NO_CAMELLIA */ 1649 1650 #ifndef OPENSSL_NO_PSK 1651 /* Cipher 8A */ 1652 { 1653 1, 1654 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1655 TLS1_CK_PSK_WITH_RC4_128_SHA, 1656 SSL_kPSK, 1657 SSL_aPSK, 1658 SSL_RC4, 1659 SSL_SHA1, 1660 SSL_TLSV1, 1661 SSL_NOT_EXP | SSL_MEDIUM, 1662 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1663 128, 1664 128, 1665 }, 1666 1667 /* Cipher 8B */ 1668 { 1669 1, 1670 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1671 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1672 SSL_kPSK, 1673 SSL_aPSK, 1674 SSL_3DES, 1675 SSL_SHA1, 1676 SSL_TLSV1, 1677 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1678 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1679 112, 1680 168, 1681 }, 1682 1683 /* Cipher 8C */ 1684 { 1685 1, 1686 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1687 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1688 SSL_kPSK, 1689 SSL_aPSK, 1690 SSL_AES128, 1691 SSL_SHA1, 1692 SSL_TLSV1, 1693 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1694 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1695 128, 1696 128, 1697 }, 1698 1699 /* Cipher 8D */ 1700 { 1701 1, 1702 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1703 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1704 SSL_kPSK, 1705 SSL_aPSK, 1706 SSL_AES256, 1707 SSL_SHA1, 1708 SSL_TLSV1, 1709 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1710 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1711 256, 1712 256, 1713 }, 1714 #endif /* OPENSSL_NO_PSK */ 1715 1716 #ifndef OPENSSL_NO_SEED 1717 /* SEED ciphersuites from RFC4162 */ 1718 1719 /* Cipher 96 */ 1720 { 1721 1, 1722 TLS1_TXT_RSA_WITH_SEED_SHA, 1723 TLS1_CK_RSA_WITH_SEED_SHA, 1724 SSL_kRSA, 1725 SSL_aRSA, 1726 SSL_SEED, 1727 SSL_SHA1, 1728 SSL_TLSV1, 1729 SSL_NOT_EXP | SSL_MEDIUM, 1730 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1731 128, 1732 128, 1733 }, 1734 1735 /* Cipher 97 */ 1736 { 1737 1, 1738 TLS1_TXT_DH_DSS_WITH_SEED_SHA, 1739 TLS1_CK_DH_DSS_WITH_SEED_SHA, 1740 SSL_kDHd, 1741 SSL_aDH, 1742 SSL_SEED, 1743 SSL_SHA1, 1744 SSL_TLSV1, 1745 SSL_NOT_EXP | SSL_MEDIUM, 1746 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1747 128, 1748 128, 1749 }, 1750 1751 /* Cipher 98 */ 1752 { 1753 1, 1754 TLS1_TXT_DH_RSA_WITH_SEED_SHA, 1755 TLS1_CK_DH_RSA_WITH_SEED_SHA, 1756 SSL_kDHr, 1757 SSL_aDH, 1758 SSL_SEED, 1759 SSL_SHA1, 1760 SSL_TLSV1, 1761 SSL_NOT_EXP | SSL_MEDIUM, 1762 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1763 128, 1764 128, 1765 }, 1766 1767 /* Cipher 99 */ 1768 { 1769 1, 1770 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 1771 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 1772 SSL_kEDH, 1773 SSL_aDSS, 1774 SSL_SEED, 1775 SSL_SHA1, 1776 SSL_TLSV1, 1777 SSL_NOT_EXP | SSL_MEDIUM, 1778 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1779 128, 1780 128, 1781 }, 1782 1783 /* Cipher 9A */ 1784 { 1785 1, 1786 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 1787 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 1788 SSL_kEDH, 1789 SSL_aRSA, 1790 SSL_SEED, 1791 SSL_SHA1, 1792 SSL_TLSV1, 1793 SSL_NOT_EXP | SSL_MEDIUM, 1794 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1795 128, 1796 128, 1797 }, 1798 1799 /* Cipher 9B */ 1800 { 1801 1, 1802 TLS1_TXT_ADH_WITH_SEED_SHA, 1803 TLS1_CK_ADH_WITH_SEED_SHA, 1804 SSL_kEDH, 1805 SSL_aNULL, 1806 SSL_SEED, 1807 SSL_SHA1, 1808 SSL_TLSV1, 1809 SSL_NOT_EXP | SSL_MEDIUM, 1810 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1811 128, 1812 128, 1813 }, 1814 1815 #endif /* OPENSSL_NO_SEED */ 1816 1817 /* GCM ciphersuites from RFC5288 */ 1818 1819 /* Cipher 9C */ 1820 { 1821 1, 1822 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1823 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1824 SSL_kRSA, 1825 SSL_aRSA, 1826 SSL_AES128GCM, 1827 SSL_AEAD, 1828 SSL_TLSV1_2, 1829 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1830 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1831 128, 1832 128, 1833 }, 1834 1835 /* Cipher 9D */ 1836 { 1837 1, 1838 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1839 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1840 SSL_kRSA, 1841 SSL_aRSA, 1842 SSL_AES256GCM, 1843 SSL_AEAD, 1844 SSL_TLSV1_2, 1845 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1846 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1847 256, 1848 256, 1849 }, 1850 1851 /* Cipher 9E */ 1852 { 1853 1, 1854 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1855 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1856 SSL_kEDH, 1857 SSL_aRSA, 1858 SSL_AES128GCM, 1859 SSL_AEAD, 1860 SSL_TLSV1_2, 1861 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1862 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1863 128, 1864 128, 1865 }, 1866 1867 /* Cipher 9F */ 1868 { 1869 1, 1870 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1871 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1872 SSL_kEDH, 1873 SSL_aRSA, 1874 SSL_AES256GCM, 1875 SSL_AEAD, 1876 SSL_TLSV1_2, 1877 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1878 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1879 256, 1880 256, 1881 }, 1882 1883 /* Cipher A0 */ 1884 { 1885 1, 1886 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1887 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1888 SSL_kDHr, 1889 SSL_aDH, 1890 SSL_AES128GCM, 1891 SSL_AEAD, 1892 SSL_TLSV1_2, 1893 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1894 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1895 128, 1896 128, 1897 }, 1898 1899 /* Cipher A1 */ 1900 { 1901 1, 1902 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1903 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1904 SSL_kDHr, 1905 SSL_aDH, 1906 SSL_AES256GCM, 1907 SSL_AEAD, 1908 SSL_TLSV1_2, 1909 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1910 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1911 256, 1912 256, 1913 }, 1914 1915 /* Cipher A2 */ 1916 { 1917 1, 1918 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 1919 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 1920 SSL_kEDH, 1921 SSL_aDSS, 1922 SSL_AES128GCM, 1923 SSL_AEAD, 1924 SSL_TLSV1_2, 1925 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1926 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1927 128, 1928 128, 1929 }, 1930 1931 /* Cipher A3 */ 1932 { 1933 1, 1934 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 1935 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 1936 SSL_kEDH, 1937 SSL_aDSS, 1938 SSL_AES256GCM, 1939 SSL_AEAD, 1940 SSL_TLSV1_2, 1941 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1942 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1943 256, 1944 256, 1945 }, 1946 1947 /* Cipher A4 */ 1948 { 1949 1, 1950 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 1951 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 1952 SSL_kDHd, 1953 SSL_aDH, 1954 SSL_AES128GCM, 1955 SSL_AEAD, 1956 SSL_TLSV1_2, 1957 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1958 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1959 128, 1960 128, 1961 }, 1962 1963 /* Cipher A5 */ 1964 { 1965 1, 1966 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 1967 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 1968 SSL_kDHd, 1969 SSL_aDH, 1970 SSL_AES256GCM, 1971 SSL_AEAD, 1972 SSL_TLSV1_2, 1973 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1974 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1975 256, 1976 256, 1977 }, 1978 1979 /* Cipher A6 */ 1980 { 1981 1, 1982 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 1983 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 1984 SSL_kEDH, 1985 SSL_aNULL, 1986 SSL_AES128GCM, 1987 SSL_AEAD, 1988 SSL_TLSV1_2, 1989 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1990 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1991 128, 1992 128, 1993 }, 1994 1995 /* Cipher A7 */ 1996 { 1997 1, 1998 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 1999 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 2000 SSL_kEDH, 2001 SSL_aNULL, 2002 SSL_AES256GCM, 2003 SSL_AEAD, 2004 SSL_TLSV1_2, 2005 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2006 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2007 256, 2008 256, 2009 }, 2010 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL 2011 { 2012 1, 2013 "SCSV", 2014 SSL3_CK_SCSV, 2015 0, 2016 0, 2017 0, 2018 0, 2019 0, 2020 0, 2021 0, 2022 0, 2023 0}, 2024 #endif 2025 2026 #ifndef OPENSSL_NO_ECDH 2027 /* Cipher C001 */ 2028 { 2029 1, 2030 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 2031 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 2032 SSL_kECDHe, 2033 SSL_aECDH, 2034 SSL_eNULL, 2035 SSL_SHA1, 2036 SSL_TLSV1, 2037 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2038 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2039 0, 2040 0, 2041 }, 2042 2043 /* Cipher C002 */ 2044 { 2045 1, 2046 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 2047 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 2048 SSL_kECDHe, 2049 SSL_aECDH, 2050 SSL_RC4, 2051 SSL_SHA1, 2052 SSL_TLSV1, 2053 SSL_NOT_EXP | SSL_MEDIUM, 2054 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2055 