174664626SKris Kennaway /* ssl/ssl_ciph.c */ 274664626SKris Kennaway /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 374664626SKris Kennaway * All rights reserved. 474664626SKris Kennaway * 574664626SKris Kennaway * This package is an SSL implementation written 674664626SKris Kennaway * by Eric Young (eay@cryptsoft.com). 774664626SKris Kennaway * The implementation was written so as to conform with Netscapes SSL. 874664626SKris Kennaway * 974664626SKris Kennaway * This library is free for commercial and non-commercial use as long as 1074664626SKris Kennaway * the following conditions are aheared to. The following conditions 1174664626SKris Kennaway * apply to all code found in this distribution, be it the RC4, RSA, 1274664626SKris Kennaway * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1374664626SKris Kennaway * included with this distribution is covered by the same copyright terms 1474664626SKris Kennaway * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1574664626SKris Kennaway * 1674664626SKris Kennaway * Copyright remains Eric Young's, and as such any Copyright notices in 1774664626SKris Kennaway * the code are not to be removed. 1874664626SKris Kennaway * If this package is used in a product, Eric Young should be given attribution 1974664626SKris Kennaway * as the author of the parts of the library used. 2074664626SKris Kennaway * This can be in the form of a textual message at program startup or 2174664626SKris Kennaway * in documentation (online or textual) provided with the package. 2274664626SKris Kennaway * 2374664626SKris Kennaway * Redistribution and use in source and binary forms, with or without 2474664626SKris Kennaway * modification, are permitted provided that the following conditions 2574664626SKris Kennaway * are met: 2674664626SKris Kennaway * 1. Redistributions of source code must retain the copyright 2774664626SKris Kennaway * notice, this list of conditions and the following disclaimer. 2874664626SKris Kennaway * 2. Redistributions in binary form must reproduce the above copyright 2974664626SKris Kennaway * notice, this list of conditions and the following disclaimer in the 3074664626SKris Kennaway * documentation and/or other materials provided with the distribution. 3174664626SKris Kennaway * 3. All advertising materials mentioning features or use of this software 3274664626SKris Kennaway * must display the following acknowledgement: 3374664626SKris Kennaway * "This product includes cryptographic software written by 3474664626SKris Kennaway * Eric Young (eay@cryptsoft.com)" 3574664626SKris Kennaway * The word 'cryptographic' can be left out if the rouines from the library 3674664626SKris Kennaway * being used are not cryptographic related :-). 3774664626SKris Kennaway * 4. If you include any Windows specific code (or a derivative thereof) from 3874664626SKris Kennaway * the apps directory (application code) you must include an acknowledgement: 3974664626SKris Kennaway * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4074664626SKris Kennaway * 4174664626SKris Kennaway * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4274664626SKris Kennaway * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4374664626SKris Kennaway * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4474664626SKris Kennaway * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4574664626SKris Kennaway * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4674664626SKris Kennaway * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4774664626SKris Kennaway * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4874664626SKris Kennaway * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4974664626SKris Kennaway * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5074664626SKris Kennaway * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5174664626SKris Kennaway * SUCH DAMAGE. 5274664626SKris Kennaway * 5374664626SKris Kennaway * The licence and distribution terms for any publically available version or 5474664626SKris Kennaway * derivative of this code cannot be changed. i.e. this code cannot simply be 5574664626SKris Kennaway * copied and put under another distribution licence 5674664626SKris Kennaway * [including the GNU Public Licence.] 5774664626SKris Kennaway */ 583b4e3dcbSSimon L. B. Nielsen /* ==================================================================== 59*1f13597dSJung-uk Kim * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60ed5d4f9aSSimon L. B. Nielsen * 61ed5d4f9aSSimon L. B. Nielsen * Redistribution and use in source and binary forms, with or without 62ed5d4f9aSSimon L. B. Nielsen * modification, are permitted provided that the following conditions 63ed5d4f9aSSimon L. B. Nielsen * are met: 64ed5d4f9aSSimon L. B. Nielsen * 65ed5d4f9aSSimon L. B. Nielsen * 1. Redistributions of source code must retain the above copyright 66ed5d4f9aSSimon L. B. Nielsen * notice, this list of conditions and the following disclaimer. 67ed5d4f9aSSimon L. B. Nielsen * 68ed5d4f9aSSimon L. B. Nielsen * 2. Redistributions in binary form must reproduce the above copyright 69ed5d4f9aSSimon L. B. Nielsen * notice, this list of conditions and the following disclaimer in 70ed5d4f9aSSimon L. B. Nielsen * the documentation and/or other materials provided with the 71ed5d4f9aSSimon L. B. Nielsen * distribution. 72ed5d4f9aSSimon L. B. Nielsen * 73ed5d4f9aSSimon L. B. Nielsen * 3. All advertising materials mentioning features or use of this 74ed5d4f9aSSimon L. B. Nielsen * software must display the following acknowledgment: 75ed5d4f9aSSimon L. B. Nielsen * "This product includes software developed by the OpenSSL Project 76ed5d4f9aSSimon L. B. Nielsen * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77ed5d4f9aSSimon L. B. Nielsen * 78ed5d4f9aSSimon L. B. Nielsen * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79ed5d4f9aSSimon L. B. Nielsen * endorse or promote products derived from this software without 80ed5d4f9aSSimon L. B. Nielsen * prior written permission. For written permission, please contact 81ed5d4f9aSSimon L. B. Nielsen * openssl-core@openssl.org. 82ed5d4f9aSSimon L. B. Nielsen * 83ed5d4f9aSSimon L. B. Nielsen * 5. Products derived from this software may not be called "OpenSSL" 84ed5d4f9aSSimon L. B. Nielsen * nor may "OpenSSL" appear in their names without prior written 85ed5d4f9aSSimon L. B. Nielsen * permission of the OpenSSL Project. 86ed5d4f9aSSimon L. B. Nielsen * 87ed5d4f9aSSimon L. B. Nielsen * 6. Redistributions of any form whatsoever must retain the following 88ed5d4f9aSSimon L. B. Nielsen * acknowledgment: 89ed5d4f9aSSimon L. B. Nielsen * "This product includes software developed by the OpenSSL Project 90ed5d4f9aSSimon L. B. Nielsen * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91ed5d4f9aSSimon L. B. Nielsen * 92ed5d4f9aSSimon L. B. Nielsen * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93ed5d4f9aSSimon L. B. Nielsen * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94ed5d4f9aSSimon L. B. Nielsen * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95ed5d4f9aSSimon L. B. Nielsen * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96ed5d4f9aSSimon L. B. Nielsen * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97ed5d4f9aSSimon L. B. Nielsen * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98ed5d4f9aSSimon L. B. Nielsen * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99ed5d4f9aSSimon L. B. Nielsen * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100ed5d4f9aSSimon L. B. Nielsen * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101ed5d4f9aSSimon L. B. Nielsen * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102ed5d4f9aSSimon L. B. Nielsen * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103ed5d4f9aSSimon L. B. Nielsen * OF THE POSSIBILITY OF SUCH DAMAGE. 104ed5d4f9aSSimon L. B. Nielsen * ==================================================================== 105ed5d4f9aSSimon L. B. Nielsen * 106ed5d4f9aSSimon L. B. Nielsen * This product includes cryptographic software written by Eric Young 107ed5d4f9aSSimon L. B. Nielsen * (eay@cryptsoft.com). This product includes software written by Tim 108ed5d4f9aSSimon L. B. Nielsen * Hudson (tjh@cryptsoft.com). 109ed5d4f9aSSimon L. B. Nielsen * 110ed5d4f9aSSimon L. B. Nielsen */ 111ed5d4f9aSSimon L. B. Nielsen /* ==================================================================== 1123b4e3dcbSSimon L. B. Nielsen * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 1133b4e3dcbSSimon L. B. Nielsen * ECC cipher suite support in OpenSSL originally developed by 1143b4e3dcbSSimon L. B. Nielsen * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 1153b4e3dcbSSimon L. B. Nielsen */ 116*1f13597dSJung-uk Kim /* ==================================================================== 117*1f13597dSJung-uk Kim * Copyright 2005 Nokia. All rights reserved. 118*1f13597dSJung-uk Kim * 119*1f13597dSJung-uk Kim * The portions of the attached software ("Contribution") is developed by 120*1f13597dSJung-uk Kim * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121*1f13597dSJung-uk Kim * license. 122*1f13597dSJung-uk Kim * 123*1f13597dSJung-uk Kim * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124*1f13597dSJung-uk Kim * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125*1f13597dSJung-uk Kim * support (see RFC 4279) to OpenSSL. 126*1f13597dSJung-uk Kim * 127*1f13597dSJung-uk Kim * No patent licenses or other rights except those expressly stated in 128*1f13597dSJung-uk Kim * the OpenSSL open source license shall be deemed granted or received 129*1f13597dSJung-uk Kim * expressly, by implication, estoppel, or otherwise. 130*1f13597dSJung-uk Kim * 131*1f13597dSJung-uk Kim * No assurances are provided by Nokia that the Contribution does not 132*1f13597dSJung-uk Kim * infringe the patent or other intellectual property rights of any third 133*1f13597dSJung-uk Kim * party or that the license provides you with all the necessary rights 134*1f13597dSJung-uk Kim * to make use of the Contribution. 135*1f13597dSJung-uk Kim * 136*1f13597dSJung-uk Kim * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137*1f13597dSJung-uk Kim * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138*1f13597dSJung-uk Kim * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139*1f13597dSJung-uk Kim * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140*1f13597dSJung-uk Kim * OTHERWISE. 