1 /* ssl/s3_lib.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * 114 * Portions of the attached software ("Contribution") are developed by 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 116 * 117 * The Contribution is licensed pursuant to the OpenSSL open source 118 * license provided above. 119 * 120 * ECC cipher suite support in OpenSSL originally written by 121 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 122 * 123 */ 124 /* ==================================================================== 125 * Copyright 2005 Nokia. All rights reserved. 126 * 127 * The portions of the attached software ("Contribution") is developed by 128 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 129 * license. 130 * 131 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 132 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 133 * support (see RFC 4279) to OpenSSL. 134 * 135 * No patent licenses or other rights except those expressly stated in 136 * the OpenSSL open source license shall be deemed granted or received 137 * expressly, by implication, estoppel, or otherwise. 138 * 139 * No assurances are provided by Nokia that the Contribution does not 140 * infringe the patent or other intellectual property rights of any third 141 * party or that the license provides you with all the necessary rights 142 * to make use of the Contribution. 143 * 144 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 145 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 146 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 147 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 148 * OTHERWISE. 149 */ 150 151 #include <stdio.h> 152 #include <openssl/objects.h> 153 #include "ssl_locl.h" 154 #include "kssl_lcl.h" 155 #include <openssl/md5.h> 156 #ifndef OPENSSL_NO_DH 157 # include <openssl/dh.h> 158 #endif 159 160 const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT; 161 162 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) 163 164 /* list of available SSLv3 ciphers (sorted by id) */ 165 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 166 167 /* The RSA ciphers */ 168 /* Cipher 01 */ 169 { 170 1, 171 SSL3_TXT_RSA_NULL_MD5, 172 SSL3_CK_RSA_NULL_MD5, 173 SSL_kRSA, 174 SSL_aRSA, 175 SSL_eNULL, 176 SSL_MD5, 177 SSL_SSLV3, 178 SSL_NOT_EXP | SSL_STRONG_NONE, 179 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 180 0, 181 0, 182 }, 183 184 /* Cipher 02 */ 185 { 186 1, 187 SSL3_TXT_RSA_NULL_SHA, 188 SSL3_CK_RSA_NULL_SHA, 189 SSL_kRSA, 190 SSL_aRSA, 191 SSL_eNULL, 192 SSL_SHA1, 193 SSL_SSLV3, 194 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 195 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 196 0, 197 0, 198 }, 199 200 /* Cipher 03 */ 201 { 202 1, 203 SSL3_TXT_RSA_RC4_40_MD5, 204 SSL3_CK_RSA_RC4_40_MD5, 205 SSL_kRSA, 206 SSL_aRSA, 207 SSL_RC4, 208 SSL_MD5, 209 SSL_SSLV3, 210 SSL_EXPORT | SSL_EXP40, 211 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 212 40, 213 128, 214 }, 215 216 /* Cipher 04 */ 217 { 218 1, 219 SSL3_TXT_RSA_RC4_128_MD5, 220 SSL3_CK_RSA_RC4_128_MD5, 221 SSL_kRSA, 222 SSL_aRSA, 223 SSL_RC4, 224 SSL_MD5, 225 SSL_SSLV3, 226 SSL_NOT_EXP | SSL_MEDIUM, 227 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 228 128, 229 128, 230 }, 231 232 /* Cipher 05 */ 233 { 234 1, 235 SSL3_TXT_RSA_RC4_128_SHA, 236 SSL3_CK_RSA_RC4_128_SHA, 237 SSL_kRSA, 238 SSL_aRSA, 239 SSL_RC4, 240 SSL_SHA1, 241 SSL_SSLV3, 242 SSL_NOT_EXP | SSL_MEDIUM, 243 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 244 128, 245 128, 246 }, 247 248 /* Cipher 06 */ 249 { 250 1, 251 SSL3_TXT_RSA_RC2_40_MD5, 252 SSL3_CK_RSA_RC2_40_MD5, 253 SSL_kRSA, 254 SSL_aRSA, 255 SSL_RC2, 256 SSL_MD5, 257 SSL_SSLV3, 258 SSL_EXPORT | SSL_EXP40, 259 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 260 40, 261 128, 262 }, 263 264 /* Cipher 07 */ 265 #ifndef OPENSSL_NO_IDEA 266 { 267 1, 268 SSL3_TXT_RSA_IDEA_128_SHA, 269 SSL3_CK_RSA_IDEA_128_SHA, 270 SSL_kRSA, 271 SSL_aRSA, 272 SSL_IDEA, 273 SSL_SHA1, 274 SSL_SSLV3, 275 SSL_NOT_EXP | SSL_MEDIUM, 276 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 277 128, 278 128, 279 }, 280 #endif 281 282 /* Cipher 08 */ 283 { 284 1, 285 SSL3_TXT_RSA_DES_40_CBC_SHA, 286 SSL3_CK_RSA_DES_40_CBC_SHA, 287 SSL_kRSA, 288 SSL_aRSA, 289 SSL_DES, 290 SSL_SHA1, 291 SSL_SSLV3, 292 SSL_EXPORT | SSL_EXP40, 293 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 294 40, 295 56, 296 }, 297 298 /* Cipher 09 */ 299 { 300 1, 301 SSL3_TXT_RSA_DES_64_CBC_SHA, 302 SSL3_CK_RSA_DES_64_CBC_SHA, 303 SSL_kRSA, 304 SSL_aRSA, 305 SSL_DES, 306 SSL_SHA1, 307 SSL_SSLV3, 308 SSL_NOT_EXP | SSL_LOW, 309 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 310 56, 311 56, 312 }, 313 314 /* Cipher 0A */ 315 { 316 1, 317 SSL3_TXT_RSA_DES_192_CBC3_SHA, 318 SSL3_CK_RSA_DES_192_CBC3_SHA, 319 SSL_kRSA, 320 SSL_aRSA, 321 SSL_3DES, 322 SSL_SHA1, 323 SSL_SSLV3, 324 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 325 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 326 112, 327 168, 328 }, 329 330 /* The DH ciphers */ 331 /* Cipher 0B */ 332 { 333 0, 334 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 335 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 336 SSL_kDHd, 337 SSL_aDH, 338 SSL_DES, 339 SSL_SHA1, 340 SSL_SSLV3, 341 SSL_EXPORT | SSL_EXP40, 342 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 343 40, 344 56, 345 }, 346 347 /* Cipher 0C */ 348 { 349 1, 350 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 351 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 352 SSL_kDHd, 353 SSL_aDH, 354 SSL_DES, 355 SSL_SHA1, 356 SSL_SSLV3, 357 SSL_NOT_EXP | SSL_LOW, 358 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 359 56, 360 56, 361 }, 362 363 /* Cipher 0D */ 364 { 365 1, 366 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 367 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 368 SSL_kDHd, 369 SSL_aDH, 370 SSL_3DES, 371 SSL_SHA1, 372 SSL_SSLV3, 373 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 374 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 375 112, 376 168, 377 }, 378 379 /* Cipher 0E */ 380 { 381 0, 382 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 383 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 384 SSL_kDHr, 385 SSL_aDH, 386 SSL_DES, 387 SSL_SHA1, 388 SSL_SSLV3, 389 SSL_EXPORT | SSL_EXP40, 390 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 391 40, 392 56, 393 }, 394 395 /* Cipher 0F */ 396 { 397 1, 398 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 399 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 400 SSL_kDHr, 401 SSL_aDH, 402 SSL_DES, 403 SSL_SHA1, 404 SSL_SSLV3, 405 SSL_NOT_EXP | SSL_LOW, 406 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 407 56, 408 56, 409 }, 410 411 /* Cipher 10 */ 412 { 413 1, 414 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 415 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 416 SSL_kDHr, 417 SSL_aDH, 418 SSL_3DES, 419 SSL_SHA1, 420 SSL_SSLV3, 421 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 422 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 423 112, 424 168, 425 }, 426 427 /* The Ephemeral DH ciphers */ 428 /* Cipher 11 */ 429 { 430 1, 431 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 432 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 433 SSL_kEDH, 434 SSL_aDSS, 435 SSL_DES, 436 SSL_SHA1, 437 SSL_SSLV3, 438 SSL_EXPORT | SSL_EXP40, 439 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 440 40, 441 56, 442 }, 443 444 /* Cipher 12 */ 445 { 446 1, 447 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 448 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 449 SSL_kEDH, 450 SSL_aDSS, 451 SSL_DES, 452 SSL_SHA1, 453 SSL_SSLV3, 454 SSL_NOT_EXP | SSL_LOW, 455 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 456 56, 457 56, 458 }, 459 460 /* Cipher 13 */ 461 { 462 1, 463 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 464 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 465 SSL_kEDH, 466 SSL_aDSS, 467 SSL_3DES, 468 SSL_SHA1, 469 SSL_SSLV3, 470 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 471 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 472 112, 473 168, 474 }, 475 476 /* Cipher 14 */ 477 { 478 1, 479 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 480 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 481 SSL_kEDH, 482 SSL_aRSA, 483 SSL_DES, 484 SSL_SHA1, 485 SSL_SSLV3, 486 SSL_EXPORT | SSL_EXP40, 487 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 488 40, 489 56, 490 }, 491 492 /* Cipher 15 */ 493 { 494 1, 495 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 496 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 497 SSL_kEDH, 498 SSL_aRSA, 499 SSL_DES, 500 SSL_SHA1, 501 SSL_SSLV3, 502 SSL_NOT_EXP | SSL_LOW, 503 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 504 56, 505 56, 506 }, 507 508 /* Cipher 16 */ 509 { 510 1, 511 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 512 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 513 SSL_kEDH, 514 SSL_aRSA, 515 SSL_3DES, 516 SSL_SHA1, 517 SSL_SSLV3, 518 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 519 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 520 112, 521 168, 522 }, 523 524 /* Cipher 17 */ 525 { 526 1, 527 SSL3_TXT_ADH_RC4_40_MD5, 528 SSL3_CK_ADH_RC4_40_MD5, 529 SSL_kEDH, 530 SSL_aNULL, 531 SSL_RC4, 532 SSL_MD5, 533 SSL_SSLV3, 534 SSL_EXPORT | SSL_EXP40, 535 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 536 40, 537 128, 538 }, 539 540 /* Cipher 18 */ 541 { 542 1, 543 SSL3_TXT_ADH_RC4_128_MD5, 544 SSL3_CK_ADH_RC4_128_MD5, 545 SSL_kEDH, 546 SSL_aNULL, 547 SSL_RC4, 548 SSL_MD5, 549 SSL_SSLV3, 550 SSL_NOT_EXP | SSL_MEDIUM, 551 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 552 128, 553 128, 554 }, 555 556 /* Cipher 19 */ 557 { 558 1, 559 SSL3_TXT_ADH_DES_40_CBC_SHA, 560 SSL3_CK_ADH_DES_40_CBC_SHA, 561 SSL_kEDH, 562 SSL_aNULL, 563 SSL_DES, 564 SSL_SHA1, 565 SSL_SSLV3, 566 SSL_EXPORT | SSL_EXP40, 567 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 568 40, 569 128, 570 }, 571 572 /* Cipher 1A */ 573 { 574 1, 575 SSL3_TXT_ADH_DES_64_CBC_SHA, 576 SSL3_CK_ADH_DES_64_CBC_SHA, 577 SSL_kEDH, 578 SSL_aNULL, 579 SSL_DES, 580 SSL_SHA1, 581 SSL_SSLV3, 582 SSL_NOT_EXP | SSL_LOW, 583 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 584 56, 585 56, 586 }, 587 588 /* Cipher 1B */ 589 { 590 1, 591 SSL3_TXT_ADH_DES_192_CBC_SHA, 592 SSL3_CK_ADH_DES_192_CBC_SHA, 593 SSL_kEDH, 594 SSL_aNULL, 595 SSL_3DES, 596 SSL_SHA1, 597 SSL_SSLV3, 598 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 599 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 600 112, 601 168, 602 }, 603 604 /* Fortezza ciphersuite from SSL 3.0 spec */ 605 #if 0 606 /* Cipher 1C */ 607 { 608 0, 609 SSL3_TXT_FZA_DMS_NULL_SHA, 610 SSL3_CK_FZA_DMS_NULL_SHA, 611 SSL_kFZA, 612 SSL_aFZA, 613 SSL_eNULL, 614 SSL_SHA1, 615 SSL_SSLV3, 616 SSL_NOT_EXP | SSL_STRONG_NONE, 617 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 618 0, 619 0, 620 }, 621 622 /* Cipher 1D */ 623 { 624 0, 625 SSL3_TXT_FZA_DMS_FZA_SHA, 626 SSL3_CK_FZA_DMS_FZA_SHA, 627 SSL_kFZA, 628 SSL_aFZA, 629 SSL_eFZA, 630 SSL_SHA1, 631 SSL_SSLV3, 632 SSL_NOT_EXP | SSL_STRONG_NONE, 633 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 634 0, 635 0, 636 }, 637 638 /* Cipher 1E */ 639 { 640 0, 641 SSL3_TXT_FZA_DMS_RC4_SHA, 642 SSL3_CK_FZA_DMS_RC4_SHA, 643 SSL_kFZA, 644 SSL_aFZA, 645 SSL_RC4, 646 SSL_SHA1, 647 SSL_SSLV3, 648 SSL_NOT_EXP | SSL_MEDIUM, 649 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 650 128, 651 128, 652 }, 653 #endif 654 655 #ifndef OPENSSL_NO_KRB5 656 /* The Kerberos ciphers*/ 657 /* Cipher 1E */ 658 { 659 1, 660 SSL3_TXT_KRB5_DES_64_CBC_SHA, 661 SSL3_CK_KRB5_DES_64_CBC_SHA, 662 SSL_kKRB5, 663 SSL_aKRB5, 664 SSL_DES, 665 SSL_SHA1, 666 SSL_SSLV3, 667 SSL_NOT_EXP | SSL_LOW, 668 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 669 56, 670 56, 671 }, 672 673 /* Cipher 1F */ 674 { 675 1, 676 SSL3_TXT_KRB5_DES_192_CBC3_SHA, 677 SSL3_CK_KRB5_DES_192_CBC3_SHA, 678 SSL_kKRB5, 679 SSL_aKRB5, 680 SSL_3DES, 681 SSL_SHA1, 682 SSL_SSLV3, 683 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 684 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 685 112, 686 168, 687 }, 688 689 /* Cipher 20 */ 690 { 691 1, 692 SSL3_TXT_KRB5_RC4_128_SHA, 693 SSL3_CK_KRB5_RC4_128_SHA, 694 SSL_kKRB5, 695 SSL_aKRB5, 696 SSL_RC4, 697 SSL_SHA1, 698 SSL_SSLV3, 699 SSL_NOT_EXP | SSL_MEDIUM, 700 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 701 128, 702 128, 703 }, 704 705 /* Cipher 21 */ 706 { 707 1, 708 SSL3_TXT_KRB5_IDEA_128_CBC_SHA, 709 SSL3_CK_KRB5_IDEA_128_CBC_SHA, 710 SSL_kKRB5, 711 SSL_aKRB5, 712 SSL_IDEA, 713 SSL_SHA1, 714 SSL_SSLV3, 715 SSL_NOT_EXP | SSL_MEDIUM, 716 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 717 128, 718 128, 719 }, 720 721 /* Cipher 22 */ 722 { 723 1, 724 SSL3_TXT_KRB5_DES_64_CBC_MD5, 725 SSL3_CK_KRB5_DES_64_CBC_MD5, 726 SSL_kKRB5, 727 SSL_aKRB5, 728 SSL_DES, 729 SSL_MD5, 730 SSL_SSLV3, 731 SSL_NOT_EXP | SSL_LOW, 732 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 733 56, 734 56, 735 }, 736 737 /* Cipher 23 */ 738 { 739 1, 740 SSL3_TXT_KRB5_DES_192_CBC3_MD5, 741 SSL3_CK_KRB5_DES_192_CBC3_MD5, 742 SSL_kKRB5, 743 SSL_aKRB5, 744 SSL_3DES, 745 SSL_MD5, 746 SSL_SSLV3, 747 