128, 2056 128, 2057 }, 2058 2059 /* Cipher C003 */ 2060 { 2061 1, 2062 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2063 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2064 SSL_kECDHe, 2065 SSL_aECDH, 2066 SSL_3DES, 2067 SSL_SHA1, 2068 SSL_TLSV1, 2069 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2070 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2071 112, 2072 168, 2073 }, 2074 2075 /* Cipher C004 */ 2076 { 2077 1, 2078 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2079 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2080 SSL_kECDHe, 2081 SSL_aECDH, 2082 SSL_AES128, 2083 SSL_SHA1, 2084 SSL_TLSV1, 2085 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2086 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2087 128, 2088 128, 2089 }, 2090 2091 /* Cipher C005 */ 2092 { 2093 1, 2094 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2095 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2096 SSL_kECDHe, 2097 SSL_aECDH, 2098 SSL_AES256, 2099 SSL_SHA1, 2100 SSL_TLSV1, 2101 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2102 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2103 256, 2104 256, 2105 }, 2106 2107 /* Cipher C006 */ 2108 { 2109 1, 2110 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 2111 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 2112 SSL_kEECDH, 2113 SSL_aECDSA, 2114 SSL_eNULL, 2115 SSL_SHA1, 2116 SSL_TLSV1, 2117 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2118 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2119 0, 2120 0, 2121 }, 2122 2123 /* Cipher C007 */ 2124 { 2125 1, 2126 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 2127 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 2128 SSL_kEECDH, 2129 SSL_aECDSA, 2130 SSL_RC4, 2131 SSL_SHA1, 2132 SSL_TLSV1, 2133 SSL_NOT_EXP | SSL_MEDIUM, 2134 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2135 128, 2136 128, 2137 }, 2138 2139 /* Cipher C008 */ 2140 { 2141 1, 2142 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2143 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2144 SSL_kEECDH, 2145 SSL_aECDSA, 2146 SSL_3DES, 2147 SSL_SHA1, 2148 SSL_TLSV1, 2149 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2150 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2151 112, 2152 168, 2153 }, 2154 2155 /* Cipher C009 */ 2156 { 2157 1, 2158 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2159 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2160 SSL_kEECDH, 2161 SSL_aECDSA, 2162 SSL_AES128, 2163 SSL_SHA1, 2164 SSL_TLSV1, 2165 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2166 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2167 128, 2168 128, 2169 }, 2170 2171 /* Cipher C00A */ 2172 { 2173 1, 2174 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2175 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2176 SSL_kEECDH, 2177 SSL_aECDSA, 2178 SSL_AES256, 2179 SSL_SHA1, 2180 SSL_TLSV1, 2181 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2182 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2183 256, 2184 256, 2185 }, 2186 2187 /* Cipher C00B */ 2188 { 2189 1, 2190 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 2191 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 2192 SSL_kECDHr, 2193 SSL_aECDH, 2194 SSL_eNULL, 2195 SSL_SHA1, 2196 SSL_TLSV1, 2197 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2198 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2199 0, 2200 0, 2201 }, 2202 2203 /* Cipher C00C */ 2204 { 2205 1, 2206 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 2207 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 2208 SSL_kECDHr, 2209 SSL_aECDH, 2210 SSL_RC4, 2211 SSL_SHA1, 2212 SSL_TLSV1, 2213 SSL_NOT_EXP | SSL_MEDIUM, 2214 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2215 128, 2216 128, 2217 }, 2218 2219 /* Cipher C00D */ 2220 { 2221 1, 2222 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2223 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2224 SSL_kECDHr, 2225 SSL_aECDH, 2226 SSL_3DES, 2227 SSL_SHA1, 2228 SSL_TLSV1, 2229 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2230 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2231 112, 2232 168, 2233 }, 2234 2235 /* Cipher C00E */ 2236 { 2237 1, 2238 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 2239 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 2240 SSL_kECDHr, 2241 SSL_aECDH, 2242 SSL_AES128, 2243 SSL_SHA1, 2244 SSL_TLSV1, 2245 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2246 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2247 128, 2248 128, 2249 }, 2250 2251 /* Cipher C00F */ 2252 { 2253 1, 2254 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 2255 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 2256 SSL_kECDHr, 2257 SSL_aECDH, 2258 SSL_AES256, 2259 SSL_SHA1, 2260 SSL_TLSV1, 2261 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2262 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2263 256, 2264 256, 2265 }, 2266 2267 /* Cipher C010 */ 2268 { 2269 1, 2270 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 2271 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 2272 SSL_kEECDH, 2273 SSL_aRSA, 2274 SSL_eNULL, 2275 SSL_SHA1, 2276 SSL_TLSV1, 2277 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2278 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2279 0, 2280 0, 2281 }, 2282 2283 /* Cipher C011 */ 2284 { 2285 1, 2286 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 2287 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 2288 SSL_kEECDH, 2289 SSL_aRSA, 2290 SSL_RC4, 2291 SSL_SHA1, 2292 SSL_TLSV1, 2293 SSL_NOT_EXP | SSL_MEDIUM, 2294 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2295 128, 2296 128, 2297 }, 2298 2299 /* Cipher C012 */ 2300 { 2301 1, 2302 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2303 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2304 SSL_kEECDH, 2305 SSL_aRSA, 2306 SSL_3DES, 2307 SSL_SHA1, 2308 SSL_TLSV1, 2309 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2310 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2311 112, 2312 168, 2313 }, 2314 2315 /* Cipher C013 */ 2316 { 2317 1, 2318 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2319 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2320 SSL_kEECDH, 2321 SSL_aRSA, 2322 SSL_AES128, 2323 SSL_SHA1, 2324 SSL_TLSV1, 2325 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2326 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2327 128, 2328 128, 2329 }, 2330 2331 /* Cipher C014 */ 2332 { 2333 1, 2334 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2335 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2336 SSL_kEECDH, 2337 SSL_aRSA, 2338 SSL_AES256, 2339 SSL_SHA1, 2340 SSL_TLSV1, 2341 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2342 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2343 256, 2344 256, 2345 }, 2346 2347 /* Cipher C015 */ 2348 { 2349 1, 2350 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 2351 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 2352 SSL_kEECDH, 2353 SSL_aNULL, 2354 SSL_eNULL, 2355 SSL_SHA1, 2356 SSL_TLSV1, 2357 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2358 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2359 0, 2360 0, 2361 }, 2362 2363 /* Cipher C016 */ 2364 { 2365 1, 2366 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 2367 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 2368 SSL_kEECDH, 2369 SSL_aNULL, 2370 SSL_RC4, 2371 SSL_SHA1, 2372 SSL_TLSV1, 2373 SSL_NOT_EXP | SSL_MEDIUM, 2374 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2375 128, 2376 128, 2377 }, 2378 2379 /* Cipher C017 */ 2380 { 2381 1, 2382 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 2383 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 2384 SSL_kEECDH, 2385 SSL_aNULL, 2386 SSL_3DES, 2387 SSL_SHA1, 2388 SSL_TLSV1, 2389 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2390 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2391 112, 2392 168, 2393 }, 2394 2395 /* Cipher C018 */ 2396 { 2397 1, 2398 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 2399 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 2400 SSL_kEECDH, 2401 SSL_aNULL, 2402 SSL_AES128, 2403 SSL_SHA1, 2404 SSL_TLSV1, 2405 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2406 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2407 128, 2408 128, 2409 }, 2410 2411 /* Cipher C019 */ 2412 { 2413 1, 2414 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 2415 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 2416 SSL_kEECDH, 2417 SSL_aNULL, 2418 SSL_AES256, 2419 SSL_SHA1, 2420 SSL_TLSV1, 2421 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2422 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2423 256, 2424 256, 2425 }, 2426 #endif /* OPENSSL_NO_ECDH */ 2427 2428 #ifndef OPENSSL_NO_SRP 2429 /* Cipher C01A */ 2430 { 2431 1, 2432 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2433 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2434 SSL_kSRP, 2435 SSL_aSRP, 2436 SSL_3DES, 2437 SSL_SHA1, 2438 SSL_TLSV1, 2439 SSL_NOT_EXP | SSL_HIGH, 2440 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2441 112, 2442 168, 2443 }, 2444 2445 /* Cipher C01B */ 2446 { 2447 1, 2448 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2449 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2450 SSL_kSRP, 2451 SSL_aRSA, 2452 SSL_3DES, 2453 SSL_SHA1, 2454 SSL_TLSV1, 2455 SSL_NOT_EXP | SSL_HIGH, 2456 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2457 112, 2458 168, 2459 }, 2460 2461 /* Cipher C01C */ 2462 { 2463 1, 2464 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2465 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2466 SSL_kSRP, 2467 SSL_aDSS, 2468 SSL_3DES, 2469 SSL_SHA1, 2470 SSL_TLSV1, 2471 SSL_NOT_EXP | SSL_HIGH, 2472 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2473 112, 2474 168, 2475 }, 2476 2477 /* Cipher C01D */ 2478 { 2479 1, 2480 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, 2481 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, 2482 SSL_kSRP, 2483 SSL_aSRP, 2484 SSL_AES128, 2485 SSL_SHA1, 2486 SSL_TLSV1, 2487 SSL_NOT_EXP | SSL_HIGH, 2488 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2489 128, 2490 128, 2491 }, 2492 2493 /* Cipher C01E */ 2494 { 2495 1, 2496 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2497 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2498 SSL_kSRP, 2499 SSL_aRSA, 2500 SSL_AES128, 2501 SSL_SHA1, 2502 SSL_TLSV1, 2503 SSL_NOT_EXP | SSL_HIGH, 2504 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2505 128, 2506 128, 2507 }, 2508 2509 /* Cipher C01F */ 2510 { 2511 1, 2512 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2513 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2514 SSL_kSRP, 2515 SSL_aDSS, 2516 SSL_AES128, 2517 SSL_SHA1, 2518 SSL_TLSV1, 2519 SSL_NOT_EXP | SSL_HIGH, 2520 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2521 128, 2522 128, 2523 }, 2524 2525 /* Cipher C020 */ 2526 { 2527 1, 2528 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, 2529 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, 2530 SSL_kSRP, 2531 SSL_aSRP, 2532 SSL_AES256, 2533 SSL_SHA1, 2534 SSL_TLSV1, 2535 SSL_NOT_EXP | SSL_HIGH, 2536 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2537 256, 2538 256, 2539 }, 2540 2541 /* Cipher C021 */ 2542 { 2543 1, 2544 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2545 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2546 SSL_kSRP, 2547 SSL_aRSA, 2548 SSL_AES256, 2549 SSL_SHA1, 2550 SSL_TLSV1, 2551 SSL_NOT_EXP | SSL_HIGH, 2552 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2553 256, 2554 256, 2555 }, 2556 2557 /* Cipher C022 */ 2558 { 2559 1, 2560 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2561 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2562 SSL_kSRP, 2563 SSL_aDSS, 2564 SSL_AES256, 2565 SSL_SHA1, 2566 SSL_TLSV1, 2567 SSL_NOT_EXP | SSL_HIGH, 2568 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2569 256, 2570 256, 2571 }, 2572 #endif /* OPENSSL_NO_SRP */ 2573 #ifndef OPENSSL_NO_ECDH 2574 2575 /* HMAC based TLS v1.2 ciphersuites from RFC5289 */ 2576 2577 /* Cipher C023 */ 2578 { 2579 1, 2580 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 2581 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 2582 SSL_kEECDH, 2583 SSL_aECDSA, 2584 SSL_AES128, 2585 SSL_SHA256, 2586 SSL_TLSV1_2, 2587 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2588 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2589 128, 2590 128, 2591 }, 2592 2593 /* Cipher C024 */ 2594 { 2595 1, 2596 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 2597 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 2598 SSL_kEECDH, 2599 SSL_aECDSA, 2600 SSL_AES256, 2601 SSL_SHA384, 2602 SSL_TLSV1_2, 2603 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2604 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2605 256, 2606 256, 2607 }, 2608 2609 /* Cipher C025 */ 2610 { 2611 1, 2612 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256, 2613 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256, 2614 SSL_kECDHe, 2615 SSL_aECDH, 2616 SSL_AES128, 2617 SSL_SHA256, 2618 SSL_TLSV1_2, 2619 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2620 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2621 128, 2622 128, 2623 }, 2624 2625 /* Cipher C026 */ 2626 { 2627 1, 2628 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384, 2629 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384, 2630 SSL_kECDHe, 2631 SSL_aECDH, 2632 SSL_AES256, 2633 SSL_SHA384, 2634 SSL_TLSV1_2, 2635 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2636 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2637 256, 2638 256, 2639 }, 2640 2641 /* Cipher C027 */ 2642 { 2643 1, 2644 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 2645 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 2646 SSL_kEECDH, 2647 SSL_aRSA, 2648 SSL_AES128, 2649 SSL_SHA256, 2650 SSL_TLSV1_2, 2651 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2652 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2653 128, 2654 128, 2655 }, 2656 2657 /* Cipher C028 */ 2658 { 2659 1, 2660 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 2661 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 2662 SSL_kEECDH, 2663 SSL_aRSA, 2664 SSL_AES256, 2665 SSL_SHA384, 2666 SSL_TLSV1_2, 2667 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2668 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2669 256, 2670 256, 2671 }, 2672 2673 /* Cipher C029 */ 2674 { 2675 1, 2676 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, 2677 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, 2678 SSL_kECDHr, 2679 SSL_aECDH, 2680 SSL_AES128, 2681 SSL_SHA256, 2682 SSL_TLSV1_2, 2683 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2684 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2685 128, 2686 128, 2687 }, 2688 2689 /* Cipher C02A */ 2690 { 2691 1, 2692 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, 2693 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, 2694 SSL_kECDHr, 2695 SSL_aECDH, 2696 SSL_AES256, 2697 SSL_SHA384, 2698 SSL_TLSV1_2, 2699 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2700 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2701 256, 2702 256, 2703 }, 2704 2705 /* GCM based TLS v1.2 ciphersuites from RFC5289 */ 2706 2707 /* Cipher C02B */ 2708 { 2709 1, 2710 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2711 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2712 SSL_kEECDH, 2713 SSL_aECDSA, 2714 SSL_AES128GCM, 2715 SSL_AEAD, 2716 SSL_TLSV1_2, 2717 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2718 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2719 128, 2720 128, 2721 }, 2722 2723 /* Cipher C02C */ 2724 { 2725 1, 2726 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2727 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2728 SSL_kEECDH, 2729 SSL_aECDSA, 2730 SSL_AES256GCM, 2731 SSL_AEAD, 2732 SSL_TLSV1_2, 2733 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2734 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2735 256, 2736 256, 2737 }, 2738 2739 /* Cipher C02D */ 2740 { 2741 1, 2742 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2743 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2744 SSL_kECDHe, 2745 SSL_aECDH, 2746 SSL_AES128GCM, 2747 SSL_AEAD, 2748 SSL_TLSV1_2, 2749 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2750 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2751 128, 2752 128, 2753 }, 2754 2755 /* Cipher C02E */ 2756 { 2757 1, 2758 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2759 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2760 SSL_kECDHe, 2761 SSL_aECDH, 2762 SSL_AES256GCM, 2763 SSL_AEAD, 2764 SSL_TLSV1_2, 2765 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2766 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2767 256, 2768 256, 2769 }, 2770 2771 /* Cipher C02F */ 2772 { 2773 1, 2774 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2775 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2776 SSL_kEECDH, 2777 SSL_aRSA, 2778 SSL_AES128GCM, 2779 SSL_AEAD, 2780 SSL_TLSV1_2, 2781 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2782 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2783 128, 2784 128, 2785 }, 2786 2787 /* Cipher C030 */ 2788 { 2789 1, 2790 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2791 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2792 SSL_kEECDH, 2793 SSL_aRSA, 2794 SSL_AES256GCM, 2795 SSL_AEAD, 2796 SSL_TLSV1_2, 2797 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2798 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2799 256, 2800 256, 2801 }, 2802 2803 /* Cipher C031 */ 2804 { 2805 1, 2806 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2807 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2808 SSL_kECDHr, 2809 SSL_aECDH, 2810 SSL_AES128GCM, 2811 SSL_AEAD, 2812 SSL_TLSV1_2, 2813 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2814 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2815 128, 2816 128, 2817 }, 2818 2819 /* Cipher C032 */ 2820 { 2821 1, 2822 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2823 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2824 SSL_kECDHr, 2825 SSL_aECDH, 2826 SSL_AES256GCM, 2827 SSL_AEAD, 2828 SSL_TLSV1_2, 2829 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2830 