174664626SKris Kennaway /* ssl/ssl_ciph.c */ 274664626SKris Kennaway /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 374664626SKris Kennaway * All rights reserved. 474664626SKris Kennaway * 574664626SKris Kennaway * This package is an SSL implementation written 674664626SKris Kennaway * by Eric Young (eay@cryptsoft.com). 774664626SKris Kennaway * The implementation was written so as to conform with Netscapes SSL. 874664626SKris Kennaway * 974664626SKris Kennaway * This library is free for commercial and non-commercial use as long as 1074664626SKris Kennaway * the following conditions are aheared to. The following conditions 1174664626SKris Kennaway * apply to all code found in this distribution, be it the RC4, RSA, 1274664626SKris Kennaway * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1374664626SKris Kennaway * included with this distribution is covered by the same copyright terms 1474664626SKris Kennaway * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1574664626SKris Kennaway * 1674664626SKris Kennaway * Copyright remains Eric Young's, and as such any Copyright notices in 1774664626SKris Kennaway * the code are not to be removed. 1874664626SKris Kennaway * If this package is used in a product, Eric Young should be given attribution 1974664626SKris Kennaway * as the author of the parts of the library used. 2074664626SKris Kennaway * This can be in the form of a textual message at program startup or 2174664626SKris Kennaway * in documentation (online or textual) provided with the package. 2274664626SKris Kennaway * 2374664626SKris Kennaway * Redistribution and use in source and binary forms, with or without 2474664626SKris Kennaway * modification, are permitted provided that the following conditions 2574664626SKris Kennaway * are met: 2674664626SKris Kennaway * 1. Redistributions of source code must retain the copyright 2774664626SKris Kennaway * notice, this list of conditions and the following disclaimer. 2874664626SKris Kennaway * 2. Redistributions in binary form must reproduce the above copyright 2974664626SKris Kennaway * notice, this list of conditions and the following disclaimer in the 3074664626SKris Kennaway * documentation and/or other materials provided with the distribution. 3174664626SKris Kennaway * 3. All advertising materials mentioning features or use of this software 3274664626SKris Kennaway * must display the following acknowledgement: 3374664626SKris Kennaway * "This product includes cryptographic software written by 3474664626SKris Kennaway * Eric Young (eay@cryptsoft.com)" 3574664626SKris Kennaway * The word 'cryptographic' can be left out if the rouines from the library 3674664626SKris Kennaway * being used are not cryptographic related :-). 3774664626SKris Kennaway * 4. If you include any Windows specific code (or a derivative thereof) from 3874664626SKris Kennaway * the apps directory (application code) you must include an acknowledgement: 3974664626SKris Kennaway * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4074664626SKris Kennaway * 4174664626SKris Kennaway * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4274664626SKris Kennaway * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4374664626SKris Kennaway * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4474664626SKris Kennaway * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4574664626SKris Kennaway * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4674664626SKris Kennaway * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4774664626SKris Kennaway * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4874664626SKris Kennaway * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4974664626SKris Kennaway * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5074664626SKris Kennaway * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5174664626SKris Kennaway * SUCH DAMAGE. 5274664626SKris Kennaway * 5374664626SKris Kennaway * The licence and distribution terms for any publically available version or 5474664626SKris Kennaway * derivative of this code cannot be changed. i.e. this code cannot simply be 5574664626SKris Kennaway * copied and put under another distribution licence 5674664626SKris Kennaway * [including the GNU Public Licence.] 5774664626SKris Kennaway */ 583b4e3dcbSSimon L. B. Nielsen /* ==================================================================== 591f13597dSJung-uk Kim * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60ed5d4f9aSSimon L. B. Nielsen * 61ed5d4f9aSSimon L. B. Nielsen * Redistribution and use in source and binary forms, with or without 62ed5d4f9aSSimon L. B. Nielsen * modification, are permitted provided that the following conditions 63ed5d4f9aSSimon L. B. Nielsen * are met: 64ed5d4f9aSSimon L. B. Nielsen * 65ed5d4f9aSSimon L. B. Nielsen * 1. Redistributions of source code must retain the above copyright 66ed5d4f9aSSimon L. B. Nielsen * notice, this list of conditions and the following disclaimer. 67ed5d4f9aSSimon L. B. Nielsen * 68ed5d4f9aSSimon L. B. Nielsen * 2. Redistributions in binary form must reproduce the above copyright 69ed5d4f9aSSimon L. B. Nielsen * notice, this list of conditions and the following disclaimer in 70ed5d4f9aSSimon L. B. Nielsen * the documentation and/or other materials provided with the 71ed5d4f9aSSimon L. B. Nielsen * distribution. 72ed5d4f9aSSimon L. B. Nielsen * 73ed5d4f9aSSimon L. B. Nielsen * 3. All advertising materials mentioning features or use of this 74ed5d4f9aSSimon L. B. Nielsen * software must display the following acknowledgment: 75ed5d4f9aSSimon L. B. Nielsen * "This product includes software developed by the OpenSSL Project 76ed5d4f9aSSimon L. B. Nielsen * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77ed5d4f9aSSimon L. B. Nielsen * 78ed5d4f9aSSimon L. B. Nielsen * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79ed5d4f9aSSimon L. B. Nielsen * endorse or promote products derived from this software without 80ed5d4f9aSSimon L. B. Nielsen * prior written permission. For written permission, please contact 81ed5d4f9aSSimon L. B. Nielsen * openssl-core@openssl.org. 82ed5d4f9aSSimon L. B. Nielsen * 83ed5d4f9aSSimon L. B. Nielsen * 5. Products derived from this software may not be called "OpenSSL" 84ed5d4f9aSSimon L. B. Nielsen * nor may "OpenSSL" appear in their names without prior written 85ed5d4f9aSSimon L. B. Nielsen * permission of the OpenSSL Project. 86ed5d4f9aSSimon L. B. Nielsen * 87ed5d4f9aSSimon L. B. Nielsen * 6. Redistributions of any form whatsoever must retain the following 88ed5d4f9aSSimon L. B. Nielsen * acknowledgment: 89ed5d4f9aSSimon L. B. Nielsen * "This product includes software developed by the OpenSSL Project 90ed5d4f9aSSimon L. B. Nielsen * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91ed5d4f9aSSimon L. B. Nielsen * 92ed5d4f9aSSimon L. B. Nielsen * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93ed5d4f9aSSimon L. B. Nielsen * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94ed5d4f9aSSimon L. B. Nielsen * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95ed5d4f9aSSimon L. B. Nielsen * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96ed5d4f9aSSimon L. B. Nielsen * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97ed5d4f9aSSimon L. B. Nielsen * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98ed5d4f9aSSimon L. B. Nielsen * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99ed5d4f9aSSimon L. B. Nielsen * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100ed5d4f9aSSimon L. B. Nielsen * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101ed5d4f9aSSimon L. B. Nielsen * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102ed5d4f9aSSimon L. B. Nielsen * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103ed5d4f9aSSimon L. B. Nielsen * OF THE POSSIBILITY OF SUCH DAMAGE. 104ed5d4f9aSSimon L. B. Nielsen * ==================================================================== 105ed5d4f9aSSimon L. B. Nielsen * 106ed5d4f9aSSimon L. B. Nielsen * This product includes cryptographic software written by Eric Young 107ed5d4f9aSSimon L. B. Nielsen * (eay@cryptsoft.com). This product includes software written by Tim 108ed5d4f9aSSimon L. B. Nielsen * Hudson (tjh@cryptsoft.com). 109ed5d4f9aSSimon L. B. Nielsen * 110ed5d4f9aSSimon L. B. Nielsen */ 111ed5d4f9aSSimon L. B. Nielsen /* ==================================================================== 1123b4e3dcbSSimon L. B. Nielsen * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 1133b4e3dcbSSimon L. B. Nielsen * ECC cipher suite support in OpenSSL originally developed by 1143b4e3dcbSSimon L. B. Nielsen * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 1153b4e3dcbSSimon L. B. Nielsen */ 1161f13597dSJung-uk Kim /* ==================================================================== 1171f13597dSJung-uk Kim * Copyright 2005 Nokia. All rights reserved. 1181f13597dSJung-uk Kim * 1191f13597dSJung-uk Kim * The portions of the attached software ("Contribution") is developed by 1201f13597dSJung-uk Kim * Nokia Corporation and is licensed pursuant to the OpenSSL open source 1211f13597dSJung-uk Kim * license. 1221f13597dSJung-uk Kim * 1231f13597dSJung-uk Kim * The Contribution, originally written by Mika Kousa and Pasi Eronen of 1241f13597dSJung-uk Kim * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 1251f13597dSJung-uk Kim * support (see RFC 4279) to OpenSSL. 1261f13597dSJung-uk Kim * 1271f13597dSJung-uk Kim * No patent licenses or other rights except those expressly stated in 1281f13597dSJung-uk Kim * the OpenSSL open source license shall be deemed granted or received 1291f13597dSJung-uk Kim * expressly, by implication, estoppel, or otherwise. 1301f13597dSJung-uk Kim * 1311f13597dSJung-uk Kim * No assurances are provided by Nokia that the Contribution does not 1321f13597dSJung-uk Kim * infringe the patent or other intellectual property rights of any third 1331f13597dSJung-uk Kim * party or that the license provides you with all the necessary rights 1341f13597dSJung-uk Kim * to make use of the Contribution. 