SSL_NOT_EXP | SSL_HIGH, 748 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 749 112, 750 168, 751 }, 752 753 /* Cipher 24 */ 754 { 755 1, 756 SSL3_TXT_KRB5_RC4_128_MD5, 757 SSL3_CK_KRB5_RC4_128_MD5, 758 SSL_kKRB5, 759 SSL_aKRB5, 760 SSL_RC4, 761 SSL_MD5, 762 SSL_SSLV3, 763 SSL_NOT_EXP | SSL_MEDIUM, 764 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 765 128, 766 128, 767 }, 768 769 /* Cipher 25 */ 770 { 771 1, 772 SSL3_TXT_KRB5_IDEA_128_CBC_MD5, 773 SSL3_CK_KRB5_IDEA_128_CBC_MD5, 774 SSL_kKRB5, 775 SSL_aKRB5, 776 SSL_IDEA, 777 SSL_MD5, 778 SSL_SSLV3, 779 SSL_NOT_EXP | SSL_MEDIUM, 780 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 781 128, 782 128, 783 }, 784 785 /* Cipher 26 */ 786 { 787 1, 788 SSL3_TXT_KRB5_DES_40_CBC_SHA, 789 SSL3_CK_KRB5_DES_40_CBC_SHA, 790 SSL_kKRB5, 791 SSL_aKRB5, 792 SSL_DES, 793 SSL_SHA1, 794 SSL_SSLV3, 795 SSL_EXPORT | SSL_EXP40, 796 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 797 40, 798 56, 799 }, 800 801 /* Cipher 27 */ 802 { 803 1, 804 SSL3_TXT_KRB5_RC2_40_CBC_SHA, 805 SSL3_CK_KRB5_RC2_40_CBC_SHA, 806 SSL_kKRB5, 807 SSL_aKRB5, 808 SSL_RC2, 809 SSL_SHA1, 810 SSL_SSLV3, 811 SSL_EXPORT | SSL_EXP40, 812 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 813 40, 814 128, 815 }, 816 817 /* Cipher 28 */ 818 { 819 1, 820 SSL3_TXT_KRB5_RC4_40_SHA, 821 SSL3_CK_KRB5_RC4_40_SHA, 822 SSL_kKRB5, 823 SSL_aKRB5, 824 SSL_RC4, 825 SSL_SHA1, 826 SSL_SSLV3, 827 SSL_EXPORT | SSL_EXP40, 828 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 829 40, 830 128, 831 }, 832 833 /* Cipher 29 */ 834 { 835 1, 836 SSL3_TXT_KRB5_DES_40_CBC_MD5, 837 SSL3_CK_KRB5_DES_40_CBC_MD5, 838 SSL_kKRB5, 839 SSL_aKRB5, 840 SSL_DES, 841 SSL_MD5, 842 SSL_SSLV3, 843 SSL_EXPORT | SSL_EXP40, 844 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 845 40, 846 56, 847 }, 848 849 /* Cipher 2A */ 850 { 851 1, 852 SSL3_TXT_KRB5_RC2_40_CBC_MD5, 853 SSL3_CK_KRB5_RC2_40_CBC_MD5, 854 SSL_kKRB5, 855 SSL_aKRB5, 856 SSL_RC2, 857 SSL_MD5, 858 SSL_SSLV3, 859 SSL_EXPORT | SSL_EXP40, 860 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 861 40, 862 128, 863 }, 864 865 /* Cipher 2B */ 866 { 867 1, 868 SSL3_TXT_KRB5_RC4_40_MD5, 869 SSL3_CK_KRB5_RC4_40_MD5, 870 SSL_kKRB5, 871 SSL_aKRB5, 872 SSL_RC4, 873 SSL_MD5, 874 SSL_SSLV3, 875 SSL_EXPORT | SSL_EXP40, 876 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 877 40, 878 128, 879 }, 880 #endif /* OPENSSL_NO_KRB5 */ 881 882 /* New AES ciphersuites */ 883 /* Cipher 2F */ 884 { 885 1, 886 TLS1_TXT_RSA_WITH_AES_128_SHA, 887 TLS1_CK_RSA_WITH_AES_128_SHA, 888 SSL_kRSA, 889 SSL_aRSA, 890 SSL_AES128, 891 SSL_SHA1, 892 SSL_TLSV1, 893 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 894 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 895 128, 896 128, 897 }, 898 /* Cipher 30 */ 899 { 900 1, 901 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 902 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 903 SSL_kDHd, 904 SSL_aDH, 905 SSL_AES128, 906 SSL_SHA1, 907 SSL_TLSV1, 908 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 909 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 910 128, 911 128, 912 }, 913 /* Cipher 31 */ 914 { 915 1, 916 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 917 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 918 SSL_kDHr, 919 SSL_aDH, 920 SSL_AES128, 921 SSL_SHA1, 922 SSL_TLSV1, 923 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 924 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 925 128, 926 128, 927 }, 928 /* Cipher 32 */ 929 { 930 1, 931 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 932 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 933 SSL_kEDH, 934 SSL_aDSS, 935 SSL_AES128, 936 SSL_SHA1, 937 SSL_TLSV1, 938 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 939 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 940 128, 941 128, 942 }, 943 /* Cipher 33 */ 944 { 945 1, 946 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 947 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 948 SSL_kEDH, 949 SSL_aRSA, 950 SSL_AES128, 951 SSL_SHA1, 952 SSL_TLSV1, 953 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 954 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 955 128, 956 128, 957 }, 958 /* Cipher 34 */ 959 { 960 1, 961 TLS1_TXT_ADH_WITH_AES_128_SHA, 962 TLS1_CK_ADH_WITH_AES_128_SHA, 963 SSL_kEDH, 964 SSL_aNULL, 965 SSL_AES128, 966 SSL_SHA1, 967 SSL_TLSV1, 968 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 969 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 970 128, 971 128, 972 }, 973 974 /* Cipher 35 */ 975 { 976 1, 977 TLS1_TXT_RSA_WITH_AES_256_SHA, 978 TLS1_CK_RSA_WITH_AES_256_SHA, 979 SSL_kRSA, 980 SSL_aRSA, 981 SSL_AES256, 982 SSL_SHA1, 983 SSL_TLSV1, 984 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 985 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 986 256, 987 256, 988 }, 989 /* Cipher 36 */ 990 { 991 1, 992 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 993 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 994 SSL_kDHd, 995 SSL_aDH, 996 SSL_AES256, 997 SSL_SHA1, 998 SSL_TLSV1, 999 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1000 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1001 256, 1002 256, 1003 }, 1004 1005 /* Cipher 37 */ 1006 { 1007 1, 1008 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 1009 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 1010 SSL_kDHr, 1011 SSL_aDH, 1012 SSL_AES256, 1013 SSL_SHA1, 1014 SSL_TLSV1, 1015 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1016 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1017 256, 1018 256, 1019 }, 1020 1021 /* Cipher 38 */ 1022 { 1023 1, 1024 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 1025 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 1026 SSL_kEDH, 1027 SSL_aDSS, 1028 SSL_AES256, 1029 SSL_SHA1, 1030 SSL_TLSV1, 1031 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1032 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1033 256, 1034 256, 1035 }, 1036 1037 /* Cipher 39 */ 1038 { 1039 1, 1040 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 1041 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 1042 SSL_kEDH, 1043 SSL_aRSA, 1044 SSL_AES256, 1045 SSL_SHA1, 1046 SSL_TLSV1, 1047 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1048 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1049 256, 1050 256, 1051 }, 1052 1053 /* Cipher 3A */ 1054 { 1055 1, 1056 TLS1_TXT_ADH_WITH_AES_256_SHA, 1057 TLS1_CK_ADH_WITH_AES_256_SHA, 1058 SSL_kEDH, 1059 SSL_aNULL, 1060 SSL_AES256, 1061 SSL_SHA1, 1062 SSL_TLSV1, 1063 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1064 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1065 256, 1066 256, 1067 }, 1068 1069 /* TLS v1.2 ciphersuites */ 1070 /* Cipher 3B */ 1071 { 1072 1, 1073 TLS1_TXT_RSA_WITH_NULL_SHA256, 1074 TLS1_CK_RSA_WITH_NULL_SHA256, 1075 SSL_kRSA, 1076 SSL_aRSA, 1077 SSL_eNULL, 1078 SSL_SHA256, 1079 SSL_TLSV1_2, 1080 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 1081 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1082 0, 1083 0, 1084 }, 1085 1086 /* Cipher 3C */ 1087 { 1088 1, 1089 TLS1_TXT_RSA_WITH_AES_128_SHA256, 1090 TLS1_CK_RSA_WITH_AES_128_SHA256, 1091 SSL_kRSA, 1092 SSL_aRSA, 1093 SSL_AES128, 1094 SSL_SHA256, 1095 SSL_TLSV1_2, 1096 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1097 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1098 128, 1099 128, 1100 }, 1101 1102 /* Cipher 3D */ 1103 { 1104 1, 1105 TLS1_TXT_RSA_WITH_AES_256_SHA256, 1106 TLS1_CK_RSA_WITH_AES_256_SHA256, 1107 SSL_kRSA, 1108 SSL_aRSA, 1109 SSL_AES256, 1110 SSL_SHA256, 1111 SSL_TLSV1_2, 1112 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1113 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1114 256, 1115 256, 1116 }, 1117 1118 /* Cipher 3E */ 1119 { 1120 1, 1121 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, 1122 TLS1_CK_DH_DSS_WITH_AES_128_SHA256, 1123 SSL_kDHd, 1124 SSL_aDH, 1125 SSL_AES128, 1126 SSL_SHA256, 1127 SSL_TLSV1_2, 1128 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1129 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1130 128, 1131 128, 1132 }, 1133 1134 /* Cipher 3F */ 1135 { 1136 1, 1137 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, 1138 TLS1_CK_DH_RSA_WITH_AES_128_SHA256, 1139 SSL_kDHr, 1140 SSL_aDH, 1141 SSL_AES128, 1142 SSL_SHA256, 1143 SSL_TLSV1_2, 1144 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1145 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1146 128, 1147 128, 1148 }, 1149 1150 /* Cipher 40 */ 1151 { 1152 1, 1153 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 1154 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 1155 SSL_kEDH, 1156 SSL_aDSS, 1157 SSL_AES128, 1158 SSL_SHA256, 1159 SSL_TLSV1_2, 1160 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1161 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1162 128, 1163 128, 1164 }, 1165 1166 #ifndef OPENSSL_NO_CAMELLIA 1167 /* Camellia ciphersuites from RFC4132 (128-bit portion) */ 1168 1169 /* Cipher 41 */ 1170 { 1171 1, 1172 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 1173 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 1174 SSL_kRSA, 1175 SSL_aRSA, 1176 SSL_CAMELLIA128, 1177 SSL_SHA1, 1178 SSL_TLSV1, 1179 SSL_NOT_EXP | SSL_HIGH, 1180 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1181 128, 1182 128, 1183 }, 1184 1185 /* Cipher 42 */ 1186 { 1187 1, 1188 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1189 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1190 SSL_kDHd, 1191 SSL_aDH, 1192 SSL_CAMELLIA128, 1193 SSL_SHA1, 1194 SSL_TLSV1, 1195 SSL_NOT_EXP | SSL_HIGH, 1196 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1197 128, 1198 128, 1199 }, 1200 1201 /* Cipher 43 */ 1202 { 1203 1, 1204 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1205 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1206 SSL_kDHr, 1207 SSL_aDH, 1208 SSL_CAMELLIA128, 1209 SSL_SHA1, 1210 SSL_TLSV1, 1211 SSL_NOT_EXP | SSL_HIGH, 1212 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1213 128, 1214 128, 1215 }, 1216 1217 /* Cipher 44 */ 1218 { 1219 1, 1220 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1221 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1222 SSL_kEDH, 1223 SSL_aDSS, 1224 SSL_CAMELLIA128, 1225 SSL_SHA1, 1226 SSL_TLSV1, 1227 SSL_NOT_EXP | SSL_HIGH, 1228 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1229 128, 1230 128, 1231 }, 1232 1233 /* Cipher 45 */ 1234 { 1235 1, 1236 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1237 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1238 SSL_kEDH, 1239 SSL_aRSA, 1240 SSL_CAMELLIA128, 1241 SSL_SHA1, 1242 SSL_TLSV1, 1243 SSL_NOT_EXP | SSL_HIGH, 1244 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1245 128, 1246 128, 1247 }, 1248 1249 /* Cipher 46 */ 1250 { 1251 1, 1252 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 1253 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 1254 SSL_kEDH, 1255 SSL_aNULL, 1256 SSL_CAMELLIA128, 1257 SSL_SHA1, 1258 SSL_TLSV1, 1259 SSL_NOT_EXP | SSL_HIGH, 1260 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1261 128, 1262 128, 1263 }, 1264 #endif /* OPENSSL_NO_CAMELLIA */ 1265 1266 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1267 /* New TLS Export CipherSuites from expired ID */ 1268 # if 0 1269 /* Cipher 60 */ 1270 { 1271 1, 1272 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5, 1273 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5, 1274 SSL_kRSA, 1275 SSL_aRSA, 1276 SSL_RC4, 1277 SSL_MD5, 1278 SSL_TLSV1, 1279 SSL_EXPORT | SSL_EXP56, 1280 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1281 56, 1282 128, 1283 }, 1284 1285 /* Cipher 61 */ 1286 { 1287 1, 1288 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1289 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1290 SSL_kRSA, 1291 SSL_aRSA, 1292 SSL_RC2, 1293 SSL_MD5, 1294 SSL_TLSV1, 1295 SSL_EXPORT | SSL_EXP56, 1296 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1297 56, 1298 128, 1299 }, 1300 # endif 1301 1302 /* Cipher 62 */ 1303 { 1304 1, 1305 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1306 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1307 SSL_kRSA, 1308 SSL_aRSA, 1309 SSL_DES, 1310 SSL_SHA1, 1311 SSL_TLSV1, 1312 SSL_EXPORT | SSL_EXP56, 1313 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1314 56, 1315 56, 1316 }, 1317 1318 /* Cipher 63 */ 1319 { 1320 1, 1321 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1322 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1323 SSL_kEDH, 1324 SSL_aDSS, 1325 SSL_DES, 1326 SSL_SHA1, 1327 SSL_TLSV1, 1328 SSL_EXPORT | SSL_EXP56, 1329 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1330 56, 1331 56, 1332 }, 1333 1334 /* Cipher 64 */ 1335 { 1336 1, 1337 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, 1338 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA, 1339 SSL_kRSA, 1340 SSL_aRSA, 1341 SSL_RC4, 1342 SSL_SHA1, 1343 SSL_TLSV1, 1344 SSL_EXPORT | SSL_EXP56, 1345 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1346 56, 1347 128, 1348 }, 1349 1350 /* Cipher 65 */ 1351 { 1352 1, 1353 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1354 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1355 SSL_kEDH, 1356 SSL_aDSS, 1357 SSL_RC4, 1358 SSL_SHA1, 