141*1f13597dSJung-uk Kim */ 142*1f13597dSJung-uk Kim 14374664626SKris Kennaway #include <stdio.h> 14474664626SKris Kennaway #include <openssl/objects.h> 145db522d3aSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 14674664626SKris Kennaway #include <openssl/comp.h> 147db522d3aSSimon L. B. Nielsen #endif 148*1f13597dSJung-uk Kim #ifndef OPENSSL_NO_ENGINE 149*1f13597dSJung-uk Kim #include <openssl/engine.h> 150*1f13597dSJung-uk Kim #endif 15174664626SKris Kennaway #include "ssl_locl.h" 15274664626SKris Kennaway 15374664626SKris Kennaway #define SSL_ENC_DES_IDX 0 15474664626SKris Kennaway #define SSL_ENC_3DES_IDX 1 15574664626SKris Kennaway #define SSL_ENC_RC4_IDX 2 15674664626SKris Kennaway #define SSL_ENC_RC2_IDX 3 15774664626SKris Kennaway #define SSL_ENC_IDEA_IDX 4 158*1f13597dSJung-uk Kim #define SSL_ENC_NULL_IDX 5 159*1f13597dSJung-uk Kim #define SSL_ENC_AES128_IDX 6 160*1f13597dSJung-uk Kim #define SSL_ENC_AES256_IDX 7 161*1f13597dSJung-uk Kim #define SSL_ENC_CAMELLIA128_IDX 8 162*1f13597dSJung-uk Kim #define SSL_ENC_CAMELLIA256_IDX 9 163*1f13597dSJung-uk Kim #define SSL_ENC_GOST89_IDX 10 164db522d3aSSimon L. B. Nielsen #define SSL_ENC_SEED_IDX 11 165*1f13597dSJung-uk Kim #define SSL_ENC_AES128GCM_IDX 12 166*1f13597dSJung-uk Kim #define SSL_ENC_AES256GCM_IDX 13 167*1f13597dSJung-uk Kim #define SSL_ENC_NUM_IDX 14 168ed5d4f9aSSimon L. B. Nielsen 16974664626SKris Kennaway 17074664626SKris Kennaway static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ 171*1f13597dSJung-uk Kim NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL 17274664626SKris Kennaway }; 17374664626SKris Kennaway 1743b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_NULL_IDX 0 1753b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_ZLIB_IDX 1 1763b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_NUM_IDX 2 1773b4e3dcbSSimon L. B. Nielsen 17874664626SKris Kennaway static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL; 17974664626SKris Kennaway 18074664626SKris Kennaway #define SSL_MD_MD5_IDX 0 18174664626SKris Kennaway #define SSL_MD_SHA1_IDX 1 182*1f13597dSJung-uk Kim #define SSL_MD_GOST94_IDX 2 183*1f13597dSJung-uk Kim #define SSL_MD_GOST89MAC_IDX 3 184*1f13597dSJung-uk Kim #define SSL_MD_SHA256_IDX 4 185*1f13597dSJung-uk Kim #define SSL_MD_SHA384_IDX 5 186*1f13597dSJung-uk Kim /*Constant SSL_MAX_DIGEST equal to size of digests array should be 187*1f13597dSJung-uk Kim * defined in the 188*1f13597dSJung-uk Kim * ssl_locl.h */ 189*1f13597dSJung-uk Kim #define SSL_MD_NUM_IDX SSL_MAX_DIGEST 19074664626SKris Kennaway static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={ 191*1f13597dSJung-uk Kim NULL,NULL,NULL,NULL,NULL,NULL 192*1f13597dSJung-uk Kim }; 193*1f13597dSJung-uk Kim /* PKEY_TYPE for GOST89MAC is known in advance, but, because 194*1f13597dSJung-uk Kim * implementation is engine-provided, we'll fill it only if 195*1f13597dSJung-uk Kim * corresponding EVP_PKEY_METHOD is found 196*1f13597dSJung-uk Kim */ 197*1f13597dSJung-uk Kim static int ssl_mac_pkey_id[SSL_MD_NUM_IDX]={ 198*1f13597dSJung-uk Kim EVP_PKEY_HMAC,EVP_PKEY_HMAC,EVP_PKEY_HMAC,NID_undef, 199*1f13597dSJung-uk Kim EVP_PKEY_HMAC,EVP_PKEY_HMAC 200*1f13597dSJung-uk Kim }; 201*1f13597dSJung-uk Kim 202*1f13597dSJung-uk Kim static int ssl_mac_secret_size[SSL_MD_NUM_IDX]={ 203*1f13597dSJung-uk Kim 0,0,0,0,0,0 204*1f13597dSJung-uk Kim }; 205*1f13597dSJung-uk Kim 206*1f13597dSJung-uk Kim static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX]={ 207*1f13597dSJung-uk Kim SSL_HANDSHAKE_MAC_MD5,SSL_HANDSHAKE_MAC_SHA, 208*1f13597dSJung-uk Kim SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256, 209*1f13597dSJung-uk Kim SSL_HANDSHAKE_MAC_SHA384 21074664626SKris Kennaway }; 21174664626SKris Kennaway 21274664626SKris Kennaway #define CIPHER_ADD 1 21374664626SKris Kennaway #define CIPHER_KILL 2 21474664626SKris Kennaway #define CIPHER_DEL 3 21574664626SKris Kennaway #define CIPHER_ORD 4 216f579bf8eSKris Kennaway #define CIPHER_SPECIAL 5 21774664626SKris Kennaway 21874664626SKris Kennaway typedef struct cipher_order_st 21974664626SKris Kennaway { 220*1f13597dSJung-uk Kim const SSL_CIPHER *cipher; 22174664626SKris Kennaway int active; 22274664626SKris Kennaway int dead; 22374664626SKris Kennaway struct cipher_order_st *next,*prev; 22474664626SKris Kennaway } CIPHER_ORDER; 22574664626SKris Kennaway 226f579bf8eSKris Kennaway static const SSL_CIPHER cipher_aliases[]={ 227*1f13597dSJung-uk Kim /* "ALL" doesn't include eNULL (must be specifically enabled) */ 228*1f13597dSJung-uk Kim {0,SSL_TXT_ALL,0, 0,0,~SSL_eNULL,0,0,0,0,0,0}, 229*1f13597dSJung-uk Kim /* "COMPLEMENTOFALL" */ 230*1f13597dSJung-uk Kim {0,SSL_TXT_CMPALL,0, 0,0,SSL_eNULL,0,0,0,0,0,0}, 23174664626SKris Kennaway 232*1f13597dSJung-uk Kim /* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in ALL!) */ 233*1f13597dSJung-uk Kim {0,SSL_TXT_CMPDEF,0, SSL_kEDH|SSL_kEECDH,SSL_aNULL,~SSL_eNULL,0,0,0,0,0,0}, 23474664626SKris Kennaway 235*1f13597dSJung-uk Kim /* key exchange aliases 236*1f13597dSJung-uk Kim * (some of those using only a single bit here combine 237*1f13597dSJung-uk Kim * multiple key exchange algs according to the RFCs, 238*1f13597dSJung-uk Kim * e.g. kEDH combines DHE_DSS and DHE_RSA) */ 239*1f13597dSJung-uk Kim {0,SSL_TXT_kRSA,0, SSL_kRSA, 0,0,0,0,0,0,0,0}, 24074664626SKris Kennaway 241*1f13597dSJung-uk Kim {0,SSL_TXT_kDHr,0, SSL_kDHr, 0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */ 242*1f13597dSJung-uk Kim {0,SSL_TXT_kDHd,0, SSL_kDHd, 0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */ 243*1f13597dSJung-uk Kim {0,SSL_TXT_kDH,0, SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */ 244*1f13597dSJung-uk Kim {0,SSL_TXT_kEDH,0, SSL_kEDH, 0,0,0,0,0,0,0,0}, 245*1f13597dSJung-uk Kim {0,SSL_TXT_DH,0, SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0}, 24674664626SKris Kennaway 247*1f13597dSJung-uk Kim {0,SSL_TXT_kKRB5,0, SSL_kKRB5, 0,0,0,0,0,0,0,0}, 248f579bf8eSKris Kennaway 249*1f13597dSJung-uk Kim {0,SSL_TXT_kECDHr,0, SSL_kECDHr,0,0,0,0,0,0,0,0}, 250*1f13597dSJung-uk Kim {0,SSL_TXT_kECDHe,0, SSL_kECDHe,0,0,0,0,0,0,0,0}, 251*1f13597dSJung-uk Kim {0,SSL_TXT_kECDH,0, SSL_kECDHr|SSL_kECDHe,0,0,0,0,0,0,0,0}, 252*1f13597dSJung-uk Kim {0,SSL_TXT_kEECDH,0, SSL_kEECDH,0,0,0,0,0,0,0,0}, 253*1f13597dSJung-uk Kim {0,SSL_TXT_ECDH,0, SSL_kECDHr|SSL_kECDHe|SSL_kEECDH,0,0,0,0,0,0,0,0}, 254*1f13597dSJung-uk Kim 255*1f13597dSJung-uk Kim {0,SSL_TXT_kPSK,0, SSL_kPSK, 0,0,0,0,0,0,0,0}, 256*1f13597dSJung-uk Kim {0,SSL_TXT_kSRP,0, SSL_kSRP, 0,0,0,0,0,0,0,0}, 257*1f13597dSJung-uk Kim {0,SSL_TXT_kGOST,0, SSL_kGOST,0,0,0,0,0,0,0,0}, 258*1f13597dSJung-uk Kim 259*1f13597dSJung-uk Kim /* server authentication aliases */ 260*1f13597dSJung-uk Kim {0,SSL_TXT_aRSA,0, 0,SSL_aRSA, 0,0,0,0,0,0,0}, 261*1f13597dSJung-uk Kim {0,SSL_TXT_aDSS,0, 0,SSL_aDSS, 0,0,0,0,0,0,0}, 262*1f13597dSJung-uk Kim {0,SSL_TXT_DSS,0, 0,SSL_aDSS, 0,0,0,0,0,0,0}, 263*1f13597dSJung-uk Kim {0,SSL_TXT_aKRB5,0, 0,SSL_aKRB5, 0,0,0,0,0,0,0}, 264*1f13597dSJung-uk Kim {0,SSL_TXT_aNULL,0, 0,SSL_aNULL, 0,0,0,0,0,0,0}, 265*1f13597dSJung-uk Kim {0,SSL_TXT_aDH,0, 0,SSL_aDH, 0,0,0,0,0,0,0}, /* no such ciphersuites supported! */ 266*1f13597dSJung-uk Kim {0,SSL_TXT_aECDH,0, 0,SSL_aECDH, 0,0,0,0,0,0,0}, 267*1f13597dSJung-uk Kim {0,SSL_TXT_aECDSA,0, 0,SSL_aECDSA,0,0,0,0,0,0,0}, 268*1f13597dSJung-uk Kim {0,SSL_TXT_ECDSA,0, 0,SSL_aECDSA, 0,0,0,0,0,0,0}, 269*1f13597dSJung-uk Kim {0,SSL_TXT_aPSK,0, 0,SSL_aPSK, 0,0,0,0,0,0,0}, 270*1f13597dSJung-uk Kim {0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0}, 271*1f13597dSJung-uk Kim {0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0}, 272*1f13597dSJung-uk Kim {0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0}, 273*1f13597dSJung-uk Kim 274*1f13597dSJung-uk Kim /* aliases combining key exchange and server authentication */ 275*1f13597dSJung-uk Kim {0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0}, 276*1f13597dSJung-uk Kim {0,SSL_TXT_EECDH,0, SSL_kEECDH,~SSL_aNULL,0,0,0,0,0,0,0}, 277*1f13597dSJung-uk Kim {0,SSL_TXT_NULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0}, 278*1f13597dSJung-uk Kim {0,SSL_TXT_KRB5,0, SSL_kKRB5,SSL_aKRB5,0,0,0,0,0,0,0}, 279*1f13597dSJung-uk Kim {0,SSL_TXT_RSA,0, SSL_kRSA,SSL_aRSA,0,0,0,0,0,0,0}, 280*1f13597dSJung-uk Kim {0,SSL_TXT_ADH,0, SSL_kEDH,SSL_aNULL,0,0,0,0,0,0,0}, 281*1f13597dSJung-uk Kim {0,SSL_TXT_AECDH,0, SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0}, 282*1f13597dSJung-uk Kim {0,SSL_TXT_PSK,0, SSL_kPSK,SSL_aPSK,0,0,0,0,0,0,0}, 283*1f13597dSJung-uk Kim {0,SSL_TXT_SRP,0, SSL_kSRP,0,0,0,0,0,0,0,0}, 284*1f13597dSJung-uk Kim 285*1f13597dSJung-uk Kim 286*1f13597dSJung-uk Kim /* symmetric encryption aliases */ 287*1f13597dSJung-uk Kim {0,SSL_TXT_DES,0, 0,0,SSL_DES, 0,0,0,0,0,0}, 288*1f13597dSJung-uk Kim {0,SSL_TXT_3DES,0, 0,0,SSL_3DES, 0,0,0,0,0,0}, 289*1f13597dSJung-uk Kim {0,SSL_TXT_RC4,0, 0,0,SSL_RC4, 0,0,0,0,0,0}, 290*1f13597dSJung-uk Kim {0,SSL_TXT_RC2,0, 0,0,SSL_RC2, 0,0,0,0,0,0}, 291*1f13597dSJung-uk Kim {0,SSL_TXT_IDEA,0, 0,0,SSL_IDEA, 0,0,0,0,0,0}, 292*1f13597dSJung-uk Kim {0,SSL_TXT_SEED,0, 0,0,SSL_SEED, 0,0,0,0,0,0}, 293*1f13597dSJung-uk Kim {0,SSL_TXT_eNULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0}, 294*1f13597dSJung-uk Kim {0,SSL_TXT_AES128,0, 0,0,SSL_AES128|SSL_AES128GCM,0,0,0,0,0,0}, 295*1f13597dSJung-uk Kim {0,SSL_TXT_AES256,0, 0,0,SSL_AES256|SSL_AES256GCM,0,0,0,0,0,0}, 296*1f13597dSJung-uk Kim {0,SSL_TXT_AES,0, 0,0,SSL_AES,0,0,0,0,0,0}, 297*1f13597dSJung-uk Kim {0,SSL_TXT_AES_GCM,0, 0,0,SSL_AES128GCM|SSL_AES256GCM,0,0,0,0,0,0}, 298*1f13597dSJung-uk Kim {0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0}, 299*1f13597dSJung-uk Kim {0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0}, 300*1f13597dSJung-uk Kim {0,SSL_TXT_CAMELLIA ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0}, 301*1f13597dSJung-uk Kim 302*1f13597dSJung-uk Kim /* MAC aliases */ 303*1f13597dSJung-uk Kim {0,SSL_TXT_MD5,0, 0,0,0,SSL_MD5, 0,0,0,0,0}, 304*1f13597dSJung-uk Kim {0,SSL_TXT_SHA1,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, 305*1f13597dSJung-uk Kim {0,SSL_TXT_SHA,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, 306*1f13597dSJung-uk Kim {0,SSL_TXT_GOST94,0, 0,0,0,SSL_GOST94, 0,0,0,0,0}, 307*1f13597dSJung-uk Kim {0,SSL_TXT_GOST89MAC,0, 0,0,0,SSL_GOST89MAC, 0,0,0,0,0}, 308*1f13597dSJung-uk Kim {0,SSL_TXT_SHA256,0, 0,0,0,SSL_SHA256, 0,0,0,0,0}, 309*1f13597dSJung-uk Kim {0,SSL_TXT_SHA384,0, 0,0,0,SSL_SHA384, 0,0,0,0,0}, 310*1f13597dSJung-uk Kim 311*1f13597dSJung-uk Kim /* protocol version aliases */ 312*1f13597dSJung-uk Kim {0,SSL_TXT_SSLV2,0, 0,0,0,0,SSL_SSLV2, 0,0,0,0}, 313*1f13597dSJung-uk Kim {0,SSL_TXT_SSLV3,0, 0,0,0,0,SSL_SSLV3, 0,0,0,0}, 314*1f13597dSJung-uk Kim {0,SSL_TXT_TLSV1,0, 0,0,0,0,SSL_TLSV1, 0,0,0,0}, 315*1f13597dSJung-uk Kim 316*1f13597dSJung-uk Kim /* export flag */ 317*1f13597dSJung-uk Kim {0,SSL_TXT_EXP,0, 0,0,0,0,0,SSL_EXPORT,0,0,0}, 318*1f13597dSJung-uk Kim {0,SSL_TXT_EXPORT,0, 0,0,0,0,0,SSL_EXPORT,0,0,0}, 319*1f13597dSJung-uk Kim 320*1f13597dSJung-uk Kim /* strength classes */ 321*1f13597dSJung-uk Kim {0,SSL_TXT_EXP40,0, 0,0,0,0,0,SSL_EXP40, 0,0,0}, 322*1f13597dSJung-uk Kim {0,SSL_TXT_EXP56,0, 0,0,0,0,0,SSL_EXP56, 0,0,0}, 323*1f13597dSJung-uk Kim {0,SSL_TXT_LOW,0, 0,0,0,0,0,SSL_LOW, 0,0,0}, 324*1f13597dSJung-uk Kim {0,SSL_TXT_MEDIUM,0, 0,0,0,0,0,SSL_MEDIUM,0,0,0}, 325*1f13597dSJung-uk Kim {0,SSL_TXT_HIGH,0, 0,0,0,0,0,SSL_HIGH, 0,0,0}, 326*1f13597dSJung-uk Kim /* FIPS 140-2 approved ciphersuite */ 327*1f13597dSJung-uk Kim {0,SSL_TXT_FIPS,0, 0,0,~SSL_eNULL,0,0,SSL_FIPS, 0,0,0}, 32874664626SKris Kennaway }; 329*1f13597dSJung-uk Kim /* Search for public key algorithm with given name and 330*1f13597dSJung-uk Kim * return its pkey_id if it is available. Otherwise return 0 331*1f13597dSJung-uk Kim */ 332*1f13597dSJung-uk Kim #ifdef OPENSSL_NO_ENGINE 333*1f13597dSJung-uk Kim 334*1f13597dSJung-uk Kim static int get_optional_pkey_id(const char *pkey_name) 335*1f13597dSJung-uk Kim { 336*1f13597dSJung-uk Kim const EVP_PKEY_ASN1_METHOD *ameth; 337*1f13597dSJung-uk Kim int pkey_id=0; 338*1f13597dSJung-uk Kim ameth = EVP_PKEY_asn1_find_str(NULL,pkey_name,-1); 339*1f13597dSJung-uk Kim if (ameth) 340*1f13597dSJung-uk Kim { 341*1f13597dSJung-uk Kim EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth); 342*1f13597dSJung-uk Kim } 343*1f13597dSJung-uk Kim return pkey_id; 344*1f13597dSJung-uk Kim } 345*1f13597dSJung-uk Kim 346*1f13597dSJung-uk Kim #else 347*1f13597dSJung-uk Kim 348*1f13597dSJung-uk Kim static int get_optional_pkey_id(const char *pkey_name) 349*1f13597dSJung-uk Kim { 350*1f13597dSJung-uk Kim const EVP_PKEY_ASN1_METHOD *ameth; 351*1f13597dSJung-uk Kim ENGINE *tmpeng = NULL; 352*1f13597dSJung-uk Kim int pkey_id=0; 353*1f13597dSJung-uk Kim ameth = EVP_PKEY_asn1_find_str(&tmpeng,pkey_name,-1); 354*1f13597dSJung-uk Kim if (ameth) 355*1f13597dSJung-uk Kim { 356*1f13597dSJung-uk Kim EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth); 357*1f13597dSJung-uk Kim } 358*1f13597dSJung-uk Kim if (tmpeng) ENGINE_finish(tmpeng); 359*1f13597dSJung-uk Kim return pkey_id; 360*1f13597dSJung-uk Kim } 361*1f13597dSJung-uk Kim 362*1f13597dSJung-uk Kim #endif 36374664626SKris Kennaway 3643b4e3dcbSSimon L. B. Nielsen void ssl_load_ciphers(void) 36574664626SKris Kennaway { 36674664626SKris Kennaway ssl_cipher_methods[SSL_ENC_DES_IDX]= 36774664626SKris Kennaway EVP_get_cipherbyname(SN_des_cbc); 36874664626SKris Kennaway ssl_cipher_methods[SSL_ENC_3DES_IDX]= 36974664626SKris Kennaway EVP_get_cipherbyname(SN_des_ede3_cbc); 37074664626SKris Kennaway ssl_cipher_methods[SSL_ENC_RC4_IDX]= 