1351f13597dSJung-uk Kim * 1361f13597dSJung-uk Kim * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 1371f13597dSJung-uk Kim * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 1381f13597dSJung-uk Kim * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 1391f13597dSJung-uk Kim * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 1401f13597dSJung-uk Kim * OTHERWISE. 1411f13597dSJung-uk Kim */ 1421f13597dSJung-uk Kim 14374664626SKris Kennaway #include <stdio.h> 14474664626SKris Kennaway #include <openssl/objects.h> 145db522d3aSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 14674664626SKris Kennaway # include <openssl/comp.h> 147db522d3aSSimon L. B. Nielsen #endif 1481f13597dSJung-uk Kim #ifndef OPENSSL_NO_ENGINE 1491f13597dSJung-uk Kim # include <openssl/engine.h> 1501f13597dSJung-uk Kim #endif 15174664626SKris Kennaway #include "ssl_locl.h" 15274664626SKris Kennaway 15374664626SKris Kennaway #define SSL_ENC_DES_IDX 0 15474664626SKris Kennaway #define SSL_ENC_3DES_IDX 1 15574664626SKris Kennaway #define SSL_ENC_RC4_IDX 2 15674664626SKris Kennaway #define SSL_ENC_RC2_IDX 3 15774664626SKris Kennaway #define SSL_ENC_IDEA_IDX 4 1581f13597dSJung-uk Kim #define SSL_ENC_NULL_IDX 5 1591f13597dSJung-uk Kim #define SSL_ENC_AES128_IDX 6 1601f13597dSJung-uk Kim #define SSL_ENC_AES256_IDX 7 1611f13597dSJung-uk Kim #define SSL_ENC_CAMELLIA128_IDX 8 1621f13597dSJung-uk Kim #define SSL_ENC_CAMELLIA256_IDX 9 1631f13597dSJung-uk Kim #define SSL_ENC_GOST89_IDX 10 164db522d3aSSimon L. B. Nielsen #define SSL_ENC_SEED_IDX 11 1651f13597dSJung-uk Kim #define SSL_ENC_AES128GCM_IDX 12 1661f13597dSJung-uk Kim #define SSL_ENC_AES256GCM_IDX 13 1671f13597dSJung-uk Kim #define SSL_ENC_NUM_IDX 14 168ed5d4f9aSSimon L. B. Nielsen 16974664626SKris Kennaway static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = { 1706f9291ceSJung-uk Kim NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 1716f9291ceSJung-uk Kim NULL, NULL 17274664626SKris Kennaway }; 17374664626SKris Kennaway 1743b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_NULL_IDX 0 1753b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_ZLIB_IDX 1 1763b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_NUM_IDX 2 1773b4e3dcbSSimon L. B. Nielsen 17874664626SKris Kennaway static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; 17974664626SKris Kennaway 18074664626SKris Kennaway #define SSL_MD_MD5_IDX 0 18174664626SKris Kennaway #define SSL_MD_SHA1_IDX 1 1821f13597dSJung-uk Kim #define SSL_MD_GOST94_IDX 2 1831f13597dSJung-uk Kim #define SSL_MD_GOST89MAC_IDX 3 1841f13597dSJung-uk Kim #define SSL_MD_SHA256_IDX 4 1851f13597dSJung-uk Kim #define SSL_MD_SHA384_IDX 5 1866f9291ceSJung-uk Kim /* 1876f9291ceSJung-uk Kim * Constant SSL_MAX_DIGEST equal to size of digests array should be defined 1886f9291ceSJung-uk Kim * in the ssl_locl.h 1896f9291ceSJung-uk Kim */ 1901f13597dSJung-uk Kim #define SSL_MD_NUM_IDX SSL_MAX_DIGEST 19174664626SKris Kennaway static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = { 1921f13597dSJung-uk Kim NULL, NULL, NULL, NULL, NULL, NULL 1931f13597dSJung-uk Kim }; 1946f9291ceSJung-uk Kim 1956f9291ceSJung-uk Kim /* 1966f9291ceSJung-uk Kim * PKEY_TYPE for GOST89MAC is known in advance, but, because implementation 1976f9291ceSJung-uk Kim * is engine-provided, we'll fill it only if corresponding EVP_PKEY_METHOD is 1986f9291ceSJung-uk Kim * found 1991f13597dSJung-uk Kim */ 2001f13597dSJung-uk Kim static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = { 2011f13597dSJung-uk Kim EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef, 2021f13597dSJung-uk Kim EVP_PKEY_HMAC, EVP_PKEY_HMAC 2031f13597dSJung-uk Kim }; 2041f13597dSJung-uk Kim 2051f13597dSJung-uk Kim static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = { 2061f13597dSJung-uk Kim 0, 0, 0, 0, 0, 0 2071f13597dSJung-uk Kim }; 2081f13597dSJung-uk Kim 2091f13597dSJung-uk Kim static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = { 2101f13597dSJung-uk Kim SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA, 2111f13597dSJung-uk Kim SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256, 2121f13597dSJung-uk Kim SSL_HANDSHAKE_MAC_SHA384 21374664626SKris Kennaway }; 21474664626SKris Kennaway 21574664626SKris Kennaway #define CIPHER_ADD 1 21674664626SKris Kennaway #define CIPHER_KILL 2 21774664626SKris Kennaway #define CIPHER_DEL 3 21874664626SKris Kennaway #define CIPHER_ORD 4 219f579bf8eSKris Kennaway #define CIPHER_SPECIAL 5 22074664626SKris Kennaway 2216f9291ceSJung-uk Kim typedef struct cipher_order_st { 2221f13597dSJung-uk Kim const SSL_CIPHER *cipher; 22374664626SKris Kennaway int active; 22474664626SKris Kennaway int dead; 22574664626SKris Kennaway struct cipher_order_st *next, *prev; 22674664626SKris Kennaway } CIPHER_ORDER; 22774664626SKris Kennaway 228f579bf8eSKris Kennaway static const SSL_CIPHER cipher_aliases[] = { 2291f13597dSJung-uk Kim /* "ALL" doesn't include eNULL (must be specifically enabled) */ 2301f13597dSJung-uk Kim {0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, 0}, 2311f13597dSJung-uk Kim /* "COMPLEMENTOFALL" */ 2321f13597dSJung-uk Kim {0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0}, 23374664626SKris Kennaway 2346f9291ceSJung-uk Kim /* 2356f9291ceSJung-uk Kim * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in 2366f9291ceSJung-uk Kim * ALL!) 2376f9291ceSJung-uk Kim */ 2386f9291ceSJung-uk Kim {0, SSL_TXT_CMPDEF, 0, 0, SSL_aNULL, ~SSL_eNULL, 0, ~SSL_SSLV2, 2396f9291ceSJung-uk Kim SSL_EXP_MASK, 0, 0, 0}, 24074664626SKris Kennaway 2416f9291ceSJung-uk Kim /* 2426f9291ceSJung-uk Kim * key exchange aliases (some of those using only a single bit here 2436f9291ceSJung-uk Kim * combine multiple key exchange algs according to the RFCs, e.g. kEDH 2446f9291ceSJung-uk Kim * combines DHE_DSS and DHE_RSA) 2456f9291ceSJung-uk Kim */ 2461f13597dSJung-uk Kim {0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, 0, 0, 0, 0}, 24774664626SKris Kennaway 2486f9291ceSJung-uk Kim {0, SSL_TXT_kDHr, 0, SSL_kDHr, 0, 0, 0, 0, 0, 0, 0, 0}, 2496f9291ceSJung-uk Kim {0, SSL_TXT_kDHd, 0, SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0}, 2506f9291ceSJung-uk Kim {0, SSL_TXT_kDH, 0, SSL_kDHr | SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0}, 2511f13597dSJung-uk Kim {0, SSL_TXT_kEDH, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0}, 2527bded2dbSJung-uk Kim {0, SSL_TXT_kDHE, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0}, 2536f9291ceSJung-uk Kim {0, SSL_TXT_DH, 0, SSL_kDHr | SSL_kDHd | SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 2546f9291ceSJung-uk Kim 0}, 25574664626SKris Kennaway 2561f13597dSJung-uk Kim {0, SSL_TXT_kKRB5, 0, SSL_kKRB5, 0, 0, 0, 0, 0, 0, 0, 0}, 257f579bf8eSKris Kennaway 2581f13597dSJung-uk Kim {0, SSL_TXT_kECDHr, 0, SSL_kECDHr, 0, 0, 0, 0, 0, 0, 0, 0}, 2591f13597dSJung-uk Kim {0, SSL_TXT_kECDHe, 0, SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0}, 2601f13597dSJung-uk Kim {0, SSL_TXT_kECDH, 0, SSL_kECDHr | SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0}, 2611f13597dSJung-uk Kim {0, SSL_TXT_kEECDH, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0}, 2627bded2dbSJung-uk Kim {0, SSL_TXT_kECDHE, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0}, 2636f9291ceSJung-uk Kim {0, SSL_TXT_ECDH, 0, SSL_kECDHr | SSL_kECDHe | SSL_kEECDH, 0, 0, 0, 0, 0, 2646f9291ceSJung-uk Kim 0, 0, 0}, 2651f13597dSJung-uk Kim 2661f13597dSJung-uk Kim {0, SSL_TXT_kPSK, 0, SSL_kPSK, 0, 0, 0, 0, 0, 0, 0, 0}, 2671f13597dSJung-uk Kim {0, SSL_TXT_kSRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0}, 2681f13597dSJung-uk Kim {0, SSL_TXT_kGOST, 0, SSL_kGOST, 0, 0, 0, 0, 0, 0, 0, 0}, 2691f13597dSJung-uk Kim 2701f13597dSJung-uk Kim /* server authentication aliases */ 2711f13597dSJung-uk Kim {0, SSL_TXT_aRSA, 0, 0, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0}, 2721f13597dSJung-uk Kim {0, SSL_TXT_aDSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0}, 2731f13597dSJung-uk Kim {0, SSL_TXT_DSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0}, 2741f13597dSJung-uk Kim {0, SSL_TXT_aKRB5, 0, 0, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0}, 2751f13597dSJung-uk Kim {0, SSL_TXT_aNULL, 0, 0, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2766f9291ceSJung-uk Kim /* no such ciphersuites supported! */ 2776f9291ceSJung-uk Kim {0, SSL_TXT_aDH, 0, 0, SSL_aDH, 0, 0, 0, 0, 0, 0, 0}, 2781f13597dSJung-uk Kim {0, SSL_TXT_aECDH, 0, 0, SSL_aECDH, 0, 0, 0, 0, 0, 0, 0}, 2791f13597dSJung-uk Kim {0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0}, 2801f13597dSJung-uk Kim {0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0}, 2811f13597dSJung-uk Kim {0, SSL_TXT_aPSK, 0, 0, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0}, 2821f13597dSJung-uk Kim {0, SSL_TXT_aGOST94, 0, 0, SSL_aGOST94, 0, 0, 0, 0, 0, 0, 0}, 2831f13597dSJung-uk Kim {0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0}, 2841f13597dSJung-uk Kim {0, SSL_TXT_aGOST, 0, 0, SSL_aGOST94 | SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0}, 285a93cbc2bSJung-uk Kim {0, SSL_TXT_aSRP, 0, 0, SSL_aSRP, 0, 0, 0, 0, 0, 0, 0}, 2861f13597dSJung-uk Kim 2871f13597dSJung-uk Kim /* aliases combining key exchange and server authentication */ 2881f13597dSJung-uk Kim {0, SSL_TXT_EDH, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2897bded2dbSJung-uk Kim {0, SSL_TXT_DHE, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2901f13597dSJung-uk Kim {0, SSL_TXT_EECDH, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2917bded2dbSJung-uk Kim {0, SSL_TXT_ECDHE, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2921f13597dSJung-uk Kim {0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0}, 2931f13597dSJung-uk Kim {0, SSL_TXT_KRB5, 0, SSL_kKRB5, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0}, 2941f13597dSJung-uk Kim {0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0}, 