1359 SSL_TLSV1, 1360 SSL_EXPORT | SSL_EXP56, 1361 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1362 56, 1363 128, 1364 }, 1365 1366 /* Cipher 66 */ 1367 { 1368 1, 1369 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 1370 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 1371 SSL_kEDH, 1372 SSL_aDSS, 1373 SSL_RC4, 1374 SSL_SHA1, 1375 SSL_TLSV1, 1376 SSL_NOT_EXP | SSL_MEDIUM, 1377 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1378 128, 1379 128, 1380 }, 1381 #endif 1382 1383 /* TLS v1.2 ciphersuites */ 1384 /* Cipher 67 */ 1385 { 1386 1, 1387 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 1388 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 1389 SSL_kEDH, 1390 SSL_aRSA, 1391 SSL_AES128, 1392 SSL_SHA256, 1393 SSL_TLSV1_2, 1394 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1395 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1396 128, 1397 128, 1398 }, 1399 1400 /* Cipher 68 */ 1401 { 1402 1, 1403 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, 1404 TLS1_CK_DH_DSS_WITH_AES_256_SHA256, 1405 SSL_kDHd, 1406 SSL_aDH, 1407 SSL_AES256, 1408 SSL_SHA256, 1409 SSL_TLSV1_2, 1410 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1411 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1412 256, 1413 256, 1414 }, 1415 1416 /* Cipher 69 */ 1417 { 1418 1, 1419 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, 1420 TLS1_CK_DH_RSA_WITH_AES_256_SHA256, 1421 SSL_kDHr, 1422 SSL_aDH, 1423 SSL_AES256, 1424 SSL_SHA256, 1425 SSL_TLSV1_2, 1426 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1427 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1428 256, 1429 256, 1430 }, 1431 1432 /* Cipher 6A */ 1433 { 1434 1, 1435 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 1436 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 1437 SSL_kEDH, 1438 SSL_aDSS, 1439 SSL_AES256, 1440 SSL_SHA256, 1441 SSL_TLSV1_2, 1442 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1443 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1444 256, 1445 256, 1446 }, 1447 1448 /* Cipher 6B */ 1449 { 1450 1, 1451 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 1452 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 1453 SSL_kEDH, 1454 SSL_aRSA, 1455 SSL_AES256, 1456 SSL_SHA256, 1457 SSL_TLSV1_2, 1458 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1459 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1460 256, 1461 256, 1462 }, 1463 1464 /* Cipher 6C */ 1465 { 1466 1, 1467 TLS1_TXT_ADH_WITH_AES_128_SHA256, 1468 TLS1_CK_ADH_WITH_AES_128_SHA256, 1469 SSL_kEDH, 1470 SSL_aNULL, 1471 SSL_AES128, 1472 SSL_SHA256, 1473 SSL_TLSV1_2, 1474 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1475 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1476 128, 1477 128, 1478 }, 1479 1480 /* Cipher 6D */ 1481 { 1482 1, 1483 TLS1_TXT_ADH_WITH_AES_256_SHA256, 1484 TLS1_CK_ADH_WITH_AES_256_SHA256, 1485 SSL_kEDH, 1486 SSL_aNULL, 1487 SSL_AES256, 1488 SSL_SHA256, 1489 SSL_TLSV1_2, 1490 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1491 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1492 256, 1493 256, 1494 }, 1495 1496 /* GOST Ciphersuites */ 1497 1498 { 1499 1, 1500 "GOST94-GOST89-GOST89", 1501 0x3000080, 1502 SSL_kGOST, 1503 SSL_aGOST94, 1504 SSL_eGOST2814789CNT, 1505 SSL_GOST89MAC, 1506 SSL_TLSV1, 1507 SSL_NOT_EXP | SSL_HIGH, 1508 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1509 256, 1510 256}, 1511 { 1512 1, 1513 "GOST2001-GOST89-GOST89", 1514 0x3000081, 1515 SSL_kGOST, 1516 SSL_aGOST01, 1517 SSL_eGOST2814789CNT, 1518 SSL_GOST89MAC, 1519 SSL_TLSV1, 1520 SSL_NOT_EXP | SSL_HIGH, 1521 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1522 256, 1523 256}, 1524 { 1525 1, 1526 "GOST94-NULL-GOST94", 1527 0x3000082, 1528 SSL_kGOST, 1529 SSL_aGOST94, 1530 SSL_eNULL, 1531 SSL_GOST94, 1532 SSL_TLSV1, 1533 SSL_NOT_EXP | SSL_STRONG_NONE, 1534 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1535 0, 1536 0}, 1537 { 1538 1, 1539 "GOST2001-NULL-GOST94", 1540 0x3000083, 1541 SSL_kGOST, 1542 SSL_aGOST01, 1543 SSL_eNULL, 1544 SSL_GOST94, 1545 SSL_TLSV1, 1546 SSL_NOT_EXP | SSL_STRONG_NONE, 1547 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1548 0, 1549 0}, 1550 1551 #ifndef OPENSSL_NO_CAMELLIA 1552 /* Camellia ciphersuites from RFC4132 (256-bit portion) */ 1553 1554 /* Cipher 84 */ 1555 { 1556 1, 1557 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1558 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1559 SSL_kRSA, 1560 SSL_aRSA, 1561 SSL_CAMELLIA256, 1562 SSL_SHA1, 1563 SSL_TLSV1, 1564 SSL_NOT_EXP | SSL_HIGH, 1565 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1566 256, 1567 256, 1568 }, 1569 /* Cipher 85 */ 1570 { 1571 1, 1572 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1573 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1574 SSL_kDHd, 1575 SSL_aDH, 1576 SSL_CAMELLIA256, 1577 SSL_SHA1, 1578 SSL_TLSV1, 1579 SSL_NOT_EXP | SSL_HIGH, 1580 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1581 256, 1582 256, 1583 }, 1584 1585 /* Cipher 86 */ 1586 { 1587 1, 1588 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1589 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1590 SSL_kDHr, 1591 SSL_aDH, 1592 SSL_CAMELLIA256, 1593 SSL_SHA1, 1594 SSL_TLSV1, 1595 SSL_NOT_EXP | SSL_HIGH, 1596 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1597 256, 1598 256, 1599 }, 1600 1601 /* Cipher 87 */ 1602 { 1603 1, 1604 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1605 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1606 SSL_kEDH, 1607 SSL_aDSS, 1608 SSL_CAMELLIA256, 1609 SSL_SHA1, 1610 SSL_TLSV1, 1611 SSL_NOT_EXP | SSL_HIGH, 1612 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1613 256, 1614 256, 1615 }, 1616 1617 /* Cipher 88 */ 1618 { 1619 1, 1620 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1621 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1622 SSL_kEDH, 1623 SSL_aRSA, 1624 SSL_CAMELLIA256, 1625 SSL_SHA1, 1626 SSL_TLSV1, 1627 SSL_NOT_EXP | SSL_HIGH, 1628 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1629 256, 1630 256, 1631 }, 1632 1633 /* Cipher 89 */ 1634 { 1635 1, 1636 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1637 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1638 SSL_kEDH, 1639 SSL_aNULL, 1640 SSL_CAMELLIA256, 1641 SSL_SHA1, 1642 SSL_TLSV1, 1643 SSL_NOT_EXP | SSL_HIGH, 1644 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1645 256, 1646 256, 1647 }, 1648 #endif /* OPENSSL_NO_CAMELLIA */ 1649 1650 #ifndef OPENSSL_NO_PSK 1651 /* Cipher 8A */ 1652 { 1653 1, 1654 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1655 TLS1_CK_PSK_WITH_RC4_128_SHA, 1656 SSL_kPSK, 1657 SSL_aPSK, 1658 SSL_RC4, 1659 SSL_SHA1, 1660 SSL_TLSV1, 1661 SSL_NOT_EXP | SSL_MEDIUM, 1662 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1663 128, 1664 128, 1665 }, 1666 1667 /* Cipher 8B */ 1668 { 1669 1, 1670 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1671 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1672 SSL_kPSK, 1673 SSL_aPSK, 1674 SSL_3DES, 1675 SSL_SHA1, 1676 SSL_TLSV1, 1677 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1678 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1679 112, 1680 168, 1681 }, 1682 1683 /* Cipher 8C */ 1684 { 1685 1, 1686 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1687 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1688 SSL_kPSK, 1689 SSL_aPSK, 1690 SSL_AES128, 1691 SSL_SHA1, 1692 SSL_TLSV1, 1693 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1694 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1695 128, 1696 128, 1697 }, 1698 1699 /* Cipher 8D */ 1700 { 1701 1, 1702 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1703 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1704 SSL_kPSK, 1705 SSL_aPSK, 1706 SSL_AES256, 1707 SSL_SHA1, 1708 SSL_TLSV1, 1709 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1710 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1711 256, 1712 256, 1713 }, 1714 #endif /* OPENSSL_NO_PSK */ 1715 1716 #ifndef OPENSSL_NO_SEED 1717 /* SEED ciphersuites from RFC4162 */ 1718 1719 /* Cipher 96 */ 1720 { 1721 1, 1722 TLS1_TXT_RSA_WITH_SEED_SHA, 1723 TLS1_CK_RSA_WITH_SEED_SHA, 1724 SSL_kRSA, 1725 SSL_aRSA, 1726 SSL_SEED, 1727 SSL_SHA1, 1728 SSL_TLSV1, 1729 SSL_NOT_EXP | SSL_MEDIUM, 1730 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1731 128, 1732 128, 1733 }, 1734 1735 /* Cipher 97 */ 1736 { 1737 1, 1738 TLS1_TXT_DH_DSS_WITH_SEED_SHA, 1739 TLS1_CK_DH_DSS_WITH_SEED_SHA, 1740 SSL_kDHd, 1741 SSL_aDH, 1742 SSL_SEED, 1743 SSL_SHA1, 1744 SSL_TLSV1, 1745 SSL_NOT_EXP | SSL_MEDIUM, 1746 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1747 128, 1748 128, 1749 }, 1750 1751 /* Cipher 98 */ 1752 { 1753 1, 1754 TLS1_TXT_DH_RSA_WITH_SEED_SHA, 1755 TLS1_CK_DH_RSA_WITH_SEED_SHA, 1756 SSL_kDHr, 1757 SSL_aDH, 1758 SSL_SEED, 1759 SSL_SHA1, 1760 SSL_TLSV1, 1761 SSL_NOT_EXP | SSL_MEDIUM, 1762 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1763 128, 1764 128, 1765 }, 1766 1767 /* Cipher 99 */ 1768 { 1769 1, 1770 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 1771 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 1772 SSL_kEDH, 1773 SSL_aDSS, 1774 SSL_SEED, 1775 SSL_SHA1, 1776 SSL_TLSV1, 1777 SSL_NOT_EXP | SSL_MEDIUM, 1778 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1779 128, 1780 128, 1781 }, 1782 1783 /* Cipher 9A */ 1784 { 1785 1, 1786 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 1787 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 1788 SSL_kEDH, 1789 SSL_aRSA, 1790 SSL_SEED, 1791 SSL_SHA1, 1792 SSL_TLSV1, 1793 SSL_NOT_EXP | SSL_MEDIUM, 1794 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1795 128, 1796 128, 1797 }, 1798 1799 /* Cipher 9B */ 1800 { 1801 1, 1802 TLS1_TXT_ADH_WITH_SEED_SHA, 1803 TLS1_CK_ADH_WITH_SEED_SHA, 1804 SSL_kEDH, 1805 SSL_aNULL, 1806 SSL_SEED, 1807 SSL_SHA1, 1808 SSL_TLSV1, 1809 SSL_NOT_EXP | SSL_MEDIUM, 1810 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1811 128, 1812 128, 1813 }, 1814 1815 #endif /* OPENSSL_NO_SEED */ 1816 1817 /* GCM ciphersuites from RFC5288 */ 1818 1819 /* Cipher 9C */ 1820 { 1821 1, 1822 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1823 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1824 SSL_kRSA, 1825 SSL_aRSA, 1826 SSL_AES128GCM, 1827 SSL_AEAD, 1828 SSL_TLSV1_2, 1829 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1830 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1831 128, 1832 128, 1833 }, 1834 1835 /* Cipher 9D */ 1836 { 1837 1, 1838 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1839 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1840 SSL_kRSA, 1841 SSL_aRSA, 1842 SSL_AES256GCM, 1843 SSL_AEAD, 1844 SSL_TLSV1_2, 1845 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1846 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1847 256, 1848 256, 1849 }, 1850 1851 /* Cipher 9E */ 1852 { 1853 1, 1854 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1855 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1856 SSL_kEDH, 1857 SSL_aRSA, 1858 SSL_AES128GCM, 1859 SSL_AEAD, 1860 SSL_TLSV1_2, 1861 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1862 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1863 128, 1864 128, 1865 }, 1866 1867 /* Cipher 9F */ 1868 { 1869 1, 1870 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1871 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1872 SSL_kEDH, 1873 SSL_aRSA, 1874 SSL_AES256GCM, 1875 SSL_AEAD, 1876 SSL_TLSV1_2, 1877 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1878 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1879 256, 1880 256, 1881 }, 1882 1883 /* Cipher A0 */ 1884 { 1885 1, 1886 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1887 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1888 SSL_kDHr, 1889 SSL_aDH, 1890 SSL_AES128GCM, 1891 SSL_AEAD, 1892 SSL_TLSV1_2, 1893 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1894 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1895 128, 1896 128, 1897 }, 1898 1899 /* Cipher A1 */ 1900 { 1901 1, 1902 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1903 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1904 SSL_kDHr, 1905 SSL_aDH, 1906 SSL_AES256GCM, 1907 SSL_AEAD, 1908 SSL_TLSV1_2, 1909 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1910 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1911 256, 1912 256, 1913 }, 1914 1915 /* Cipher A2 */ 1916 { 1917 1, 1918 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 1919 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 1920 SSL_kEDH, 1921 SSL_aDSS, 1922 SSL_AES128GCM, 1923 SSL_AEAD, 1924 SSL_TLSV1_2, 1925 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1926 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1927 128, 1928 128, 1929 }, 1930 1931 /* Cipher A3 */ 1932 { 1933 1, 1934 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 1935 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 1936 SSL_kEDH, 1937 SSL_aDSS, 1938 SSL_AES256GCM, 1939 SSL_AEAD, 1940 SSL_TLSV1_2, 1941 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1942 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1943 256, 1944 256, 1945 }, 1946 1947 /* Cipher A4 */ 1948 { 1949 1, 1950 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 1951 