37174664626SKris Kennaway EVP_get_cipherbyname(SN_rc4); 37274664626SKris Kennaway ssl_cipher_methods[SSL_ENC_RC2_IDX]= 37374664626SKris Kennaway EVP_get_cipherbyname(SN_rc2_cbc); 374ced566fdSJacques Vidrine #ifndef OPENSSL_NO_IDEA 37574664626SKris Kennaway ssl_cipher_methods[SSL_ENC_IDEA_IDX]= 37674664626SKris Kennaway EVP_get_cipherbyname(SN_idea_cbc); 377ced566fdSJacques Vidrine #else 378ced566fdSJacques Vidrine ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL; 379ced566fdSJacques Vidrine #endif 3805c87c606SMark Murray ssl_cipher_methods[SSL_ENC_AES128_IDX]= 3815c87c606SMark Murray EVP_get_cipherbyname(SN_aes_128_cbc); 3825c87c606SMark Murray ssl_cipher_methods[SSL_ENC_AES256_IDX]= 3835c87c606SMark Murray EVP_get_cipherbyname(SN_aes_256_cbc); 384ed5d4f9aSSimon L. B. Nielsen ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX]= 385ed5d4f9aSSimon L. B. Nielsen EVP_get_cipherbyname(SN_camellia_128_cbc); 386ed5d4f9aSSimon L. B. Nielsen ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX]= 387ed5d4f9aSSimon L. B. Nielsen EVP_get_cipherbyname(SN_camellia_256_cbc); 388*1f13597dSJung-uk Kim ssl_cipher_methods[SSL_ENC_GOST89_IDX]= 389*1f13597dSJung-uk Kim EVP_get_cipherbyname(SN_gost89_cnt); 390db522d3aSSimon L. B. Nielsen ssl_cipher_methods[SSL_ENC_SEED_IDX]= 391db522d3aSSimon L. B. Nielsen EVP_get_cipherbyname(SN_seed_cbc); 39274664626SKris Kennaway 393*1f13597dSJung-uk Kim ssl_cipher_methods[SSL_ENC_AES128GCM_IDX]= 394*1f13597dSJung-uk Kim EVP_get_cipherbyname(SN_aes_128_gcm); 395*1f13597dSJung-uk Kim ssl_cipher_methods[SSL_ENC_AES256GCM_IDX]= 396*1f13597dSJung-uk Kim EVP_get_cipherbyname(SN_aes_256_gcm); 397*1f13597dSJung-uk Kim 39874664626SKris Kennaway ssl_digest_methods[SSL_MD_MD5_IDX]= 39974664626SKris Kennaway EVP_get_digestbyname(SN_md5); 400*1f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_MD5_IDX]= 401*1f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]); 402*1f13597dSJung-uk Kim OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0); 40374664626SKris Kennaway ssl_digest_methods[SSL_MD_SHA1_IDX]= 40474664626SKris Kennaway EVP_get_digestbyname(SN_sha1); 405*1f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_SHA1_IDX]= 406*1f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]); 407*1f13597dSJung-uk Kim OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0); 408*1f13597dSJung-uk Kim ssl_digest_methods[SSL_MD_GOST94_IDX]= 409*1f13597dSJung-uk Kim EVP_get_digestbyname(SN_id_GostR3411_94); 410*1f13597dSJung-uk Kim if (ssl_digest_methods[SSL_MD_GOST94_IDX]) 411*1f13597dSJung-uk Kim { 412*1f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_GOST94_IDX]= 413*1f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]); 414*1f13597dSJung-uk Kim OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0); 415*1f13597dSJung-uk Kim } 416*1f13597dSJung-uk Kim ssl_digest_methods[SSL_MD_GOST89MAC_IDX]= 417*1f13597dSJung-uk Kim EVP_get_digestbyname(SN_id_Gost28147_89_MAC); 418*1f13597dSJung-uk Kim ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac"); 419*1f13597dSJung-uk Kim if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) { 420*1f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX]=32; 42174664626SKris Kennaway } 42274664626SKris Kennaway 423*1f13597dSJung-uk Kim ssl_digest_methods[SSL_MD_SHA256_IDX]= 424*1f13597dSJung-uk Kim EVP_get_digestbyname(SN_sha256); 425*1f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_SHA256_IDX]= 426*1f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]); 427*1f13597dSJung-uk Kim ssl_digest_methods[SSL_MD_SHA384_IDX]= 428*1f13597dSJung-uk Kim EVP_get_digestbyname(SN_sha384); 429*1f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_SHA384_IDX]= 430*1f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]); 431*1f13597dSJung-uk Kim } 4323b4e3dcbSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 4333b4e3dcbSSimon L. B. Nielsen 4343b4e3dcbSSimon L. B. Nielsen static int sk_comp_cmp(const SSL_COMP * const *a, 4353b4e3dcbSSimon L. B. Nielsen const SSL_COMP * const *b) 4363b4e3dcbSSimon L. B. Nielsen { 4373b4e3dcbSSimon L. B. Nielsen return((*a)->id-(*b)->id); 4383b4e3dcbSSimon L. B. Nielsen } 4393b4e3dcbSSimon L. B. Nielsen 4403b4e3dcbSSimon L. B. Nielsen static void load_builtin_compressions(void) 4413b4e3dcbSSimon L. B. Nielsen { 442ed5d4f9aSSimon L. B. Nielsen int got_write_lock = 0; 4433b4e3dcbSSimon L. B. Nielsen 444ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_lock(CRYPTO_LOCK_SSL); 445ed5d4f9aSSimon L. B. Nielsen if (ssl_comp_methods == NULL) 446ed5d4f9aSSimon L. B. Nielsen { 447ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_unlock(CRYPTO_LOCK_SSL); 4483b4e3dcbSSimon L. B. Nielsen CRYPTO_w_lock(CRYPTO_LOCK_SSL); 449ed5d4f9aSSimon L. B. Nielsen got_write_lock = 1; 450ed5d4f9aSSimon L. B. Nielsen 4513b4e3dcbSSimon L. B. Nielsen if (ssl_comp_methods == NULL) 4523b4e3dcbSSimon L. B. Nielsen { 4533b4e3dcbSSimon L. B. Nielsen SSL_COMP *comp = NULL; 4543b4e3dcbSSimon L. B. Nielsen 4553b4e3dcbSSimon L. B. Nielsen MemCheck_off(); 4563b4e3dcbSSimon L. B. Nielsen ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp); 4573b4e3dcbSSimon L. B. Nielsen if (ssl_comp_methods != NULL) 4583b4e3dcbSSimon L. B. Nielsen { 4593b4e3dcbSSimon L. B. Nielsen comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); 4603b4e3dcbSSimon L. B. Nielsen if (comp != NULL) 4613b4e3dcbSSimon L. B. Nielsen { 4623b4e3dcbSSimon L. B. Nielsen comp->method=COMP_zlib(); 4633b4e3dcbSSimon L. B. Nielsen if (comp->method 4643b4e3dcbSSimon L. B. Nielsen && comp->method->type == NID_undef) 4653b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 4663b4e3dcbSSimon L. B. Nielsen else 4673b4e3dcbSSimon L. B. Nielsen { 4683b4e3dcbSSimon L. B. Nielsen comp->id=SSL_COMP_ZLIB_IDX; 4693b4e3dcbSSimon L. B. Nielsen comp->name=comp->method->name; 4703b4e3dcbSSimon L. B. Nielsen sk_SSL_COMP_push(ssl_comp_methods,comp); 4713b4e3dcbSSimon L. B. Nielsen } 4723b4e3dcbSSimon L. B. Nielsen } 47312de4ed2SJung-uk Kim sk_SSL_COMP_sort(ssl_comp_methods); 4743b4e3dcbSSimon L. B. Nielsen } 4753b4e3dcbSSimon L. B. Nielsen MemCheck_on(); 4763b4e3dcbSSimon L. B. Nielsen } 477ed5d4f9aSSimon L. B. Nielsen } 478ed5d4f9aSSimon L. B. Nielsen 479ed5d4f9aSSimon L. B. Nielsen if (got_write_lock) 4803b4e3dcbSSimon L. B. Nielsen CRYPTO_w_unlock(CRYPTO_LOCK_SSL); 481ed5d4f9aSSimon L. B. Nielsen else 482ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_unlock(CRYPTO_LOCK_SSL); 4833b4e3dcbSSimon L. B. Nielsen } 4843b4e3dcbSSimon L. B. Nielsen #endif 4853b4e3dcbSSimon L. B. Nielsen 4863b4e3dcbSSimon L. B. Nielsen int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, 487*1f13597dSJung-uk Kim const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COMP **comp) 48874664626SKris Kennaway { 48974664626SKris Kennaway int i; 490*1f13597dSJung-uk Kim const SSL_CIPHER *c; 49174664626SKris Kennaway 49274664626SKris Kennaway c=s->cipher; 49374664626SKris Kennaway if (c == NULL) return(0); 49474664626SKris Kennaway if (comp != NULL) 49574664626SKris Kennaway { 49674664626SKris Kennaway SSL_COMP ctmp; 4973b4e3dcbSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 4983b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 4993b4e3dcbSSimon L. B. Nielsen #endif 50074664626SKris Kennaway 50174664626SKris Kennaway *comp=NULL; 50274664626SKris Kennaway ctmp.id=s->compress_meth; 5033b4e3dcbSSimon L. B. Nielsen if (ssl_comp_methods != NULL) 5043b4e3dcbSSimon L. B. Nielsen { 50574664626SKris Kennaway i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp); 50674664626SKris Kennaway if (i >= 0) 50774664626SKris Kennaway *comp=sk_SSL_COMP_value(ssl_comp_methods,i); 50874664626SKris Kennaway else 50974664626SKris Kennaway *comp=NULL; 51074664626SKris Kennaway } 51174664626SKris Kennaway } 51274664626SKris Kennaway 51374664626SKris Kennaway if ((enc == NULL) || (md == NULL)) return(0); 51474664626SKris Kennaway 515*1f13597dSJung-uk Kim switch (c->algorithm_enc) 51674664626SKris Kennaway { 51774664626SKris Kennaway case SSL_DES: 51874664626SKris Kennaway i=SSL_ENC_DES_IDX; 51974664626SKris Kennaway break; 52074664626SKris Kennaway case SSL_3DES: 52174664626SKris Kennaway i=SSL_ENC_3DES_IDX; 52274664626SKris Kennaway break; 52374664626SKris Kennaway case SSL_RC4: 52474664626SKris Kennaway i=SSL_ENC_RC4_IDX; 52574664626SKris Kennaway break; 52674664626SKris Kennaway case SSL_RC2: 52774664626SKris Kennaway i=SSL_ENC_RC2_IDX; 52874664626SKris Kennaway break; 52974664626SKris Kennaway case SSL_IDEA: 53074664626SKris Kennaway i=SSL_ENC_IDEA_IDX; 53174664626SKris Kennaway break; 53274664626SKris Kennaway case SSL_eNULL: 53374664626SKris Kennaway i=SSL_ENC_NULL_IDX; 53474664626SKris Kennaway break; 535*1f13597dSJung-uk Kim case SSL_AES128: 536*1f13597dSJung-uk Kim i=SSL_ENC_AES128_IDX; 5375c87c606SMark Murray break; 538*1f13597dSJung-uk Kim case SSL_AES256: 539*1f13597dSJung-uk Kim i=SSL_ENC_AES256_IDX; 540*1f13597dSJung-uk Kim break; 541*1f13597dSJung-uk Kim case SSL_CAMELLIA128: 542*1f13597dSJung-uk Kim i=SSL_ENC_CAMELLIA128_IDX; 543*1f13597dSJung-uk Kim break; 544*1f13597dSJung-uk Kim case SSL_CAMELLIA256: 545*1f13597dSJung-uk Kim i=SSL_ENC_CAMELLIA256_IDX; 546*1f13597dSJung-uk Kim break; 547*1f13597dSJung-uk Kim case SSL_eGOST2814789CNT: 548*1f13597dSJung-uk Kim i=SSL_ENC_GOST89_IDX; 549ed5d4f9aSSimon L. B. Nielsen break; 550db522d3aSSimon L. B. Nielsen case SSL_SEED: 551db522d3aSSimon L. B. Nielsen i=SSL_ENC_SEED_IDX; 552db522d3aSSimon L. B. Nielsen break; 553*1f13597dSJung-uk Kim case SSL_AES128GCM: 554*1f13597dSJung-uk Kim i=SSL_ENC_AES128GCM_IDX; 555*1f13597dSJung-uk Kim break; 556*1f13597dSJung-uk Kim case SSL_AES256GCM: 557*1f13597dSJung-uk Kim i=SSL_ENC_AES256GCM_IDX; 558*1f13597dSJung-uk Kim break; 55974664626SKris Kennaway default: 56074664626SKris Kennaway i= -1; 56174664626SKris Kennaway break; 56274664626SKris Kennaway } 56374664626SKris Kennaway 56474664626SKris Kennaway if ((i < 0) || (i > SSL_ENC_NUM_IDX)) 56574664626SKris Kennaway *enc=NULL; 56674664626SKris Kennaway else 56774664626SKris Kennaway { 56874664626SKris Kennaway if (i == SSL_ENC_NULL_IDX) 56974664626SKris Kennaway *enc=EVP_enc_null(); 57074664626SKris Kennaway else 57174664626SKris Kennaway *enc=ssl_cipher_methods[i]; 57274664626SKris Kennaway } 57374664626SKris Kennaway 574*1f13597dSJung-uk Kim switch (c->algorithm_mac) 57574664626SKris Kennaway { 57674664626SKris Kennaway case SSL_MD5: 57774664626SKris Kennaway i=SSL_MD_MD5_IDX; 57874664626SKris Kennaway break; 57974664626SKris Kennaway case SSL_SHA1: 58074664626SKris Kennaway i=SSL_MD_SHA1_IDX; 58174664626SKris Kennaway break; 582*1f13597dSJung-uk Kim case SSL_SHA256: 583*1f13597dSJung-uk Kim i=SSL_MD_SHA256_IDX; 584*1f13597dSJung-uk Kim break; 585*1f13597dSJung-uk Kim case SSL_SHA384: 586*1f13597dSJung-uk Kim i=SSL_MD_SHA384_IDX; 587*1f13597dSJung-uk Kim break; 588*1f13597dSJung-uk Kim case SSL_GOST94: 589*1f13597dSJung-uk Kim i = SSL_MD_GOST94_IDX; 590*1f13597dSJung-uk Kim break; 591*1f13597dSJung-uk Kim case SSL_GOST89MAC: 592*1f13597dSJung-uk Kim i = SSL_MD_GOST89MAC_IDX; 593*1f13597dSJung-uk Kim break; 59474664626SKris Kennaway default: 59574664626SKris Kennaway i= -1; 59674664626SKris Kennaway break; 59774664626SKris Kennaway } 59874664626SKris Kennaway if ((i < 0) || (i > SSL_MD_NUM_IDX)) 599*1f13597dSJung-uk Kim { 60074664626SKris Kennaway *md=NULL; 601*1f13597dSJung-uk Kim if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef; 602*1f13597dSJung-uk Kim if (mac_secret_size!=NULL) *mac_secret_size = 0; 603*1f13597dSJung-uk Kim if (c->algorithm_mac == SSL_AEAD) 604*1f13597dSJung-uk Kim mac_pkey_type = NULL; 605*1f13597dSJung-uk Kim } 60674664626SKris Kennaway else 607*1f13597dSJung-uk Kim { 60874664626SKris Kennaway *md=ssl_digest_methods[i]; 609*1f13597dSJung-uk Kim if (mac_pkey_type!=NULL) *mac_pkey_type = ssl_mac_pkey_id[i]; 610*1f13597dSJung-uk Kim if (mac_secret_size!