2951f13597dSJung-uk Kim {0, SSL_TXT_ADH, 0, SSL_kEDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2961f13597dSJung-uk Kim {0, SSL_TXT_AECDH, 0, SSL_kEECDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2971f13597dSJung-uk Kim {0, SSL_TXT_PSK, 0, SSL_kPSK, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0}, 2981f13597dSJung-uk Kim {0, SSL_TXT_SRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0}, 2991f13597dSJung-uk Kim 3001f13597dSJung-uk Kim /* symmetric encryption aliases */ 3011f13597dSJung-uk Kim {0, SSL_TXT_DES, 0, 0, 0, SSL_DES, 0, 0, 0, 0, 0, 0}, 3021f13597dSJung-uk Kim {0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES, 0, 0, 0, 0, 0, 0}, 3031f13597dSJung-uk Kim {0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4, 0, 0, 0, 0, 0, 0}, 3041f13597dSJung-uk Kim {0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2, 0, 0, 0, 0, 0, 0}, 3051f13597dSJung-uk Kim {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0}, 3061f13597dSJung-uk Kim {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0}, 3071f13597dSJung-uk Kim {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0}, 3086f9291ceSJung-uk Kim {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0, 3096f9291ceSJung-uk Kim 0}, 3106f9291ceSJung-uk Kim {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0, 3116f9291ceSJung-uk Kim 0}, 3121f13597dSJung-uk Kim {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0}, 3136f9291ceSJung-uk Kim {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0, 3146f9291ceSJung-uk Kim 0, 0}, 3151f13597dSJung-uk Kim {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0}, 3161f13597dSJung-uk Kim {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0}, 3176f9291ceSJung-uk Kim {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0, 3186f9291ceSJung-uk Kim 0, 0, 0}, 3191f13597dSJung-uk Kim 3201f13597dSJung-uk Kim /* MAC aliases */ 3211f13597dSJung-uk Kim {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0}, 3221f13597dSJung-uk Kim {0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0}, 3231f13597dSJung-uk Kim {0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0}, 3241f13597dSJung-uk Kim {0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94, 0, 0, 0, 0, 0}, 3251f13597dSJung-uk Kim {0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC, 0, 0, 0, 0, 0}, 3261f13597dSJung-uk Kim {0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256, 0, 0, 0, 0, 0}, 3271f13597dSJung-uk Kim {0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384, 0, 0, 0, 0, 0}, 3281f13597dSJung-uk Kim 3291f13597dSJung-uk Kim /* protocol version aliases */ 3301f13597dSJung-uk Kim {0, SSL_TXT_SSLV2, 0, 0, 0, 0, 0, SSL_SSLV2, 0, 0, 0, 0}, 3311f13597dSJung-uk Kim {0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL_SSLV3, 0, 0, 0, 0}, 3321f13597dSJung-uk Kim {0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, SSL_TLSV1, 0, 0, 0, 0}, 33309286989SJung-uk Kim {0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, SSL_TLSV1_2, 0, 0, 0, 0}, 3341f13597dSJung-uk Kim 3351f13597dSJung-uk Kim /* export flag */ 3361f13597dSJung-uk Kim {0, SSL_TXT_EXP, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0}, 3371f13597dSJung-uk Kim {0, SSL_TXT_EXPORT, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0}, 3381f13597dSJung-uk Kim 3391f13597dSJung-uk Kim /* strength classes */ 3401f13597dSJung-uk Kim {0, SSL_TXT_EXP40, 0, 0, 0, 0, 0, 0, SSL_EXP40, 0, 0, 0}, 3411f13597dSJung-uk Kim {0, SSL_TXT_EXP56, 0, 0, 0, 0, 0, 0, SSL_EXP56, 0, 0, 0}, 3421f13597dSJung-uk Kim {0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, SSL_LOW, 0, 0, 0}, 3431f13597dSJung-uk Kim {0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, SSL_MEDIUM, 0, 0, 0}, 3441f13597dSJung-uk Kim {0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, SSL_HIGH, 0, 0, 0}, 3451f13597dSJung-uk Kim /* FIPS 140-2 approved ciphersuite */ 3461f13597dSJung-uk Kim {0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_FIPS, 0, 0, 0}, 3477bded2dbSJung-uk Kim /* "DHE-" aliases to "EDH-" labels (for forward compatibility) */ 3487bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_DSS_DES_40_CBC_SHA, 0, 3497bded2dbSJung-uk Kim SSL_kDHE, SSL_aDSS, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_EXPORT | SSL_EXP40, 3507bded2dbSJung-uk Kim 0, 0, 0,}, 3517bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_DSS_DES_64_CBC_SHA, 0, 3527bded2dbSJung-uk Kim SSL_kDHE, SSL_aDSS, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP | SSL_LOW, 3537bded2dbSJung-uk Kim 0, 0, 0,}, 3547bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA, 0, 3557bded2dbSJung-uk Kim SSL_kDHE, SSL_aDSS, SSL_3DES, SSL_SHA1, SSL_SSLV3, 3567bded2dbSJung-uk Kim SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 0, 0, 0,}, 3577bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_RSA_DES_40_CBC_SHA, 0, 3587bded2dbSJung-uk Kim SSL_kDHE, SSL_aRSA, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_EXPORT | SSL_EXP40, 3597bded2dbSJung-uk Kim 0, 0, 0,}, 3607bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_RSA_DES_64_CBC_SHA, 0, 3617bded2dbSJung-uk Kim SSL_kDHE, SSL_aRSA, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP | SSL_LOW, 3627bded2dbSJung-uk Kim 0, 0, 0,}, 3637bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA, 0, 3647bded2dbSJung-uk Kim SSL_kDHE, SSL_aRSA, SSL_3DES, SSL_SHA1, SSL_SSLV3, 3657bded2dbSJung-uk Kim SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 0, 0, 0,}, 36674664626SKris Kennaway }; 3676f9291ceSJung-uk Kim 3686f9291ceSJung-uk Kim /* 3696f9291ceSJung-uk Kim * Search for public key algorithm with given name and return its pkey_id if 3706f9291ceSJung-uk Kim * it is available. Otherwise return 0 3711f13597dSJung-uk Kim */ 3721f13597dSJung-uk Kim #ifdef OPENSSL_NO_ENGINE 3731f13597dSJung-uk Kim 3741f13597dSJung-uk Kim static int get_optional_pkey_id(const char *pkey_name) 3751f13597dSJung-uk Kim { 3761f13597dSJung-uk Kim const EVP_PKEY_ASN1_METHOD *ameth; 3771f13597dSJung-uk Kim int pkey_id = 0; 3781f13597dSJung-uk Kim ameth = EVP_PKEY_asn1_find_str(NULL, pkey_name, -1); 379*80815a77SJung-uk Kim if (ameth && EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, 380*80815a77SJung-uk Kim ameth) > 0) { 3811f13597dSJung-uk Kim return pkey_id; 3821f13597dSJung-uk Kim } 383*80815a77SJung-uk Kim return 0; 384*80815a77SJung-uk Kim } 3851f13597dSJung-uk Kim 3861f13597dSJung-uk Kim #else 3871f13597dSJung-uk Kim 3881f13597dSJung-uk Kim static int get_optional_pkey_id(const char *pkey_name) 3891f13597dSJung-uk Kim { 3901f13597dSJung-uk Kim const EVP_PKEY_ASN1_METHOD *ameth; 3911f13597dSJung-uk Kim ENGINE *tmpeng = NULL; 3921f13597dSJung-uk Kim int pkey_id = 0; 3931f13597dSJung-uk Kim ameth = EVP_PKEY_asn1_find_str(&tmpeng, pkey_name, -1); 3946f9291ceSJung-uk Kim if (ameth) { 395*80815a77SJung-uk Kim if (EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, 396*80815a77SJung-uk Kim ameth) <= 0) 397*80815a77SJung-uk Kim pkey_id = 0; 3981f13597dSJung-uk Kim } 3996f9291ceSJung-uk Kim if (tmpeng) 4006f9291ceSJung-uk Kim ENGINE_finish(tmpeng); 4011f13597dSJung-uk Kim return pkey_id; 4021f13597dSJung-uk Kim } 4031f13597dSJung-uk Kim 4041f13597dSJung-uk Kim #endif 40574664626SKris Kennaway 4063b4e3dcbSSimon L. B. Nielsen void ssl_load_ciphers(void) 40774664626SKris Kennaway { 4086f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_DES_IDX] = EVP_get_cipherbyname(SN_des_cbc); 40974664626SKris Kennaway ssl_cipher_methods[SSL_ENC_3DES_IDX] = 41074664626SKris Kennaway EVP_get_cipherbyname(SN_des_ede3_cbc); 4116f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_RC4_IDX] = EVP_get_cipherbyname(SN_rc4); 4126f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_RC2_IDX] = EVP_get_cipherbyname(SN_rc2_cbc); 413ced566fdSJacques Vidrine #ifndef OPENSSL_NO_IDEA 4146f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_IDEA_IDX] = EVP_get_cipherbyname(SN_idea_cbc); 415ced566fdSJacques Vidrine #else 416ced566fdSJacques Vidrine ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL; 417ced566fdSJacques Vidrine #endif 4185c87c606SMark Murray ssl_cipher_methods[SSL_ENC_AES128_IDX] = 4195c87c606SMark Murray EVP_get_cipherbyname(SN_aes_128_cbc); 4205c87c606SMark Murray ssl_cipher_methods[SSL_ENC_AES256_IDX] = 4215c87c606SMark Murray EVP_get_cipherbyname(SN_aes_256_cbc); 422ed5d4f9aSSimon L. B. Nielsen ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] = 423ed5d4f9aSSimon L. B. Nielsen EVP_get_cipherbyname(SN_camellia_128_cbc); 424ed5d4f9aSSimon L. B. Nielsen ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] = 425ed5d4f9aSSimon L. B. Nielsen EVP_get_cipherbyname(SN_camellia_256_cbc); 4261f13597dSJung-uk Kim ssl_cipher_methods[SSL_ENC_GOST89_IDX] = 4271f13597dSJung-uk Kim EVP_get_cipherbyname(SN_gost89_cnt); 4286f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_SEED_IDX] = EVP_get_cipherbyname(SN_seed_cbc); 42974664626SKris Kennaway 4301f13597dSJung-uk Kim ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] = 4311f13597dSJung-uk Kim EVP_get_cipherbyname(SN_aes_128_gcm); 4321f13597dSJung-uk Kim ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] = 4331f13597dSJung-uk Kim EVP_get_cipherbyname(SN_aes_256_gcm); 4341f13597dSJung-uk Kim 4356f9291ceSJung-uk Kim ssl_digest_methods[SSL_MD_MD5_IDX] = EVP_get_digestbyname(SN_md5); 4361f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_MD5_IDX] = 4371f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]); 4381f13597dSJung-uk Kim OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0); 4396f9291ceSJung-uk Kim ssl_digest_methods[SSL_MD_SHA1_IDX] = EVP_get_digestbyname(SN_sha1); 4401f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_SHA1_IDX] = 4411f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]); 4421f13597dSJung-uk Kim OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0); 4431f13597dSJung-uk Kim ssl_digest_methods[SSL_MD_GOST94_IDX] = 4441f13597dSJung-uk Kim EVP_get_digestbyname(SN_id_GostR3411_94); 4456f9291ceSJung-uk