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 1952 SSL_kDHd, 1953 SSL_aDH, 1954 SSL_AES128GCM, 1955 SSL_AEAD, 1956 SSL_TLSV1_2, 1957 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1958 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1959 128, 1960 128, 1961 }, 1962 1963 /* Cipher A5 */ 1964 { 1965 1, 1966 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 1967 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 1968 SSL_kDHd, 1969 SSL_aDH, 1970 SSL_AES256GCM, 1971 SSL_AEAD, 1972 SSL_TLSV1_2, 1973 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1974 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1975 256, 1976 256, 1977 }, 1978 1979 /* Cipher A6 */ 1980 { 1981 1, 1982 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 1983 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 1984 SSL_kEDH, 1985 SSL_aNULL, 1986 SSL_AES128GCM, 1987 SSL_AEAD, 1988 SSL_TLSV1_2, 1989 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1990 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1991 128, 1992 128, 1993 }, 1994 1995 /* Cipher A7 */ 1996 { 1997 1, 1998 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 1999 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 2000 SSL_kEDH, 2001 SSL_aNULL, 2002 SSL_AES256GCM, 2003 SSL_AEAD, 2004 SSL_TLSV1_2, 2005 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2006 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2007 256, 2008 256, 2009 }, 2010 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL 2011 { 2012 1, 2013 "SCSV", 2014 SSL3_CK_SCSV, 2015 0, 2016 0, 2017 0, 2018 0, 2019 0, 2020 0, 2021 0, 2022 0, 2023 0}, 2024 #endif 2025 2026 #ifndef OPENSSL_NO_ECDH 2027 /* Cipher C001 */ 2028 { 2029 1, 2030 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 2031 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 2032 SSL_kECDHe, 2033 SSL_aECDH, 2034 SSL_eNULL, 2035 SSL_SHA1, 2036 SSL_TLSV1, 2037 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2038 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2039 0, 2040 0, 2041 }, 2042 2043 /* Cipher C002 */ 2044 { 2045 1, 2046 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 2047 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 2048 SSL_kECDHe, 2049 SSL_aECDH, 2050 SSL_RC4, 2051 SSL_SHA1, 2052 SSL_TLSV1, 2053 SSL_NOT_EXP | SSL_MEDIUM, 2054 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2055 128, 2056 128, 2057 }, 2058 2059 /* Cipher C003 */ 2060 { 2061 1, 2062 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2063 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2064 SSL_kECDHe, 2065 SSL_aECDH, 2066 SSL_3DES, 2067 SSL_SHA1, 2068 SSL_TLSV1, 2069 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2070 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2071 112, 2072 168, 2073 }, 2074 2075 /* Cipher C004 */ 2076 { 2077 1, 2078 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2079 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2080 SSL_kECDHe, 2081 SSL_aECDH, 2082 SSL_AES128, 2083 SSL_SHA1, 2084 SSL_TLSV1, 2085 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2086 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2087 128, 2088 128, 2089 }, 2090 2091 /* Cipher C005 */ 2092 { 2093 1, 2094 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2095 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2096 SSL_kECDHe, 2097 SSL_aECDH, 2098 SSL_AES256, 2099 SSL_SHA1, 2100 SSL_TLSV1, 2101 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2102 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2103 256, 2104 256, 2105 }, 2106 2107 /* Cipher C006 */ 2108 { 2109 1, 2110 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 2111 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 2112 SSL_kEECDH, 2113 SSL_aECDSA, 2114 SSL_eNULL, 2115 SSL_SHA1, 2116 SSL_TLSV1, 2117 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2118 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2119 0, 2120 0, 2121 }, 2122 2123 /* Cipher C007 */ 2124 { 2125 1, 2126 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 2127 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 2128 SSL_kEECDH, 2129 SSL_aECDSA, 2130 SSL_RC4, 2131 SSL_SHA1, 2132 SSL_TLSV1, 2133 SSL_NOT_EXP | SSL_MEDIUM, 2134 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2135 128, 2136 128, 2137 }, 2138 2139 /* Cipher C008 */ 2140 { 2141 1, 2142 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2143 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2144 SSL_kEECDH, 2145 SSL_aECDSA, 2146 SSL_3DES, 2147 SSL_SHA1, 2148 SSL_TLSV1, 2149 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2150 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2151 112, 2152 168, 2153 }, 2154 2155 /* Cipher C009 */ 2156 { 2157 1, 2158 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2159 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2160 SSL_kEECDH, 2161 SSL_aECDSA, 2162 SSL_AES128, 2163 SSL_SHA1, 2164 SSL_TLSV1, 2165 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2166 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2167 128, 2168 128, 2169 }, 2170 2171 /* Cipher C00A */ 2172 { 2173 1, 2174 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2175 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2176 SSL_kEECDH, 2177 SSL_aECDSA, 2178 SSL_AES256, 2179 SSL_SHA1, 2180 SSL_TLSV1, 2181 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2182 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2183 256, 2184 256, 2185 }, 2186 2187 /* Cipher C00B */ 2188 { 2189 1, 2190 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 2191 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 2192 SSL_kECDHr, 2193 SSL_aECDH, 2194 SSL_eNULL, 2195 SSL_SHA1, 2196 SSL_TLSV1, 2197 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2198 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2199 0, 2200 0, 2201 }, 2202 2203 /* Cipher C00C */ 2204 { 2205 1, 2206 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 2207 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 2208 SSL_kECDHr, 2209 SSL_aECDH, 2210 SSL_RC4, 2211 SSL_SHA1, 2212 SSL_TLSV1, 2213 SSL_NOT_EXP | SSL_MEDIUM, 2214 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2215 128, 2216 128, 2217 }, 2218 2219 /* Cipher C00D */ 2220 { 2221 1, 2222 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2223 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2224 SSL_kECDHr, 2225 SSL_aECDH, 2226 SSL_3DES, 2227 SSL_SHA1, 2228 SSL_TLSV1, 2229 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2230 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2231 112, 2232 168, 2233 }, 2234 2235 /* Cipher C00E */ 2236 { 2237 1, 2238 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 2239 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 2240 SSL_kECDHr, 2241 SSL_aECDH, 2242 SSL_AES128, 2243 SSL_SHA1, 2244 SSL_TLSV1, 2245 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2246 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2247 128, 2248 128, 2249 }, 2250 2251 /* Cipher C00F */ 2252 { 2253 1, 2254 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 2255 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 2256 SSL_kECDHr, 2257 SSL_aECDH, 2258 SSL_AES256, 2259 SSL_SHA1, 2260 SSL_TLSV1, 2261 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2262 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2263 256, 2264 256, 2265 }, 2266 2267 /* Cipher C010 */ 2268 { 2269 1, 2270 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 2271 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 2272 SSL_kEECDH, 2273 SSL_aRSA, 2274 SSL_eNULL, 2275 SSL_SHA1, 2276 SSL_TLSV1, 2277 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2278 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2279 0, 2280 0, 2281 }, 2282 2283 /* Cipher C011 */ 2284 { 2285 1, 2286 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 2287 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 2288 SSL_kEECDH, 2289 SSL_aRSA, 2290 SSL_RC4, 2291 SSL_SHA1, 2292 SSL_TLSV1, 2293 SSL_NOT_EXP | SSL_MEDIUM, 2294 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2295 128, 2296 128, 2297 }, 2298 2299 /* Cipher C012 */ 2300 { 2301 1, 2302 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2303 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2304 SSL_kEECDH, 2305 SSL_aRSA, 2306 SSL_3DES, 2307 SSL_SHA1, 2308 SSL_TLSV1, 2309 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2310 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2311 112, 2312 168, 2313 }, 2314 2315 /* Cipher C013 */ 2316 { 2317 1, 2318 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2319 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2320 SSL_kEECDH, 2321 SSL_aRSA, 2322 SSL_AES128, 2323 SSL_SHA1, 2324 SSL_TLSV1, 2325 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2326 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2327 128, 2328 128, 2329 }, 2330 2331 /* Cipher C014 */ 2332 { 2333 1, 2334 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2335 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2336 SSL_kEECDH, 2337 SSL_aRSA, 2338 SSL_AES256, 2339 SSL_SHA1, 2340 SSL_TLSV1, 2341 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2342 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2343 256, 2344 256, 2345 }, 2346 2347 /* Cipher C015 */ 2348 { 2349 1, 2350 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 2351 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 2352 SSL_kEECDH, 2353 SSL_aNULL, 2354 SSL_eNULL, 2355 SSL_SHA1, 2356 SSL_TLSV1, 2357 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2358 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2359 0, 2360 0, 2361 }, 2362 2363 /* Cipher C016 */ 2364 { 2365 1, 2366 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 2367 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 2368 SSL_kEECDH, 2369 SSL_aNULL, 2370 SSL_RC4, 2371 SSL_SHA1, 2372 SSL_TLSV1, 2373 SSL_NOT_EXP | SSL_MEDIUM, 2374 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2375 128, 2376 128, 2377 }, 2378 2379 /* Cipher C017 */ 2380 { 2381 1, 2382 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 2383 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 2384 SSL_kEECDH, 2385 SSL_aNULL, 2386 SSL_3DES, 2387 SSL_SHA1, 2388 SSL_TLSV1, 2389 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2390 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2391 112, 2392 168, 2393 }, 2394 2395 /* Cipher C018 */ 2396 { 2397 1, 2398 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 2399 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 2400 SSL_kEECDH, 2401 SSL_aNULL, 2402 SSL_AES128, 2403 SSL_SHA1, 2404 SSL_TLSV1, 2405 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2406 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2407 128, 2408 128, 2409 }, 2410 2411 /* Cipher C019 */ 2412 { 2413 1, 2414 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 2415 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 2416 SSL_kEECDH, 2417 SSL_aNULL, 2418 SSL_AES256, 2419 SSL_SHA1, 2420 SSL_TLSV1, 2421 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2422 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2423 256, 2424 256, 2425 }, 2426 #endif /* OPENSSL_NO_ECDH */ 2427 2428 #ifndef OPENSSL_NO_SRP 2429 /* Cipher C01A */ 2430 { 2431 1, 2432 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2433 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2434 SSL_kSRP, 2435 SSL_aSRP, 2436 SSL_3DES, 2437 SSL_SHA1, 2438 SSL_TLSV1, 2439 SSL_NOT_EXP | SSL_HIGH, 2440 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2441 112, 2442 168, 2443 }, 2444 2445 /* Cipher C01B */ 2446 { 2447 1, 2448 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2449 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2450 SSL_kSRP, 2451 SSL_aRSA, 2452 SSL_3DES, 2453 SSL_SHA1, 2454 SSL_TLSV1, 2455 SSL_NOT_EXP | SSL_HIGH, 2456 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2457 112, 2458 168, 2459 }, 2460 2461 /* Cipher C01C */ 2462 { 2463 1, 2464 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2465 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2466 SSL_kSRP, 2467 SSL_aDSS, 2468 SSL_3DES, 2469 SSL_SHA1, 2470 SSL_TLSV1, 2471 SSL_NOT_EXP | SSL_HIGH, 2472 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2473 112, 2474 168, 2475 }, 2476 2477 /* Cipher C01D */ 2478 { 2479 1, 2480 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, 2481 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, 2482 SSL_kSRP, 2483 SSL_aSRP, 2484 SSL_AES128, 2485 SSL_SHA1, 2486 SSL_TLSV1, 2487 SSL_NOT_EXP | SSL_HIGH, 2488 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2489 128, 2490 128, 2491 }, 2492 2493 /* Cipher C01E */ 2494 { 2495 1, 2496 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2497 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2498 SSL_kSRP, 2499 SSL_aRSA, 2500 SSL_AES128, 2501 SSL_SHA1, 2502 SSL_TLSV1, 2503 SSL_NOT_EXP | SSL_HIGH, 2504 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2505 128, 2506 128, 2507 }, 2508 2509 /* Cipher C01F */ 2510 { 2511 1, 2512 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2513 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2514 SSL_kSRP, 2515 SSL_aDSS, 2516 SSL_AES128, 2517 SSL_SHA1, 2518 SSL_TLSV1, 2519 SSL_NOT_EXP | SSL_HIGH, 2520 