=NULL) *mac_secret_size = ssl_mac_secret_size[i]; 611*1f13597dSJung-uk Kim } 61274664626SKris Kennaway 613*1f13597dSJung-uk Kim if ((*enc != NULL) && 614*1f13597dSJung-uk Kim (*md != NULL || (EVP_CIPHER_flags(*enc)&EVP_CIPH_FLAG_AEAD_CIPHER)) && 615*1f13597dSJung-uk Kim (!mac_pkey_type||*mac_pkey_type != NID_undef)) 616*1f13597dSJung-uk Kim { 617*1f13597dSJung-uk Kim const EVP_CIPHER *evp; 618*1f13597dSJung-uk Kim 619*1f13597dSJung-uk Kim if (s->ssl_version>>8 != TLS1_VERSION_MAJOR || 620*1f13597dSJung-uk Kim s->ssl_version < TLS1_VERSION) 621*1f13597dSJung-uk Kim return 1; 622*1f13597dSJung-uk Kim 623*1f13597dSJung-uk Kim #ifdef OPENSSL_FIPS 624*1f13597dSJung-uk Kim if (FIPS_mode()) 625*1f13597dSJung-uk Kim return 1; 626*1f13597dSJung-uk Kim #endif 627*1f13597dSJung-uk Kim 628*1f13597dSJung-uk Kim if (c->algorithm_enc == SSL_RC4 && 629*1f13597dSJung-uk Kim c->algorithm_mac == SSL_MD5 && 630*1f13597dSJung-uk Kim (evp=EVP_get_cipherbyname("RC4-HMAC-MD5"))) 631*1f13597dSJung-uk Kim *enc = evp, *md = NULL; 632*1f13597dSJung-uk Kim else if (c->algorithm_enc == SSL_AES128 && 633*1f13597dSJung-uk Kim c->algorithm_mac == SSL_SHA1 && 634*1f13597dSJung-uk Kim (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) 635*1f13597dSJung-uk Kim *enc = evp, *md = NULL; 636*1f13597dSJung-uk Kim else if (c->algorithm_enc == SSL_AES256 && 637*1f13597dSJung-uk Kim c->algorithm_mac == SSL_SHA1 && 638*1f13597dSJung-uk Kim (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) 639*1f13597dSJung-uk Kim *enc = evp, *md = NULL; 64074664626SKris Kennaway return(1); 641*1f13597dSJung-uk Kim } 64274664626SKris Kennaway else 64374664626SKris Kennaway return(0); 64474664626SKris Kennaway } 64574664626SKris Kennaway 646*1f13597dSJung-uk Kim int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md) 647*1f13597dSJung-uk Kim { 648*1f13597dSJung-uk Kim if (idx <0||idx>=SSL_MD_NUM_IDX) 649*1f13597dSJung-uk Kim { 650*1f13597dSJung-uk Kim return 0; 651*1f13597dSJung-uk Kim } 652*1f13597dSJung-uk Kim *mask = ssl_handshake_digest_flag[idx]; 653*1f13597dSJung-uk Kim if (*mask) 654*1f13597dSJung-uk Kim *md = ssl_digest_methods[idx]; 655*1f13597dSJung-uk Kim else 656*1f13597dSJung-uk Kim *md = NULL; 657*1f13597dSJung-uk Kim return 1; 658*1f13597dSJung-uk Kim } 659*1f13597dSJung-uk Kim 66074664626SKris Kennaway #define ITEM_SEP(a) \ 66174664626SKris Kennaway (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ',')) 66274664626SKris Kennaway 66374664626SKris Kennaway static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr, 66474664626SKris Kennaway CIPHER_ORDER **tail) 66574664626SKris Kennaway { 66674664626SKris Kennaway if (curr == *tail) return; 66774664626SKris Kennaway if (curr == *head) 66874664626SKris Kennaway *head=curr->next; 66974664626SKris Kennaway if (curr->prev != NULL) 67074664626SKris Kennaway curr->prev->next=curr->next; 671*1f13597dSJung-uk Kim if (curr->next != NULL) 67274664626SKris Kennaway curr->next->prev=curr->prev; 67374664626SKris Kennaway (*tail)->next=curr; 67474664626SKris Kennaway curr->prev= *tail; 67574664626SKris Kennaway curr->next=NULL; 67674664626SKris Kennaway *tail=curr; 67774664626SKris Kennaway } 67874664626SKris Kennaway 679*1f13597dSJung-uk Kim static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr, 680*1f13597dSJung-uk Kim CIPHER_ORDER **tail) 68174664626SKris Kennaway { 682*1f13597dSJung-uk Kim if (curr == *head) return; 683*1f13597dSJung-uk Kim if (curr == *tail) 684*1f13597dSJung-uk Kim *tail=curr->prev; 685*1f13597dSJung-uk Kim if (curr->next != NULL) 686*1f13597dSJung-uk Kim curr->next->prev=curr->prev; 687*1f13597dSJung-uk Kim if (curr->prev != NULL) 688*1f13597dSJung-uk Kim curr->prev->next=curr->next; 689*1f13597dSJung-uk Kim (*head)->prev=curr; 690*1f13597dSJung-uk Kim curr->next= *head; 691*1f13597dSJung-uk Kim curr->prev=NULL; 692*1f13597dSJung-uk Kim *head=curr; 693*1f13597dSJung-uk Kim } 69474664626SKris Kennaway 695*1f13597dSJung-uk Kim static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, unsigned long *enc, unsigned long *mac, unsigned long *ssl) 696*1f13597dSJung-uk Kim { 697*1f13597dSJung-uk Kim *mkey = 0; 698*1f13597dSJung-uk Kim *auth = 0; 699*1f13597dSJung-uk Kim *enc = 0; 700*1f13597dSJung-uk Kim *mac = 0; 701*1f13597dSJung-uk Kim *ssl = 0; 702*1f13597dSJung-uk Kim 7035c87c606SMark Murray #ifdef OPENSSL_NO_RSA 704*1f13597dSJung-uk Kim *mkey |= SSL_kRSA; 705*1f13597dSJung-uk Kim *auth |= SSL_aRSA; 70674664626SKris Kennaway #endif 7075c87c606SMark Murray #ifdef OPENSSL_NO_DSA 708*1f13597dSJung-uk Kim *auth |= SSL_aDSS; 70974664626SKris Kennaway #endif 710*1f13597dSJung-uk Kim *mkey |= SSL_kDHr|SSL_kDHd; /* no such ciphersuites supported! */ 711*1f13597dSJung-uk Kim *auth |= SSL_aDH; 7125c87c606SMark Murray #ifdef OPENSSL_NO_DH 713*1f13597dSJung-uk Kim *mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH; 714*1f13597dSJung-uk Kim *auth |= SSL_aDH; 71574664626SKris Kennaway #endif 7165c87c606SMark Murray #ifdef OPENSSL_NO_KRB5 717*1f13597dSJung-uk Kim *mkey |= SSL_kKRB5; 718*1f13597dSJung-uk Kim *auth |= SSL_aKRB5; 719*1f13597dSJung-uk Kim #endif 720*1f13597dSJung-uk Kim #ifdef OPENSSL_NO_ECDSA 721*1f13597dSJung-uk Kim *auth |= SSL_aECDSA; 7225c87c606SMark Murray #endif 7233b4e3dcbSSimon L. B. Nielsen #ifdef OPENSSL_NO_ECDH 724*1f13597dSJung-uk Kim *mkey |= SSL_kECDHe|SSL_kECDHr; 725*1f13597dSJung-uk Kim *auth |= SSL_aECDH; 7263b4e3dcbSSimon L. B. Nielsen #endif 727*1f13597dSJung-uk Kim #ifdef OPENSSL_NO_PSK 728*1f13597dSJung-uk Kim *mkey |= SSL_kPSK; 729*1f13597dSJung-uk Kim *auth |= SSL_aPSK; 730*1f13597dSJung-uk Kim #endif 731*1f13597dSJung-uk Kim #ifdef OPENSSL_NO_SRP 732*1f13597dSJung-uk Kim *mkey |= SSL_kSRP; 733*1f13597dSJung-uk Kim #endif 734*1f13597dSJung-uk Kim /* Check for presence of GOST 34.10 algorithms, and if they 735*1f13597dSJung-uk Kim * do not present, disable appropriate auth and key exchange */ 736*1f13597dSJung-uk Kim if (!get_optional_pkey_id("gost94")) { 737*1f13597dSJung-uk Kim *auth |= SSL_aGOST94; 738*1f13597dSJung-uk Kim } 739*1f13597dSJung-uk Kim if (!get_optional_pkey_id("gost2001")) { 740*1f13597dSJung-uk Kim *auth |= SSL_aGOST01; 741*1f13597dSJung-uk Kim } 742*1f13597dSJung-uk Kim /* Disable GOST key exchange if no GOST signature algs are available * */ 743*1f13597dSJung-uk Kim if ((*auth & (SSL_aGOST94|SSL_aGOST01)) == (SSL_aGOST94|SSL_aGOST01)) { 744*1f13597dSJung-uk Kim *mkey |= SSL_kGOST; 745*1f13597dSJung-uk Kim } 74674664626SKris Kennaway #ifdef SSL_FORBID_ENULL 747*1f13597dSJung-uk Kim *enc |= SSL_eNULL; 74874664626SKris Kennaway #endif 74974664626SKris Kennaway 75074664626SKris Kennaway 75174664626SKris Kennaway 752*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0; 753*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0; 754*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0; 755*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0; 756*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0; 757*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128:0; 758*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256:0; 759*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == NULL) ? SSL_AES128GCM:0; 760*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM:0; 761*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128:0; 762*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256:0; 763*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT:0; 764*1f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED:0; 7655471f83eSSimon L. B. Nielsen 766*1f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0; 767*1f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0; 768*1f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256:0; 769*1f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384:0; 770*1f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94:0; 771*1f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]==NID_undef)? SSL_GOST89MAC:0; 772*1f13597dSJung-uk Kim 773f579bf8eSKris Kennaway } 774f579bf8eSKris Kennaway 775f579bf8eSKris Kennaway static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, 776*1f13597dSJung-uk Kim int num_of_ciphers, 777*1f13597dSJung-uk Kim unsigned long disabled_mkey, unsigned long disabled_auth, 778*1f13597dSJung-uk Kim unsigned long disabled_enc, unsigned long disabled_mac, 779*1f13597dSJung-uk Kim unsigned long disabled_ssl, 780*1f13597dSJung-uk Kim CIPHER_ORDER *co_list, 781*1f13597dSJung-uk Kim CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) 782f579bf8eSKris Kennaway { 783ced566fdSJacques Vidrine int i, co_list_num; 784*1f13597dSJung-uk Kim const SSL_CIPHER *c; 785f579bf8eSKris Kennaway 786f579bf8eSKris Kennaway /* 787f579bf8eSKris Kennaway * We have num_of_ciphers descriptions compiled in, depending on the 788f579bf8eSKris Kennaway * method selected (SSLv2 and/or SSLv3, TLSv1 etc). 789f579bf8eSKris Kennaway * These will later be sorted in a linked list with at most num 790f579bf8eSKris Kennaway * entries. 791f579bf8eSKris Kennaway */ 79274664626SKris Kennaway 79374664626SKris Kennaway /* Get the initial list of ciphers */ 794ced566fdSJacques Vidrine co_list_num = 0; /* actual count of ciphers */ 795f579bf8eSKris Kennaway for (i = 0; i < num_of_ciphers; i++) 79674664626SKris Kennaway { 797f579bf8eSKris Kennaway c = ssl_method->get_cipher(i); 79874664626SKris Kennaway /* drop those that use any of that is not available */ 799*1f13597dSJung-uk Kim if ((c != NULL) && c->valid && 800db522d3aSSimon L. B. Nielsen #ifdef OPENSSL_FIPS 801*1f13597dSJung-uk Kim (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) && 802db522d3aSSimon L. B. Nielsen #endif 803*1f13597dSJung-uk Kim !(c->algorithm_mkey & disabled_mkey) && 804*1f13597dSJung-uk Kim !(c->algorithm_auth & disabled_auth) && 805*1f13597dSJung-uk Kim !(c->algorithm_enc & disabled_enc) && 806*1f13597dSJung-uk Kim !(c->algorithm_mac & disabled_mac) && 807*1f13597dSJung-uk Kim !(c->algorithm_ssl & disabled_ssl)) 80874664626SKris Kennaway { 809ced566fdSJacques Vidrine co_list[co_list_num].cipher = c; 810ced566fdSJacques Vidrine co_list[co_list_num].next = NULL; 811ced566fdSJacques Vidrine co_list[co_list_num].prev = NULL; 812ced566fdSJacques Vidrine co_list[co_list_num].active = 0; 813ced566fdSJacques Vidrine co_list_num++; 8145c87c606SMark Murray #ifdef KSSL_DEBUG 815*1f13597dSJung-uk Kim printf("\t%d: %s %lx %lx %lx\n",i,c->name,c->id,c->algorithm_mkey,c->algorithm_auth); 8165c87c606SMark Murray #endif /* KSSL_DEBUG */ 817f579bf8eSKris Kennaway /* 81874664626SKris Kennaway if (!sk_push(ca_list,(char *)c)) goto err; 819f579bf8eSKris Kennaway */ 82074664626SKris Kennaway } 82174664626SKris Kennaway } 82274664626SKris Kennaway 823f579bf8eSKris Kennaway /* 824f579bf8eSKris Kennaway * Prepare linked list from list entries 825f579bf8eSKris Kennaway */ 826ced566fdSJacques Vidrine if (co_list_num > 0) 82774664626SKris Kennaway { 828*1f13597dSJung-uk Kim co_list[0].prev = NULL; 829*1f13597dSJung-uk Kim 830*1f13597dSJung-uk Kim if (co_list_num > 1) 831*1f13597dSJung-uk Kim { 832*1f13597dSJung-uk Kim co_list[0].next = &co_list[1]; 833*1f13597dSJung-uk Kim 834*1f13597dSJung-uk Kim for (i = 1; i < co_list_num - 1; i++) 835*1f13597dSJung-uk Kim { 836*1f13597dSJung-uk Kim co_list[i].prev = &co_list[i - 1]; 837*1f13597dSJung-uk Kim co_list[i].next = &co_list[i + 1]; 838*1f13597dSJung-uk Kim } 839*1f13597dSJung-uk Kim 840*1f13597dSJung-uk Kim co_list[co_list_num - 1].prev = &co_list[co_list_num - 2]; 841*1f13597dSJung-uk Kim } 842*1f13597dSJung-uk Kim 843*1f13597dSJung-uk Kim co_list[co_list_num - 1].next = NULL; 844*1f13597dSJung-uk Kim 845*1f13597dSJung-uk Kim *head_p = &co_list[0]; 846*1f13597dSJung-uk Kim *tail_p = &co_list[co_list_num - 1]; 847f579bf8eSKris Kennaway } 84874664626SKris Kennaway } 84974664626SKris Kennaway 850*1f13597dSJung-uk Kim static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, 851*1f13597dSJung-uk Kim int num_of_group_aliases, 852*1f13597dSJung-uk Kim unsigned long disabled_mkey, unsigned long disabled_auth, 853*1f13597dSJung-uk Kim unsigned long disabled_enc, unsigned long disabled_mac, 854*1f13597dSJung-uk Kim unsigned long disabled_ssl, 855f579bf8eSKris Kennaway CIPHER_ORDER *head) 85674664626SKris Kennaway { 857f579bf8eSKris Kennaway CIPHER_ORDER *ciph_curr; 858*1f13597dSJung-uk Kim const SSL_CIPHER **ca_curr; 859f579bf8eSKris Kennaway int i; 860*1f13597dSJung-uk Kim unsigned long mask_mkey = ~disabled_mkey; 861*1f13597dSJung-uk Kim unsigned long mask_auth = ~disabled_auth; 862*1f13597dSJung-uk Kim unsigned long mask_enc = ~disabled_enc; 863*1f13597dSJung-uk Kim unsigned long mask_mac = ~disabled_mac; 864*1f13597dSJung-uk Kim unsigned long mask_ssl = ~disabled_ssl; 865f579bf8eSKris Kennaway 866f579bf8eSKris Kennaway /* 867f579bf8eSKris Kennaway * First, add the real ciphers as already collected 868f579bf8eSKris Kennaway */ 869f579bf8eSKris Kennaway ciph_curr = head; 870f579bf8eSKris Kennaway ca_curr = ca_list; 871f579bf8eSKris Kennaway while (ciph_curr != NULL) 872f579bf8eSKris Kennaway { 873f579bf8eSKris Kennaway *ca_curr = ciph_curr->cipher; 874f579bf8eSKris Kennaway ca_curr++; 875f579bf8eSKris Kennaway ciph_curr = ciph_curr->next; 87674664626SKris Kennaway } 87774664626SKris Kennaway 878f579bf8eSKris Kennaway /* 879f579bf8eSKris Kennaway * Now we add the available ones from the cipher_aliases[] table. 