Kim if (ssl_digest_methods[SSL_MD_GOST94_IDX]) { 4461f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_GOST94_IDX] = 4471f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]); 4481f13597dSJung-uk Kim OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0); 4491f13597dSJung-uk Kim } 4501f13597dSJung-uk Kim ssl_digest_methods[SSL_MD_GOST89MAC_IDX] = 4511f13597dSJung-uk Kim EVP_get_digestbyname(SN_id_Gost28147_89_MAC); 4521f13597dSJung-uk Kim ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac"); 4531f13597dSJung-uk Kim if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) { 4541f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32; 45574664626SKris Kennaway } 45674664626SKris Kennaway 4576f9291ceSJung-uk Kim ssl_digest_methods[SSL_MD_SHA256_IDX] = EVP_get_digestbyname(SN_sha256); 4581f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_SHA256_IDX] = 4591f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]); 4606f9291ceSJung-uk Kim ssl_digest_methods[SSL_MD_SHA384_IDX] = EVP_get_digestbyname(SN_sha384); 4611f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_SHA384_IDX] = 4621f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]); 4631f13597dSJung-uk Kim } 4646f9291ceSJung-uk Kim 4653b4e3dcbSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 4663b4e3dcbSSimon L. B. Nielsen 4676f9291ceSJung-uk Kim static int sk_comp_cmp(const SSL_COMP *const *a, const SSL_COMP *const *b) 4683b4e3dcbSSimon L. B. Nielsen { 4693b4e3dcbSSimon L. B. Nielsen return ((*a)->id - (*b)->id); 4703b4e3dcbSSimon L. B. Nielsen } 4713b4e3dcbSSimon L. B. Nielsen 4723b4e3dcbSSimon L. B. Nielsen static void load_builtin_compressions(void) 4733b4e3dcbSSimon L. B. Nielsen { 474ed5d4f9aSSimon L. B. Nielsen int got_write_lock = 0; 4753b4e3dcbSSimon L. B. Nielsen 476ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_lock(CRYPTO_LOCK_SSL); 4776f9291ceSJung-uk Kim if (ssl_comp_methods == NULL) { 478ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_unlock(CRYPTO_LOCK_SSL); 4793b4e3dcbSSimon L. B. Nielsen CRYPTO_w_lock(CRYPTO_LOCK_SSL); 480ed5d4f9aSSimon L. B. Nielsen got_write_lock = 1; 481ed5d4f9aSSimon L. B. Nielsen 4826f9291ceSJung-uk Kim if (ssl_comp_methods == NULL) { 4833b4e3dcbSSimon L. B. Nielsen SSL_COMP *comp = NULL; 4843b4e3dcbSSimon L. B. Nielsen 4853b4e3dcbSSimon L. B. Nielsen MemCheck_off(); 4863b4e3dcbSSimon L. B. Nielsen ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp); 4876f9291ceSJung-uk Kim if (ssl_comp_methods != NULL) { 4883b4e3dcbSSimon L. B. Nielsen comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); 4896f9291ceSJung-uk Kim if (comp != NULL) { 4903b4e3dcbSSimon L. B. Nielsen comp->method = COMP_zlib(); 4916f9291ceSJung-uk Kim if (comp->method && comp->method->type == NID_undef) 4923b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 4936f9291ceSJung-uk Kim else { 4943b4e3dcbSSimon L. B. Nielsen comp->id = SSL_COMP_ZLIB_IDX; 4953b4e3dcbSSimon L. B. Nielsen comp->name = comp->method->name; 4963b4e3dcbSSimon L. B. Nielsen sk_SSL_COMP_push(ssl_comp_methods, comp); 4973b4e3dcbSSimon L. B. Nielsen } 4983b4e3dcbSSimon L. B. Nielsen } 49912de4ed2SJung-uk Kim sk_SSL_COMP_sort(ssl_comp_methods); 5003b4e3dcbSSimon L. B. Nielsen } 5013b4e3dcbSSimon L. B. Nielsen MemCheck_on(); 5023b4e3dcbSSimon L. B. Nielsen } 503ed5d4f9aSSimon L. B. Nielsen } 504ed5d4f9aSSimon L. B. Nielsen 505ed5d4f9aSSimon L. B. Nielsen if (got_write_lock) 5063b4e3dcbSSimon L. B. Nielsen CRYPTO_w_unlock(CRYPTO_LOCK_SSL); 507ed5d4f9aSSimon L. B. Nielsen else 508ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_unlock(CRYPTO_LOCK_SSL); 5093b4e3dcbSSimon L. B. Nielsen } 5103b4e3dcbSSimon L. B. Nielsen #endif 5113b4e3dcbSSimon L. B. Nielsen 5123b4e3dcbSSimon L. B. Nielsen int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, 5136f9291ceSJung-uk Kim const EVP_MD **md, int *mac_pkey_type, 5146f9291ceSJung-uk Kim int *mac_secret_size, SSL_COMP **comp) 51574664626SKris Kennaway { 51674664626SKris Kennaway int i; 5171f13597dSJung-uk Kim const SSL_CIPHER *c; 51874664626SKris Kennaway 51974664626SKris Kennaway c = s->cipher; 5206f9291ceSJung-uk Kim if (c == NULL) 5216f9291ceSJung-uk Kim return (0); 5226f9291ceSJung-uk Kim if (comp != NULL) { 52374664626SKris Kennaway SSL_COMP ctmp; 5243b4e3dcbSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 5253b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 5263b4e3dcbSSimon L. B. Nielsen #endif 52774664626SKris Kennaway 52874664626SKris Kennaway *comp = NULL; 52974664626SKris Kennaway ctmp.id = s->compress_meth; 5306f9291ceSJung-uk Kim if (ssl_comp_methods != NULL) { 53174664626SKris Kennaway i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp); 53274664626SKris Kennaway if (i >= 0) 53374664626SKris Kennaway *comp = sk_SSL_COMP_value(ssl_comp_methods, i); 53474664626SKris Kennaway else 53574664626SKris Kennaway *comp = NULL; 53674664626SKris Kennaway } 53774664626SKris Kennaway } 53874664626SKris Kennaway 5396f9291ceSJung-uk Kim if ((enc == NULL) || (md == NULL)) 5406f9291ceSJung-uk Kim return (0); 54174664626SKris Kennaway 5426f9291ceSJung-uk Kim switch (c->algorithm_enc) { 54374664626SKris Kennaway case SSL_DES: 54474664626SKris Kennaway i = SSL_ENC_DES_IDX; 54574664626SKris Kennaway break; 54674664626SKris Kennaway case SSL_3DES: 54774664626SKris Kennaway i = SSL_ENC_3DES_IDX; 54874664626SKris Kennaway break; 54974664626SKris Kennaway case SSL_RC4: 55074664626SKris Kennaway i = SSL_ENC_RC4_IDX; 55174664626SKris Kennaway break; 55274664626SKris Kennaway case SSL_RC2: 55374664626SKris Kennaway i = SSL_ENC_RC2_IDX; 55474664626SKris Kennaway break; 55574664626SKris Kennaway case SSL_IDEA: 55674664626SKris Kennaway i = SSL_ENC_IDEA_IDX; 55774664626SKris Kennaway break; 55874664626SKris Kennaway case SSL_eNULL: 55974664626SKris Kennaway i = SSL_ENC_NULL_IDX; 56074664626SKris Kennaway break; 5611f13597dSJung-uk Kim case SSL_AES128: 5621f13597dSJung-uk Kim i = SSL_ENC_AES128_IDX; 5635c87c606SMark Murray break; 5641f13597dSJung-uk Kim case SSL_AES256: 5651f13597dSJung-uk Kim i = SSL_ENC_AES256_IDX; 5661f13597dSJung-uk Kim break; 5671f13597dSJung-uk Kim case SSL_CAMELLIA128: 5681f13597dSJung-uk Kim i = SSL_ENC_CAMELLIA128_IDX; 5691f13597dSJung-uk Kim break; 5701f13597dSJung-uk Kim case SSL_CAMELLIA256: 5711f13597dSJung-uk Kim i = SSL_ENC_CAMELLIA256_IDX; 5721f13597dSJung-uk Kim break; 5731f13597dSJung-uk Kim case SSL_eGOST2814789CNT: 5741f13597dSJung-uk Kim i = SSL_ENC_GOST89_IDX; 575ed5d4f9aSSimon L. B. Nielsen break; 576db522d3aSSimon L. B. Nielsen case SSL_SEED: 577db522d3aSSimon L. B. Nielsen i = SSL_ENC_SEED_IDX; 578db522d3aSSimon L. B. Nielsen break; 5791f13597dSJung-uk Kim case SSL_AES128GCM: 5801f13597dSJung-uk Kim i = SSL_ENC_AES128GCM_IDX; 5811f13597dSJung-uk Kim break; 5821f13597dSJung-uk Kim case SSL_AES256GCM: 5831f13597dSJung-uk Kim i = SSL_ENC_AES256GCM_IDX; 5841f13597dSJung-uk Kim break; 58574664626SKris Kennaway default: 58674664626SKris Kennaway i = -1; 58774664626SKris Kennaway break; 58874664626SKris Kennaway } 58974664626SKris Kennaway 590a93cbc2bSJung-uk Kim if ((i < 0) || (i >= SSL_ENC_NUM_IDX)) 59174664626SKris Kennaway *enc = NULL; 5926f9291ceSJung-uk Kim else { 59374664626SKris Kennaway if (i == SSL_ENC_NULL_IDX) 59474664626SKris Kennaway *enc = EVP_enc_null(); 59574664626SKris Kennaway else 59674664626SKris Kennaway *enc = ssl_cipher_methods[i]; 59774664626SKris Kennaway } 59874664626SKris Kennaway 5996f9291ceSJung-uk Kim switch (c->algorithm_mac) { 60074664626SKris Kennaway case SSL_MD5: 60174664626SKris Kennaway i = SSL_MD_MD5_IDX; 60274664626SKris Kennaway break; 60374664626SKris Kennaway case SSL_SHA1: 60474664626SKris Kennaway i = SSL_MD_SHA1_IDX; 60574664626SKris Kennaway break; 6061f13597dSJung-uk Kim case SSL_SHA256: 6071f13597dSJung-uk Kim i = SSL_MD_SHA256_IDX; 6081f13597dSJung-uk Kim break; 6091f13597dSJung-uk Kim case SSL_SHA384: 6101f13597dSJung-uk Kim i = SSL_MD_SHA384_IDX; 6111f13597dSJung-uk Kim break; 6121f13597dSJung-uk Kim case SSL_GOST94: 6131f13597dSJung-uk Kim i = SSL_MD_GOST94_IDX; 6141f13597dSJung-uk Kim break; 6151f13597dSJung-uk Kim case SSL_GOST89MAC: 6161f13597dSJung-uk Kim i = SSL_MD_GOST89MAC_IDX; 6171f13597dSJung-uk Kim break; 61874664626SKris Kennaway default: 61974664626SKris Kennaway i = -1; 62074664626SKris Kennaway break; 62174664626SKris Kennaway } 6226f9291ceSJung-uk Kim if ((i < 0) || (i >= SSL_MD_NUM_IDX)) { 62374664626SKris Kennaway *md = NULL; 6246f9291ceSJung-uk Kim if (mac_pkey_type != NULL) 6256f9291ceSJung-uk Kim *mac_pkey_type = NID_undef; 6266f9291ceSJung-uk Kim if (mac_secret_size != NULL) 6276f9291ceSJung-uk Kim *mac_secret_size = 0; 6281f13597dSJung-uk Kim if (c->algorithm_mac == SSL_AEAD) 6291f13597dSJung-uk Kim mac_pkey_type = NULL; 6306f9291ceSJung-uk Kim } else { 63174664626SKris Kennaway *md = ssl_digest_methods[i]; 6326f9291ceSJung-uk Kim if (mac_pkey_type != NULL) 6336f9291ceSJung-uk Kim *mac_pkey_type = ssl_mac_pkey_id[i]; 6346f9291ceSJung-uk Kim if (mac_secret_size != NULL) 6356f9291ceSJung-uk Kim *mac_secret_size = ssl_mac_secret_size[i]; 6361f13597dSJung-uk Kim } 63774664626SKris Kennaway 6381f13597dSJung-uk Kim if ((*enc != NULL) && 6396f9291ceSJung-uk Kim (*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER)) 6406f9291ceSJung-uk Kim && (!mac_pkey_type || *mac_pkey_type != NID_undef)) { 6411f13597dSJung-uk Kim const EVP_CIPHER *evp; 6421f13597dSJung-uk Kim 6431f13597dSJung-uk Kim if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR || 6441f13597dSJung-uk Kim s->ssl_version < TLS1_VERSION) 6451f13597dSJung-uk Kim return 1; 6461f13597dSJung-uk Kim 6471f13597dSJung-uk Kim #ifdef OPENSSL_FIPS 6481f13597dSJung-uk Kim if (FIPS_mode()) 6491f13597dSJung-uk Kim return 1; 6501f13597dSJung-uk Kim #endif 6511f13597dSJung-uk Kim 6521f13597dSJung-uk Kim if (c->algorithm_enc == SSL_RC4 && 6531f13597dSJung-uk Kim c->algorithm_mac == SSL_MD5 && 6541f13597dSJung-uk Kim (evp = EVP_get_cipherbyname("RC4-HMAC-MD5"))) 