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2831 256, 2832 256, 2833 }, 2834 2835 #endif /* OPENSSL_NO_ECDH */ 2836 2837 #ifdef TEMP_GOST_TLS 2838 /* Cipher FF00 */ 2839 { 2840 1, 2841 "GOST-MD5", 2842 0x0300ff00, 2843 SSL_kRSA, 2844 SSL_aRSA, 2845 SSL_eGOST2814789CNT, 2846 SSL_MD5, 2847 SSL_TLSV1, 2848 SSL_NOT_EXP | SSL_HIGH, 2849 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2850 256, 2851 256, 2852 }, 2853 { 2854 1, 2855 "GOST-GOST94", 2856 0x0300ff01, 2857 SSL_kRSA, 2858 SSL_aRSA, 2859 SSL_eGOST2814789CNT, 2860 SSL_GOST94, 2861 SSL_TLSV1, 2862 SSL_NOT_EXP | SSL_HIGH, 2863 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2864 256, 2865 256}, 2866 { 2867 1, 2868 "GOST-GOST89MAC", 2869 0x0300ff02, 2870 SSL_kRSA, 2871 SSL_aRSA, 2872 SSL_eGOST2814789CNT, 2873 SSL_GOST89MAC, 2874 SSL_TLSV1, 2875 SSL_NOT_EXP | SSL_HIGH, 2876 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2877 256, 2878 256}, 2879 { 2880 1, 2881 "GOST-GOST89STREAM", 2882 0x0300ff03, 2883 SSL_kRSA, 2884 SSL_aRSA, 2885 SSL_eGOST2814789CNT, 2886 SSL_GOST89MAC, 2887 SSL_TLSV1, 2888 SSL_NOT_EXP | SSL_HIGH, 2889 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC, 2890 256, 2891 256}, 2892 #endif 2893 2894 /* end of list */ 2895 }; 2896 2897 SSL3_ENC_METHOD SSLv3_enc_data = { 2898 ssl3_enc, 2899 n_ssl3_mac, 2900 ssl3_setup_key_block, 2901 ssl3_generate_master_secret, 2902 ssl3_change_cipher_state, 2903 ssl3_final_finish_mac, 2904 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, 2905 ssl3_cert_verify_mac, 2906 SSL3_MD_CLIENT_FINISHED_CONST, 4, 2907 SSL3_MD_SERVER_FINISHED_CONST, 4, 2908 ssl3_alert_code, 2909 (int (*)(SSL *, unsigned char *, size_t, const char *, 2910 size_t, const unsigned char *, size_t, 2911 int use_context))ssl_undefined_function, 2912 0, 2913 SSL3_HM_HEADER_LENGTH, 2914 ssl3_set_handshake_header, 2915 ssl3_handshake_write 2916 }; 2917 2918 long ssl3_default_timeout(void) 2919 { 2920 /* 2921 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for 2922 * http, the cache would over fill 2923 */ 2924 return (60 * 60 * 2); 2925 } 2926 2927 int ssl3_num_ciphers(void) 2928 { 2929 return (SSL3_NUM_CIPHERS); 2930 } 2931 2932 const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 2933 { 2934 if (u < SSL3_NUM_CIPHERS) 2935 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u])); 2936 else 2937 return (NULL); 2938 } 2939 2940 int ssl3_pending(const SSL *s) 2941 { 2942 if (s->rstate == SSL_ST_READ_BODY) 2943 return 0; 2944 2945 return (s->s3->rrec.type == 2946 SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 2947 } 2948 2949 void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) 2950 { 2951 unsigned char *p = (unsigned char *)s->init_buf->data; 2952 *(p++) = htype; 2953 l2n3(len, p); 2954 s->init_num = (int)len + SSL3_HM_HEADER_LENGTH; 2955 s->init_off = 0; 2956 } 2957 2958 int ssl3_handshake_write(SSL *s) 2959 { 2960 return ssl3_do_write(s, SSL3_RT_HANDSHAKE); 2961 } 2962 2963 int ssl3_new(SSL *s) 2964 { 2965 SSL3_STATE *s3; 2966 2967 if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL) 2968 goto err; 2969 memset(s3, 0, sizeof *s3); 2970 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 2971 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); 2972 2973 s->s3 = s3; 2974 2975 #ifndef OPENSSL_NO_SRP 2976 SSL_SRP_CTX_init(s); 2977 #endif 2978 s->method->ssl_clear(s); 2979 return (1); 2980 err: 2981 return (0); 2982 } 2983 2984 void ssl3_free(SSL *s) 2985 { 2986 if (s == NULL || s->s3 == NULL) 2987 return; 2988 2989 #ifdef TLSEXT_TYPE_opaque_prf_input 2990 if (s->s3->client_opaque_prf_input != NULL) 2991 OPENSSL_free(s->s3->client_opaque_prf_input); 2992 if (s->s3->server_opaque_prf_input != NULL) 2993 OPENSSL_free(s->s3->server_opaque_prf_input); 2994 #endif 2995 2996 ssl3_cleanup_key_block(s); 2997 if (s->s3->rbuf.buf != NULL) 2998 ssl3_release_read_buffer(s); 2999 if (s->s3->wbuf.buf != NULL) 3000 ssl3_release_write_buffer(s); 3001 if (s->s3->rrec.comp != NULL) 3002 OPENSSL_free(s->s3->rrec.comp); 3003 #ifndef OPENSSL_NO_DH 3004 if (s->s3->tmp.dh != NULL) 3005 DH_free(s->s3->tmp.dh); 3006 #endif 3007 #ifndef OPENSSL_NO_ECDH 3008 if (s->s3->tmp.ecdh != NULL) 3009 EC_KEY_free(s->s3->tmp.ecdh); 3010 #endif 3011 3012 if (s->s3->tmp.ca_names != NULL) 3013 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3014 if (s->s3->handshake_buffer) { 3015 BIO_free(s->s3->handshake_buffer); 3016 } 3017 if (s->s3->handshake_dgst) 3018 ssl3_free_digest_list(s); 3019 #ifndef OPENSSL_NO_TLSEXT 3020 if (s->s3->alpn_selected) 3021 OPENSSL_free(s->s3->alpn_selected); 3022 #endif 3023 3024 #ifndef OPENSSL_NO_SRP 3025 SSL_SRP_CTX_free(s); 3026 #endif 3027 OPENSSL_cleanse(s->s3, sizeof *s->s3); 3028 OPENSSL_free(s->s3); 3029 s->s3 = NULL; 3030 } 3031 3032 void ssl3_clear(SSL *s) 3033 { 3034 unsigned char *rp, *wp; 3035 size_t rlen, wlen; 3036 int init_extra; 3037 3038 #ifdef TLSEXT_TYPE_opaque_prf_input 3039 if (s->s3->client_opaque_prf_input != NULL) 3040 OPENSSL_free(s->s3->client_opaque_prf_input); 3041 s->s3->client_opaque_prf_input = NULL; 3042 if (s->s3->server_opaque_prf_input != NULL) 3043 OPENSSL_free(s->s3->server_opaque_prf_input); 3044 s->s3->server_opaque_prf_input = NULL; 3045 #endif 3046 3047 ssl3_cleanup_key_block(s); 3048 if (s->s3->tmp.ca_names != NULL) 3049 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3050 3051 if (s->s3->rrec.comp != NULL) { 3052 OPENSSL_free(s->s3->rrec.comp); 3053 s->s3->rrec.comp = NULL; 3054 } 3055 #ifndef OPENSSL_NO_DH 3056 if (s->s3->tmp.dh != NULL) { 3057 DH_free(s->s3->tmp.dh); 3058 s->s3->tmp.dh = NULL; 3059 } 3060 #endif 3061 #ifndef OPENSSL_NO_ECDH 3062 if (s->s3->tmp.ecdh != NULL) { 3063 EC_KEY_free(s->s3->tmp.ecdh); 3064 s->s3->tmp.ecdh = NULL; 3065 } 3066 #endif 3067 #ifndef OPENSSL_NO_TLSEXT 3068 # ifndef OPENSSL_NO_EC 3069 s->s3->is_probably_safari = 0; 3070 # endif /* !OPENSSL_NO_EC */ 3071 #endif /* !OPENSSL_NO_TLSEXT */ 3072 3073 rp = s->s3->rbuf.buf; 3074 wp = s->s3->wbuf.buf; 3075 rlen = s->s3->rbuf.len; 3076 wlen = s->s3->wbuf.len; 3077 init_extra = s->s3->init_extra; 3078 if (s->s3->handshake_buffer) { 3079 BIO_free(s->s3->handshake_buffer); 3080 s->s3->handshake_buffer = NULL; 3081 } 3082 if (s->s3->handshake_dgst) { 3083 ssl3_free_digest_list(s); 3084 } 3085 #if !defined(OPENSSL_NO_TLSEXT) 3086 if (s->s3->alpn_selected) { 3087 OPENSSL_free(s->s3->alpn_selected); 3088 s->s3->alpn_selected = NULL; 3089 } 3090 #endif 3091 memset(s->s3, 0, sizeof *s->s3); 3092 s->s3->rbuf.buf = rp; 3093 s->s3->wbuf.buf = wp; 3094 s->s3->rbuf.len = rlen; 3095 s->s3->wbuf.len = wlen; 3096 s->s3->init_extra = init_extra; 3097 3098 ssl_free_wbio_buffer(s); 3099 3100 s->packet_length = 0; 3101 s->s3->renegotiate = 0; 3102 s->s3->total_renegotiations = 0; 3103 s->s3->num_renegotiations = 0; 3104 s->s3->in_read_app_data = 0; 3105 s->version = SSL3_VERSION; 3106 3107 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 3108 if (s->next_proto_negotiated) { 3109 OPENSSL_free(s->next_proto_negotiated); 3110 s->next_proto_negotiated = NULL; 3111 s->next_proto_negotiated_len = 0; 3112 } 3113 #endif 3114 } 3115 3116 #ifndef OPENSSL_NO_SRP 3117 static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg) 3118 { 3119 return BUF_strdup(s->srp_ctx.info); 3120 } 3121 #endif 3122 3123 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, 3124 size_t len); 3125 3126 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 3127 { 3128 int ret = 0; 3129 3130 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3131 if ( 3132 # ifndef OPENSSL_NO_RSA 3133 cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || 3134 # endif 3135 # ifndef OPENSSL_NO_DSA 3136 cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB || 3137 # endif 3138 0) { 3139 if (!ssl_cert_inst(&s->cert)) { 3140 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 3141 return (0); 3142 } 3143 } 3144 #endif 3145 3146 switch (cmd) { 3147 case SSL_CTRL_GET_SESSION_REUSED: 3148 ret = s->hit; 3149 break; 3150 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 3151 break; 3152 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 3153 ret = s->s3->num_renegotiations; 3154 break; 3155 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 3156 ret = s->s3->num_renegotiations; 3157 s->s3->num_renegotiations = 0; 3158 break; 3159 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 3160 ret = s->s3->total_renegotiations; 3161 break; 3162 case SSL_CTRL_GET_FLAGS: 3163 ret = (int)(s->s3->flags); 3164 break; 3165 #ifndef OPENSSL_NO_RSA 3166 case SSL_CTRL_NEED_TMP_RSA: 3167 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 3168 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3169 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3170 (512 / 8)))) 3171 ret = 1; 3172 break; 3173 case SSL_CTRL_SET_TMP_RSA: 3174 { 3175 RSA *rsa = (RSA *)parg; 3176 if (rsa == NULL) { 3177 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3178 return (ret); 3179 } 3180 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) { 3181 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); 3182 return (ret); 3183 } 3184 if (s->cert->rsa_tmp != NULL) 3185 RSA_free(s->cert->rsa_tmp); 3186 s->cert->rsa_tmp = rsa; 3187 ret = 1; 3188 } 3189 break; 3190 case SSL_CTRL_SET_TMP_RSA_CB: 3191 { 3192 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3193 return (ret); 3194 } 3195 break; 3196 #endif 3197 #ifndef OPENSSL_NO_DH 3198 case SSL_CTRL_SET_TMP_DH: 3199 { 3200 DH *dh = (DH *)parg; 3201 if (dh == NULL) { 3202 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3203 return (ret); 3204 } 3205 if ((dh = DHparams_dup(dh)) == NULL) { 3206 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3207 return (ret); 3208 } 3209 if (s->cert->dh_tmp != NULL) 3210 DH_free(s->cert->dh_tmp); 3211 s->cert->dh_tmp = dh; 3212 ret = 1; 3213 } 3214 break; 3215 case SSL_CTRL_SET_TMP_DH_CB: 3216 { 3217 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3218 return (ret); 3219 } 3220 break; 3221 #endif 3222 #ifndef OPENSSL_NO_ECDH 3223 case SSL_CTRL_SET_TMP_ECDH: 3224 { 3225 EC_KEY *ecdh = NULL; 3226 3227 if (parg == NULL) { 3228 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3229 return (ret); 3230 } 3231 if (!EC_KEY_up_ref((EC_KEY *)parg)) { 3232 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3233 return (ret); 3234 } 3235 ecdh = (EC_KEY *)parg; 3236 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) { 3237 if (!EC_KEY_generate_key(ecdh)) { 3238 EC_KEY_free(ecdh); 3239 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3240 return (ret); 3241 } 3242 } 3243 if (s->cert->ecdh_tmp != NULL) 3244 EC_KEY_free(s->cert->ecdh_tmp); 3245 s->cert->ecdh_tmp = ecdh; 3246 ret = 1; 3247 } 3248 break; 3249 case SSL_CTRL_SET_TMP_ECDH_CB: 3250 { 3251 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3252 return (ret); 3253 } 3254 break; 3255 #endif /* !OPENSSL_NO_ECDH */ 3256 #ifndef OPENSSL_NO_TLSEXT 3257 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 3258 if (larg == TLSEXT_NAMETYPE_host_name) { 3259 size_t len; 3260 3261 if (s->tlsext_hostname != NULL) 3262 OPENSSL_free(s->tlsext_hostname); 3263 s->tlsext_hostname = NULL; 3264 3265 ret = 1; 3266 if (parg == NULL) 3267 break; 3268 len = strlen((char *)parg); 3269 if (len == 0 || len > TLSEXT_MAXLEN_host_name) { 3270 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 3271 return 0; 3272 } 3273 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) { 3274 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 3275 return 0; 3276 } 3277 } else { 3278 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 3279 return 0; 3280 } 3281 break; 3282 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 3283 s->tlsext_debug_arg = parg; 3284 ret = 1; 3285 break; 3286 3287 # ifdef TLSEXT_TYPE_opaque_prf_input 3288 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3289 if (larg > 12288) { /* actual internal limit is 2^16 for the 3290 * complete hello message * (including the 3291 * cert chain and everything) */ 3292 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3293 break; 3294 } 3295 if (s->tlsext_opaque_prf_input != NULL) 3296 OPENSSL_free(s->tlsext_opaque_prf_input); 3297 if ((size_t)larg == 0) 3298 s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte 3299 * just to get 3300 * non-NULL */ 3301 else 3302 s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); 3303 if (s->tlsext_opaque_prf_input != NULL) { 3304 s->tlsext_opaque_prf_input_len = (size_t)larg; 3305 ret = 1; 3306 } else 3307 s->tlsext_opaque_prf_input_len = 0; 3308 break; 3309 # endif 3310 3311 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3312 s->tlsext_status_type = larg; 3313 ret = 1; 3314 break; 3315 3316 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 3317 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; 3318 ret = 1; 3319 break; 3320 3321 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 3322 s->tlsext_ocsp_exts = parg; 3323 ret = 1; 3324 break; 3325 3326 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 3327 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; 3328 ret = 1; 3329 break; 3330 3331 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 3332 s->tlsext_ocsp_ids = parg; 3333 ret = 1; 3334 break; 3335 3336 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 3337 *(unsigned char **)parg = s->tlsext_ocsp_resp; 3338 return s->tlsext_ocsp_resplen; 3339 3340 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 3341 if (s->tlsext_ocsp_resp) 3342 OPENSSL_free(s->tlsext_ocsp_resp); 3343 s->tlsext_ocsp_resp = parg; 3344 s->tlsext_ocsp_resplen = larg; 3345 ret = 1; 3346 break; 3347 3348 # ifndef OPENSSL_NO_HEARTBEATS 3349 case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT: 3350 if (SSL_IS_DTLS(s)) 3351 ret = dtls1_heartbeat(s); 3352 else 3353 ret = tls1_heartbeat(s); 3354 break; 3355 3356 case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING: 3357 ret = s->tlsext_hb_pending; 3358 break; 3359 3360 case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS: 3361 if (larg) 3362 s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3363 else 3364 s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3365 ret = 1; 3366 break; 3367 # endif 3368 3369 #endif /* !OPENSSL_NO_TLSEXT */ 3370 3371 case SSL_CTRL_CHAIN: 3372 if (larg) 3373 return ssl_cert_set1_chain(s->cert, (STACK_OF(X509) *)parg); 3374 else 3375 return ssl_cert_set0_chain(s->cert, (STACK_OF(X509) *)parg); 3376 3377 case SSL_CTRL_CHAIN_CERT: 3378 if (larg) 3379 return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg); 3380 else 3381 return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg); 3382 3383 case SSL_CTRL_GET_CHAIN_CERTS: 3384 *(STACK_OF(X509) **)parg = s->cert->key->chain; 3385 break; 3386 3387 case SSL_CTRL_SELECT_CURRENT_CERT: 3388 return ssl_cert_select_current(s->cert, (X509 *)parg); 3389 3390 case SSL_CTRL_SET_CURRENT_CERT: 3391 if (larg == SSL_CERT_SET_SERVER) { 3392 CERT_PKEY *cpk; 3393 const SSL_CIPHER *cipher; 3394 if (!s->server) 3395 return 0; 3396 cipher = s->s3->tmp.new_cipher; 3397 if (!cipher) 3398 return 0; 3399 /* 3400 * No certificate for unauthenticated ciphersuites or using SRP 3401 * authentication 3402 */ 3403 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP)) 3404 return 2; 3405 cpk = ssl_get_server_send_pkey(s); 3406 if (!cpk) 3407 return 0; 3408 s->cert->key = cpk; 3409 return 1; 3410 } 3411 return ssl_cert_set_current(s->cert, larg); 3412 3413 #ifndef OPENSSL_NO_EC 3414 case SSL_CTRL_GET_CURVES: 3415 { 3416 unsigned char *clist; 3417 size_t clistlen; 3418 if (!s->session) 3419 return 0; 3420 clist = s->session->tlsext_ellipticcurvelist; 3421 clistlen = s->session->tlsext_ellipticcurvelist_length / 2; 3422 if (parg) { 3423 size_t i; 3424 int *cptr = parg; 3425 unsigned int cid, nid; 3426 for (i = 0; i < clistlen; i++) { 3427 n2s(clist, cid); 3428 nid = tls1_ec_curve_id2nid(cid); 3429 if (nid != 0) 3430 cptr[i] = nid; 3431 else 3432 cptr[i] = TLSEXT_nid_unknown | cid; 3433 } 3434 } 3435 return (int)clistlen; 3436 } 3437 3438 case SSL_CTRL_SET_CURVES: 3439 return tls1_set_curves(&s->tlsext_ellipticcurvelist, 3440 &s->tlsext_ellipticcurvelist_length, 3441 parg, larg); 3442 3443 case SSL_CTRL_SET_CURVES_LIST: 3444 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist, 3445 &s->tlsext_ellipticcurvelist_length, 3446 parg); 3447 3448 case SSL_CTRL_GET_SHARED_CURVE: 3449 return tls1_shared_curve(s, larg); 3450 3451 # ifndef OPENSSL_NO_ECDH 3452 case SSL_CTRL_SET_ECDH_AUTO: 3453 s->cert->ecdh_tmp_auto = larg; 3454 return 1; 3455 # endif 3456 #endif 3457 case SSL_CTRL_SET_SIGALGS: 3458 return tls1_set_sigalgs(s->cert, parg, larg, 0); 3459 3460 case SSL_CTRL_SET_SIGALGS_LIST: 3461 return tls1_set_sigalgs_list(s->cert, parg, 0); 3462 3463 case SSL_CTRL_SET_CLIENT_SIGALGS: 3464 return tls1_set_sigalgs(s->cert, parg, larg, 1); 3465 3466 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3467 return tls1_set_sigalgs_list(s->cert, parg, 1); 3468 3469 case SSL_CTRL_GET_CLIENT_CERT_TYPES: 3470 { 3471 const unsigned char **pctype = parg; 3472 if (s->server || !s->s3->tmp.cert_req) 3473 return 0; 3474 if (s->cert->ctypes) { 3475 if (pctype) 3476 *pctype = s->cert->ctypes; 3477 return (int)s->cert->ctype_num; 3478 } 3479 if (pctype) 3480 *pctype = (unsigned char *)s->s3->tmp.ctype; 3481 return s->s3->tmp.ctype_num; 3482 } 3483 3484 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3485 if (!s->server) 3486 return 0; 3487 return ssl3_set_req_cert_type(s->cert, parg, larg); 3488 3489 case SSL_CTRL_BUILD_CERT_CHAIN: 3490 return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg); 3491 3492 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3493 return ssl_cert_set_cert_store(s->cert, parg, 0, larg); 3494 3495 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3496 return ssl_cert_set_cert_store(s->cert, parg, 1, larg); 3497 3498 case SSL_CTRL_GET_PEER_SIGNATURE_NID: 3499 if (SSL_USE_SIGALGS(s)) { 3500 if (s->session && s->session->sess_cert) { 3501 const EVP_MD *sig; 3502 sig = s->session->sess_cert->peer_key->digest; 3503 if (sig) { 3504 *(int *)parg = EVP_MD_type(sig); 3505 return 1; 3506 } 3507 } 3508 return 0; 3509 } 3510 /* Might want to do something here for other versions */ 3511 else 3512 return 0; 3513 3514 case SSL_CTRL_GET_SERVER_TMP_KEY: 3515 if (s->server || !s->session || !s->session->sess_cert) 3516 return 0; 3517 