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2521 128, 2522 128, 2523 }, 2524 2525 /* Cipher C020 */ 2526 { 2527 1, 2528 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, 2529 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, 2530 SSL_kSRP, 2531 SSL_aSRP, 2532 SSL_AES256, 2533 SSL_SHA1, 2534 SSL_TLSV1, 2535 SSL_NOT_EXP | SSL_HIGH, 2536 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2537 256, 2538 256, 2539 }, 2540 2541 /* Cipher C021 */ 2542 { 2543 1, 2544 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2545 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2546 SSL_kSRP, 2547 SSL_aRSA, 2548 SSL_AES256, 2549 SSL_SHA1, 2550 SSL_TLSV1, 2551 SSL_NOT_EXP | SSL_HIGH, 2552 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2553 256, 2554 256, 2555 }, 2556 2557 /* Cipher C022 */ 2558 { 2559 1, 2560 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2561 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2562 SSL_kSRP, 2563 SSL_aDSS, 2564 SSL_AES256, 2565 SSL_SHA1, 2566 SSL_TLSV1, 2567 SSL_NOT_EXP | SSL_HIGH, 2568 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2569 256, 2570 256, 2571 }, 2572 #endif /* OPENSSL_NO_SRP */ 2573 #ifndef OPENSSL_NO_ECDH 2574 2575 /* HMAC based TLS v1.2 ciphersuites from RFC5289 */ 2576 2577 /* Cipher C023 */ 2578 { 2579 1, 2580 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 2581 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 2582 SSL_kEECDH, 2583 SSL_aECDSA, 2584 SSL_AES128, 2585 SSL_SHA256, 2586 SSL_TLSV1_2, 2587 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2588 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2589 128, 2590 128, 2591 }, 2592 2593 /* Cipher C024 */ 2594 { 2595 1, 2596 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 2597 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 2598 SSL_kEECDH, 2599 SSL_aECDSA, 2600 SSL_AES256, 2601 SSL_SHA384, 2602 SSL_TLSV1_2, 2603 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2604 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2605 256, 2606 256, 2607 }, 2608 2609 /* Cipher C025 */ 2610 { 2611 1, 2612 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256, 2613 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256, 2614 SSL_kECDHe, 2615 SSL_aECDH, 2616 SSL_AES128, 2617 SSL_SHA256, 2618 SSL_TLSV1_2, 2619 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2620 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2621 128, 2622 128, 2623 }, 2624 2625 /* Cipher C026 */ 2626 { 2627 1, 2628 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384, 2629 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384, 2630 SSL_kECDHe, 2631 SSL_aECDH, 2632 SSL_AES256, 2633 SSL_SHA384, 2634 SSL_TLSV1_2, 2635 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2636 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2637 256, 2638 256, 2639 }, 2640 2641 /* Cipher C027 */ 2642 { 2643 1, 2644 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 2645 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 2646 SSL_kEECDH, 2647 SSL_aRSA, 2648 SSL_AES128, 2649 SSL_SHA256, 2650 SSL_TLSV1_2, 2651 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2652 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2653 128, 2654 128, 2655 }, 2656 2657 /* Cipher C028 */ 2658 { 2659 1, 2660 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 2661 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 2662 SSL_kEECDH, 2663 SSL_aRSA, 2664 SSL_AES256, 2665 SSL_SHA384, 2666 SSL_TLSV1_2, 2667 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2668 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2669 256, 2670 256, 2671 }, 2672 2673 /* Cipher C029 */ 2674 { 2675 1, 2676 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, 2677 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, 2678 SSL_kECDHr, 2679 SSL_aECDH, 2680 SSL_AES128, 2681 SSL_SHA256, 2682 SSL_TLSV1_2, 2683 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2684 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2685 128, 2686 128, 2687 }, 2688 2689 /* Cipher C02A */ 2690 { 2691 1, 2692 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, 2693 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, 2694 SSL_kECDHr, 2695 SSL_aECDH, 2696 SSL_AES256, 2697 SSL_SHA384, 2698 SSL_TLSV1_2, 2699 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2700 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2701 256, 2702 256, 2703 }, 2704 2705 /* GCM based TLS v1.2 ciphersuites from RFC5289 */ 2706 2707 /* Cipher C02B */ 2708 { 2709 1, 2710 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2711 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2712 SSL_kEECDH, 2713 SSL_aECDSA, 2714 SSL_AES128GCM, 2715 SSL_AEAD, 2716 SSL_TLSV1_2, 2717 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2718 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2719 128, 2720 128, 2721 }, 2722 2723 /* Cipher C02C */ 2724 { 2725 1, 2726 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2727 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2728 SSL_kEECDH, 2729 SSL_aECDSA, 2730 SSL_AES256GCM, 2731 SSL_AEAD, 2732 SSL_TLSV1_2, 2733 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2734 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2735 256, 2736 256, 2737 }, 2738 2739 /* Cipher C02D */ 2740 { 2741 1, 2742 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2743 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2744 SSL_kECDHe, 2745 SSL_aECDH, 2746 SSL_AES128GCM, 2747 SSL_AEAD, 2748 SSL_TLSV1_2, 2749 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2750 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2751 128, 2752 128, 2753 }, 2754 2755 /* Cipher C02E */ 2756 { 2757 1, 2758 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2759 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2760 SSL_kECDHe, 2761 SSL_aECDH, 2762 SSL_AES256GCM, 2763 SSL_AEAD, 2764 SSL_TLSV1_2, 2765 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2766 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2767 256, 2768 256, 2769 }, 2770 2771 /* Cipher C02F */ 2772 { 2773 1, 2774 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2775 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2776 SSL_kEECDH, 2777 SSL_aRSA, 2778 SSL_AES128GCM, 2779 SSL_AEAD, 2780 SSL_TLSV1_2, 2781 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2782 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2783 128, 2784 128, 2785 }, 2786 2787 /* Cipher C030 */ 2788 { 2789 1, 2790 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2791 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2792 SSL_kEECDH, 2793 SSL_aRSA, 2794 SSL_AES256GCM, 2795 SSL_AEAD, 2796 SSL_TLSV1_2, 2797 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2798 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2799 256, 2800 256, 2801 }, 2802 2803 /* Cipher C031 */ 2804 { 2805 1, 2806 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2807 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2808 SSL_kECDHr, 2809 SSL_aECDH, 2810 SSL_AES128GCM, 2811 SSL_AEAD, 2812 SSL_TLSV1_2, 2813 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2814 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2815 128, 2816 128, 2817 }, 2818 2819 /* Cipher C032 */ 2820 { 2821 1, 2822 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2823 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2824 SSL_kECDHr, 2825 SSL_aECDH, 2826 SSL_AES256GCM, 2827 SSL_AEAD, 2828 SSL_TLSV1_2, 2829 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2830 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2831 256, 2832 256, 2833 }, 2834 2835 #endif /* OPENSSL_NO_ECDH */ 2836 2837 #ifdef TEMP_GOST_TLS 2838 /* Cipher FF00 */ 2839 { 2840 1, 2841 "GOST-MD5", 2842 0x0300ff00, 2843 SSL_kRSA, 2844 SSL_aRSA, 2845 SSL_eGOST2814789CNT, 2846 SSL_MD5, 2847 SSL_TLSV1, 2848 SSL_NOT_EXP | SSL_HIGH, 2849 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2850 256, 2851 256, 2852 }, 2853 { 2854 1, 2855 "GOST-GOST94", 2856 0x0300ff01, 2857 SSL_kRSA, 2858 SSL_aRSA, 2859 SSL_eGOST2814789CNT, 2860 SSL_GOST94, 2861 SSL_TLSV1, 2862 SSL_NOT_EXP | SSL_HIGH, 2863 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2864 256, 2865 256}, 2866 { 2867 1, 2868 "GOST-GOST89MAC", 2869 0x0300ff02, 2870 SSL_kRSA, 2871 SSL_aRSA, 2872 SSL_eGOST2814789CNT, 2873 SSL_GOST89MAC, 2874 SSL_TLSV1, 2875 SSL_NOT_EXP | SSL_HIGH, 2876 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2877 256, 2878 256}, 2879 { 2880 1, 2881 "GOST-GOST89STREAM", 2882 0x0300ff03, 2883 SSL_kRSA, 2884 SSL_aRSA, 2885 SSL_eGOST2814789CNT, 2886 SSL_GOST89MAC, 2887 SSL_TLSV1, 2888 SSL_NOT_EXP | SSL_HIGH, 2889 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC, 2890 256, 2891 256}, 2892 #endif 2893 2894 /* end of list */ 2895 }; 2896 2897 SSL3_ENC_METHOD SSLv3_enc_data = { 2898 ssl3_enc, 2899 n_ssl3_mac, 2900 ssl3_setup_key_block, 2901 ssl3_generate_master_secret, 2902 ssl3_change_cipher_state, 2903 ssl3_final_finish_mac, 2904 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, 2905 ssl3_cert_verify_mac, 2906 SSL3_MD_CLIENT_FINISHED_CONST, 4, 2907 SSL3_MD_SERVER_FINISHED_CONST, 4, 2908 ssl3_alert_code, 2909 (int (*)(SSL *, unsigned char *, size_t, const char *, 2910 size_t, const unsigned char *, size_t, 2911 int use_context))ssl_undefined_function, 2912 0, 2913 SSL3_HM_HEADER_LENGTH, 2914 ssl3_set_handshake_header, 2915 ssl3_handshake_write 2916 }; 2917 2918 long ssl3_default_timeout(void) 2919 { 2920 /* 2921 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for 2922 * http, the cache would over fill 2923 */ 2924 return (60 * 60 * 2); 2925 } 2926 2927 int ssl3_num_ciphers(void) 2928 { 2929 return (SSL3_NUM_CIPHERS); 2930 } 2931 2932 const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 2933 { 2934 if (u < SSL3_NUM_CIPHERS) 2935 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u])); 2936 else 2937 return (NULL); 2938 } 2939 2940 int ssl3_pending(const SSL *s) 2941 { 2942 if (s->rstate == SSL_ST_READ_BODY) 2943 return 0; 2944 2945 return (s->s3->rrec.type == 2946 SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 2947 } 2948 2949 void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) 2950 { 2951 unsigned char *p = (unsigned char *)s->init_buf->data; 2952 *(p++) = htype; 2953 l2n3(len, p); 2954 s->init_num = (int)len + SSL3_HM_HEADER_LENGTH; 2955 s->init_off = 0; 2956 } 2957 2958 int ssl3_handshake_write(SSL *s) 2959 { 2960 return ssl3_do_write(s, SSL3_RT_HANDSHAKE); 2961 } 2962 2963 int ssl3_new(SSL *s) 2964 { 2965 SSL3_STATE *s3; 2966 2967 if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL) 2968 goto err; 2969 memset(s3, 0, sizeof *s3); 2970 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 2971 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); 2972 2973 s->s3 = s3; 2974 2975 #ifndef OPENSSL_NO_SRP 2976 SSL_SRP_CTX_init(s); 2977 #endif 2978 s->method->ssl_clear(s); 2979 return (1); 2980 err: 2981 return (0); 2982 } 2983 2984 void ssl3_free(SSL *s) 2985 { 2986 if (s == NULL || s->s3 == NULL) 2987 return; 2988 2989 #ifdef TLSEXT_TYPE_opaque_prf_input 2990 if (s->s3->client_opaque_prf_input != NULL) 2991 OPENSSL_free(s->s3->client_opaque_prf_input); 2992 if (s->s3->server_opaque_prf_input != NULL) 2993 OPENSSL_free(s->s3->server_opaque_prf_input); 2994 #endif 2995 2996 ssl3_cleanup_key_block(s); 2997 if (s->s3->rbuf.buf != NULL) 2998 ssl3_release_read_buffer(s); 2999 if (s->s3->wbuf.buf != NULL) 3000 ssl3_release_write_buffer(s); 3001 if (s->s3->rrec.comp != NULL) 3002 OPENSSL_free(s->s3->rrec.comp); 3003 #ifndef OPENSSL_NO_DH 3004 if (s->s3->tmp.dh != NULL) 3005 DH_free(s->s3->tmp.dh); 3006 #endif 3007 #ifndef OPENSSL_NO_ECDH 3008 if (s->s3->tmp.ecdh != NULL) 3009 EC_KEY_free(s->s3->tmp.ecdh); 3010 #endif 3011 3012 if (s->s3->tmp.ca_names != NULL) 3013 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3014 if (s->s3->handshake_buffer) { 3015 BIO_free(s->s3->handshake_buffer); 3016 } 3017 if (s->s3->handshake_dgst) 3018 ssl3_free_digest_list(s); 3019 #ifndef OPENSSL_NO_TLSEXT 3020 if (s->s3->alpn_selected) 3021 OPENSSL_free(s->s3->alpn_selected); 3022 #endif 3023 3024 #ifndef OPENSSL_NO_SRP 3025 SSL_SRP_CTX_free(s); 3026 #endif 3027 OPENSSL_cleanse(s->s3, sizeof *s->s3); 3028 OPENSSL_free(s->s3); 3029 s->s3 = NULL; 3030 } 3031 3032 void ssl3_clear(SSL *s) 3033 { 3034 unsigned char *rp, *wp; 3035 size_t rlen, wlen; 3036 int init_extra; 3037 3038 #ifdef TLSEXT_TYPE_opaque_prf_input 3039 if (s->s3->client_opaque_prf_input != NULL) 3040 OPENSSL_free(s->s3->client_opaque_prf_input); 3041 s->s3->client_opaque_prf_input = NULL; 3042 if (s->s3->server_opaque_prf_input != NULL) 3043 OPENSSL_free(s->s3->server_opaque_prf_input); 3044 s->s3->server_opaque_prf_input = NULL; 3045 #endif 3046 3047 ssl3_cleanup_key_block(s); 3048 if (s->s3->tmp.ca_names != NULL) 3049 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3050 3051 if (s->s3->rrec.comp != NULL) { 3052 OPENSSL_free(s->s3->rrec.comp); 3053 s->s3->rrec.comp = NULL; 3054 } 3055 #ifndef OPENSSL_NO_DH 3056 if (s->s3->tmp.dh != NULL) { 3057 DH_free(s->s3->tmp.dh); 3058 s->s3->tmp.dh = NULL; 3059 } 3060 #endif 3061 #ifndef OPENSSL_NO_ECDH 3062 if (s->s3->tmp.ecdh != NULL) { 3063 EC_KEY_free(s->s3->tmp.ecdh); 3064 s->s3->tmp.ecdh = NULL; 3065 } 3066 #endif 3067 #ifndef