6551f13597dSJung-uk Kim *enc = evp, *md = NULL; 6561f13597dSJung-uk Kim else if (c->algorithm_enc == SSL_AES128 && 6571f13597dSJung-uk Kim c->algorithm_mac == SSL_SHA1 && 6581f13597dSJung-uk Kim (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) 6591f13597dSJung-uk Kim *enc = evp, *md = NULL; 6601f13597dSJung-uk Kim else if (c->algorithm_enc == SSL_AES256 && 6611f13597dSJung-uk Kim c->algorithm_mac == SSL_SHA1 && 6621f13597dSJung-uk Kim (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) 6631f13597dSJung-uk Kim *enc = evp, *md = NULL; 6647bded2dbSJung-uk Kim else if (c->algorithm_enc == SSL_AES128 && 6657bded2dbSJung-uk Kim c->algorithm_mac == SSL_SHA256 && 6667bded2dbSJung-uk Kim (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA256"))) 6677bded2dbSJung-uk Kim *enc = evp, *md = NULL; 6687bded2dbSJung-uk Kim else if (c->algorithm_enc == SSL_AES256 && 6697bded2dbSJung-uk Kim c->algorithm_mac == SSL_SHA256 && 6707bded2dbSJung-uk Kim (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256"))) 6717bded2dbSJung-uk Kim *enc = evp, *md = NULL; 67274664626SKris Kennaway return (1); 6736f9291ceSJung-uk Kim } else 67474664626SKris Kennaway return (0); 67574664626SKris Kennaway } 67674664626SKris Kennaway 6771f13597dSJung-uk Kim int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md) 6781f13597dSJung-uk Kim { 6796f9291ceSJung-uk Kim if (idx < 0 || idx >= SSL_MD_NUM_IDX) { 6801f13597dSJung-uk Kim return 0; 6811f13597dSJung-uk Kim } 6821f13597dSJung-uk Kim *mask = ssl_handshake_digest_flag[idx]; 6831f13597dSJung-uk Kim if (*mask) 6841f13597dSJung-uk Kim *md = ssl_digest_methods[idx]; 6851f13597dSJung-uk Kim else 6861f13597dSJung-uk Kim *md = NULL; 6871f13597dSJung-uk Kim return 1; 6881f13597dSJung-uk Kim } 6891f13597dSJung-uk Kim 69074664626SKris Kennaway #define ITEM_SEP(a) \ 69174664626SKris Kennaway (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ',')) 69274664626SKris Kennaway 69374664626SKris Kennaway static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr, 69474664626SKris Kennaway CIPHER_ORDER **tail) 69574664626SKris Kennaway { 6966f9291ceSJung-uk Kim if (curr == *tail) 6976f9291ceSJung-uk Kim return; 69874664626SKris Kennaway if (curr == *head) 69974664626SKris Kennaway *head = curr->next; 70074664626SKris Kennaway if (curr->prev != NULL) 70174664626SKris Kennaway curr->prev->next = curr->next; 7021f13597dSJung-uk Kim if (curr->next != NULL) 70374664626SKris Kennaway curr->next->prev = curr->prev; 70474664626SKris Kennaway (*tail)->next = curr; 70574664626SKris Kennaway curr->prev = *tail; 70674664626SKris Kennaway curr->next = NULL; 70774664626SKris Kennaway *tail = curr; 70874664626SKris Kennaway } 70974664626SKris Kennaway 7101f13597dSJung-uk Kim static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr, 7111f13597dSJung-uk Kim CIPHER_ORDER **tail) 71274664626SKris Kennaway { 7136f9291ceSJung-uk Kim if (curr == *head) 7146f9291ceSJung-uk Kim return; 7151f13597dSJung-uk Kim if (curr == *tail) 7161f13597dSJung-uk Kim *tail = curr->prev; 7171f13597dSJung-uk Kim if (curr->next != NULL) 7181f13597dSJung-uk Kim curr->next->prev = curr->prev; 7191f13597dSJung-uk Kim if (curr->prev != NULL) 7201f13597dSJung-uk Kim curr->prev->next = curr->next; 7211f13597dSJung-uk Kim (*head)->prev = curr; 7221f13597dSJung-uk Kim curr->next = *head; 7231f13597dSJung-uk Kim curr->prev = NULL; 7241f13597dSJung-uk Kim *head = curr; 7251f13597dSJung-uk Kim } 72674664626SKris Kennaway 7276f9291ceSJung-uk Kim static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, 7286f9291ceSJung-uk Kim unsigned long *enc, unsigned long *mac, 7296f9291ceSJung-uk Kim unsigned long *ssl) 7301f13597dSJung-uk Kim { 7311f13597dSJung-uk Kim *mkey = 0; 7321f13597dSJung-uk Kim *auth = 0; 7331f13597dSJung-uk Kim *enc = 0; 7341f13597dSJung-uk Kim *mac = 0; 7351f13597dSJung-uk Kim *ssl = 0; 7361f13597dSJung-uk Kim 7375c87c606SMark Murray #ifdef OPENSSL_NO_RSA 7381f13597dSJung-uk Kim *mkey |= SSL_kRSA; 7391f13597dSJung-uk Kim *auth |= SSL_aRSA; 74074664626SKris Kennaway #endif 7415c87c606SMark Murray #ifdef OPENSSL_NO_DSA 7421f13597dSJung-uk Kim *auth |= SSL_aDSS; 74374664626SKris Kennaway #endif 7445c87c606SMark Murray #ifdef OPENSSL_NO_DH 7451f13597dSJung-uk Kim *mkey |= SSL_kDHr | SSL_kDHd | SSL_kEDH; 7461f13597dSJung-uk Kim *auth |= SSL_aDH; 74774664626SKris Kennaway #endif 7485c87c606SMark Murray #ifdef OPENSSL_NO_KRB5 7491f13597dSJung-uk Kim *mkey |= SSL_kKRB5; 7501f13597dSJung-uk Kim *auth |= SSL_aKRB5; 7511f13597dSJung-uk Kim #endif 7521f13597dSJung-uk Kim #ifdef OPENSSL_NO_ECDSA 7531f13597dSJung-uk Kim *auth |= SSL_aECDSA; 7545c87c606SMark Murray #endif 7553b4e3dcbSSimon L. B. Nielsen #ifdef OPENSSL_NO_ECDH 7561f13597dSJung-uk Kim *mkey |= SSL_kECDHe | SSL_kECDHr; 7571f13597dSJung-uk Kim *auth |= SSL_aECDH; 7583b4e3dcbSSimon L. B. Nielsen #endif 7591f13597dSJung-uk Kim #ifdef OPENSSL_NO_PSK 7601f13597dSJung-uk Kim *mkey |= SSL_kPSK; 7611f13597dSJung-uk Kim *auth |= SSL_aPSK; 7621f13597dSJung-uk Kim #endif 7631f13597dSJung-uk Kim #ifdef OPENSSL_NO_SRP 7641f13597dSJung-uk Kim *mkey |= SSL_kSRP; 7651f13597dSJung-uk Kim #endif 7666f9291ceSJung-uk Kim /* 7676f9291ceSJung-uk Kim * Check for presence of GOST 34.10 algorithms, and if they do not 7686f9291ceSJung-uk Kim * present, disable appropriate auth and key exchange 7696f9291ceSJung-uk Kim */ 7701f13597dSJung-uk Kim if (!get_optional_pkey_id("gost94")) { 7711f13597dSJung-uk Kim *auth |= SSL_aGOST94; 7721f13597dSJung-uk Kim } 7731f13597dSJung-uk Kim if (!get_optional_pkey_id("gost2001")) { 7741f13597dSJung-uk Kim *auth |= SSL_aGOST01; 7751f13597dSJung-uk Kim } 7766f9291ceSJung-uk Kim /* 7776f9291ceSJung-uk Kim * Disable GOST key exchange if no GOST signature algs are available * 7786f9291ceSJung-uk Kim */ 7791f13597dSJung-uk Kim if ((*auth & (SSL_aGOST94 | SSL_aGOST01)) == (SSL_aGOST94 | SSL_aGOST01)) { 7801f13597dSJung-uk Kim *mkey |= SSL_kGOST; 7811f13597dSJung-uk Kim } 78274664626SKris Kennaway #ifdef SSL_FORBID_ENULL 7831f13597dSJung-uk Kim *enc |= SSL_eNULL; 78474664626SKris Kennaway #endif 78574664626SKris Kennaway 7861f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX] == NULL) ? SSL_DES : 0; 7871f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0; 7881f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX] == NULL) ? SSL_RC4 : 0; 7891f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0; 7901f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0; 7911f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0; 7921f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0; 7936f9291ceSJung-uk Kim *enc |= 7946f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == 7956f9291ceSJung-uk Kim NULL) ? SSL_AES128GCM : 0; 7966f9291ceSJung-uk Kim *enc |= 7976f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == 7986f9291ceSJung-uk Kim NULL) ? SSL_AES256GCM : 0; 7996f9291ceSJung-uk Kim *enc |= 8006f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == 8016f9291ceSJung-uk Kim NULL) ? SSL_CAMELLIA128 : 0; 8026f9291ceSJung-uk Kim *enc |= 8036f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == 8046f9291ceSJung-uk Kim NULL) ? SSL_CAMELLIA256 : 0; 8056f9291ceSJung-uk Kim *enc |= 8066f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == 8076f9291ceSJung-uk Kim NULL) ? SSL_eGOST2814789CNT : 0; 8081f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED : 0; 8095471f83eSSimon L. B. Nielsen 8101f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX] == NULL) ? SSL_MD5 : 0; 8111f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0; 8121f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0; 8131f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0; 8141f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0; 8156f9291ceSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL 8166f9291ceSJung-uk Kim || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] == 8176f9291ceSJung-uk Kim NID_undef) ? SSL_GOST89MAC : 0; 8181f13597dSJung-uk Kim 819f579bf8eSKris Kennaway } 820f579bf8eSKris Kennaway 821f579bf8eSKris Kennaway static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, 8221f13597dSJung-uk Kim int num_of_ciphers, 8236f9291ceSJung-uk Kim unsigned long disabled_mkey, 8246f9291ceSJung-uk Kim unsigned long disabled_auth, 8256f9291ceSJung-uk Kim unsigned long disabled_enc, 8266f9291ceSJung-uk Kim unsigned long disabled_mac, 8271f13597dSJung-uk Kim unsigned long disabled_ssl, 8281f13597dSJung-uk Kim CIPHER_ORDER *co_list, 8296f9291ceSJung-uk Kim CIPHER_ORDER **head_p, 8306f9291ceSJung-uk Kim CIPHER_ORDER **tail_p) 831f579bf8eSKris Kennaway { 832ced566fdSJacques Vidrine int i, co_list_num; 8331f13597dSJung-uk Kim const SSL_CIPHER *c; 834f579bf8eSKris Kennaway 835f579bf8eSKris Kennaway /* 836f579bf8eSKris Kennaway * We have num_of_ciphers descriptions compiled in, depending on the 837f579bf8eSKris Kennaway * method selected (SSLv2 and/or SSLv3, TLSv1 etc). 838f579bf8eSKris Kennaway * These will later be sorted in a linked list with at most num 839f579bf8eSKris Kennaway * entries. 840f579bf8eSKris Kennaway */ 84174664626SKris Kennaway 84274664626SKris Kennaway /* Get the initial list of ciphers */ 843ced566fdSJacques Vidrine co_list_num = 0; /* actual count of ciphers */ 8446f9291ceSJung-uk Kim for (i = 0; i < num_of_ciphers; i++) { 845f579bf8eSKris Kennaway c = ssl_method->get_cipher(i); 84674664626SKris Kennaway /* drop those that use any of that is not available */ 8471f13597dSJung-uk Kim if ((c != NULL) && c->valid && 848db522d3aSSimon L. B. Nielsen #ifdef OPENSSL_FIPS 8491f13597dSJung-uk Kim (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) && 850db522d3aSSimon L. B. Nielsen #endif 8511f13597dSJung-uk Kim !(c->algorithm_mkey & disabled_mkey) && 8521f13597dSJung-uk Kim !(c->algorithm_auth & disabled_auth) && 8531f13597dSJung-uk Kim !(c->algorithm_enc & disabled_enc) && 8541f13597dSJung-uk Kim !(c->algorithm_mac & disabled_mac) && 8556f9291ceSJung-uk Kim !