else { 3518 SESS_CERT *sc; 3519 EVP_PKEY *ptmp; 3520 int rv = 0; 3521 sc = s->session->sess_cert; 3522 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_ECDH) 3523 if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp) 3524 return 0; 3525 #endif 3526 ptmp = EVP_PKEY_new(); 3527 if (!ptmp) 3528 return 0; 3529 if (0) ; 3530 #ifndef OPENSSL_NO_RSA 3531 else if (sc->peer_rsa_tmp) 3532 rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp); 3533 #endif 3534 #ifndef OPENSSL_NO_DH 3535 else if (sc->peer_dh_tmp) 3536 rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp); 3537 #endif 3538 #ifndef OPENSSL_NO_ECDH 3539 else if (sc->peer_ecdh_tmp) 3540 rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp); 3541 #endif 3542 if (rv) { 3543 *(EVP_PKEY **)parg = ptmp; 3544 return 1; 3545 } 3546 EVP_PKEY_free(ptmp); 3547 return 0; 3548 } 3549 #ifndef OPENSSL_NO_EC 3550 case SSL_CTRL_GET_EC_POINT_FORMATS: 3551 { 3552 SSL_SESSION *sess = s->session; 3553 const unsigned char **pformat = parg; 3554 if (!sess || !sess->tlsext_ecpointformatlist) 3555 return 0; 3556 *pformat = sess->tlsext_ecpointformatlist; 3557 return (int)sess->tlsext_ecpointformatlist_length; 3558 } 3559 #endif 3560 3561 case SSL_CTRL_CHECK_PROTO_VERSION: 3562 /* 3563 * For library-internal use; checks that the current protocol is the 3564 * highest enabled version (according to s->ctx->method, as version 3565 * negotiation may have changed s->method). 3566 */ 3567 if (s->version == s->ctx->method->version) 3568 return 1; 3569 /* 3570 * Apparently we're using a version-flexible SSL_METHOD (not at its 3571 * highest protocol version). 3572 */ 3573 if (s->ctx->method->version == SSLv23_method()->version) { 3574 #if TLS_MAX_VERSION != TLS1_2_VERSION 3575 # error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. 3576 #endif 3577 if (!(s->options & SSL_OP_NO_TLSv1_2)) 3578 return s->version == TLS1_2_VERSION; 3579 if (!(s->options & SSL_OP_NO_TLSv1_1)) 3580 return s->version == TLS1_1_VERSION; 3581 if (!(s->options & SSL_OP_NO_TLSv1)) 3582 return s->version == TLS1_VERSION; 3583 if (!(s->options & SSL_OP_NO_SSLv3)) 3584 return s->version == SSL3_VERSION; 3585 if (!(s->options & SSL_OP_NO_SSLv2)) 3586 return s->version == SSL2_VERSION; 3587 } 3588 return 0; /* Unexpected state; fail closed. */ 3589 3590 default: 3591 break; 3592 } 3593 return (ret); 3594 } 3595 3596 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 3597 { 3598 int ret = 0; 3599 3600 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3601 if ( 3602 # ifndef OPENSSL_NO_RSA 3603 cmd == SSL_CTRL_SET_TMP_RSA_CB || 3604 # endif 3605 # ifndef OPENSSL_NO_DSA 3606 cmd == SSL_CTRL_SET_TMP_DH_CB || 3607 # endif 3608 0) { 3609 if (!ssl_cert_inst(&s->cert)) { 3610 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); 3611 return (0); 3612 } 3613 } 3614 #endif 3615 3616 switch (cmd) { 3617 #ifndef OPENSSL_NO_RSA 3618 case SSL_CTRL_SET_TMP_RSA_CB: 3619 { 3620 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3621 } 3622 break; 3623 #endif 3624 #ifndef OPENSSL_NO_DH 3625 case SSL_CTRL_SET_TMP_DH_CB: 3626 { 3627 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3628 } 3629 break; 3630 #endif 3631 #ifndef OPENSSL_NO_ECDH 3632 case SSL_CTRL_SET_TMP_ECDH_CB: 3633 { 3634 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3635 } 3636 break; 3637 #endif 3638 #ifndef OPENSSL_NO_TLSEXT 3639 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3640 s->tlsext_debug_cb = (void (*)(SSL *, int, int, 3641 unsigned char *, int, void *))fp; 3642 break; 3643 #endif 3644 default: 3645 break; 3646 } 3647 return (ret); 3648 } 3649 3650 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3651 { 3652 CERT *cert; 3653 3654 cert = ctx->cert; 3655 3656 switch (cmd) { 3657 #ifndef OPENSSL_NO_RSA 3658 case SSL_CTRL_NEED_TMP_RSA: 3659 if ((cert->rsa_tmp == NULL) && 3660 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3661 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3662 (512 / 8))) 3663 ) 3664 return (1); 3665 else 3666 return (0); 3667 /* break; */ 3668 case SSL_CTRL_SET_TMP_RSA: 3669 { 3670 RSA *rsa; 3671 int i; 3672 3673 rsa = (RSA *)parg; 3674 i = 1; 3675 if (rsa == NULL) 3676 i = 0; 3677 else { 3678 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) 3679 i = 0; 3680 } 3681 if (!i) { 3682 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB); 3683 return (0); 3684 } else { 3685 if (cert->rsa_tmp != NULL) 3686 RSA_free(cert->rsa_tmp); 3687 cert->rsa_tmp = rsa; 3688 return (1); 3689 } 3690 } 3691 /* break; */ 3692 case SSL_CTRL_SET_TMP_RSA_CB: 3693 { 3694 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3695 return (0); 3696 } 3697 break; 3698 #endif 3699 #ifndef OPENSSL_NO_DH 3700 case SSL_CTRL_SET_TMP_DH: 3701 { 3702 DH *new = NULL, *dh; 3703 3704 dh = (DH *)parg; 3705 if ((new = DHparams_dup(dh)) == NULL) { 3706 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); 3707 return 0; 3708 } 3709 if (cert->dh_tmp != NULL) 3710 DH_free(cert->dh_tmp); 3711 cert->dh_tmp = new; 3712 return 1; 3713 } 3714 /* 3715 * break; 3716 */ 3717 case SSL_CTRL_SET_TMP_DH_CB: 3718 { 3719 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3720 return (0); 3721 } 3722 break; 3723 #endif 3724 #ifndef OPENSSL_NO_ECDH 3725 case SSL_CTRL_SET_TMP_ECDH: 3726 { 3727 EC_KEY *ecdh = NULL; 3728 3729 if (parg == NULL) { 3730 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3731 return 0; 3732 } 3733 ecdh = EC_KEY_dup((EC_KEY *)parg); 3734 if (ecdh == NULL) { 3735 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB); 3736 return 0; 3737 } 3738 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) { 3739 if (!EC_KEY_generate_key(ecdh)) { 3740 EC_KEY_free(ecdh); 3741 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3742 return 0; 3743 } 3744 } 3745 3746 if (cert->ecdh_tmp != NULL) { 3747 EC_KEY_free(cert->ecdh_tmp); 3748 } 3749 cert->ecdh_tmp = ecdh; 3750 return 1; 3751 } 3752 /* break; */ 3753 case SSL_CTRL_SET_TMP_ECDH_CB: 3754 { 3755 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3756 return (0); 3757 } 3758 break; 3759 #endif /* !OPENSSL_NO_ECDH */ 3760 #ifndef OPENSSL_NO_TLSEXT 3761 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 3762 ctx->tlsext_servername_arg = parg; 3763 break; 3764 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 3765 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 3766 { 3767 unsigned char *keys = parg; 3768 if (!keys) 3769 return 48; 3770 if (larg != 48) { 3771 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3772 return 0; 3773 } 3774 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 3775 memcpy(ctx->tlsext_tick_key_name, keys, 16); 3776 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 3777 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 3778 } else { 3779 memcpy(keys, ctx->tlsext_tick_key_name, 16); 3780 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 3781 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 3782 } 3783 return 1; 3784 } 3785 3786 # ifdef TLSEXT_TYPE_opaque_prf_input 3787 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG: 3788 ctx->tlsext_opaque_prf_input_callback_arg = parg; 3789 return 1; 3790 # endif 3791 3792 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 3793 ctx->tlsext_status_arg = parg; 3794 return 1; 3795 break; 3796 3797 # ifndef OPENSSL_NO_SRP 3798 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: 3799 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3800 if (ctx->srp_ctx.login != NULL) 3801 OPENSSL_free(ctx->srp_ctx.login); 3802 ctx->srp_ctx.login = NULL; 3803 if (parg == NULL) 3804 break; 3805 if (strlen((const char *)parg) > 255 3806 || strlen((const char *)parg) < 1) { 3807 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3808 return 0; 3809 } 3810 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) { 3811 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3812 return 0; 3813 } 3814 break; 3815 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3816 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3817 srp_password_from_info_cb; 3818 ctx->srp_ctx.info = parg; 3819 break; 3820 case SSL_CTRL_SET_SRP_ARG: 3821 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3822 ctx->srp_ctx.SRP_cb_arg = parg; 3823 break; 3824 3825 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH: 3826 ctx->srp_ctx.strength = larg; 3827 break; 3828 # endif 3829 3830 # ifndef OPENSSL_NO_EC 3831 case SSL_CTRL_SET_CURVES: 3832 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, 3833 &ctx->tlsext_ellipticcurvelist_length, 3834 parg, larg); 3835 3836 case SSL_CTRL_SET_CURVES_LIST: 3837 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist, 3838 &ctx->tlsext_ellipticcurvelist_length, 3839 parg); 3840 # ifndef OPENSSL_NO_ECDH 3841 case SSL_CTRL_SET_ECDH_AUTO: 3842 ctx->cert->ecdh_tmp_auto = larg; 3843 return 1; 3844 # endif 3845 # endif 3846 case SSL_CTRL_SET_SIGALGS: 3847 return tls1_set_sigalgs(ctx->cert, parg, larg, 0); 3848 3849 case SSL_CTRL_SET_SIGALGS_LIST: 3850 return tls1_set_sigalgs_list(ctx->cert, parg, 0); 3851 3852 case SSL_CTRL_SET_CLIENT_SIGALGS: 3853 return tls1_set_sigalgs(ctx->cert, parg, larg, 1); 3854 3855 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3856 