OPENSSL_NO_TLSEXT 3068 # ifndef OPENSSL_NO_EC 3069 s->s3->is_probably_safari = 0; 3070 # endif /* !OPENSSL_NO_EC */ 3071 #endif /* !OPENSSL_NO_TLSEXT */ 3072 3073 rp = s->s3->rbuf.buf; 3074 wp = s->s3->wbuf.buf; 3075 rlen = s->s3->rbuf.len; 3076 wlen = s->s3->wbuf.len; 3077 init_extra = s->s3->init_extra; 3078 if (s->s3->handshake_buffer) { 3079 BIO_free(s->s3->handshake_buffer); 3080 s->s3->handshake_buffer = NULL; 3081 } 3082 if (s->s3->handshake_dgst) { 3083 ssl3_free_digest_list(s); 3084 } 3085 #if !defined(OPENSSL_NO_TLSEXT) 3086 if (s->s3->alpn_selected) { 3087 OPENSSL_free(s->s3->alpn_selected); 3088 s->s3->alpn_selected = NULL; 3089 } 3090 #endif 3091 memset(s->s3, 0, sizeof *s->s3); 3092 s->s3->rbuf.buf = rp; 3093 s->s3->wbuf.buf = wp; 3094 s->s3->rbuf.len = rlen; 3095 s->s3->wbuf.len = wlen; 3096 s->s3->init_extra = init_extra; 3097 3098 ssl_free_wbio_buffer(s); 3099 3100 s->packet_length = 0; 3101 s->s3->renegotiate = 0; 3102 s->s3->total_renegotiations = 0; 3103 s->s3->num_renegotiations = 0; 3104 s->s3->in_read_app_data = 0; 3105 s->version = SSL3_VERSION; 3106 3107 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 3108 if (s->next_proto_negotiated) { 3109 OPENSSL_free(s->next_proto_negotiated); 3110 s->next_proto_negotiated = NULL; 3111 s->next_proto_negotiated_len = 0; 3112 } 3113 #endif 3114 } 3115 3116 #ifndef OPENSSL_NO_SRP 3117 static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg) 3118 { 3119 return BUF_strdup(s->srp_ctx.info); 3120 } 3121 #endif 3122 3123 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, 3124 size_t len); 3125 3126 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 3127 { 3128 int ret = 0; 3129 3130 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3131 if ( 3132 # ifndef OPENSSL_NO_RSA 3133 cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || 3134 # endif 3135 # ifndef OPENSSL_NO_DSA 3136 cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB || 3137 # endif 3138 0) { 3139 if (!ssl_cert_inst(&s->cert)) { 3140 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 3141 return (0); 3142 } 3143 } 3144 #endif 3145 3146 switch (cmd) { 3147 case SSL_CTRL_GET_SESSION_REUSED: 3148 ret = s->hit; 3149 break; 3150 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 3151 break; 3152 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 3153 ret = s->s3->num_renegotiations; 3154 break; 3155 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 3156 ret = s->s3->num_renegotiations; 3157 s->s3->num_renegotiations = 0; 3158 break; 3159 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 3160 ret = s->s3->total_renegotiations; 3161 break; 3162 case SSL_CTRL_GET_FLAGS: 3163 ret = (int)(s->s3->flags); 3164 break; 3165 #ifndef OPENSSL_NO_RSA 3166 case SSL_CTRL_NEED_TMP_RSA: 3167 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 3168 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3169 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3170 (512 / 8)))) 3171 ret = 1; 3172 break; 3173 case SSL_CTRL_SET_TMP_RSA: 3174 { 3175 RSA *rsa = (RSA *)parg; 3176 if (rsa == NULL) { 3177 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3178 return (ret); 3179 } 3180 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) { 3181 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); 3182 return (ret); 3183 } 3184 if (s->cert->rsa_tmp != NULL) 3185 RSA_free(s->cert->rsa_tmp); 3186 s->cert->rsa_tmp = rsa; 3187 ret = 1; 3188 } 3189 break; 3190 case SSL_CTRL_SET_TMP_RSA_CB: 3191 { 3192 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3193 return (ret); 3194 } 3195 break; 3196 #endif 3197 #ifndef OPENSSL_NO_DH 3198 case SSL_CTRL_SET_TMP_DH: 3199 { 3200 DH *dh = (DH *)parg; 3201 if (dh == NULL) { 3202 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3203 return (ret); 3204 } 3205 if ((dh = DHparams_dup(dh)) == NULL) { 3206 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3207 return (ret); 3208 } 3209 if (!(s->options & SSL_OP_SINGLE_DH_USE)) { 3210 if (!DH_generate_key(dh)) { 3211 DH_free(dh); 3212 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3213 return (ret); 3214 } 3215 } 3216 if (s->cert->dh_tmp != NULL) 3217 DH_free(s->cert->dh_tmp); 3218 s->cert->dh_tmp = dh; 3219 ret = 1; 3220 } 3221 break; 3222 case SSL_CTRL_SET_TMP_DH_CB: 3223 { 3224 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3225 return (ret); 3226 } 3227 break; 3228 #endif 3229 #ifndef OPENSSL_NO_ECDH 3230 case SSL_CTRL_SET_TMP_ECDH: 3231 { 3232 EC_KEY *ecdh = NULL; 3233 3234 if (parg == NULL) { 3235 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3236 return (ret); 3237 } 3238 if (!EC_KEY_up_ref((EC_KEY *)parg)) { 3239 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3240 return (ret); 3241 } 3242 ecdh = (EC_KEY *)parg; 3243 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) { 3244 if (!EC_KEY_generate_key(ecdh)) { 3245 EC_KEY_free(ecdh); 3246 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3247 return (ret); 3248 } 3249 } 3250 if (s->cert->ecdh_tmp != NULL) 3251 EC_KEY_free(s->cert->ecdh_tmp); 3252 s->cert->ecdh_tmp = ecdh; 3253 ret = 1; 3254 } 3255 break; 3256 case SSL_CTRL_SET_TMP_ECDH_CB: 3257 { 3258 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3259 return (ret); 3260 } 3261 break; 3262 #endif /* !OPENSSL_NO_ECDH */ 3263 #ifndef OPENSSL_NO_TLSEXT 3264 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 3265 if (larg == TLSEXT_NAMETYPE_host_name) { 3266 if (s->tlsext_hostname != NULL) 3267 OPENSSL_free(s->tlsext_hostname); 3268 s->tlsext_hostname = NULL; 3269 3270 ret = 1; 3271 if (parg == NULL) 3272 break; 3273 if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) { 3274 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 3275 return 0; 3276 } 3277 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) { 3278 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 3279 return 0; 3280 } 3281 } else { 3282 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 3283 return 0; 3284 } 3285 break; 3286 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 3287 s->tlsext_debug_arg = parg; 3288 ret = 1; 3289 break; 3290 3291 # ifdef TLSEXT_TYPE_opaque_prf_input 3292 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3293 if (larg > 12288) { /* actual internal limit is 2^16 for the 3294 * complete hello message * (including the 3295 * cert chain and everything) */ 3296 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3297 break; 3298 } 3299 if (s->tlsext_opaque_prf_input != NULL) 3300 OPENSSL_free(s->tlsext_opaque_prf_input); 3301 if ((size_t)larg == 0) 3302 s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte 3303 * just to get 3304 * non-NULL */ 3305 else 3306 s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); 3307 if (s->tlsext_opaque_prf_input != NULL) { 3308 s->tlsext_opaque_prf_input_len = (size_t)larg; 3309 ret = 1; 3310 } else 3311 s->tlsext_opaque_prf_input_len = 0; 3312 break; 3313 # endif 3314 3315 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3316 s->tlsext_status_type = larg; 3317 ret = 1; 3318 break; 3319 3320 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 3321 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; 3322 ret = 1; 3323 break; 3324 3325 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 3326 s->tlsext_ocsp_exts = parg; 3327 ret = 1; 3328 break; 3329 3330 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 3331 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; 3332 ret = 1; 3333 break; 3334 3335 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 3336 s->tlsext_ocsp_ids = parg; 3337 ret = 1; 3338 break; 3339 3340 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 3341 *(unsigned char **)parg = s->tlsext_ocsp_resp; 3342 return s->tlsext_ocsp_resplen; 3343 3344 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 3345 if (s->tlsext_ocsp_resp) 3346 OPENSSL_free(s->tlsext_ocsp_resp); 3347 s->tlsext_ocsp_resp = parg; 3348 s->tlsext_ocsp_resplen = larg; 3349 ret = 1; 3350 break; 3351 3352 # ifndef OPENSSL_NO_HEARTBEATS 3353 case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT: 3354 if (SSL_IS_DTLS(s)) 3355 ret = dtls1_heartbeat(s); 3356 else 3357 ret = tls1_heartbeat(s); 3358 break; 3359 3360 case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING: 3361 ret = s->tlsext_hb_pending; 3362 break; 3363 3364 case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS: 3365 if (larg) 3366 s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3367 else 3368 s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3369 ret = 1; 3370 break; 3371 # endif 3372 3373 #endif /* !OPENSSL_NO_TLSEXT */ 3374 3375 case SSL_CTRL_CHAIN: 3376 if (larg) 3377 return ssl_cert_set1_chain(s->cert, (STACK_OF(X509) *)parg); 3378 else 3379 return ssl_cert_set0_chain(s->cert, (STACK_OF(X509) *)parg); 3380 3381 case SSL_CTRL_CHAIN_CERT: 3382 if (larg) 3383 return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg); 3384 else 3385 return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg); 3386 3387 case SSL_CTRL_GET_CHAIN_CERTS: 3388 *(STACK_OF(X509) **)parg = s->cert->key->chain; 3389 break; 3390 3391 case SSL_CTRL_SELECT_CURRENT_CERT: 3392 return ssl_cert_select_current(s->cert, (X509 *)parg); 3393 3394 case SSL_CTRL_SET_CURRENT_CERT: 3395 if (larg == SSL_CERT_SET_SERVER) { 3396 CERT_PKEY *cpk; 3397 const SSL_CIPHER *cipher; 3398 if (!s->server) 3399 return 0; 3400 cipher = s->s3->tmp.new_cipher; 3401 if (!cipher) 3402 return 0; 3403 /* 3404 * No certificate for unauthenticated ciphersuites or using SRP 3405 * authentication 3406 */ 3407 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP)) 3408 return 2; 3409 cpk = ssl_get_server_send_pkey(s); 3410 if (!cpk) 3411 return 0; 3412 s->cert->key = cpk; 3413 return 1; 3414 } 3415 return ssl_cert_set_current(s->cert, larg); 3416 3417 #ifndef OPENSSL_NO_EC 3418 case SSL_CTRL_GET_CURVES: 3419 { 3420 unsigned char *clist; 3421 size_t clistlen; 3422 if (!s->session) 3423 return 0; 3424 clist = s->session->tlsext_ellipticcurvelist; 3425 clistlen = s->session->tlsext_ellipticcurvelist_length / 2; 3426 if (parg) { 3427 size_t i; 3428 int *cptr = parg; 3429 unsigned int cid, nid; 3430 for (i = 0; i < clistlen; i++) { 3431 n2s(clist, cid); 3432 nid = tls1_ec_curve_id2nid(cid); 3433 if (nid != 0) 3434 cptr[i] = nid; 3435 else 3436 cptr[i] = TLSEXT_nid_unknown | cid; 3437 } 3438 } 3439 return (int)clistlen; 3440 } 3441 3442 case SSL_CTRL_SET_CURVES: 3443 return tls1_set_curves(&s->tlsext_ellipticcurvelist, 3444 &s->tlsext_ellipticcurvelist_length, 3445 parg, larg); 3446 3447 case SSL_CTRL_SET_CURVES_LIST: 3448 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist, 3449 &s->tlsext_ellipticcurvelist_length, 3450 parg); 3451 3452 case SSL_CTRL_GET_SHARED_CURVE: 3453 return tls1_shared_curve(s, larg); 3454 3455 # ifndef OPENSSL_NO_ECDH 3456 case SSL_CTRL_SET_ECDH_AUTO: 3457 s->cert->ecdh_tmp_auto = larg; 3458 return 1; 3459 # endif 3460 #endif 3461 case SSL_CTRL_SET_SIGALGS: 3462 return tls1_set_sigalgs(s->cert, parg, larg, 0); 3463 3464 case SSL_CTRL_SET_SIGALGS_LIST: 3465 return tls1_set_sigalgs_list(s->cert, parg, 0); 3466 3467 case SSL_CTRL_SET_CLIENT_SIGALGS: 3468 return tls1_set_sigalgs(s->cert, parg, larg, 1); 3469 3470 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3471 return tls1_set_sigalgs_list(s->cert, parg, 1); 3472 3473 case SSL_CTRL_GET_CLIENT_CERT_TYPES: 3474 { 3475 const unsigned char **pctype = parg; 3476 if (s->server || !s->s3->tmp.cert_req) 3477 return 0; 3478 if (s->cert->ctypes) { 3479 if (pctype) 3480 *pctype = s->cert->ctypes; 3481 return (int)s->cert->ctype_num; 3482 } 3483 if (pctype) 3484 *pctype = (unsigned char *)s->s3->tmp.ctype; 3485 return s->s3->tmp.ctype_num; 3486 } 3487 3488 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3489 if (!s->server) 3490 return 0; 3491 return ssl3_set_req_cert_type(s->cert, parg, larg); 3492 3493 case SSL_CTRL_BUILD_CERT_CHAIN: 3494 return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg); 3495 3496 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3497 return ssl_cert_set_cert_store(s->cert, parg, 0, larg); 3498 3499 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3500 return ssl_cert_set_cert_store(s->cert, parg, 1, larg); 3501 3502 case SSL_CTRL_GET_PEER_SIGNATURE_NID: 3503 if (SSL_USE_SIGALGS(s)) { 3504 if (s->session && s->session->sess_cert) { 3505 const EVP_MD *sig; 3506 sig = s->session->sess_cert->peer_key->digest; 3507 if (sig) { 3508 *(int *)parg = EVP_MD_type(sig); 3509 return 1; 3510 } 3511 } 3512 return 0; 3513 } 3514 /* Might want to do something here for other versions */ 3515 else 3516 return 0; 3517 3518 case SSL_CTRL_GET_SERVER_TMP_KEY: 3519 if (s->server || !s->session || !s->session->sess_cert) 3520 return 0; 3521 else { 3522 SESS_CERT *sc; 3523 EVP_PKEY *ptmp; 3524 int rv = 0; 3525 sc = s->session->sess_cert; 3526 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_ECDH) 3527 if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp) 3528 return 0; 3529 #endif 3530 ptmp = EVP_PKEY_new(); 3531 if (!ptmp) 3532 return 0; 3533 if (0) ; 3534 #ifndef OPENSSL_NO_RSA 3535 else if (sc->peer_rsa_tmp) 3536 rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp); 3537 #endif 3538 #ifndef OPENSSL_NO_DH 3539 else if (sc->peer_dh_tmp) 3540 rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp); 3541 #endif 3542 #ifndef OPENSSL_NO_ECDH 3543 else if (sc->peer_ecdh_tmp) 3544 rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp); 3545 #endif 3546 if (rv) { 3547 *(EVP_PKEY **)parg = ptmp; 3548 return 1; 3549 } 3550 EVP_PKEY_free(ptmp); 3551 return 0; 3552 } 3553 #ifndef OPENSSL_NO_EC 3554 case SSL_CTRL_GET_EC_POINT_FORMATS: 3555 { 3556 SSL_SESSION *sess = s->session; 3557 const unsigned char **pformat = parg; 3558 if (!sess || !sess->tlsext_ecpointformatlist) 3559 return 0; 3560 *pformat = sess->tlsext_ecpointformatlist; 3561 return (int)sess->tlsext_ecpointformatlist_length; 3562 } 3563 #endif 3564 3565 case SSL_CTRL_CHECK_PROTO_VERSION: 3566 /* 3567 * For library-internal use; checks that the current protocol is the 3568 * highest enabled version (according to s->ctx->method, as version 3569 * negotiation may have changed s->method). 