(c->algorithm_ssl & disabled_ssl)) { 856ced566fdSJacques Vidrine co_list[co_list_num].cipher = c; 857ced566fdSJacques Vidrine co_list[co_list_num].next = NULL; 858ced566fdSJacques Vidrine co_list[co_list_num].prev = NULL; 859ced566fdSJacques Vidrine co_list[co_list_num].active = 0; 860ced566fdSJacques Vidrine co_list_num++; 8615c87c606SMark Murray #ifdef KSSL_DEBUG 8626f9291ceSJung-uk Kim fprintf(stderr, "\t%d: %s %lx %lx %lx\n", i, c->name, c->id, 8636f9291ceSJung-uk Kim c->algorithm_mkey, c->algorithm_auth); 8645c87c606SMark Murray #endif /* KSSL_DEBUG */ 865f579bf8eSKris Kennaway /* 8666f9291ceSJung-uk Kim * if (!sk_push(ca_list,(char *)c)) goto err; 867f579bf8eSKris Kennaway */ 86874664626SKris Kennaway } 86974664626SKris Kennaway } 87074664626SKris Kennaway 871f579bf8eSKris Kennaway /* 872f579bf8eSKris Kennaway * Prepare linked list from list entries 873f579bf8eSKris Kennaway */ 8746f9291ceSJung-uk Kim if (co_list_num > 0) { 8751f13597dSJung-uk Kim co_list[0].prev = NULL; 8761f13597dSJung-uk Kim 8776f9291ceSJung-uk Kim if (co_list_num > 1) { 8781f13597dSJung-uk Kim co_list[0].next = &co_list[1]; 8791f13597dSJung-uk Kim 8806f9291ceSJung-uk Kim for (i = 1; i < co_list_num - 1; i++) { 8811f13597dSJung-uk Kim co_list[i].prev = &co_list[i - 1]; 8821f13597dSJung-uk Kim co_list[i].next = &co_list[i + 1]; 8831f13597dSJung-uk Kim } 8841f13597dSJung-uk Kim 8851f13597dSJung-uk Kim co_list[co_list_num - 1].prev = &co_list[co_list_num - 2]; 8861f13597dSJung-uk Kim } 8871f13597dSJung-uk Kim 8881f13597dSJung-uk Kim co_list[co_list_num - 1].next = NULL; 8891f13597dSJung-uk Kim 8901f13597dSJung-uk Kim *head_p = &co_list[0]; 8911f13597dSJung-uk Kim *tail_p = &co_list[co_list_num - 1]; 892f579bf8eSKris Kennaway } 89374664626SKris Kennaway } 89474664626SKris Kennaway 8951f13597dSJung-uk Kim static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, 8961f13597dSJung-uk Kim int num_of_group_aliases, 8976f9291ceSJung-uk Kim unsigned long disabled_mkey, 8986f9291ceSJung-uk Kim unsigned long disabled_auth, 8996f9291ceSJung-uk Kim unsigned long disabled_enc, 9006f9291ceSJung-uk Kim unsigned long disabled_mac, 9011f13597dSJung-uk Kim unsigned long disabled_ssl, 902f579bf8eSKris Kennaway CIPHER_ORDER *head) 90374664626SKris Kennaway { 904f579bf8eSKris Kennaway CIPHER_ORDER *ciph_curr; 9051f13597dSJung-uk Kim const SSL_CIPHER **ca_curr; 906f579bf8eSKris Kennaway int i; 9071f13597dSJung-uk Kim unsigned long mask_mkey = ~disabled_mkey; 9081f13597dSJung-uk Kim unsigned long mask_auth = ~disabled_auth; 9091f13597dSJung-uk Kim unsigned long mask_enc = ~disabled_enc; 9101f13597dSJung-uk Kim unsigned long mask_mac = ~disabled_mac; 9111f13597dSJung-uk Kim unsigned long mask_ssl = ~disabled_ssl; 912f579bf8eSKris Kennaway 913f579bf8eSKris Kennaway /* 914f579bf8eSKris Kennaway * First, add the real ciphers as already collected 915f579bf8eSKris Kennaway */ 916f579bf8eSKris Kennaway ciph_curr = head; 917f579bf8eSKris Kennaway ca_curr = ca_list; 9186f9291ceSJung-uk Kim while (ciph_curr != NULL) { 919f579bf8eSKris Kennaway *ca_curr = ciph_curr->cipher; 920f579bf8eSKris Kennaway ca_curr++; 921f579bf8eSKris Kennaway ciph_curr = ciph_curr->next; 92274664626SKris Kennaway } 92374664626SKris Kennaway 924f579bf8eSKris Kennaway /* 925f579bf8eSKris Kennaway * Now we add the available ones from the cipher_aliases[] table. 9261f13597dSJung-uk Kim * They represent either one or more algorithms, some of which 9271f13597dSJung-uk Kim * in any affected category must be supported (set in enabled_mask), 9281f13597dSJung-uk Kim * or represent a cipher strength value (will be added in any case because algorithms=0). 929f579bf8eSKris Kennaway */ 9306f9291ceSJung-uk Kim for (i = 0; i < num_of_group_aliases; i++) { 9311f13597dSJung-uk Kim unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey; 9321f13597dSJung-uk Kim unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth; 9331f13597dSJung-uk Kim unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc; 9341f13597dSJung-uk Kim unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac; 9351f13597dSJung-uk Kim unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl; 9361f13597dSJung-uk Kim 9371f13597dSJung-uk Kim if (algorithm_mkey) 9381f13597dSJung-uk Kim if ((algorithm_mkey & mask_mkey) == 0) 9391f13597dSJung-uk Kim continue; 9401f13597dSJung-uk Kim 9411f13597dSJung-uk Kim if (algorithm_auth) 9421f13597dSJung-uk Kim if ((algorithm_auth & mask_auth) == 0) 9431f13597dSJung-uk Kim continue; 9441f13597dSJung-uk Kim 9451f13597dSJung-uk Kim if (algorithm_enc) 9461f13597dSJung-uk Kim if ((algorithm_enc & mask_enc) == 0) 9471f13597dSJung-uk Kim continue; 9481f13597dSJung-uk Kim 9491f13597dSJung-uk Kim if (algorithm_mac) 9501f13597dSJung-uk Kim if ((algorithm_mac & mask_mac) == 0) 9511f13597dSJung-uk Kim continue; 9521f13597dSJung-uk Kim 9531f13597dSJung-uk Kim if (algorithm_ssl) 9541f13597dSJung-uk Kim if ((algorithm_ssl & mask_ssl) == 0) 9551f13597dSJung-uk Kim continue; 9561f13597dSJung-uk Kim 957f579bf8eSKris Kennaway *ca_curr = (SSL_CIPHER *)(cipher_aliases + i); 958f579bf8eSKris Kennaway ca_curr++; 95974664626SKris Kennaway } 96074664626SKris Kennaway 961f579bf8eSKris Kennaway *ca_curr = NULL; /* end of list */ 962f579bf8eSKris Kennaway } 963f579bf8eSKris Kennaway 9641f13597dSJung-uk Kim static void ssl_cipher_apply_rule(unsigned long cipher_id, 9656f9291ceSJung-uk Kim unsigned long alg_mkey, 9666f9291ceSJung-uk Kim unsigned long alg_auth, 9676f9291ceSJung-uk Kim unsigned long alg_enc, 9686f9291ceSJung-uk Kim unsigned long alg_mac, 9691f13597dSJung-uk Kim unsigned long alg_ssl, 9706f9291ceSJung-uk Kim unsigned long algo_strength, int rule, 9716f9291ceSJung-uk Kim int strength_bits, CIPHER_ORDER **head_p, 9726f9291ceSJung-uk Kim CIPHER_ORDER **tail_p) 97374664626SKris Kennaway { 974a93cbc2bSJung-uk Kim CIPHER_ORDER *head, *tail, *curr, *next, *last; 9751f13597dSJung-uk Kim const SSL_CIPHER *cp; 9761f13597dSJung-uk Kim int reverse = 0; 977f579bf8eSKris Kennaway 978f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 9796f9291ceSJung-uk Kim fprintf(stderr, 9806f9291ceSJung-uk Kim "Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n", 9816f9291ceSJung-uk Kim rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, 9826f9291ceSJung-uk Kim algo_strength, strength_bits); 98374664626SKris Kennaway #endif 98474664626SKris Kennaway 9851f13597dSJung-uk Kim if (rule == CIPHER_DEL) 9866f9291ceSJung-uk Kim reverse = 1; /* needed to maintain sorting between 9876f9291ceSJung-uk Kim * currently deleted ciphers */ 9881f13597dSJung-uk Kim 9891f13597dSJung-uk Kim head = *head_p; 9901f13597dSJung-uk Kim tail = *tail_p; 9911f13597dSJung-uk Kim 9926f9291ceSJung-uk Kim if (reverse) { 993a93cbc2bSJung-uk Kim next = tail; 9941f13597dSJung-uk Kim last = head; 9956f9291ceSJung-uk Kim } else { 996a93cbc2bSJung-uk Kim next = head; 9971f13597dSJung-uk Kim last = tail; 9981f13597dSJung-uk Kim } 9991f13597dSJung-uk Kim 1000a93cbc2bSJung-uk Kim curr = NULL; 10016f9291ceSJung-uk Kim for (;;) { 10026f9291ceSJung-uk Kim if (curr == last) 10036f9291ceSJung-uk Kim break; 1004a93cbc2bSJung-uk Kim 1005a93cbc2bSJung-uk Kim curr = next; 1006a93cbc2bSJung-uk Kim 10076f9291ceSJung-uk Kim if (curr == NULL) 10086f9291ceSJung-uk Kim break; 1009a93cbc2bSJung-uk Kim 1010a93cbc2bSJung-uk Kim next = reverse ? curr->prev : curr->next; 101174664626SKris Kennaway 101274664626SKris Kennaway cp = curr->cipher; 1013f579bf8eSKris Kennaway 10141f13597dSJung-uk Kim /* 10151f13597dSJung-uk Kim * Selection criteria is either the value of strength_bits 10161f13597dSJung-uk Kim * or the algorithms used. 10171f13597dSJung-uk Kim */ 10186f9291ceSJung-uk Kim if (strength_bits >= 0) { 10191f13597dSJung-uk Kim if (strength_bits != cp->strength_bits) 10203b4e3dcbSSimon L. B. Nielsen continue; 10216f9291ceSJung-uk Kim } else { 1022f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 10236f9291ceSJung-uk Kim fprintf(stderr, 10246f9291ceSJung-uk Kim "\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n", 10256f9291ceSJung-uk Kim cp->name, cp->algorithm_mkey, cp->algorithm_auth, 10266f9291ceSJung-uk Kim cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl, 10276f9291ceSJung-uk Kim cp->algo_strength); 1028f579bf8eSKris Kennaway #endif 10297bded2dbSJung-uk Kim #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL 10307bded2dbSJung-uk Kim if (cipher_id && cipher_id != cp->id) 10317bded2dbSJung-uk Kim continue; 10327bded2dbSJung-uk Kim #endif 10336f9291ceSJung-uk Kim if (algo_strength == SSL_EXP_MASK && SSL_C_IS_EXPORT(cp)) 10346f9291ceSJung-uk Kim goto ok; 10356f9291ceSJung-uk Kim if (alg_ssl == ~SSL_SSLV2 && cp->algorithm_ssl == SSL_SSLV2) 10366f9291ceSJung-uk Kim goto ok; 10371f13597dSJung-uk Kim if (alg_mkey && !(alg_mkey & cp->algorithm_mkey)) 10381f13597dSJung-uk Kim continue; 10391f13597dSJung-uk Kim if (alg_auth && !(alg_auth & cp->algorithm_auth)) 10401f13597dSJung-uk Kim continue; 10411f13597dSJung-uk Kim if (alg_enc && !(alg_enc & cp->algorithm_enc)) 10421f13597dSJung-uk Kim continue; 10431f13597dSJung-uk Kim if (alg_mac && !(alg_mac & cp->algorithm_mac)) 10441f13597dSJung-uk Kim continue; 10451f13597dSJung-uk Kim if (alg_ssl && !(alg_ssl & cp->algorithm_ssl)) 10461f13597dSJung-uk Kim continue; 10476f9291ceSJung-uk Kim if ((algo_strength & SSL_EXP_MASK) 10486f9291ceSJung-uk Kim && !