return tls1_set_sigalgs_list(ctx->cert, parg, 1); 3857 3858 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3859 return ssl3_set_req_cert_type(ctx->cert, parg, larg); 3860 3861 case SSL_CTRL_BUILD_CERT_CHAIN: 3862 return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg); 3863 3864 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3865 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg); 3866 3867 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3868 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg); 3869 3870 #endif /* !OPENSSL_NO_TLSEXT */ 3871 3872 /* A Thawte special :-) */ 3873 case SSL_CTRL_EXTRA_CHAIN_CERT: 3874 if (ctx->extra_certs == NULL) { 3875 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) 3876 return (0); 3877 } 3878 sk_X509_push(ctx->extra_certs, (X509 *)parg); 3879 break; 3880 3881 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 3882 if (ctx->extra_certs == NULL && larg == 0) 3883 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3884 else 3885 *(STACK_OF(X509) **)parg = ctx->extra_certs; 3886 break; 3887 3888 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 3889 if (ctx->extra_certs) { 3890 sk_X509_pop_free(ctx->extra_certs, X509_free); 3891 ctx->extra_certs = NULL; 3892 } 3893 break; 3894 3895 case SSL_CTRL_CHAIN: 3896 if (larg) 3897 return ssl_cert_set1_chain(ctx->cert, (STACK_OF(X509) *)parg); 3898 else 3899 return ssl_cert_set0_chain(ctx->cert, (STACK_OF(X509) *)parg); 3900 3901 case SSL_CTRL_CHAIN_CERT: 3902 if (larg) 3903 return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg); 3904 else 3905 return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg); 3906 3907 case SSL_CTRL_GET_CHAIN_CERTS: 3908 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3909 break; 3910 3911 case SSL_CTRL_SELECT_CURRENT_CERT: 3912 return ssl_cert_select_current(ctx->cert, (X509 *)parg); 3913 3914 case SSL_CTRL_SET_CURRENT_CERT: 3915 return ssl_cert_set_current(ctx->cert, larg); 3916 3917 default: 3918 return (0); 3919 } 3920 return (1); 3921 } 3922 3923 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 3924 { 3925 CERT *cert; 3926 3927 cert = ctx->cert; 3928 3929 switch (cmd) { 3930 #ifndef OPENSSL_NO_RSA 3931 case SSL_CTRL_SET_TMP_RSA_CB: 3932 { 3933 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3934 } 3935 break; 3936 #endif 3937 #ifndef OPENSSL_NO_DH 3938 case SSL_CTRL_SET_TMP_DH_CB: 3939 { 3940 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3941 } 3942 break; 3943 #endif 3944 #ifndef OPENSSL_NO_ECDH 3945 case SSL_CTRL_SET_TMP_ECDH_CB: 3946 { 3947 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3948 } 3949 break; 3950 #endif 3951 #ifndef OPENSSL_NO_TLSEXT 3952 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 3953 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp; 3954 break; 3955 3956 # ifdef TLSEXT_TYPE_opaque_prf_input 3957 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB: 3958 ctx->tlsext_opaque_prf_input_callback = 3959 (int (*)(SSL *, void *, size_t, void *))fp; 3960 break; 3961 # endif 3962 3963 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 3964 ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp; 3965 break; 3966 3967 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 3968 ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *, 3969 unsigned char *, 3970 EVP_CIPHER_CTX *, 3971 HMAC_CTX *, int))fp; 3972 break; 3973 3974 # ifndef OPENSSL_NO_SRP 3975 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: 3976 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3977 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp; 3978 break; 3979 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB: 3980 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3981 ctx->srp_ctx.TLS_ext_srp_username_callback = 3982 (int (*)(SSL *, int *, void *))fp; 3983 break; 3984 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB: 3985 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3986 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3987 (char *(*)(SSL *, void *))fp; 3988 break; 3989 # endif 3990 #endif 3991 default: 3992 return (0); 3993 } 3994 return (1); 3995 } 3996 3997 /* 3998 * This function needs to check if the ciphers required are actually 3999 * available 4000 */ 4001 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 4002 { 4003 SSL_CIPHER c; 4004 const SSL_CIPHER *cp; 4005 unsigned long id; 4006 4007 id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1]; 4008 c.id = id; 4009 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 4010 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES 4011 if (cp == NULL) 4012 fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]); 4013 #endif 4014 return cp; 4015 } 4016 4017 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 4018 { 4019 long l; 4020 4021 if (p != NULL) { 4022 l = c->id; 4023 if ((l & 0xff000000) != 0x03000000) 4024 return (0); 4025 p[0] = ((unsigned char)(l >> 8L)) & 0xFF; 4026 p[1] = ((unsigned char)(l)) & 0xFF; 4027 } 4028 return (2); 4029 } 4030 4031 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 4032 STACK_OF(SSL_CIPHER) *srvr) 4033 { 4034 SSL_CIPHER *c, *ret = NULL; 4035 STACK_OF(SSL_CIPHER) *prio, *allow; 4036 int i, ii, ok; 4037 CERT *cert; 4038 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a; 4039 4040 /* Let's see which ciphers we can support */ 4041 cert = s->cert; 4042 4043 #if 0 4044 /* 4045 * Do not set the compare functions, because this may lead to a 4046 * reordering by "id". We want to keep the original ordering. We may pay 4047 * a price in performance during sk_SSL_CIPHER_find(), but would have to 4048 * pay with the price of sk_SSL_CIPHER_dup(). 4049 */ 4050 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp); 4051 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp); 4052 #endif 4053 4054 #ifdef CIPHER_DEBUG 4055 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), 4056 (void *)srvr); 4057 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { 4058 c = sk_SSL_CIPHER_value(srvr, i); 4059 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4060 } 4061 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), 4062 (void *)clnt); 4063 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { 4064 c = sk_SSL_CIPHER_value(clnt, i); 4065 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4066 } 4067 #endif 4068 4069 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) { 4070 prio = srvr; 4071 allow = clnt; 4072 } else { 4073 prio = clnt; 4074 allow = srvr; 4075 } 4076 4077 tls1_set_cert_validity(s); 4078 4079 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) { 4080 c = sk_SSL_CIPHER_value(prio, i); 4081 4082 /* Skip TLS v1.2 only ciphersuites if not supported */ 4083 if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s)) 4084 continue; 4085 4086 ssl_set_cert_masks(cert, c); 4087 mask_k = cert->mask_k; 4088 mask_a = cert->mask_a; 4089 emask_k = cert->export_mask_k; 4090 emask_a = cert->export_mask_a; 4091 #ifndef OPENSSL_NO_SRP 4092 if (s->srp_ctx.srp_Mask & SSL_kSRP) { 4093 mask_k |= SSL_kSRP; 4094 emask_k |= SSL_kSRP; 4095 mask_a |= SSL_aSRP; 4096 emask_a |= SSL_aSRP; 4097 } 4098 #endif 4099 4100 #ifdef KSSL_DEBUG 4101 /* 4102 * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n", 4103 * i,c->algorithms); 4104 */ 4105 #endif /* KSSL_DEBUG */ 4106 4107 alg_k = c->algorithm_mkey; 4108 alg_a = c->algorithm_auth; 4109 4110 #ifndef OPENSSL_NO_KRB5 4111 if (alg_k & SSL_kKRB5) { 4112 if (!kssl_keytab_is_available(s->kssl_ctx)) 4113 continue; 4114 } 4115 #endif /* OPENSSL_NO_KRB5 */ 4116 #ifndef OPENSSL_NO_PSK 4117 /* with PSK there must be server callback set */ 4118 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL) 4119 continue; 4120 #endif /* OPENSSL_NO_PSK */ 4121 4122 if (SSL_C_IS_EXPORT(c)) { 4123 ok = (alg_k & emask_k) && (alg_a & emask_a); 4124 #ifdef CIPHER_DEBUG 4125 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n", 4126 ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name); 4127 #endif 4128 } else { 4129 ok = (alg_k & mask_k) && (alg_a & mask_a); 4130 #ifdef CIPHER_DEBUG 4131 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, 4132 alg_a, mask_k, mask_a, (void *)c, c->name); 4133 #endif 4134 } 4135 4136 #ifndef OPENSSL_NO_TLSEXT 4137 # ifndef OPENSSL_NO_EC 4138 # ifndef OPENSSL_NO_ECDH 4139 /* 4140 * if we are considering an ECC cipher suite that uses an ephemeral 4141 * EC key check it 4142 */ 4143 if (alg_k & SSL_kEECDH) 4144 ok = ok && tls1_check_ec_tmp_key(s, c->id); 4145 # endif /* OPENSSL_NO_ECDH */ 4146 # endif /* OPENSSL_NO_EC */ 4147 #endif /* OPENSSL_NO_TLSEXT */ 4148 4149 if (!ok) 4150 continue; 4151 ii = sk_SSL_CIPHER_find(allow, c); 4152 if (ii >= 0) { 4153 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) 4154 if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) 4155 && s->s3->is_probably_safari) { 4156 if (!ret) 4157 ret = sk_SSL_CIPHER_value(allow, ii); 4158 continue; 4159 } 4160 #endif 4161 ret = sk_SSL_CIPHER_value(allow, ii); 4162 break; 4163 } 4164 } 4165 return (ret); 4166 } 4167 4168 int ssl3_get_req_cert_type(SSL *s, unsigned char *p) 4169 { 4170 int ret = 0; 4171 const