880*1f13597dSJung-uk Kim * They represent either one or more algorithms, some of which 881*1f13597dSJung-uk Kim * in any affected category must be supported (set in enabled_mask), 882*1f13597dSJung-uk Kim * or represent a cipher strength value (will be added in any case because algorithms=0). 883f579bf8eSKris Kennaway */ 884f579bf8eSKris Kennaway for (i = 0; i < num_of_group_aliases; i++) 88574664626SKris Kennaway { 886*1f13597dSJung-uk Kim unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey; 887*1f13597dSJung-uk Kim unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth; 888*1f13597dSJung-uk Kim unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc; 889*1f13597dSJung-uk Kim unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac; 890*1f13597dSJung-uk Kim unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl; 891*1f13597dSJung-uk Kim 892*1f13597dSJung-uk Kim if (algorithm_mkey) 893*1f13597dSJung-uk Kim if ((algorithm_mkey & mask_mkey) == 0) 894*1f13597dSJung-uk Kim continue; 895*1f13597dSJung-uk Kim 896*1f13597dSJung-uk Kim if (algorithm_auth) 897*1f13597dSJung-uk Kim if ((algorithm_auth & mask_auth) == 0) 898*1f13597dSJung-uk Kim continue; 899*1f13597dSJung-uk Kim 900*1f13597dSJung-uk Kim if (algorithm_enc) 901*1f13597dSJung-uk Kim if ((algorithm_enc & mask_enc) == 0) 902*1f13597dSJung-uk Kim continue; 903*1f13597dSJung-uk Kim 904*1f13597dSJung-uk Kim if (algorithm_mac) 905*1f13597dSJung-uk Kim if ((algorithm_mac & mask_mac) == 0) 906*1f13597dSJung-uk Kim continue; 907*1f13597dSJung-uk Kim 908*1f13597dSJung-uk Kim if (algorithm_ssl) 909*1f13597dSJung-uk Kim if ((algorithm_ssl & mask_ssl) == 0) 910*1f13597dSJung-uk Kim continue; 911*1f13597dSJung-uk Kim 912f579bf8eSKris Kennaway *ca_curr = (SSL_CIPHER *)(cipher_aliases + i); 913f579bf8eSKris Kennaway ca_curr++; 91474664626SKris Kennaway } 91574664626SKris Kennaway 916f579bf8eSKris Kennaway *ca_curr = NULL; /* end of list */ 917f579bf8eSKris Kennaway } 918f579bf8eSKris Kennaway 919*1f13597dSJung-uk Kim static void ssl_cipher_apply_rule(unsigned long cipher_id, 920*1f13597dSJung-uk Kim unsigned long alg_mkey, unsigned long alg_auth, 921*1f13597dSJung-uk Kim unsigned long alg_enc, unsigned long alg_mac, 922*1f13597dSJung-uk Kim unsigned long alg_ssl, 923*1f13597dSJung-uk Kim unsigned long algo_strength, 924*1f13597dSJung-uk Kim int rule, int strength_bits, 925f579bf8eSKris Kennaway CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) 92674664626SKris Kennaway { 927*1f13597dSJung-uk Kim CIPHER_ORDER *head, *tail, *curr, *curr2, *last; 928*1f13597dSJung-uk Kim const SSL_CIPHER *cp; 929*1f13597dSJung-uk Kim int reverse = 0; 930f579bf8eSKris Kennaway 931f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 932*1f13597dSJung-uk Kim printf("Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n", 933*1f13597dSJung-uk Kim rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength, strength_bits); 93474664626SKris Kennaway #endif 93574664626SKris Kennaway 936*1f13597dSJung-uk Kim if (rule == CIPHER_DEL) 937*1f13597dSJung-uk Kim reverse = 1; /* needed to maintain sorting between currently deleted ciphers */ 938*1f13597dSJung-uk Kim 939*1f13597dSJung-uk Kim head = *head_p; 940*1f13597dSJung-uk Kim tail = *tail_p; 941*1f13597dSJung-uk Kim 942*1f13597dSJung-uk Kim if (reverse) 943*1f13597dSJung-uk Kim { 944*1f13597dSJung-uk Kim curr = tail; 945*1f13597dSJung-uk Kim last = head; 946*1f13597dSJung-uk Kim } 947*1f13597dSJung-uk Kim else 948*1f13597dSJung-uk Kim { 949*1f13597dSJung-uk Kim curr = head; 950*1f13597dSJung-uk Kim last = tail; 951*1f13597dSJung-uk Kim } 952*1f13597dSJung-uk Kim 953*1f13597dSJung-uk Kim curr2 = curr; 95474664626SKris Kennaway for (;;) 95574664626SKris Kennaway { 956*1f13597dSJung-uk Kim if ((curr == NULL) || (curr == last)) break; 95774664626SKris Kennaway curr = curr2; 958*1f13597dSJung-uk Kim curr2 = reverse ? curr->prev : curr->next; 95974664626SKris Kennaway 96074664626SKris Kennaway cp = curr->cipher; 961f579bf8eSKris Kennaway 962*1f13597dSJung-uk Kim /* 963*1f13597dSJung-uk Kim * Selection criteria is either the value of strength_bits 964*1f13597dSJung-uk Kim * or the algorithms used. 965*1f13597dSJung-uk Kim */ 966*1f13597dSJung-uk Kim if (strength_bits >= 0) 9673b4e3dcbSSimon L. B. Nielsen { 968*1f13597dSJung-uk Kim if (strength_bits != cp->strength_bits) 9693b4e3dcbSSimon L. B. Nielsen continue; 9703b4e3dcbSSimon L. B. Nielsen } 971*1f13597dSJung-uk Kim else 97274664626SKris Kennaway { 973f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 974*1f13597dSJung-uk Kim printf("\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n", cp->name, cp->algorithm_mkey, cp->algorithm_auth, cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl, cp->algo_strength); 975f579bf8eSKris Kennaway #endif 976*1f13597dSJung-uk Kim 977*1f13597dSJung-uk Kim if (alg_mkey && !(alg_mkey & cp->algorithm_mkey)) 978*1f13597dSJung-uk Kim continue; 979*1f13597dSJung-uk Kim if (alg_auth && !(alg_auth & cp->algorithm_auth)) 980*1f13597dSJung-uk Kim continue; 981*1f13597dSJung-uk Kim if (alg_enc && !(alg_enc & cp->algorithm_enc)) 982*1f13597dSJung-uk Kim continue; 983*1f13597dSJung-uk Kim if (alg_mac && !(alg_mac & cp->algorithm_mac)) 984*1f13597dSJung-uk Kim continue; 985*1f13597dSJung-uk Kim if (alg_ssl && !(alg_ssl & cp->algorithm_ssl)) 986*1f13597dSJung-uk Kim continue; 987*1f13597dSJung-uk Kim if ((algo_strength & SSL_EXP_MASK) && !(algo_strength & SSL_EXP_MASK & cp->algo_strength)) 988*1f13597dSJung-uk Kim continue; 989*1f13597dSJung-uk Kim if ((algo_strength & SSL_STRONG_MASK) && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength)) 990*1f13597dSJung-uk Kim continue; 99174664626SKris Kennaway } 992f579bf8eSKris Kennaway 993f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 994f579bf8eSKris Kennaway printf("Action = %d\n", rule); 995f579bf8eSKris Kennaway #endif 99674664626SKris Kennaway 99774664626SKris Kennaway /* add the cipher if it has not been added yet. */ 998f579bf8eSKris Kennaway if (rule == CIPHER_ADD) 99974664626SKris Kennaway { 1000*1f13597dSJung-uk Kim /* reverse == 0 */ 100174664626SKris Kennaway if (!curr->active) 100274664626SKris Kennaway { 100374664626SKris Kennaway ll_append_tail(&head, curr, &tail); 100474664626SKris Kennaway curr->active = 1; 100574664626SKris Kennaway } 100674664626SKris Kennaway } 100774664626SKris Kennaway /* Move the added cipher to this location */ 1008f579bf8eSKris Kennaway else if (rule == CIPHER_ORD) 100974664626SKris Kennaway { 1010*1f13597dSJung-uk Kim /* reverse == 0 */ 101174664626SKris Kennaway if (curr->active) 101274664626SKris Kennaway { 101374664626SKris Kennaway ll_append_tail(&head, curr, &tail); 101474664626SKris Kennaway } 101574664626SKris Kennaway } 1016f579bf8eSKris Kennaway else if (rule == CIPHER_DEL) 1017*1f13597dSJung-uk Kim { 1018*1f13597dSJung-uk Kim /* reverse == 1 */ 1019*1f13597dSJung-uk Kim if (curr->active) 1020*1f13597dSJung-uk Kim { 1021*1f13597dSJung-uk Kim /* most recently deleted ciphersuites get best positions 1022*1f13597dSJung-uk Kim * for any future CIPHER_ADD (note that the CIPHER_DEL loop 1023*1f13597dSJung-uk Kim * works in reverse to maintain the order) */ 1024*1f13597dSJung-uk Kim ll_append_head(&head, curr, &tail); 102574664626SKris Kennaway curr->active = 0; 1026*1f13597dSJung-uk Kim } 1027*1f13597dSJung-uk Kim } 1028f579bf8eSKris Kennaway else if (rule == CIPHER_KILL) 102974664626SKris Kennaway { 1030*1f13597dSJung-uk Kim /* reverse == 0 */ 103174664626SKris Kennaway if (head == curr) 103274664626SKris Kennaway head = curr->next; 103374664626SKris Kennaway else 103474664626SKris Kennaway curr->prev->next = curr->next; 103574664626SKris Kennaway if (tail == curr) 103674664626SKris Kennaway tail = curr->prev; 103774664626SKris Kennaway curr->active = 0; 103874664626SKris Kennaway if (curr->next != NULL) 103974664626SKris Kennaway curr->next->prev = curr->prev; 104074664626SKris Kennaway if (curr->prev != NULL) 104174664626SKris Kennaway curr->prev->next = curr->next; 104274664626SKris Kennaway curr->next = NULL; 104374664626SKris Kennaway curr->prev = NULL; 104474664626SKris Kennaway } 104574664626SKris Kennaway } 1046f579bf8eSKris Kennaway 1047f579bf8eSKris Kennaway *head_p = head; 1048f579bf8eSKris Kennaway *tail_p = tail; 104974664626SKris Kennaway } 105074664626SKris Kennaway 1051*1f13597dSJung-uk Kim static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, 1052f579bf8eSKris Kennaway CIPHER_ORDER **tail_p) 1053f579bf8eSKris Kennaway { 1054f579bf8eSKris Kennaway int max_strength_bits, i, *number_uses; 1055f579bf8eSKris Kennaway CIPHER_ORDER *curr; 1056f579bf8eSKris Kennaway 1057f579bf8eSKris Kennaway /* 1058f579bf8eSKris Kennaway * This routine sorts the ciphers with descending strength. The sorting 1059f579bf8eSKris Kennaway * must keep the pre-sorted sequence, so we apply the normal sorting 1060f579bf8eSKris Kennaway * routine as '+' movement to the end of the list. 1061f579bf8eSKris Kennaway */ 1062f579bf8eSKris Kennaway max_strength_bits = 0; 1063f579bf8eSKris Kennaway curr = *head_p; 1064f579bf8eSKris Kennaway while (curr != NULL) 1065f579bf8eSKris Kennaway { 1066f579bf8eSKris Kennaway if (curr->active && 1067f579bf8eSKris Kennaway (curr->cipher->strength_bits > max_strength_bits)) 1068f579bf8eSKris Kennaway max_strength_bits = curr->cipher->strength_bits; 1069f579bf8eSKris Kennaway curr = curr->next; 1070f579bf8eSKris Kennaway } 1071f579bf8eSKris Kennaway 1072ddd58736SKris Kennaway number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); 1073f579bf8eSKris Kennaway if (!number_uses) 1074f579bf8eSKris Kennaway { 1075f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE); 1076f579bf8eSKris Kennaway return(0); 1077f579bf8eSKris Kennaway } 1078f579bf8eSKris Kennaway memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int)); 1079f579bf8eSKris Kennaway 1080f579bf8eSKris Kennaway /* 1081f579bf8eSKris Kennaway * Now find the strength_bits values actually used 1082f579bf8eSKris Kennaway */ 1083f579bf8eSKris Kennaway curr = *head_p; 1084f579bf8eSKris Kennaway while (curr != NULL) 1085f579bf8eSKris Kennaway { 1086f579bf8eSKris Kennaway if (curr->active) 1087f579bf8eSKris Kennaway number_uses[curr->cipher->strength_bits]++; 1088f579bf8eSKris Kennaway curr = curr->next; 1089f579bf8eSKris Kennaway } 1090f579bf8eSKris Kennaway /* 1091f579bf8eSKris Kennaway * Go through the list of used strength_bits values in descending 1092f579bf8eSKris Kennaway * order. 