(algo_strength & SSL_EXP_MASK & cp->algo_strength)) 10491f13597dSJung-uk Kim continue; 10506f9291ceSJung-uk Kim if ((algo_strength & SSL_STRONG_MASK) 10516f9291ceSJung-uk Kim && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength)) 10521f13597dSJung-uk Kim continue; 105374664626SKris Kennaway } 1054f579bf8eSKris Kennaway 10556f9291ceSJung-uk Kim ok: 10566f9291ceSJung-uk Kim 1057f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 1058751d2991SJung-uk Kim fprintf(stderr, "Action = %d\n", rule); 1059f579bf8eSKris Kennaway #endif 106074664626SKris Kennaway 106174664626SKris Kennaway /* add the cipher if it has not been added yet. */ 10626f9291ceSJung-uk Kim if (rule == CIPHER_ADD) { 10631f13597dSJung-uk Kim /* reverse == 0 */ 10646f9291ceSJung-uk Kim if (!curr->active) { 106574664626SKris Kennaway ll_append_tail(&head, curr, &tail); 106674664626SKris Kennaway curr->active = 1; 106774664626SKris Kennaway } 106874664626SKris Kennaway } 106974664626SKris Kennaway /* Move the added cipher to this location */ 10706f9291ceSJung-uk Kim else if (rule == CIPHER_ORD) { 10711f13597dSJung-uk Kim /* reverse == 0 */ 10726f9291ceSJung-uk Kim if (curr->active) { 107374664626SKris Kennaway ll_append_tail(&head, curr, &tail); 107474664626SKris Kennaway } 10756f9291ceSJung-uk Kim } else if (rule == CIPHER_DEL) { 10761f13597dSJung-uk Kim /* reverse == 1 */ 10776f9291ceSJung-uk Kim if (curr->active) { 10786f9291ceSJung-uk Kim /* 10796f9291ceSJung-uk Kim * most recently deleted ciphersuites get best positions for 10806f9291ceSJung-uk Kim * any future CIPHER_ADD (note that the CIPHER_DEL loop works 10816f9291ceSJung-uk Kim * in reverse to maintain the order) 10826f9291ceSJung-uk Kim */ 10831f13597dSJung-uk Kim ll_append_head(&head, curr, &tail); 108474664626SKris Kennaway curr->active = 0; 10851f13597dSJung-uk Kim } 10866f9291ceSJung-uk Kim } else if (rule == CIPHER_KILL) { 10871f13597dSJung-uk Kim /* reverse == 0 */ 108874664626SKris Kennaway if (head == curr) 108974664626SKris Kennaway head = curr->next; 109074664626SKris Kennaway else 109174664626SKris Kennaway curr->prev->next = curr->next; 109274664626SKris Kennaway if (tail == curr) 109374664626SKris Kennaway tail = curr->prev; 109474664626SKris Kennaway curr->active = 0; 109574664626SKris Kennaway if (curr->next != NULL) 109674664626SKris Kennaway curr->next->prev = curr->prev; 109774664626SKris Kennaway if (curr->prev != NULL) 109874664626SKris Kennaway curr->prev->next = curr->next; 109974664626SKris Kennaway curr->next = NULL; 110074664626SKris Kennaway curr->prev = NULL; 110174664626SKris Kennaway } 110274664626SKris Kennaway } 1103f579bf8eSKris Kennaway 1104f579bf8eSKris Kennaway *head_p = head; 1105f579bf8eSKris Kennaway *tail_p = tail; 110674664626SKris Kennaway } 110774664626SKris Kennaway 11081f13597dSJung-uk Kim static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, 1109f579bf8eSKris Kennaway CIPHER_ORDER **tail_p) 1110f579bf8eSKris Kennaway { 1111f579bf8eSKris Kennaway int max_strength_bits, i, *number_uses; 1112f579bf8eSKris Kennaway CIPHER_ORDER *curr; 1113f579bf8eSKris Kennaway 1114f579bf8eSKris Kennaway /* 1115f579bf8eSKris Kennaway * This routine sorts the ciphers with descending strength. The sorting 1116f579bf8eSKris Kennaway * must keep the pre-sorted sequence, so we apply the normal sorting 1117f579bf8eSKris Kennaway * routine as '+' movement to the end of the list. 1118f579bf8eSKris Kennaway */ 1119f579bf8eSKris Kennaway max_strength_bits = 0; 1120f579bf8eSKris Kennaway curr = *head_p; 11216f9291ceSJung-uk Kim while (curr != NULL) { 11226f9291ceSJung-uk Kim if (curr->active && (curr->cipher->strength_bits > max_strength_bits)) 1123f579bf8eSKris Kennaway max_strength_bits = curr->cipher->strength_bits; 1124f579bf8eSKris Kennaway curr = curr->next; 1125f579bf8eSKris Kennaway } 1126f579bf8eSKris Kennaway 1127ddd58736SKris Kennaway number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); 11286f9291ceSJung-uk Kim if (!number_uses) { 1129f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE); 1130f579bf8eSKris Kennaway return (0); 1131f579bf8eSKris Kennaway } 1132f579bf8eSKris Kennaway memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int)); 1133f579bf8eSKris Kennaway 1134f579bf8eSKris Kennaway /* 1135f579bf8eSKris Kennaway * Now find the strength_bits values actually used 1136f579bf8eSKris Kennaway */ 1137f579bf8eSKris Kennaway curr = *head_p; 11386f9291ceSJung-uk Kim while (curr != NULL) { 1139f579bf8eSKris Kennaway if (curr->active) 1140f579bf8eSKris Kennaway number_uses[curr->cipher->strength_bits]++; 1141f579bf8eSKris Kennaway curr = curr->next; 1142f579bf8eSKris Kennaway } 1143f579bf8eSKris Kennaway /* 1144f579bf8eSKris Kennaway * Go through the list of used strength_bits values in descending 1145f579bf8eSKris Kennaway * order. 1146f579bf8eSKris Kennaway */ 1147f579bf8eSKris Kennaway for (i = max_strength_bits; i >= 0; i--) 1148f579bf8eSKris Kennaway if (number_uses[i] > 0) 11496f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p, 11506f9291ceSJung-uk Kim tail_p); 1151f579bf8eSKris Kennaway 1152ddd58736SKris Kennaway OPENSSL_free(number_uses); 1153f579bf8eSKris Kennaway return (1); 1154f579bf8eSKris Kennaway } 1155f579bf8eSKris Kennaway 1156f579bf8eSKris Kennaway static int ssl_cipher_process_rulestr(const char *rule_str, 11576f9291ceSJung-uk Kim CIPHER_ORDER **head_p, 11586f9291ceSJung-uk Kim CIPHER_ORDER **tail_p, 11591f13597dSJung-uk Kim const SSL_CIPHER **ca_list) 1160f579bf8eSKris Kennaway { 11616f9291ceSJung-uk Kim unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, 11626f9291ceSJung-uk Kim algo_strength; 1163a3ddd25aSSimon L. B. Nielsen const char *l, *buf; 1164f579bf8eSKris Kennaway int j, multi, found, rule, retval, ok, buflen; 11651f13597dSJung-uk Kim unsigned long cipher_id = 0; 1166f579bf8eSKris Kennaway char ch; 1167f579bf8eSKris Kennaway 1168f579bf8eSKris Kennaway retval = 1; 1169f579bf8eSKris Kennaway l = rule_str; 11706f9291ceSJung-uk Kim for (;;) { 1171f579bf8eSKris Kennaway ch = *l; 1172f579bf8eSKris Kennaway 1173f579bf8eSKris Kennaway if (ch == '\0') 1174f579bf8eSKris Kennaway break; /* done */ 11756f9291ceSJung-uk Kim if (ch == '-') { 11766f9291ceSJung-uk Kim rule = CIPHER_DEL; 11776f9291ceSJung-uk Kim l++; 11786f9291ceSJung-uk Kim } else if (ch == '+') { 11796f9291ceSJung-uk Kim rule = CIPHER_ORD; 11806f9291ceSJung-uk Kim l++; 11816f9291ceSJung-uk Kim } else if (ch == '!') { 11826f9291ceSJung-uk Kim rule = CIPHER_KILL; 11836f9291ceSJung-uk Kim l++; 11846f9291ceSJung-uk Kim } else if (ch == '@') { 11856f9291ceSJung-uk Kim rule = CIPHER_SPECIAL; 11866f9291ceSJung-uk Kim l++; 11876f9291ceSJung-uk Kim } else { 11886f9291ceSJung-uk Kim rule = CIPHER_ADD; 11896f9291ceSJung-uk Kim } 1190f579bf8eSKris Kennaway 11916f9291ceSJung-uk Kim if (ITEM_SEP(ch)) { 1192f579bf8eSKris Kennaway l++; 1193f579bf8eSKris Kennaway continue; 1194f579bf8eSKris Kennaway } 1195f579bf8eSKris Kennaway 11961f13597dSJung-uk Kim alg_mkey = 0; 11971f13597dSJung-uk Kim alg_auth = 0; 11981f13597dSJung-uk Kim alg_enc = 0; 11991f13597dSJung-uk Kim alg_mac = 0; 12001f13597dSJung-uk Kim alg_ssl = 0; 12011f13597dSJung-uk Kim algo_strength = 0; 1202f579bf8eSKris Kennaway 12036f9291ceSJung-uk Kim for (;;) { 1204f579bf8eSKris Kennaway ch = *l; 1205f579bf8eSKris Kennaway buf = l; 1206f579bf8eSKris Kennaway buflen = 0; 1207f579bf8eSKris Kennaway #ifndef CHARSET_EBCDIC 1208f579bf8eSKris Kennaway while (((ch >= 'A') && (ch <= 'Z')) || 1209f579bf8eSKris Kennaway ((ch >= '0') && (ch <= '9')) || 12106f9291ceSJung-uk Kim ((ch >= 'a') && (ch <= 'z')) || (ch == '-') || (ch == '.')) 1211f579bf8eSKris Kennaway #else 121209286989SJung-uk Kim while (isalnum(ch) || (ch == '-') || (ch == '.')) 1213f579bf8eSKris Kennaway #endif 1214f579bf8eSKris Kennaway { 1215f579bf8eSKris Kennaway ch = *(++l); 1216f579bf8eSKris Kennaway buflen++; 1217f579bf8eSKris Kennaway } 1218f579bf8eSKris Kennaway 12196f9291ceSJung-uk Kim if (buflen == 0) { 1220f579bf8eSKris Kennaway /* 1221f579bf8eSKris Kennaway * We hit something we cannot deal with, 1222f579bf8eSKris Kennaway * it is no command or separator nor 1223f579bf8eSKris Kennaway * alphanumeric, so we call this an error. 1224f579bf8eSKris Kennaway */ 1225f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, 1226f579bf8eSKris Kennaway SSL_R_INVALID_COMMAND); 1227f579bf8eSKris Kennaway retval = found = 0; 1228f579bf8eSKris Kennaway l++; 1229f579bf8eSKris Kennaway break; 1230f579bf8eSKris Kennaway } 1231f579bf8eSKris Kennaway 12326f9291ceSJung-uk Kim if (rule == CIPHER_SPECIAL) { 1233f579bf8eSKris Kennaway found = 0; /* unused -- avoid compiler warning */ 1234f579bf8eSKris Kennaway break; /* special treatment */ 1235f579bf8eSKris Kennaway } 1236f579bf8eSKris Kennaway 1237f579bf8eSKris Kennaway /* check for multi-part specification */ 12386f9291ceSJung-uk Kim if (ch == '+') { 1239f579bf8eSKris Kennaway multi = 1; 1240f579bf8eSKris Kennaway l++; 12416f9291ceSJung-uk Kim } else 1242f579bf8eSKris Kennaway multi = 0; 1243f579bf8eSKris Kennaway 1244f579bf8eSKris Kennaway /* 1245f579bf8eSKris Kennaway * Now search for the cipher alias in the ca_list. Be careful 1246f579bf8eSKris Kennaway * with the strncmp, because the "buflen" limitation 1247f579bf8eSKris Kennaway * will make the rule "ADH:SOME" and the cipher 1248f579bf8eSKris Kennaway * "ADH-MY-CIPHER" look like a match for buflen=3. 1249f579bf8eSKris Kennaway * So additionally check whether the cipher name found 1250f579bf8eSKris Kennaway * has the correct length. We can save a strlen() call: 1251f579bf8eSKris Kennaway * just checking for the '\0' at the right place is 125250ef0093SJacques Vidrine * sufficient, we have to strncmp() anyway. (We cannot 125350ef0093SJacques Vidrine * use strcmp(), because buf is not '\0' terminated.) 