unsigned char *sig; 4172 size_t i, siglen; 4173 int have_rsa_sign = 0, have_dsa_sign = 0; 4174 #ifndef OPENSSL_NO_ECDSA 4175 int have_ecdsa_sign = 0; 4176 #endif 4177 int nostrict = 1; 4178 unsigned long alg_k; 4179 4180 /* If we have custom certificate types set, use them */ 4181 if (s->cert->ctypes) { 4182 memcpy(p, s->cert->ctypes, s->cert->ctype_num); 4183 return (int)s->cert->ctype_num; 4184 } 4185 /* get configured sigalgs */ 4186 siglen = tls12_get_psigalgs(s, &sig); 4187 if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT) 4188 nostrict = 0; 4189 for (i = 0; i < siglen; i += 2, sig += 2) { 4190 switch (sig[1]) { 4191 case TLSEXT_signature_rsa: 4192 have_rsa_sign = 1; 4193 break; 4194 4195 case TLSEXT_signature_dsa: 4196 have_dsa_sign = 1; 4197 break; 4198 #ifndef OPENSSL_NO_ECDSA 4199 case TLSEXT_signature_ecdsa: 4200 have_ecdsa_sign = 1; 4201 break; 4202 #endif 4203 } 4204 } 4205 4206 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 4207 4208 #ifndef OPENSSL_NO_GOST 4209 if (s->version >= TLS1_VERSION) { 4210 if (alg_k & SSL_kGOST) { 4211 p[ret++] = TLS_CT_GOST94_SIGN; 4212 p[ret++] = TLS_CT_GOST01_SIGN; 4213 return (ret); 4214 } 4215 } 4216 #endif 4217 4218 #ifndef OPENSSL_NO_DH 4219 if (alg_k & (SSL_kDHr | SSL_kEDH)) { 4220 # ifndef OPENSSL_NO_RSA 4221 /* 4222 * Since this refers to a certificate signed with an RSA algorithm, 4223 * only check for rsa signing in strict mode. 4224 */ 4225 if (nostrict || have_rsa_sign) 4226 p[ret++] = SSL3_CT_RSA_FIXED_DH; 4227 # endif 4228 # ifndef OPENSSL_NO_DSA 4229 if (nostrict || have_dsa_sign) 4230 p[ret++] = SSL3_CT_DSS_FIXED_DH; 4231 # endif 4232 } 4233 if ((s->version == SSL3_VERSION) && 4234 (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) { 4235 # ifndef OPENSSL_NO_RSA 4236 p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; 4237 # endif 4238 # ifndef OPENSSL_NO_DSA 4239 p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; 4240 # endif 4241 } 4242 #endif /* !OPENSSL_NO_DH */ 4243 #ifndef OPENSSL_NO_RSA 4244 if (have_rsa_sign) 4245 p[ret++] = SSL3_CT_RSA_SIGN; 4246 #endif 4247 #ifndef OPENSSL_NO_DSA 4248 if (have_dsa_sign) 4249 p[ret++] = SSL3_CT_DSS_SIGN; 4250 #endif 4251 #ifndef OPENSSL_NO_ECDH 4252 if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { 4253 if (nostrict || have_rsa_sign) 4254 p[ret++] = TLS_CT_RSA_FIXED_ECDH; 4255 if (nostrict || have_ecdsa_sign) 4256 p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; 4257 } 4258 #endif 4259 4260 #ifndef OPENSSL_NO_ECDSA 4261 /* 4262 * ECDSA certs can be used with RSA cipher suites as well so we don't 4263 * need to check for SSL_kECDH or SSL_kEECDH 4264 */ 4265 if (s->version >= TLS1_VERSION) { 4266 if (have_ecdsa_sign) 4267 p[ret++] = TLS_CT_ECDSA_SIGN; 4268 } 4269 #endif 4270 return (ret); 4271 } 4272 4273 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len) 4274 { 4275 if (c->ctypes) { 4276 OPENSSL_free(c->ctypes); 4277 c->ctypes = NULL; 4278 } 4279 if (!p || !len) 4280 return 1; 4281 if (len > 0xff) 4282 return 0; 4283 c->ctypes = OPENSSL_malloc(len); 4284 if (!c->ctypes) 4285 return 0; 4286 memcpy(c->ctypes, p, len); 4287 c->ctype_num = len; 4288 return 1; 4289 } 4290 4291 int ssl3_shutdown(SSL *s) 4292 { 4293 int ret; 4294 4295 /* 4296 * Don't do anything much if we have not done the handshake or we don't 4297 * want to send messages :-) 4298 */ 4299 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) { 4300 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 4301 return (1); 4302 } 4303 4304 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { 4305 s->shutdown |= SSL_SENT_SHUTDOWN; 4306 #if 1 4307 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); 4308 #endif 4309 /* 4310 * our shutdown alert has been sent now, and if it still needs to be 4311 * written, s->s3->alert_dispatch will be true 4312 */ 4313 if (s->s3->alert_dispatch) 4314 return (-1); /* return WANT_WRITE */ 4315 } else if (s->s3->alert_dispatch) { 4316 /* resend it if not sent */ 4317 #if 1 4318 ret = s->method->ssl_dispatch_alert(s); 4319 if (ret == -1) { 4320 /* 4321 * we only get to return -1 here the 2nd/Nth invocation, we must 4322 * have already signalled return 0 upon a previous invoation, 4323 * return WANT_WRITE 4324 */ 4325 return (ret); 4326 } 4327 #endif 4328 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4329 if (SSL_in_init(s)) { 4330 /* 4331 * We can't shutdown properly if we are in the middle of a 4332 * handshake. Doing so is problematic because the peer may send a 4333 * CCS before it acts on our close_notify. However we should not 4334 * continue to process received handshake messages or CCS once our 4335 * close_notify has been sent. Therefore any close_notify from 4336 * the peer will be unreadable because we have not moved to the next 4337 * cipher state. Its best just to avoid this can-of-worms. Return 4338 * an error if we are wanting to wait for a close_notify from the 4339 * peer and we are in init. 4340 */ 4341 SSLerr(SSL_F_SSL3_SHUTDOWN, SSL_R_SHUTDOWN_WHILE_IN_INIT); 4342 return -1; 4343 } 4344 /* 4345 * If we are waiting for a close from our peer, we are closed 4346 */ 4347 s->method->ssl_read_bytes(s, 0, NULL, 0, 0); 4348 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4349 return (-1); /* return WANT_READ */ 4350 } 4351 } 4352 4353 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) && 4354 !s->s3->alert_dispatch) 4355 return (1); 4356 else 4357 return (0); 4358 } 4359 4360 int ssl3_write(SSL *s, const void *buf, int len) 4361 { 4362 int ret, n; 4363 4364 #if 0 4365 if (s->shutdown & SSL_SEND_SHUTDOWN) { 4366 s->rwstate = SSL_NOTHING; 4367 return (0); 4368 } 4369 #endif 4370 clear_sys_error(); 4371 if (s->s3->renegotiate) 4372 ssl3_renegotiate_check(s); 4373 4374 /* 4375 * This is an experimental flag that sends the last handshake message in 4376 * the same packet as the first use data - used to see if it helps the 4377 * TCP protocol during session-id reuse 4378 */ 4379 /* The second test is because the buffer may have been removed */ 4380 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) { 4381 /* First time through, we write into the buffer */ 4382 if (s->s3->delay_buf_pop_ret == 0) { 4383 ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len); 4384 if (ret <= 0) 4385 return (ret); 4386 4387 s->s3->delay_buf_pop_ret = ret; 4388 } 4389 4390 s->rwstate = SSL_WRITING; 4391 n = BIO_flush(s->wbio); 4392 if (n <= 0) 4393 return (n); 4394 s->rwstate = SSL_NOTHING; 4395 4396 /* We have flushed the buffer, so remove it */ 4397 ssl_free_wbio_buffer(s); 4398 s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER; 4399 4400 ret = s->s3->delay_buf_pop_ret; 4401 s->s3->delay_buf_pop_ret = 0; 4402 } else { 4403 ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, 4404 buf, len); 4405 if (ret <= 0) 4406 return (ret); 4407 } 4408 4409 return (ret); 4410 } 4411 4412 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 4413 { 4414 int ret; 4415 4416 clear_sys_error(); 4417 if (s->s3->renegotiate) 4418 ssl3_renegotiate_check(s); 4419 s->s3->in_read_app_data = 1; 4420 ret = 4421 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4422 peek); 4423 if ((ret == -1) && (s->s3->in_read_app_data == 2)) { 4424 /* 4425 * ssl3_read_bytes decided to call s->handshake_func, which called 4426 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes 4427 * actually found application data and thinks that application data 4428 * makes sense here; so disable handshake processing and try to read 4429 * application data again. 4430 */ 4431 s->in_handshake++; 4432 ret = 4433 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4434 peek); 4435 s->in_handshake--; 4436 } else 4437 s->s3->in_read_app_data = 0; 4438 4439 return (ret); 4440 } 4441 4442 int ssl3_read(SSL *s, void *buf, int len) 4443 { 4444 return ssl3_read_internal(s, buf, len, 0); 4445 } 4446 4447 int ssl3_peek(SSL *s, void *buf, int len) 4448 { 4449 return ssl3_read_internal(s, buf, len, 1); 4450 } 4451 4452 int ssl3_renegotiate(SSL *s) 4453 { 4454 if (s->handshake_func == NULL) 4455 return (1); 4456 4457 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 4458 return (0); 4459 4460 s->s3->renegotiate = 1; 4461 return (1); 4462 } 4463 4464 int ssl3_renegotiate_check(SSL *s) 4465 { 4466 int ret = 0; 4467 4468 if (s->s3->renegotiate) { 4469 if ((s->s3->rbuf.left == 0) && 4470 (s->s3->wbuf.left == 0) && !SSL_in_init(s)) { 4471 /* 4472 * if we are the server, and we have sent a 'RENEGOTIATE' 4473 * message, we need to go to SSL_ST_ACCEPT. 4474 */ 4475 /* SSL_ST_ACCEPT */ 4476 s->state = SSL_ST_RENEGOTIATE; 4477 s->s3->renegotiate = 0; 4478 s->s3->num_renegotiations++; 4479 s->s3->total_renegotiations++; 4480 ret = 1; 4481 } 4482 } 4483 return (ret); 4484 } 4485 4486 /* 4487 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and 4488 * handshake macs if required. 4489 */ 4490 long ssl_get_algorithm2(SSL *s) 4491 { 4492 long alg2 = s->s3->tmp.new_cipher->algorithm2; 4493 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF 4494 && alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF)) 4495 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 4496 return alg2; 4497 } 4498