1093f579bf8eSKris Kennaway */ 1094f579bf8eSKris Kennaway for (i = max_strength_bits; i >= 0; i--) 1095f579bf8eSKris Kennaway if (number_uses[i] > 0) 1096*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p, tail_p); 1097f579bf8eSKris Kennaway 1098ddd58736SKris Kennaway OPENSSL_free(number_uses); 1099f579bf8eSKris Kennaway return(1); 1100f579bf8eSKris Kennaway } 1101f579bf8eSKris Kennaway 1102f579bf8eSKris Kennaway static int ssl_cipher_process_rulestr(const char *rule_str, 1103*1f13597dSJung-uk Kim CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p, 1104*1f13597dSJung-uk Kim const SSL_CIPHER **ca_list) 1105f579bf8eSKris Kennaway { 1106*1f13597dSJung-uk Kim unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength; 1107a3ddd25aSSimon L. B. Nielsen const char *l, *buf; 1108f579bf8eSKris Kennaway int j, multi, found, rule, retval, ok, buflen; 1109*1f13597dSJung-uk Kim unsigned long cipher_id = 0; 1110f579bf8eSKris Kennaway char ch; 1111f579bf8eSKris Kennaway 1112f579bf8eSKris Kennaway retval = 1; 1113f579bf8eSKris Kennaway l = rule_str; 1114f579bf8eSKris Kennaway for (;;) 1115f579bf8eSKris Kennaway { 1116f579bf8eSKris Kennaway ch = *l; 1117f579bf8eSKris Kennaway 1118f579bf8eSKris Kennaway if (ch == '\0') 1119f579bf8eSKris Kennaway break; /* done */ 1120f579bf8eSKris Kennaway if (ch == '-') 1121f579bf8eSKris Kennaway { rule = CIPHER_DEL; l++; } 1122f579bf8eSKris Kennaway else if (ch == '+') 1123f579bf8eSKris Kennaway { rule = CIPHER_ORD; l++; } 1124f579bf8eSKris Kennaway else if (ch == '!') 1125f579bf8eSKris Kennaway { rule = CIPHER_KILL; l++; } 1126f579bf8eSKris Kennaway else if (ch == '@') 1127f579bf8eSKris Kennaway { rule = CIPHER_SPECIAL; l++; } 1128f579bf8eSKris Kennaway else 1129f579bf8eSKris Kennaway { rule = CIPHER_ADD; } 1130f579bf8eSKris Kennaway 1131f579bf8eSKris Kennaway if (ITEM_SEP(ch)) 1132f579bf8eSKris Kennaway { 1133f579bf8eSKris Kennaway l++; 1134f579bf8eSKris Kennaway continue; 1135f579bf8eSKris Kennaway } 1136f579bf8eSKris Kennaway 1137*1f13597dSJung-uk Kim alg_mkey = 0; 1138*1f13597dSJung-uk Kim alg_auth = 0; 1139*1f13597dSJung-uk Kim alg_enc = 0; 1140*1f13597dSJung-uk Kim alg_mac = 0; 1141*1f13597dSJung-uk Kim alg_ssl = 0; 1142*1f13597dSJung-uk Kim algo_strength = 0; 1143f579bf8eSKris Kennaway 1144f579bf8eSKris Kennaway for (;;) 1145f579bf8eSKris Kennaway { 1146f579bf8eSKris Kennaway ch = *l; 1147f579bf8eSKris Kennaway buf = l; 1148f579bf8eSKris Kennaway buflen = 0; 1149f579bf8eSKris Kennaway #ifndef CHARSET_EBCDIC 1150f579bf8eSKris Kennaway while ( ((ch >= 'A') && (ch <= 'Z')) || 1151f579bf8eSKris Kennaway ((ch >= '0') && (ch <= '9')) || 1152f579bf8eSKris Kennaway ((ch >= 'a') && (ch <= 'z')) || 1153f579bf8eSKris Kennaway (ch == '-')) 1154f579bf8eSKris Kennaway #else 1155f579bf8eSKris Kennaway while ( isalnum(ch) || (ch == '-')) 1156f579bf8eSKris Kennaway #endif 1157f579bf8eSKris Kennaway { 1158f579bf8eSKris Kennaway ch = *(++l); 1159f579bf8eSKris Kennaway buflen++; 1160f579bf8eSKris Kennaway } 1161f579bf8eSKris Kennaway 1162f579bf8eSKris Kennaway if (buflen == 0) 1163f579bf8eSKris Kennaway { 1164f579bf8eSKris Kennaway /* 1165f579bf8eSKris Kennaway * We hit something we cannot deal with, 1166f579bf8eSKris Kennaway * it is no command or separator nor 1167f579bf8eSKris Kennaway * alphanumeric, so we call this an error. 1168f579bf8eSKris Kennaway */ 1169f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, 1170f579bf8eSKris Kennaway SSL_R_INVALID_COMMAND); 1171f579bf8eSKris Kennaway retval = found = 0; 1172f579bf8eSKris Kennaway l++; 1173f579bf8eSKris Kennaway break; 1174f579bf8eSKris Kennaway } 1175f579bf8eSKris Kennaway 1176f579bf8eSKris Kennaway if (rule == CIPHER_SPECIAL) 1177f579bf8eSKris Kennaway { 1178f579bf8eSKris Kennaway found = 0; /* unused -- avoid compiler warning */ 1179f579bf8eSKris Kennaway break; /* special treatment */ 1180f579bf8eSKris Kennaway } 1181f579bf8eSKris Kennaway 1182f579bf8eSKris Kennaway /* check for multi-part specification */ 1183f579bf8eSKris Kennaway if (ch == '+') 1184f579bf8eSKris Kennaway { 1185f579bf8eSKris Kennaway multi=1; 1186f579bf8eSKris Kennaway l++; 1187f579bf8eSKris Kennaway } 1188f579bf8eSKris Kennaway else 1189f579bf8eSKris Kennaway multi=0; 1190f579bf8eSKris Kennaway 1191f579bf8eSKris Kennaway /* 1192f579bf8eSKris Kennaway * Now search for the cipher alias in the ca_list. Be careful 1193f579bf8eSKris Kennaway * with the strncmp, because the "buflen" limitation 1194f579bf8eSKris Kennaway * will make the rule "ADH:SOME" and the cipher 1195f579bf8eSKris Kennaway * "ADH-MY-CIPHER" look like a match for buflen=3. 1196f579bf8eSKris Kennaway * So additionally check whether the cipher name found 1197f579bf8eSKris Kennaway * has the correct length. We can save a strlen() call: 1198f579bf8eSKris Kennaway * just checking for the '\0' at the right place is 119950ef0093SJacques Vidrine * sufficient, we have to strncmp() anyway. (We cannot 120050ef0093SJacques Vidrine * use strcmp(), because buf is not '\0' terminated.) 1201f579bf8eSKris Kennaway */ 1202f579bf8eSKris Kennaway j = found = 0; 12033b4e3dcbSSimon L. B. Nielsen cipher_id = 0; 1204f579bf8eSKris Kennaway while (ca_list[j]) 1205f579bf8eSKris Kennaway { 120650ef0093SJacques Vidrine if (!strncmp(buf, ca_list[j]->name, buflen) && 120750ef0093SJacques Vidrine (ca_list[j]->name[buflen] == '\0')) 1208f579bf8eSKris Kennaway { 1209f579bf8eSKris Kennaway found = 1; 1210f579bf8eSKris Kennaway break; 1211f579bf8eSKris Kennaway } 1212f579bf8eSKris Kennaway else 1213f579bf8eSKris Kennaway j++; 1214f579bf8eSKris Kennaway } 1215*1f13597dSJung-uk Kim 1216f579bf8eSKris Kennaway if (!found) 1217f579bf8eSKris Kennaway break; /* ignore this entry */ 1218f579bf8eSKris Kennaway 1219*1f13597dSJung-uk Kim if (ca_list[j]->algorithm_mkey) 1220*1f13597dSJung-uk Kim { 1221*1f13597dSJung-uk Kim if (alg_mkey) 1222*1f13597dSJung-uk Kim { 1223*1f13597dSJung-uk Kim alg_mkey &= ca_list[j]->algorithm_mkey; 1224*1f13597dSJung-uk Kim if (!alg_mkey) { found = 0; break; } 1225*1f13597dSJung-uk Kim } 1226*1f13597dSJung-uk Kim else 1227*1f13597dSJung-uk Kim alg_mkey = ca_list[j]->algorithm_mkey; 1228*1f13597dSJung-uk Kim } 1229f579bf8eSKris Kennaway 1230*1f13597dSJung-uk Kim if (ca_list[j]->algorithm_auth) 1231*1f13597dSJung-uk Kim { 1232*1f13597dSJung-uk Kim if (alg_auth) 1233*1f13597dSJung-uk Kim { 1234*1f13597dSJung-uk Kim alg_auth &= ca_list[j]->algorithm_auth; 1235*1f13597dSJung-uk Kim if (!alg_auth) { found = 0; break; } 1236*1f13597dSJung-uk Kim } 1237*1f13597dSJung-uk Kim else 1238*1f13597dSJung-uk Kim alg_auth = ca_list[j]->algorithm_auth; 1239*1f13597dSJung-uk Kim } 1240*1f13597dSJung-uk Kim 1241*1f13597dSJung-uk Kim if (ca_list[j]->algorithm_enc) 1242*1f13597dSJung-uk Kim { 1243*1f13597dSJung-uk Kim if (alg_enc) 1244*1f13597dSJung-uk Kim { 1245*1f13597dSJung-uk Kim alg_enc &= ca_list[j]->algorithm_enc; 1246*1f13597dSJung-uk Kim if (!alg_enc) { found = 0; break; } 1247*1f13597dSJung-uk Kim } 1248*1f13597dSJung-uk Kim else 1249*1f13597dSJung-uk Kim alg_enc = ca_list[j]->algorithm_enc; 1250*1f13597dSJung-uk Kim } 1251*1f13597dSJung-uk Kim 1252*1f13597dSJung-uk Kim if (ca_list[j]->algorithm_mac) 1253*1f13597dSJung-uk Kim { 1254*1f13597dSJung-uk Kim if (alg_mac) 1255*1f13597dSJung-uk Kim { 1256*1f13597dSJung-uk Kim alg_mac &= ca_list[j]->algorithm_mac; 1257*1f13597dSJung-uk Kim if (!alg_mac) { found = 0; break; } 1258*1f13597dSJung-uk Kim } 1259*1f13597dSJung-uk Kim else 1260*1f13597dSJung-uk Kim alg_mac = ca_list[j]->algorithm_mac; 1261*1f13597dSJung-uk Kim } 1262*1f13597dSJung-uk Kim 1263*1f13597dSJung-uk Kim if (ca_list[j]->algo_strength & SSL_EXP_MASK) 1264*1f13597dSJung-uk Kim { 1265*1f13597dSJung-uk Kim if (algo_strength & SSL_EXP_MASK) 1266*1f13597dSJung-uk Kim { 1267*1f13597dSJung-uk Kim algo_strength &= (ca_list[j]->algo_strength & SSL_EXP_MASK) | ~SSL_EXP_MASK; 1268*1f13597dSJung-uk Kim if (!(algo_strength & SSL_EXP_MASK)) { found = 0; break; } 1269*1f13597dSJung-uk Kim } 1270*1f13597dSJung-uk Kim else 1271*1f13597dSJung-uk Kim algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK; 1272*1f13597dSJung-uk Kim } 1273*1f13597dSJung-uk Kim 1274*1f13597dSJung-uk Kim if (ca_list[j]->algo_strength & SSL_STRONG_MASK) 1275*1f13597dSJung-uk Kim { 1276*1f13597dSJung-uk Kim if (algo_strength & SSL_STRONG_MASK) 1277*1f13597dSJung-uk Kim { 1278*1f13597dSJung-uk Kim algo_strength &= (ca_list[j]->algo_strength & SSL_STRONG_MASK) | ~SSL_STRONG_MASK; 1279*1f13597dSJung-uk Kim if (!(algo_strength & SSL_STRONG_MASK)) { found = 0; break; } 1280*1f13597dSJung-uk Kim } 1281*1f13597dSJung-uk Kim else 1282*1f13597dSJung-uk Kim algo_strength |= ca_list[j]->algo_strength & SSL_STRONG_MASK; 1283*1f13597dSJung-uk Kim } 1284*1f13597dSJung-uk Kim 1285ed5d4f9aSSimon L. B. Nielsen if (ca_list[j]->valid) 1286ed5d4f9aSSimon L. B. Nielsen { 1287*1f13597dSJung-uk Kim /* explicit ciphersuite found; its protocol version 1288*1f13597dSJung-uk Kim * does not become part of the search pattern!*/ 1289*1f13597dSJung-uk Kim 1290ed5d4f9aSSimon L. B. Nielsen cipher_id = ca_list[j]->id; 1291*1f13597dSJung-uk Kim } 1292*1f13597dSJung-uk Kim else 1293*1f13597dSJung-uk Kim { 1294*1f13597dSJung-uk Kim /* not an explicit ciphersuite; only in this case, the 1295*1f13597dSJung-uk Kim * protocol version is considered part of the search pattern */ 1296*1f13597dSJung-uk Kim 1297*1f13597dSJung-uk Kim if (ca_list[j]->algorithm_ssl) 1298*1f13597dSJung-uk Kim { 1299*1f13597dSJung-uk Kim if (alg_ssl) 1300*1f13597dSJung-uk Kim { 1301*1f13597dSJung-uk Kim alg_ssl &= ca_list[j]->algorithm_ssl; 1302*1f13597dSJung-uk Kim if (!alg_ssl) { found = 0; break; } 1303*1f13597dSJung-uk Kim } 1304*1f13597dSJung-uk Kim else 1305*1f13597dSJung-uk Kim alg_ssl = ca_list[j]->algorithm_ssl; 1306*1f13597dSJung-uk Kim } 1307ed5d4f9aSSimon L. B. Nielsen } 1308ed5d4f9aSSimon L. B. Nielsen 1309f579bf8eSKris Kennaway if (!multi) break; 1310f579bf8eSKris Kennaway } 1311f579bf8eSKris Kennaway 1312f579bf8eSKris Kennaway /* 1313f579bf8eSKris Kennaway * Ok, we have the rule, now apply it 1314f579bf8eSKris Kennaway */ 1315f579bf8eSKris Kennaway if (rule == CIPHER_SPECIAL) 1316f579bf8eSKris Kennaway { /* special command */ 1317f579bf8eSKris Kennaway ok = 0; 1318f579bf8eSKris Kennaway if ((buflen == 8) && 1319f579bf8eSKris Kennaway !strncmp(buf, "STRENGTH", 8)) 1320*1f13597dSJung-uk Kim ok = ssl_cipher_strength_sort(head_p, tail_p); 1321f579bf8eSKris Kennaway else 1322f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, 1323f579bf8eSKris Kennaway SSL_R_INVALID_COMMAND); 1324f579bf8eSKris Kennaway if (ok == 0) 1325f579bf8eSKris Kennaway retval = 0; 1326f579bf8eSKris Kennaway /* 1327f579bf8eSKris Kennaway * We do not support any "multi" options 1328f579bf8eSKris Kennaway * together with "@", so throw away the 1329f579bf8eSKris Kennaway * rest of the command, if any left, until 1330f579bf8eSKris Kennaway * end or ':' is found. 1331f579bf8eSKris Kennaway */ 13325471f83eSSimon L. B. Nielsen while ((*l != '\0') && !ITEM_SEP(*l)) 1333f579bf8eSKris Kennaway l++; 1334f579bf8eSKris Kennaway } 1335f579bf8eSKris Kennaway else if (found) 1336f579bf8eSKris Kennaway { 1337*1f13597dSJung-uk Kim ssl_cipher_apply_rule(cipher_id, 1338*1f13597dSJung-uk Kim alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength, 1339*1f13597dSJung-uk Kim rule, -1, head_p, tail_p); 1340f579bf8eSKris Kennaway } 1341f579bf8eSKris Kennaway else 1342f579bf8eSKris Kennaway { 13435471f83eSSimon L. B. Nielsen while ((*l != '\0') && !ITEM_SEP(*l)) 1344f579bf8eSKris Kennaway l++; 1345f579bf8eSKris Kennaway } 1346f579bf8eSKris Kennaway if (*l == '\0') break; /* done */ 1347f579bf8eSKris Kennaway } 1348f579bf8eSKris Kennaway 1349f579bf8eSKris Kennaway return(retval); 1350f579bf8eSKris Kennaway } 1351f579bf8eSKris Kennaway 1352f579bf8eSKris Kennaway STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, 1353f579bf8eSKris Kennaway STACK_OF(SSL_CIPHER) **cipher_list, 1354f579bf8eSKris Kennaway STACK_OF(SSL_CIPHER) **cipher_list_by_id, 1355f579bf8eSKris Kennaway const char *rule_str) 1356f579bf8eSKris Kennaway { 1357f579bf8eSKris Kennaway int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; 1358*1f13597dSJung-uk Kim unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl; 13593b4e3dcbSSimon L. B. Nielsen STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list; 1360f579bf8eSKris Kennaway const char *rule_p; 1361ced566fdSJacques Vidrine CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; 1362*1f13597dSJung-uk Kim const SSL_CIPHER **ca_list = NULL; 1363f579bf8eSKris Kennaway 1364f579bf8eSKris Kennaway /* 1365f579bf8eSKris Kennaway * Return with error if nothing to do. 1366f579bf8eSKris Kennaway */ 13673b4e3dcbSSimon L. B. Nielsen if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) 13683b4e3dcbSSimon L. B. Nielsen return NULL; 1369f579bf8eSKris Kennaway 1370f579bf8eSKris Kennaway /* 1371f579bf8eSKris Kennaway * To reduce the work to do we only want to process the compiled 1372f579bf8eSKris Kennaway * in algorithms, so we first get the mask of disabled ciphers. 