3570 */ 3571 if (s->version == s->ctx->method->version) 3572 return 1; 3573 /* 3574 * Apparently we're using a version-flexible SSL_METHOD (not at its 3575 * highest protocol version). 3576 */ 3577 if (s->ctx->method->version == SSLv23_method()->version) { 3578 #if TLS_MAX_VERSION != TLS1_2_VERSION 3579 # error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. 3580 #endif 3581 if (!(s->options & SSL_OP_NO_TLSv1_2)) 3582 return s->version == TLS1_2_VERSION; 3583 if (!(s->options & SSL_OP_NO_TLSv1_1)) 3584 return s->version == TLS1_1_VERSION; 3585 if (!(s->options & SSL_OP_NO_TLSv1)) 3586 return s->version == TLS1_VERSION; 3587 if (!(s->options & SSL_OP_NO_SSLv3)) 3588 return s->version == SSL3_VERSION; 3589 if (!(s->options & SSL_OP_NO_SSLv2)) 3590 return s->version == SSL2_VERSION; 3591 } 3592 return 0; /* Unexpected state; fail closed. */ 3593 3594 default: 3595 break; 3596 } 3597 return (ret); 3598 } 3599 3600 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 3601 { 3602 int ret = 0; 3603 3604 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3605 if ( 3606 # ifndef OPENSSL_NO_RSA 3607 cmd == SSL_CTRL_SET_TMP_RSA_CB || 3608 # endif 3609 # ifndef OPENSSL_NO_DSA 3610 cmd == SSL_CTRL_SET_TMP_DH_CB || 3611 # endif 3612 0) { 3613 if (!ssl_cert_inst(&s->cert)) { 3614 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); 3615 return (0); 3616 } 3617 } 3618 #endif 3619 3620 switch (cmd) { 3621 #ifndef OPENSSL_NO_RSA 3622 case SSL_CTRL_SET_TMP_RSA_CB: 3623 { 3624 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3625 } 3626 break; 3627 #endif 3628 #ifndef OPENSSL_NO_DH 3629 case SSL_CTRL_SET_TMP_DH_CB: 3630 { 3631 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3632 } 3633 break; 3634 #endif 3635 #ifndef OPENSSL_NO_ECDH 3636 case SSL_CTRL_SET_TMP_ECDH_CB: 3637 { 3638 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3639 } 3640 break; 3641 #endif 3642 #ifndef OPENSSL_NO_TLSEXT 3643 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3644 s->tlsext_debug_cb = (void (*)(SSL *, int, int, 3645 unsigned char *, int, void *))fp; 3646 break; 3647 #endif 3648 default: 3649 break; 3650 } 3651 return (ret); 3652 } 3653 3654 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3655 { 3656 CERT *cert; 3657 3658 cert = ctx->cert; 3659 3660 switch (cmd) { 3661 #ifndef OPENSSL_NO_RSA 3662 case SSL_CTRL_NEED_TMP_RSA: 3663 if ((cert->rsa_tmp == NULL) && 3664 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3665 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3666 (512 / 8))) 3667 ) 3668 return (1); 3669 else 3670 return (0); 3671 /* break; */ 3672 case SSL_CTRL_SET_TMP_RSA: 3673 { 3674 RSA *rsa; 3675 int i; 3676 3677 rsa = (RSA *)parg; 3678 i = 1; 3679 if (rsa == NULL) 3680 i = 0; 3681 else { 3682 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) 3683 i = 0; 3684 } 3685 if (!i) { 3686 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB); 3687 return (0); 3688 } else { 3689 if (cert->rsa_tmp != NULL) 3690 RSA_free(cert->rsa_tmp); 3691 cert->rsa_tmp = rsa; 3692 return (1); 3693 } 3694 } 3695 /* break; */ 3696 case SSL_CTRL_SET_TMP_RSA_CB: 3697 { 3698 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3699 return (0); 3700 } 3701 break; 3702 #endif 3703 #ifndef OPENSSL_NO_DH 3704 case SSL_CTRL_SET_TMP_DH: 3705 { 3706 DH *new = NULL, *dh; 3707 3708 dh = (DH *)parg; 3709 if ((new = DHparams_dup(dh)) == NULL) { 3710 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); 3711 return 0; 3712 } 3713 if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) { 3714 if (!DH_generate_key(new)) { 3715 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); 3716 DH_free(new); 3717 return 0; 3718 } 3719 } 3720 if (cert->dh_tmp != NULL) 3721 DH_free(cert->dh_tmp); 3722 cert->dh_tmp = new; 3723 return 1; 3724 } 3725 /* 3726 * break; 3727 */ 3728 case SSL_CTRL_SET_TMP_DH_CB: 3729 { 3730 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3731 return (0); 3732 } 3733 break; 3734 #endif 3735 #ifndef OPENSSL_NO_ECDH 3736 case SSL_CTRL_SET_TMP_ECDH: 3737 { 3738 EC_KEY *ecdh = NULL; 3739 3740 if (parg == NULL) { 3741 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3742 return 0; 3743 } 3744 ecdh = EC_KEY_dup((EC_KEY *)parg); 3745 if (ecdh == NULL) { 3746 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB); 3747 return 0; 3748 } 3749 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) { 3750 if (!EC_KEY_generate_key(ecdh)) { 3751 EC_KEY_free(ecdh); 3752 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3753 return 0; 3754 } 3755 } 3756 3757 if (cert->ecdh_tmp != NULL) { 3758 EC_KEY_free(cert->ecdh_tmp); 3759 } 3760 cert->ecdh_tmp = ecdh; 3761 return 1; 3762 } 3763 /* break; */ 3764 case SSL_CTRL_SET_TMP_ECDH_CB: 3765 { 3766 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3767 return (0); 3768 } 3769 break; 3770 #endif /* !OPENSSL_NO_ECDH */ 3771 #ifndef OPENSSL_NO_TLSEXT 3772 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 3773 ctx->tlsext_servername_arg = parg; 3774 break; 3775 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 3776 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 3777 { 3778 unsigned char *keys = parg; 3779 if (!keys) 3780 return 48; 3781 if (larg != 48) { 3782 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3783 return 0; 3784 } 3785 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 3786 memcpy(ctx->tlsext_tick_key_name, keys, 16); 3787 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 3788 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 3789 } else { 3790 memcpy(keys, ctx->tlsext_tick_key_name, 16); 3791 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 3792 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 3793 } 3794 return 1; 3795 } 3796 3797 # ifdef TLSEXT_TYPE_opaque_prf_input 3798 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG: 3799 ctx->tlsext_opaque_prf_input_callback_arg = parg; 3800 return 1; 3801 # endif 3802 3803 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 3804 ctx->tlsext_status_arg = parg; 3805 return 1; 3806 break; 3807 3808 # ifndef OPENSSL_NO_SRP 3809 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: 3810 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3811 if (ctx->srp_ctx.login != NULL) 3812 OPENSSL_free(ctx->srp_ctx.login); 3813 ctx->srp_ctx.login = NULL; 3814 if (parg == NULL) 3815 break; 3816 if (strlen((const char *)parg) > 255 3817 || strlen((const char *)parg) < 1) { 3818 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3819 return 0; 3820 } 3821 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) { 3822 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3823 return 0; 3824 } 3825 break; 3826 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3827 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3828 srp_password_from_info_cb; 3829 ctx->srp_ctx.info = parg; 3830 break; 3831 case SSL_CTRL_SET_SRP_ARG: 3832 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3833 ctx->srp_ctx.SRP_cb_arg = parg; 3834 break; 3835 3836 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH: 3837 ctx->srp_ctx.strength = larg; 3838 break; 3839 # endif 3840 3841 # ifndef OPENSSL_NO_EC 3842 case SSL_CTRL_SET_CURVES: 3843 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, 3844 &ctx->tlsext_ellipticcurvelist_length, 3845 parg, larg); 3846 3847 case SSL_CTRL_SET_CURVES_LIST: 3848 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist, 3849 &ctx->tlsext_ellipticcurvelist_length, 3850 parg); 3851 # ifndef OPENSSL_NO_ECDH 3852 case SSL_CTRL_SET_ECDH_AUTO: 3853 ctx->cert->ecdh_tmp_auto = larg; 3854 return 1; 3855 # endif 3856 # endif 3857 case SSL_CTRL_SET_SIGALGS: 3858 return tls1_set_sigalgs(ctx->cert, parg, larg, 0); 3859 3860 case SSL_CTRL_SET_SIGALGS_LIST: 3861 return tls1_set_sigalgs_list(ctx->cert, parg, 0); 3862 3863 case SSL_CTRL_SET_CLIENT_SIGALGS: 3864 return tls1_set_sigalgs(ctx->cert, parg, larg, 1); 3865 3866 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3867 return tls1_set_sigalgs_list(ctx->cert, parg, 1); 3868 3869 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3870 return ssl3_set_req_cert_type(ctx->cert, parg, larg); 3871 3872 case SSL_CTRL_BUILD_CERT_CHAIN: 3873 return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg); 3874 3875 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3876 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg); 3877 3878 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3879 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg); 3880 3881 #endif /* !OPENSSL_NO_TLSEXT */ 3882 3883 /* A Thawte special :-) */ 3884 case SSL_CTRL_EXTRA_CHAIN_CERT: 3885 if (ctx->extra_certs == NULL) { 3886 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) 3887 return (0); 3888 } 3889 sk_X509_push(ctx->extra_certs, (X509 *)parg); 3890 break; 3891 3892 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 3893 if (ctx->extra_certs == NULL && larg == 0) 3894 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3895 else 3896 *(STACK_OF(X509) **)parg = ctx->extra_certs; 3897 break; 3898 3899 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 3900 if (ctx->extra_certs) { 3901 sk_X509_pop_free(ctx->extra_certs, X509_free); 3902 ctx->extra_certs = NULL; 3903 } 3904 break; 3905 3906 case SSL_CTRL_CHAIN: 3907 if (larg) 3908 return ssl_cert_set1_chain(ctx->cert, (STACK_OF(X509) *)parg); 3909 else 3910 return ssl_cert_set0_chain(ctx->cert, (STACK_OF(X509) *)parg); 3911 3912 case SSL_CTRL_CHAIN_CERT: 3913 if (larg) 3914 return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg); 3915 else 3916 return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg); 3917 3918 case SSL_CTRL_GET_CHAIN_CERTS: 3919 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3920 break; 3921 3922 case SSL_CTRL_SELECT_CURRENT_CERT: 3923 return ssl_cert_select_current(ctx->cert, (X509 *)parg); 3924 3925 case SSL_CTRL_SET_CURRENT_CERT: 3926 return ssl_cert_set_current(ctx->cert, larg); 3927 3928 default: 3929 return (0); 3930 } 3931 return (1); 3932 } 3933 3934 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 3935 { 3936 CERT *cert; 3937 3938 cert = ctx->cert; 3939 3940 switch (cmd) { 3941 #ifndef OPENSSL_NO_RSA 3942 case SSL_CTRL_SET_TMP_RSA_CB: 3943 { 3944 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3945 } 3946 break; 3947 #endif 3948 #ifndef OPENSSL_NO_DH 3949 case SSL_CTRL_SET_TMP_DH_CB: 3950 { 3951 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3952 } 3953 break; 3954 #endif 3955 #ifndef OPENSSL_NO_ECDH 3956 case SSL_CTRL_SET_TMP_ECDH_CB: 3957 { 3958 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3959 } 3960 break; 3961 #endif 3962 #ifndef OPENSSL_NO_TLSEXT 3963 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 3964 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp; 3965 break; 3966 3967 # ifdef TLSEXT_TYPE_opaque_prf_input 3968 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB: 3969 ctx->tlsext_opaque_prf_input_callback = 3970 (int (*)(SSL *, void *, size_t, void *))fp; 3971 break; 3972 # endif 3973 3974 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 3975 ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp; 3976 break; 3977 3978 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 3979 ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *, 3980 unsigned char *, 3981 EVP_CIPHER_CTX *, 3982 HMAC_CTX *, int))fp; 3983 break; 3984 3985 # ifndef OPENSSL_NO_SRP 3986 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: 3987 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3988 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp; 3989 break; 3990 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB: 3991 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3992 ctx->srp_ctx.TLS_ext_srp_username_callback = 3993 (int (*)(SSL *, int *, void *))fp; 3994 break; 3995 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB: 3996 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3997 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3998 (char *(*)(SSL *, void *))fp; 3999 break; 4000 # endif 4001 #endif 4002 default: 4003 return (0); 4004 } 4005 return (1); 4006 } 4007 4008 /* 4009 * This function needs to check if the ciphers required are actually 4010 * available 4011 */ 4012 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 4013 { 4014 SSL_CIPHER c; 4015 const SSL_CIPHER *cp; 4016 unsigned long id; 4017 4018 id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1]; 4019 c.id = id; 4020 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 4021 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES 4022 if (cp == NULL) 4023 fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]); 4024 #endif 4025 return cp; 4026 } 4027 4028 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 4029 { 4030 long l; 4031 4032 if (p != NULL) { 4033 l = c->id; 4034 if ((l & 0xff000000) != 0x03000000) 4035 return (0); 4036 p[0] = ((unsigned char)(l >> 8L)) & 0xFF; 4037 p[1] = ((unsigned char)(l)) & 0xFF; 4038 } 4039 return (2); 4040 } 4041 4042 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 4043 STACK_OF(SSL_CIPHER) *srvr) 4044 { 4045 SSL_CIPHER *c, *ret = NULL; 4046 STACK_OF(SSL_CIPHER) *prio, *allow; 4047 int i, ii, ok; 4048 CERT *cert; 4049 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a; 4050 4051 /* Let's see which ciphers we can support */ 4052 cert = s->cert; 4053 4054 #if 0 4055 /* 4056 * Do not set the compare functions, because this may lead to a 4057 * reordering by "id". We want to keep the original ordering. We may pay 4058 * a price in performance during sk_SSL_CIPHER_find(), but would have to 4059 * pay with the price of sk_SSL_CIPHER_dup(). 