1373f579bf8eSKris Kennaway */ 1374*1f13597dSJung-uk Kim ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, &disabled_mac, &disabled_ssl); 1375f579bf8eSKris Kennaway 1376f579bf8eSKris Kennaway /* 1377f579bf8eSKris Kennaway * Now we have to collect the available ciphers from the compiled 1378f579bf8eSKris Kennaway * in ciphers. We cannot get more than the number compiled in, so 1379f579bf8eSKris Kennaway * it is used for allocation. 1380f579bf8eSKris Kennaway */ 1381f579bf8eSKris Kennaway num_of_ciphers = ssl_method->num_ciphers(); 13825c87c606SMark Murray #ifdef KSSL_DEBUG 13835c87c606SMark Murray printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); 13845c87c606SMark Murray #endif /* KSSL_DEBUG */ 1385ced566fdSJacques Vidrine co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); 1386ced566fdSJacques Vidrine if (co_list == NULL) 1387f579bf8eSKris Kennaway { 1388f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); 1389f579bf8eSKris Kennaway return(NULL); /* Failure */ 1390f579bf8eSKris Kennaway } 1391f579bf8eSKris Kennaway 1392*1f13597dSJung-uk Kim ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, 1393*1f13597dSJung-uk Kim disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl, 1394*1f13597dSJung-uk Kim co_list, &head, &tail); 1395*1f13597dSJung-uk Kim 1396*1f13597dSJung-uk Kim 1397*1f13597dSJung-uk Kim /* Now arrange all ciphers by preference: */ 1398*1f13597dSJung-uk Kim 1399*1f13597dSJung-uk Kim /* Everything else being equal, prefer ephemeral ECDH over other key exchange mechanisms */ 1400*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail); 1401*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail); 1402*1f13597dSJung-uk Kim 1403*1f13597dSJung-uk Kim /* AES is our preferred symmetric cipher */ 1404*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, &tail); 1405*1f13597dSJung-uk Kim 1406*1f13597dSJung-uk Kim /* Temporarily enable everything else for sorting */ 1407*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail); 1408*1f13597dSJung-uk Kim 1409*1f13597dSJung-uk Kim /* Low priority for MD5 */ 1410*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head, &tail); 1411*1f13597dSJung-uk Kim 1412*1f13597dSJung-uk Kim /* Move anonymous ciphers to the end. Usually, these will remain disabled. 1413*1f13597dSJung-uk Kim * (For applications that allow them, they aren't too bad, but we prefer 1414*1f13597dSJung-uk Kim * authenticated ciphers.) */ 1415*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); 1416*1f13597dSJung-uk Kim 1417*1f13597dSJung-uk Kim /* Move ciphers without forward secrecy to the end */ 1418*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); 1419*1f13597dSJung-uk Kim /* ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); */ 1420*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); 1421*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kPSK, 0,0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); 1422*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kKRB5, 0,0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); 1423*1f13597dSJung-uk Kim 1424*1f13597dSJung-uk Kim /* RC4 is sort-of broken -- move the the end */ 1425*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); 1426*1f13597dSJung-uk Kim 1427*1f13597dSJung-uk Kim /* Now sort by symmetric encryption strength. The above ordering remains 1428*1f13597dSJung-uk Kim * in force within each class */ 1429*1f13597dSJung-uk Kim if (!ssl_cipher_strength_sort(&head, &tail)) 1430*1f13597dSJung-uk Kim { 1431*1f13597dSJung-uk Kim OPENSSL_free(co_list); 1432*1f13597dSJung-uk Kim return NULL; 1433*1f13597dSJung-uk Kim } 1434*1f13597dSJung-uk Kim 1435*1f13597dSJung-uk Kim /* Now disable everything (maintaining the ordering!) */ 1436*1f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail); 1437*1f13597dSJung-uk Kim 1438f579bf8eSKris Kennaway 1439f579bf8eSKris Kennaway /* 1440f579bf8eSKris Kennaway * We also need cipher aliases for selecting based on the rule_str. 1441f579bf8eSKris Kennaway * There might be two types of entries in the rule_str: 1) names 1442f579bf8eSKris Kennaway * of ciphers themselves 2) aliases for groups of ciphers. 1443f579bf8eSKris Kennaway * For 1) we need the available ciphers and for 2) the cipher 1444f579bf8eSKris Kennaway * groups of cipher_aliases added together in one list (otherwise 1445f579bf8eSKris Kennaway * we would be happy with just the cipher_aliases table). 1446f579bf8eSKris Kennaway */ 1447f579bf8eSKris Kennaway num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER); 1448f579bf8eSKris Kennaway num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; 1449*1f13597dSJung-uk Kim ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); 1450f579bf8eSKris Kennaway if (ca_list == NULL) 1451f579bf8eSKris Kennaway { 1452ced566fdSJacques Vidrine OPENSSL_free(co_list); 1453f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); 1454f579bf8eSKris Kennaway return(NULL); /* Failure */ 1455f579bf8eSKris Kennaway } 14565471f83eSSimon L. B. Nielsen ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, 1457*1f13597dSJung-uk Kim disabled_mkey, disabled_auth, disabled_enc, 1458*1f13597dSJung-uk Kim disabled_mac, disabled_ssl, head); 1459f579bf8eSKris Kennaway 1460f579bf8eSKris Kennaway /* 1461f579bf8eSKris Kennaway * If the rule_string begins with DEFAULT, apply the default rule 1462f579bf8eSKris Kennaway * before using the (possibly available) additional rules. 1463f579bf8eSKris Kennaway */ 1464f579bf8eSKris Kennaway ok = 1; 1465f579bf8eSKris Kennaway rule_p = rule_str; 1466f579bf8eSKris Kennaway if (strncmp(rule_str,"DEFAULT",7) == 0) 1467f579bf8eSKris Kennaway { 1468f579bf8eSKris Kennaway ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, 1469*1f13597dSJung-uk Kim &head, &tail, ca_list); 1470f579bf8eSKris Kennaway rule_p += 7; 1471f579bf8eSKris Kennaway if (*rule_p == ':') 1472f579bf8eSKris Kennaway rule_p++; 1473f579bf8eSKris Kennaway } 1474f579bf8eSKris Kennaway 1475f579bf8eSKris Kennaway if (ok && (strlen(rule_p) > 0)) 1476*1f13597dSJung-uk Kim ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list); 1477f579bf8eSKris Kennaway 1478*1f13597dSJung-uk Kim OPENSSL_free((void *)ca_list); /* Not needed anymore */ 1479f579bf8eSKris Kennaway 1480f579bf8eSKris Kennaway if (!ok) 1481f579bf8eSKris Kennaway { /* Rule processing failure */ 1482ced566fdSJacques Vidrine OPENSSL_free(co_list); 1483f579bf8eSKris Kennaway return(NULL); 1484f579bf8eSKris Kennaway } 1485*1f13597dSJung-uk Kim 1486f579bf8eSKris Kennaway /* 1487f579bf8eSKris Kennaway * Allocate new "cipherstack" for the result, return with error 1488f579bf8eSKris Kennaway * if we cannot get one. 1489f579bf8eSKris Kennaway */ 1490ddd58736SKris Kennaway if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) 1491f579bf8eSKris Kennaway { 1492ced566fdSJacques Vidrine OPENSSL_free(co_list); 1493f579bf8eSKris Kennaway return(NULL); 1494f579bf8eSKris Kennaway } 1495f579bf8eSKris Kennaway 1496f579bf8eSKris Kennaway /* 1497f579bf8eSKris Kennaway * The cipher selection for the list is done. The ciphers are added 1498f579bf8eSKris Kennaway * to the resulting precedence to the STACK_OF(SSL_CIPHER). 1499f579bf8eSKris Kennaway */ 150074664626SKris Kennaway for (curr = head; curr != NULL; curr = curr->next) 150174664626SKris Kennaway { 1502db522d3aSSimon L. B. Nielsen #ifdef OPENSSL_FIPS 1503db522d3aSSimon L. B. Nielsen if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) 1504db522d3aSSimon L. B. Nielsen #else 150574664626SKris Kennaway if (curr->active) 1506db522d3aSSimon L. B. Nielsen #endif 150774664626SKris Kennaway { 1508f579bf8eSKris Kennaway sk_SSL_CIPHER_push(cipherstack, curr->cipher); 150974664626SKris Kennaway #ifdef CIPHER_DEBUG 151074664626SKris Kennaway printf("<%s>\n",curr->cipher->name); 151174664626SKris Kennaway #endif 151274664626SKris Kennaway } 151374664626SKris Kennaway } 1514ced566fdSJacques Vidrine OPENSSL_free(co_list); /* Not needed any longer */ 151574664626SKris Kennaway 15163b4e3dcbSSimon L. B. Nielsen tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack); 15173b4e3dcbSSimon L. B. Nielsen if (tmp_cipher_list == NULL) 151874664626SKris Kennaway { 15193b4e3dcbSSimon L. B. Nielsen sk_SSL_CIPHER_free(cipherstack); 15203b4e3dcbSSimon L. B. Nielsen return NULL; 15213b4e3dcbSSimon L. B. Nielsen } 152274664626SKris Kennaway if (*cipher_list != NULL) 152374664626SKris Kennaway sk_SSL_CIPHER_free(*cipher_list); 1524f579bf8eSKris Kennaway *cipher_list = cipherstack; 152574664626SKris Kennaway if (*cipher_list_by_id != NULL) 152674664626SKris Kennaway sk_SSL_CIPHER_free(*cipher_list_by_id); 15273b4e3dcbSSimon L. B. Nielsen *cipher_list_by_id = tmp_cipher_list; 1528db522d3aSSimon L. B. Nielsen (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp); 152974664626SKris Kennaway 15306a599222SSimon L. B. Nielsen sk_SSL_CIPHER_sort(*cipher_list_by_id); 1531f579bf8eSKris Kennaway return(cipherstack); 153274664626SKris Kennaway } 153374664626SKris Kennaway 15346a599222SSimon L. B. Nielsen char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) 153574664626SKris Kennaway { 153674664626SKris Kennaway int is_export,pkl,kl; 15373b4e3dcbSSimon L. B. Nielsen const char *ver,*exp_str; 15383b4e3dcbSSimon L. B. Nielsen const char *kx,*au,*enc,*mac; 1539*1f13597dSJung-uk Kim unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2; 15405c87c606SMark Murray #ifdef KSSL_DEBUG 1541*1f13597dSJung-uk Kim static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n"; 15425c87c606SMark Murray #else 15433b4e3dcbSSimon L. B. Nielsen static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; 15445c87c606SMark Murray #endif /* KSSL_DEBUG */ 154574664626SKris Kennaway 1546*1f13597dSJung-uk Kim alg_mkey = cipher->algorithm_mkey; 1547*1f13597dSJung-uk Kim alg_auth = cipher->algorithm_auth; 1548*1f13597dSJung-uk Kim alg_enc = cipher->algorithm_enc; 1549*1f13597dSJung-uk Kim alg_mac = cipher->algorithm_mac; 1550*1f13597dSJung-uk Kim alg_ssl = cipher->algorithm_ssl; 1551*1f13597dSJung-uk Kim 155274664626SKris Kennaway alg2=cipher->algorithm2; 155374664626SKris Kennaway 1554f579bf8eSKris Kennaway is_export=SSL_C_IS_EXPORT(cipher); 1555f579bf8eSKris Kennaway pkl=SSL_C_EXPORT_PKEYLENGTH(cipher); 1556f579bf8eSKris Kennaway kl=SSL_C_EXPORT_KEYLENGTH(cipher); 1557ced566fdSJacques Vidrine exp_str=is_export?" export":""; 155874664626SKris Kennaway 1559*1f13597dSJung-uk Kim if (alg_ssl & SSL_SSLV2) 156074664626SKris Kennaway ver="SSLv2"; 1561*1f13597dSJung-uk Kim else if (alg_ssl & SSL_SSLV3) 156274664626SKris Kennaway ver="SSLv3"; 1563*1f13597dSJung-uk Kim else if (alg_ssl & SSL_TLSV1_2) 1564*1f13597dSJung-uk Kim ver="TLSv1.2"; 156574664626SKris Kennaway else 156674664626SKris Kennaway ver="unknown"; 156774664626SKris Kennaway 1568*1f13597dSJung-uk Kim switch (alg_mkey) 156974664626SKris Kennaway { 157074664626SKris Kennaway case SSL_kRSA: 157174664626SKris Kennaway kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA"; 157274664626SKris Kennaway break; 157374664626SKris Kennaway case SSL_kDHr: 157474664626SKris Kennaway kx="DH/RSA"; 157574664626SKris Kennaway break; 157674664626SKris Kennaway case SSL_kDHd: 157774664626SKris Kennaway kx="DH/DSS"; 157874664626SKris Kennaway break; 1579*1f13597dSJung-uk Kim case SSL_kKRB5: 15805c87c606SMark Murray kx="KRB5"; 15815c87c606SMark Murray