4060 */ 4061 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp); 4062 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp); 4063 #endif 4064 4065 #ifdef CIPHER_DEBUG 4066 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), 4067 (void *)srvr); 4068 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { 4069 c = sk_SSL_CIPHER_value(srvr, i); 4070 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4071 } 4072 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), 4073 (void *)clnt); 4074 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { 4075 c = sk_SSL_CIPHER_value(clnt, i); 4076 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4077 } 4078 #endif 4079 4080 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) { 4081 prio = srvr; 4082 allow = clnt; 4083 } else { 4084 prio = clnt; 4085 allow = srvr; 4086 } 4087 4088 tls1_set_cert_validity(s); 4089 4090 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) { 4091 c = sk_SSL_CIPHER_value(prio, i); 4092 4093 /* Skip TLS v1.2 only ciphersuites if not supported */ 4094 if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s)) 4095 continue; 4096 4097 ssl_set_cert_masks(cert, c); 4098 mask_k = cert->mask_k; 4099 mask_a = cert->mask_a; 4100 emask_k = cert->export_mask_k; 4101 emask_a = cert->export_mask_a; 4102 #ifndef OPENSSL_NO_SRP 4103 if (s->srp_ctx.srp_Mask & SSL_kSRP) { 4104 mask_k |= SSL_kSRP; 4105 emask_k |= SSL_kSRP; 4106 mask_a |= SSL_aSRP; 4107 emask_a |= SSL_aSRP; 4108 } 4109 #endif 4110 4111 #ifdef KSSL_DEBUG 4112 /* 4113 * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n", 4114 * i,c->algorithms); 4115 */ 4116 #endif /* KSSL_DEBUG */ 4117 4118 alg_k = c->algorithm_mkey; 4119 alg_a = c->algorithm_auth; 4120 4121 #ifndef OPENSSL_NO_KRB5 4122 if (alg_k & SSL_kKRB5) { 4123 if (!kssl_keytab_is_available(s->kssl_ctx)) 4124 continue; 4125 } 4126 #endif /* OPENSSL_NO_KRB5 */ 4127 #ifndef OPENSSL_NO_PSK 4128 /* with PSK there must be server callback set */ 4129 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL) 4130 continue; 4131 #endif /* OPENSSL_NO_PSK */ 4132 4133 if (SSL_C_IS_EXPORT(c)) { 4134 ok = (alg_k & emask_k) && (alg_a & emask_a); 4135 #ifdef CIPHER_DEBUG 4136 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n", 4137 ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name); 4138 #endif 4139 } else { 4140 ok = (alg_k & mask_k) && (alg_a & mask_a); 4141 #ifdef CIPHER_DEBUG 4142 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, 4143 alg_a, mask_k, mask_a, (void *)c, c->name); 4144 #endif 4145 } 4146 4147 #ifndef OPENSSL_NO_TLSEXT 4148 # ifndef OPENSSL_NO_EC 4149 # ifndef OPENSSL_NO_ECDH 4150 /* 4151 * if we are considering an ECC cipher suite that uses an ephemeral 4152 * EC key check it 4153 */ 4154 if (alg_k & SSL_kEECDH) 4155 ok = ok && tls1_check_ec_tmp_key(s, c->id); 4156 # endif /* OPENSSL_NO_ECDH */ 4157 # endif /* OPENSSL_NO_EC */ 4158 #endif /* OPENSSL_NO_TLSEXT */ 4159 4160 if (!ok) 4161 continue; 4162 ii = sk_SSL_CIPHER_find(allow, c); 4163 if (ii >= 0) { 4164 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) 4165 if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) 4166 && s->s3->is_probably_safari) { 4167 if (!ret) 4168 ret = sk_SSL_CIPHER_value(allow, ii); 4169 continue; 4170 } 4171 #endif 4172 ret = sk_SSL_CIPHER_value(allow, ii); 4173 break; 4174 } 4175 } 4176 return (ret); 4177 } 4178 4179 int ssl3_get_req_cert_type(SSL *s, unsigned char *p) 4180 { 4181 int ret = 0; 4182 const unsigned char *sig; 4183 size_t i, siglen; 4184 int have_rsa_sign = 0, have_dsa_sign = 0; 4185 #ifndef OPENSSL_NO_ECDSA 4186 int have_ecdsa_sign = 0; 4187 #endif 4188 int nostrict = 1; 4189 unsigned long alg_k; 4190 4191 /* If we have custom certificate types set, use them */ 4192 if (s->cert->ctypes) { 4193 memcpy(p, s->cert->ctypes, s->cert->ctype_num); 4194 return (int)s->cert->ctype_num; 4195 } 4196 /* get configured sigalgs */ 4197 siglen = tls12_get_psigalgs(s, &sig); 4198 if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT) 4199 nostrict = 0; 4200 for (i = 0; i < siglen; i += 2, sig += 2) { 4201 switch (sig[1]) { 4202 case TLSEXT_signature_rsa: 4203 have_rsa_sign = 1; 4204 break; 4205 4206 case TLSEXT_signature_dsa: 4207 have_dsa_sign = 1; 4208 break; 4209 #ifndef OPENSSL_NO_ECDSA 4210 case TLSEXT_signature_ecdsa: 4211 have_ecdsa_sign = 1; 4212 break; 4213 #endif 4214 } 4215 } 4216 4217 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 4218 4219 #ifndef OPENSSL_NO_GOST 4220 if (s->version >= TLS1_VERSION) { 4221 if (alg_k & SSL_kGOST) { 4222 p[ret++] = TLS_CT_GOST94_SIGN; 4223 p[ret++] = TLS_CT_GOST01_SIGN; 4224 return (ret); 4225 } 4226 } 4227 #endif 4228 4229 #ifndef OPENSSL_NO_DH 4230 if (alg_k & (SSL_kDHr | SSL_kEDH)) { 4231 # ifndef OPENSSL_NO_RSA 4232 /* 4233 * Since this refers to a certificate signed with an RSA algorithm, 4234 * only check for rsa signing in strict mode. 4235 */ 4236 if (nostrict || have_rsa_sign) 4237 p[ret++] = SSL3_CT_RSA_FIXED_DH; 4238 # endif 4239 # ifndef OPENSSL_NO_DSA 4240 if (nostrict || have_dsa_sign) 4241 p[ret++] = SSL3_CT_DSS_FIXED_DH; 4242 # endif 4243 } 4244 if ((s->version == SSL3_VERSION) && 4245 (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) { 4246 # ifndef OPENSSL_NO_RSA 4247 p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; 4248 # endif 4249 # ifndef OPENSSL_NO_DSA 4250 p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; 4251 # endif 4252 } 4253 #endif /* !OPENSSL_NO_DH */ 4254 #ifndef OPENSSL_NO_RSA 4255 if (have_rsa_sign) 4256 p[ret++] = SSL3_CT_RSA_SIGN; 4257 #endif 4258 #ifndef OPENSSL_NO_DSA 4259 if (have_dsa_sign) 4260 p[ret++] = SSL3_CT_DSS_SIGN; 4261 #endif 4262 #ifndef OPENSSL_NO_ECDH 4263 if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { 4264 if (nostrict || have_rsa_sign) 4265 p[ret++] = TLS_CT_RSA_FIXED_ECDH; 4266 if (nostrict || have_ecdsa_sign) 4267 p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; 4268 } 4269 #endif 4270 4271 #ifndef OPENSSL_NO_ECDSA 4272 /* 4273 * ECDSA certs can be used with RSA cipher suites as well so we don't 4274 * need to check for SSL_kECDH or SSL_kEECDH 4275 */ 4276 if (s->version >= TLS1_VERSION) { 4277 if (have_ecdsa_sign) 4278 p[ret++] = TLS_CT_ECDSA_SIGN; 4279 } 4280 #endif 4281 return (ret); 4282 } 4283 4284 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len) 4285 { 4286 if (c->ctypes) { 4287 OPENSSL_free(c->ctypes); 4288 c->ctypes = NULL; 4289 } 4290 if (!p || !len) 4291 return 1; 4292 if (len > 0xff) 4293 return 0; 4294 c->ctypes = OPENSSL_malloc(len); 4295 if (!c->ctypes) 4296 return 0; 4297 memcpy(c->ctypes, p, len); 4298 c->ctype_num = len; 4299 return 1; 4300 } 4301 4302 int ssl3_shutdown(SSL *s) 4303 { 4304 int ret; 4305 4306 /* 4307 * Don't do anything much if we have not done the handshake or we don't 4308 * want to send messages :-) 4309 */ 4310 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) { 4311 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 4312 return (1); 4313 } 4314 4315 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { 4316 s->shutdown |= SSL_SENT_SHUTDOWN; 4317 #if 1 4318 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); 4319 #endif 4320 /* 4321 * our shutdown alert has been sent now, and if it still needs to be 4322 * written, s->s3->alert_dispatch will be true 4323 */ 4324 if (s->s3->alert_dispatch) 4325 return (-1); /* return WANT_WRITE */ 4326 } else if (s->s3->alert_dispatch) { 4327 /* resend it if not sent */ 4328 #if 1 4329 ret = s->method->ssl_dispatch_alert(s); 4330 if (ret == -1) { 4331 /* 4332 * we only get to return -1 here the 2nd/Nth invocation, we must 4333 * have already signalled return 0 upon a previous invoation, 4334 * return WANT_WRITE 4335 */ 4336 return (ret); 4337 } 4338 #endif 4339 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4340 /* 4341 * If we are waiting for a close from our peer, we are closed 4342 */ 4343 s->method->ssl_read_bytes(s, 0, NULL, 0, 0); 4344 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4345 return (-1); /* return WANT_READ */ 4346 } 4347 } 4348 4349 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) && 4350 !s->s3->alert_dispatch) 4351 return (1); 4352 else 4353 return (0); 4354 } 4355 4356 int ssl3_write(SSL *s, const void *buf, int len) 4357 { 4358 int ret, n; 4359 4360 #if 0 4361 if (s->shutdown & SSL_SEND_SHUTDOWN) { 4362 s->rwstate = SSL_NOTHING; 4363 return (0); 4364 } 4365 #endif 4366 clear_sys_error(); 4367 if (s->s3->renegotiate) 4368 ssl3_renegotiate_check(s); 4369 4370 /* 4371 * This is an experimental flag that sends the last handshake message in 4372 * the same packet as the first use data - used to see if it helps the 4373 * TCP protocol during session-id reuse 4374 */ 4375 /* The second test is because the buffer may have been removed */ 4376 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) { 4377 /* First time through, we write into the buffer */ 4378 if (s->s3->delay_buf_pop_ret == 0) { 4379 ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len); 4380 if (ret <= 0) 4381 return (ret); 4382 4383 s->s3->delay_buf_pop_ret = ret; 4384 } 4385 4386 s->rwstate = SSL_WRITING; 4387 n = BIO_flush(s->wbio); 4388 if (n <= 0) 4389 return (n); 4390 s->rwstate = SSL_NOTHING; 4391 4392 /* We have flushed the buffer, so remove it */ 4393 ssl_free_wbio_buffer(s); 4394 s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER; 4395 4396 ret = s->s3->delay_buf_pop_ret; 4397 s->s3->delay_buf_pop_ret = 0; 4398 } else { 4399 ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, 4400 buf, len); 4401 if (ret <= 0) 4402 return (ret); 4403 } 4404 4405 return (ret); 4406 } 4407 4408 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 4409 { 4410 int ret; 4411 4412 clear_sys_error(); 4413 if (s->s3->renegotiate) 4414 ssl3_renegotiate_check(s); 4415 s->s3->in_read_app_data = 1; 4416 ret = 4417 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4418 peek); 4419 if ((ret == -1) && (s->s3->in_read_app_data == 2)) { 4420 /* 4421 * ssl3_read_bytes decided to call s->handshake_func, which called 4422 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes 4423 * actually found application data and thinks that application data 4424 * makes sense here; so disable handshake processing and try to read 4425 * application data again. 4426 */ 4427 s->in_handshake++; 4428 ret = 4429 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4430 peek); 4431 s->in_handshake--; 4432 } else 4433 s->s3->in_read_app_data = 0; 4434 4435 return (ret); 4436 } 4437 4438 int ssl3_read(SSL *s, void *buf, int len) 4439 { 4440 return ssl3_read_internal(s, buf, len, 0); 4441 } 4442 4443 int ssl3_peek(SSL *s, void *buf, int len) 4444 { 4445 return ssl3_read_internal(s, buf, len, 1); 4446 } 4447 4448 int ssl3_renegotiate(SSL *s) 4449 { 4450 if (s->handshake_func == NULL) 4451 return (1); 4452 4453 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 4454 return (0); 4455 4456 s->s3->renegotiate = 1; 4457 return (1); 4458 } 4459 4460 int ssl3_renegotiate_check(SSL *s) 4461 { 4462 int ret = 0; 4463 4464 if (s->s3->renegotiate) { 4465 if ((s->s3->rbuf.left == 0) && 4466 (s->s3->wbuf.left == 0) && !SSL_in_init(s)) { 4467 /* 4468 * if we are the server, and we have sent a 'RENEGOTIATE' 4469 * message, we need to go to SSL_ST_ACCEPT. 4470 */ 4471 /* SSL_ST_ACCEPT */ 4472 s->state = SSL_ST_RENEGOTIATE; 4473 s->s3->renegotiate = 0; 4474 s->s3->num_renegotiations++; 4475 s->s3->total_renegotiations++; 4476 ret = 1; 4477 } 4478 } 4479 return (ret); 4480 } 4481 4482 /* 4483 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and 4484 * handshake macs if required. 4485 */ 4486 long ssl_get_algorithm2(SSL *s) 4487 { 4488 long alg2 = s->s3->tmp.new_cipher->algorithm2; 4489 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF 4490 && alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF)) 4491 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 4492 return alg2; 4493 } 4494