break; 158274664626SKris Kennaway case SSL_kEDH: 158374664626SKris Kennaway kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH"; 158474664626SKris Kennaway break; 1585*1f13597dSJung-uk Kim case SSL_kECDHr: 1586*1f13597dSJung-uk Kim kx="ECDH/RSA"; 1587*1f13597dSJung-uk Kim break; 1588*1f13597dSJung-uk Kim case SSL_kECDHe: 1589*1f13597dSJung-uk Kim kx="ECDH/ECDSA"; 1590*1f13597dSJung-uk Kim break; 1591*1f13597dSJung-uk Kim case SSL_kEECDH: 1592*1f13597dSJung-uk Kim kx="ECDH"; 1593*1f13597dSJung-uk Kim break; 1594*1f13597dSJung-uk Kim case SSL_kPSK: 1595*1f13597dSJung-uk Kim kx="PSK"; 1596*1f13597dSJung-uk Kim break; 1597*1f13597dSJung-uk Kim case SSL_kSRP: 1598*1f13597dSJung-uk Kim kx="SRP"; 15993b4e3dcbSSimon L. B. Nielsen break; 160074664626SKris Kennaway default: 160174664626SKris Kennaway kx="unknown"; 160274664626SKris Kennaway } 160374664626SKris Kennaway 1604*1f13597dSJung-uk Kim switch (alg_auth) 160574664626SKris Kennaway { 160674664626SKris Kennaway case SSL_aRSA: 160774664626SKris Kennaway au="RSA"; 160874664626SKris Kennaway break; 160974664626SKris Kennaway case SSL_aDSS: 161074664626SKris Kennaway au="DSS"; 161174664626SKris Kennaway break; 161274664626SKris Kennaway case SSL_aDH: 161374664626SKris Kennaway au="DH"; 161474664626SKris Kennaway break; 1615*1f13597dSJung-uk Kim case SSL_aKRB5: 16165c87c606SMark Murray au="KRB5"; 16175c87c606SMark Murray break; 1618*1f13597dSJung-uk Kim case SSL_aECDH: 1619*1f13597dSJung-uk Kim au="ECDH"; 1620*1f13597dSJung-uk Kim break; 162174664626SKris Kennaway case SSL_aNULL: 162274664626SKris Kennaway au="None"; 162374664626SKris Kennaway break; 16243b4e3dcbSSimon L. B. Nielsen case SSL_aECDSA: 16253b4e3dcbSSimon L. B. Nielsen au="ECDSA"; 16263b4e3dcbSSimon L. B. Nielsen break; 1627*1f13597dSJung-uk Kim case SSL_aPSK: 1628*1f13597dSJung-uk Kim au="PSK"; 1629*1f13597dSJung-uk Kim break; 163074664626SKris Kennaway default: 163174664626SKris Kennaway au="unknown"; 163274664626SKris Kennaway break; 163374664626SKris Kennaway } 163474664626SKris Kennaway 1635*1f13597dSJung-uk Kim switch (alg_enc) 163674664626SKris Kennaway { 163774664626SKris Kennaway case SSL_DES: 163874664626SKris Kennaway enc=(is_export && kl == 5)?"DES(40)":"DES(56)"; 163974664626SKris Kennaway break; 164074664626SKris Kennaway case SSL_3DES: 164174664626SKris Kennaway enc="3DES(168)"; 164274664626SKris Kennaway break; 164374664626SKris Kennaway case SSL_RC4: 164474664626SKris Kennaway enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)") 164574664626SKris Kennaway :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)"); 164674664626SKris Kennaway break; 164774664626SKris Kennaway case SSL_RC2: 164874664626SKris Kennaway enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)"; 164974664626SKris Kennaway break; 165074664626SKris Kennaway case SSL_IDEA: 165174664626SKris Kennaway enc="IDEA(128)"; 165274664626SKris Kennaway break; 165374664626SKris Kennaway case SSL_eNULL: 165474664626SKris Kennaway enc="None"; 165574664626SKris Kennaway break; 1656*1f13597dSJung-uk Kim case SSL_AES128: 1657*1f13597dSJung-uk Kim enc="AES(128)"; 16585c87c606SMark Murray break; 1659*1f13597dSJung-uk Kim case SSL_AES256: 1660*1f13597dSJung-uk Kim enc="AES(256)"; 1661*1f13597dSJung-uk Kim break; 1662*1f13597dSJung-uk Kim case SSL_AES128GCM: 1663*1f13597dSJung-uk Kim enc="AESGCM(128)"; 1664*1f13597dSJung-uk Kim break; 1665*1f13597dSJung-uk Kim case SSL_AES256GCM: 1666*1f13597dSJung-uk Kim enc="AESGCM(256)"; 1667*1f13597dSJung-uk Kim break; 1668*1f13597dSJung-uk Kim case SSL_CAMELLIA128: 1669*1f13597dSJung-uk Kim enc="Camellia(128)"; 1670*1f13597dSJung-uk Kim break; 1671*1f13597dSJung-uk Kim case SSL_CAMELLIA256: 1672*1f13597dSJung-uk Kim enc="Camellia(256)"; 1673ed5d4f9aSSimon L. B. Nielsen break; 1674db522d3aSSimon L. B. Nielsen case SSL_SEED: 1675db522d3aSSimon L. B. Nielsen enc="SEED(128)"; 1676db522d3aSSimon L. B. Nielsen break; 167774664626SKris Kennaway default: 167874664626SKris Kennaway enc="unknown"; 167974664626SKris Kennaway break; 168074664626SKris Kennaway } 168174664626SKris Kennaway 1682*1f13597dSJung-uk Kim switch (alg_mac) 168374664626SKris Kennaway { 168474664626SKris Kennaway case SSL_MD5: 168574664626SKris Kennaway mac="MD5"; 168674664626SKris Kennaway break; 168774664626SKris Kennaway case SSL_SHA1: 168874664626SKris Kennaway mac="SHA1"; 168974664626SKris Kennaway break; 1690*1f13597dSJung-uk Kim case SSL_SHA256: 1691*1f13597dSJung-uk Kim mac="SHA256"; 1692*1f13597dSJung-uk Kim break; 1693*1f13597dSJung-uk Kim case SSL_SHA384: 1694*1f13597dSJung-uk Kim mac="SHA384"; 1695*1f13597dSJung-uk Kim break; 1696*1f13597dSJung-uk Kim case SSL_AEAD: 1697*1f13597dSJung-uk Kim mac="AEAD"; 1698*1f13597dSJung-uk Kim break; 169974664626SKris Kennaway default: 170074664626SKris Kennaway mac="unknown"; 170174664626SKris Kennaway break; 170274664626SKris Kennaway } 170374664626SKris Kennaway 170474664626SKris Kennaway if (buf == NULL) 170574664626SKris Kennaway { 1706ddd58736SKris Kennaway len=128; 1707ddd58736SKris Kennaway buf=OPENSSL_malloc(len); 1708ddd58736SKris Kennaway if (buf == NULL) return("OPENSSL_malloc Error"); 170974664626SKris Kennaway } 171074664626SKris Kennaway else if (len < 128) 171174664626SKris Kennaway return("Buffer too small"); 171274664626SKris Kennaway 17135c87c606SMark Murray #ifdef KSSL_DEBUG 1714*1f13597dSJung-uk Kim BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str,alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl); 17155c87c606SMark Murray #else 1716ced566fdSJacques Vidrine BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str); 17175c87c606SMark Murray #endif /* KSSL_DEBUG */ 171874664626SKris Kennaway return(buf); 171974664626SKris Kennaway } 172074664626SKris Kennaway 17213b4e3dcbSSimon L. B. Nielsen char *SSL_CIPHER_get_version(const SSL_CIPHER *c) 172274664626SKris Kennaway { 172374664626SKris Kennaway int i; 172474664626SKris Kennaway 172574664626SKris Kennaway if (c == NULL) return("(NONE)"); 172674664626SKris Kennaway i=(int)(c->id>>24L); 172774664626SKris Kennaway if (i == 3) 172874664626SKris Kennaway return("TLSv1/SSLv3"); 172974664626SKris Kennaway else if (i == 2) 173074664626SKris Kennaway return("SSLv2"); 173174664626SKris Kennaway else 173274664626SKris Kennaway return("unknown"); 173374664626SKris Kennaway } 173474664626SKris Kennaway 173574664626SKris Kennaway /* return the actual cipher being used */ 17363b4e3dcbSSimon L. B. Nielsen const char *SSL_CIPHER_get_name(const SSL_CIPHER *c) 173774664626SKris Kennaway { 173874664626SKris Kennaway if (c != NULL) 173974664626SKris Kennaway return(c->name); 174074664626SKris Kennaway return("(NONE)"); 174174664626SKris Kennaway } 174274664626SKris Kennaway 1743f579bf8eSKris Kennaway /* number of bits for symmetric cipher */ 17443b4e3dcbSSimon L. B. Nielsen int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits) 174574664626SKris Kennaway { 1746f579bf8eSKris Kennaway int ret=0; 174774664626SKris Kennaway 174874664626SKris Kennaway if (c != NULL) 174974664626SKris Kennaway { 1750f579bf8eSKris Kennaway if (alg_bits != NULL) *alg_bits = c->alg_bits; 1751f579bf8eSKris Kennaway ret = c->strength_bits; 175274664626SKris Kennaway } 175374664626SKris Kennaway return(ret); 175474664626SKris Kennaway } 175574664626SKris Kennaway 1756*1f13597dSJung-uk Kim unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c) 1757*1f13597dSJung-uk Kim { 1758*1f13597dSJung-uk Kim return c->id; 1759*1f13597dSJung-uk Kim } 1760*1f13597dSJung-uk Kim 176174664626SKris Kennaway SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n) 176274664626SKris Kennaway { 176374664626SKris Kennaway SSL_COMP *ctmp; 176474664626SKris Kennaway int i,nn; 176574664626SKris Kennaway 176674664626SKris Kennaway if ((n == 0) || (sk == NULL)) return(NULL); 176774664626SKris Kennaway nn=sk_SSL_COMP_num(sk); 176874664626SKris Kennaway for (i=0; i<nn; i++) 176974664626SKris Kennaway { 177074664626SKris Kennaway ctmp=sk_SSL_COMP_value(sk,i); 177174664626SKris Kennaway if (ctmp->id == n) 177274664626SKris Kennaway return(ctmp); 177374664626SKris Kennaway } 177474664626SKris Kennaway return(NULL); 177574664626SKris Kennaway } 177674664626SKris Kennaway 17773b4e3dcbSSimon L. B. Nielsen #ifdef OPENSSL_NO_COMP 17783b4e3dcbSSimon L. B. Nielsen void *SSL_COMP_get_compression_methods(void) 177974664626SKris Kennaway { 17803b4e3dcbSSimon L. B. Nielsen return NULL; 17813b4e3dcbSSimon L. B. Nielsen } 17823b4e3dcbSSimon L. B. Nielsen int SSL_COMP_add_compression_method(int id, void *cm) 17833b4e3dcbSSimon L. B. Nielsen { 17843b4e3dcbSSimon L. B. Nielsen return 1; 178574664626SKris Kennaway } 178674664626SKris Kennaway 17873b4e3dcbSSimon L. B. Nielsen const char *SSL_COMP_get_name(const void *comp) 17883b4e3dcbSSimon L. B. Nielsen { 17893b4e3dcbSSimon L. B. Nielsen return NULL; 17903b4e3dcbSSimon L. B. Nielsen } 17913b4e3dcbSSimon L. B. Nielsen #else 179274664626SKris Kennaway STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) 179374664626SKris Kennaway { 17943b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 179574664626SKris Kennaway return(ssl_comp_methods); 179674664626SKris Kennaway } 179774664626SKris Kennaway 179874664626SKris Kennaway int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) 179974664626SKris Kennaway { 180074664626SKris Kennaway SSL_COMP *comp; 180174664626SKris Kennaway 18025c87c606SMark Murray if (cm == NULL || cm->type == NID_undef) 18035c87c606SMark Murray return 1; 18045c87c606SMark Murray 18053b4e3dcbSSimon L. B. Nielsen /* According to draft-ietf-tls-compression-04.txt, the 18063b4e3dcbSSimon L. B. Nielsen compression number ranges should be the following: 18073b4e3dcbSSimon L. B. Nielsen 18083b4e3dcbSSimon L. B. Nielsen 0 to 63: methods defined by the IETF 18093b4e3dcbSSimon L. B. Nielsen 64 to 192: external party methods assigned by IANA 18103b4e3dcbSSimon L. B. Nielsen 193 to 255: reserved for private use */ 18113b4e3dcbSSimon L. B. Nielsen if (id < 193 || id > 255) 18123b4e3dcbSSimon L. B. Nielsen { 18133b4e3dcbSSimon L. B. Nielsen SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); 18143b4e3dcbSSimon L. B. Nielsen return 0; 18153b4e3dcbSSimon L. B. Nielsen } 18163b4e3dcbSSimon L. B. Nielsen 18175c87c606SMark Murray MemCheck_off(); 1818ddd58736SKris Kennaway comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); 181974664626SKris Kennaway comp->id=id; 182074664626SKris Kennaway comp->method=cm; 18213b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 18223b4e3dcbSSimon L. B. Nielsen if (ssl_comp_methods 1823db522d3aSSimon L. B. Nielsen && sk_SSL_COMP_find(ssl_comp_methods,comp) >= 0) 182474664626SKris Kennaway { 18253b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 18263b4e3dcbSSimon L. B. Nielsen MemCheck_on(); 18273b4e3dcbSSimon L. B. Nielsen SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_DUPLICATE_COMPRESSION_ID); 18283b4e3dcbSSimon L. B. Nielsen return(1); 18293b4e3dcbSSimon L. B. Nielsen } 18303b4e3dcbSSimon L. B. Nielsen else if ((ssl_comp_methods == NULL) 18313b4e3dcbSSimon L. B. Nielsen || !sk_SSL_COMP_push(ssl_comp_methods,comp)) 18323b4e3dcbSSimon L. B. Nielsen { 18333b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 18345c87c606SMark Murray MemCheck_on(); 183574664626SKris Kennaway SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE); 1836ced566fdSJacques Vidrine return(1); 183774664626SKris Kennaway } 183874664626SKris Kennaway else 18395c87c606SMark Murray { 18405c87c606SMark Murray MemCheck_on(); 1841ced566fdSJacques Vidrine return(0); 184274664626SKris Kennaway } 18435c87c606SMark Murray } 18443b4e3dcbSSimon L. B. Nielsen 18453b4e3dcbSSimon L. B. Nielsen const char *SSL_COMP_get_name(const COMP_METHOD *comp) 18463b4e3dcbSSimon L. B. Nielsen { 18473b4e3dcbSSimon L. B. Nielsen if (comp) 18483b4e3dcbSSimon L. B. Nielsen return comp->name; 18493b4e3dcbSSimon L. B. Nielsen return NULL; 18503b4e3dcbSSimon L. B. Nielsen } 18513b4e3dcbSSimon L. B. Nielsen 18523b4e3dcbSSimon L. B. Nielsen #endif 1853