1254f579bf8eSKris Kennaway */ 1255f579bf8eSKris Kennaway j = found = 0; 12563b4e3dcbSSimon L. B. Nielsen cipher_id = 0; 12576f9291ceSJung-uk Kim while (ca_list[j]) { 125850ef0093SJacques Vidrine if (!strncmp(buf, ca_list[j]->name, buflen) && 12596f9291ceSJung-uk Kim (ca_list[j]->name[buflen] == '\0')) { 1260f579bf8eSKris Kennaway found = 1; 1261f579bf8eSKris Kennaway break; 12626f9291ceSJung-uk Kim } else 1263f579bf8eSKris Kennaway j++; 1264f579bf8eSKris Kennaway } 12651f13597dSJung-uk Kim 1266f579bf8eSKris Kennaway if (!found) 1267f579bf8eSKris Kennaway break; /* ignore this entry */ 1268f579bf8eSKris Kennaway 12696f9291ceSJung-uk Kim if (ca_list[j]->algorithm_mkey) { 12706f9291ceSJung-uk Kim if (alg_mkey) { 12711f13597dSJung-uk Kim alg_mkey &= ca_list[j]->algorithm_mkey; 12726f9291ceSJung-uk Kim if (!alg_mkey) { 12736f9291ceSJung-uk Kim found = 0; 12746f9291ceSJung-uk Kim break; 12751f13597dSJung-uk Kim } 12766f9291ceSJung-uk Kim } else 12771f13597dSJung-uk Kim alg_mkey = ca_list[j]->algorithm_mkey; 12781f13597dSJung-uk Kim } 1279f579bf8eSKris Kennaway 12806f9291ceSJung-uk Kim if (ca_list[j]->algorithm_auth) { 12816f9291ceSJung-uk Kim if (alg_auth) { 12821f13597dSJung-uk Kim alg_auth &= ca_list[j]->algorithm_auth; 12836f9291ceSJung-uk Kim if (!alg_auth) { 12846f9291ceSJung-uk Kim found = 0; 12856f9291ceSJung-uk Kim break; 12861f13597dSJung-uk Kim } 12876f9291ceSJung-uk Kim } else 12881f13597dSJung-uk Kim alg_auth = ca_list[j]->algorithm_auth; 12891f13597dSJung-uk Kim } 12901f13597dSJung-uk Kim 12916f9291ceSJung-uk Kim if (ca_list[j]->algorithm_enc) { 12926f9291ceSJung-uk Kim if (alg_enc) { 12931f13597dSJung-uk Kim alg_enc &= ca_list[j]->algorithm_enc; 12946f9291ceSJung-uk Kim if (!alg_enc) { 12956f9291ceSJung-uk Kim found = 0; 12966f9291ceSJung-uk Kim break; 12971f13597dSJung-uk Kim } 12986f9291ceSJung-uk Kim } else 12991f13597dSJung-uk Kim alg_enc = ca_list[j]->algorithm_enc; 13001f13597dSJung-uk Kim } 13011f13597dSJung-uk Kim 13026f9291ceSJung-uk Kim if (ca_list[j]->algorithm_mac) { 13036f9291ceSJung-uk Kim if (alg_mac) { 13041f13597dSJung-uk Kim alg_mac &= ca_list[j]->algorithm_mac; 13056f9291ceSJung-uk Kim if (!alg_mac) { 13066f9291ceSJung-uk Kim found = 0; 13076f9291ceSJung-uk Kim break; 13081f13597dSJung-uk Kim } 13096f9291ceSJung-uk Kim } else 13101f13597dSJung-uk Kim alg_mac = ca_list[j]->algorithm_mac; 13111f13597dSJung-uk Kim } 13121f13597dSJung-uk Kim 13136f9291ceSJung-uk Kim if (ca_list[j]->algo_strength & SSL_EXP_MASK) { 13146f9291ceSJung-uk Kim if (algo_strength & SSL_EXP_MASK) { 13156f9291ceSJung-uk Kim algo_strength &= 13166f9291ceSJung-uk Kim (ca_list[j]->algo_strength & SSL_EXP_MASK) | 13176f9291ceSJung-uk Kim ~SSL_EXP_MASK; 13186f9291ceSJung-uk Kim if (!(algo_strength & SSL_EXP_MASK)) { 13196f9291ceSJung-uk Kim found = 0; 13206f9291ceSJung-uk Kim break; 13211f13597dSJung-uk Kim } 13226f9291ceSJung-uk Kim } else 13231f13597dSJung-uk Kim algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK; 13241f13597dSJung-uk Kim } 13251f13597dSJung-uk Kim 13266f9291ceSJung-uk Kim if (ca_list[j]->algo_strength & SSL_STRONG_MASK) { 13276f9291ceSJung-uk Kim if (algo_strength & SSL_STRONG_MASK) { 13286f9291ceSJung-uk Kim algo_strength &= 13296f9291ceSJung-uk Kim (ca_list[j]->algo_strength & SSL_STRONG_MASK) | 13306f9291ceSJung-uk Kim ~SSL_STRONG_MASK; 13316f9291ceSJung-uk Kim if (!(algo_strength & SSL_STRONG_MASK)) { 13326f9291ceSJung-uk Kim found = 0; 13336f9291ceSJung-uk Kim break; 13341f13597dSJung-uk Kim } 13356f9291ceSJung-uk Kim } else 13366f9291ceSJung-uk Kim algo_strength |= 13376f9291ceSJung-uk Kim ca_list[j]->algo_strength & SSL_STRONG_MASK; 13381f13597dSJung-uk Kim } 13391f13597dSJung-uk Kim 13406f9291ceSJung-uk Kim if (ca_list[j]->valid) { 13416f9291ceSJung-uk Kim /* 13426f9291ceSJung-uk Kim * explicit ciphersuite found; its protocol version does not 13436f9291ceSJung-uk Kim * become part of the search pattern! 13446f9291ceSJung-uk Kim */ 13451f13597dSJung-uk Kim 1346ed5d4f9aSSimon L. B. Nielsen cipher_id = ca_list[j]->id; 13476f9291ceSJung-uk Kim } else { 13486f9291ceSJung-uk Kim /* 13496f9291ceSJung-uk Kim * not an explicit ciphersuite; only in this case, the 13506f9291ceSJung-uk Kim * protocol version is considered part of the search pattern 13516f9291ceSJung-uk Kim */ 13521f13597dSJung-uk Kim 13536f9291ceSJung-uk Kim if (ca_list[j]->algorithm_ssl) { 13546f9291ceSJung-uk Kim if (alg_ssl) { 13551f13597dSJung-uk Kim alg_ssl &= ca_list[j]->algorithm_ssl; 13566f9291ceSJung-uk Kim if (!alg_ssl) { 13576f9291ceSJung-uk Kim found = 0; 13586f9291ceSJung-uk Kim break; 13591f13597dSJung-uk Kim } 13606f9291ceSJung-uk Kim } else 13611f13597dSJung-uk Kim alg_ssl = ca_list[j]->algorithm_ssl; 13621f13597dSJung-uk Kim } 1363ed5d4f9aSSimon L. B. Nielsen } 1364ed5d4f9aSSimon L. B. Nielsen 13656f9291ceSJung-uk Kim if (!multi) 13666f9291ceSJung-uk Kim break; 1367f579bf8eSKris Kennaway } 1368f579bf8eSKris Kennaway 1369f579bf8eSKris Kennaway /* 1370f579bf8eSKris Kennaway * Ok, we have the rule, now apply it 1371f579bf8eSKris Kennaway */ 13726f9291ceSJung-uk Kim if (rule == CIPHER_SPECIAL) { /* special command */ 1373f579bf8eSKris Kennaway ok = 0; 13746f9291ceSJung-uk Kim if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8)) 13751f13597dSJung-uk Kim ok = ssl_cipher_strength_sort(head_p, tail_p); 1376f579bf8eSKris Kennaway else 1377f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, 1378f579bf8eSKris Kennaway SSL_R_INVALID_COMMAND); 1379f579bf8eSKris Kennaway if (ok == 0) 1380f579bf8eSKris Kennaway retval = 0; 1381f579bf8eSKris Kennaway /* 1382f579bf8eSKris Kennaway * We do not support any "multi" options 1383f579bf8eSKris Kennaway * together with "@", so throw away the 1384f579bf8eSKris Kennaway * rest of the command, if any left, until 1385f579bf8eSKris Kennaway * end or ':' is found. 1386f579bf8eSKris Kennaway */ 13875471f83eSSimon L. B. Nielsen while ((*l != '\0') && !ITEM_SEP(*l)) 1388f579bf8eSKris Kennaway l++; 13896f9291ceSJung-uk Kim } else if (found) { 13901f13597dSJung-uk Kim ssl_cipher_apply_rule(cipher_id, 13916f9291ceSJung-uk Kim alg_mkey, alg_auth, alg_enc, alg_mac, 13926f9291ceSJung-uk Kim alg_ssl, algo_strength, rule, -1, head_p, 13936f9291ceSJung-uk Kim tail_p); 13946f9291ceSJung-uk Kim } else { 13955471f83eSSimon L. B. Nielsen while ((*l != '\0') && !ITEM_SEP(*l)) 1396f579bf8eSKris Kennaway l++; 1397f579bf8eSKris Kennaway } 13986f9291ceSJung-uk Kim if (*l == '\0') 13996f9291ceSJung-uk Kim break; /* done */ 1400f579bf8eSKris Kennaway } 1401f579bf8eSKris Kennaway 1402f579bf8eSKris Kennaway return (retval); 1403f579bf8eSKris Kennaway } 1404f579bf8eSKris Kennaway 14057bded2dbSJung-uk Kim #ifndef OPENSSL_NO_EC 14067bded2dbSJung-uk Kim static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c, 14077bded2dbSJung-uk Kim const char **prule_str) 14087bded2dbSJung-uk Kim { 14097bded2dbSJung-uk Kim unsigned int suiteb_flags = 0, suiteb_comb2 = 0; 1410*80815a77SJung-uk Kim if (strncmp(*prule_str, "SUITEB128ONLY", 13) == 0) { 14117bded2dbSJung-uk Kim suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY; 1412*80815a77SJung-uk Kim } else if (strncmp(*prule_str, "SUITEB128C2", 11) == 0) { 14137bded2dbSJung-uk Kim suiteb_comb2 = 1; 14147bded2dbSJung-uk Kim suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS; 1415*80815a77SJung-uk Kim } else if (strncmp(*prule_str, "SUITEB128", 9) == 0) { 1416*80815a77SJung-uk Kim suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS; 1417*80815a77SJung-uk Kim } else if (strncmp(*prule_str, "SUITEB192", 9) == 0) { 14187bded2dbSJung-uk Kim suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS; 1419*80815a77SJung-uk Kim } 14207bded2dbSJung-uk Kim 14217bded2dbSJung-uk Kim if (suiteb_flags) { 14227bded2dbSJung-uk Kim c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS; 14237bded2dbSJung-uk Kim c->cert_flags |= suiteb_flags; 14247bded2dbSJung-uk Kim } else 14257bded2dbSJung-uk Kim suiteb_flags = c->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS; 14267bded2dbSJung-uk Kim 14277bded2dbSJung-uk Kim if (!suiteb_flags) 14287bded2dbSJung-uk Kim return 1; 14297bded2dbSJung-uk Kim /* Check version: if TLS 1.2 ciphers allowed we can use Suite B */ 14307bded2dbSJung-uk Kim 14317bded2dbSJung-uk Kim if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)) { 14327bded2dbSJung-uk Kim if (meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS) 14337bded2dbSJung-uk Kim SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, 14347bded2dbSJung-uk Kim SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE); 14357bded2dbSJung-uk Kim else 14367bded2dbSJung-uk Kim SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, 14377bded2dbSJung-uk Kim SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE); 14387bded2dbSJung-uk Kim return 0; 14397bded2dbSJung-uk Kim } 14407bded2dbSJung-uk Kim # ifndef OPENSSL_NO_ECDH 14417bded2dbSJung-uk Kim switch (suiteb_flags) { 14427bded2dbSJung-uk Kim case SSL_CERT_FLAG_SUITEB_128_LOS: 14437bded2dbSJung-uk Kim if (suiteb_comb2) 14447bded2dbSJung-uk Kim *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384"; 14457bded2dbSJung-uk Kim else 14467bded2dbSJung-uk Kim *prule_str = 14477bded2dbSJung-uk Kim "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384"; 14487bded2dbSJung-uk Kim break; 14497bded2dbSJung-uk Kim case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY: 14507bded2dbSJung-uk Kim *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256"; 14517bded2dbSJung-uk Kim break; 14527bded2dbSJung-uk Kim case SSL_CERT_FLAG_SUITEB_192_LOS: 14537bded2dbSJung-uk Kim *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384"; 14547bded2dbSJung-uk Kim break; 14557bded2dbSJung-uk Kim } 14567bded2dbSJung-uk Kim /* Set auto ECDH parameter determination */ 14577bded2dbSJung-uk Kim c->ecdh_tmp_auto = 1; 14587bded2dbSJung-uk Kim return 1; 14597bded2dbSJung-uk Kim # else 14607bded2dbSJung-uk Kim SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, 14617bded2dbSJung-uk Kim SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE); 14627bded2dbSJung-uk Kim return 0; 14637bded2dbSJung-uk Kim # endif 14647bded2dbSJung-uk Kim } 14657bded2dbSJung-uk Kim #endif 14667bded2dbSJung-uk Kim 14676f9291ceSJung-uk Kim STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK_OF(SSL_CIPHER) 14686f9291ceSJung-uk Kim **cipher_list, STACK_OF(SSL_CIPHER) 14696f9291ceSJung-uk Kim **cipher_list_by_id, 14707bded2dbSJung-uk Kim const char *rule_str, CERT *c) 1471f579bf8eSKris Kennaway { 1472f579bf8eSKris Kennaway int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; 14736f9291ceSJung-uk Kim unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, 14746f9291ceSJung-uk Kim disabled_ssl; 14753b4e3dcbSSimon L. B. Nielsen STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list; 1476f579bf8eSKris Kennaway const char *rule_p; 1477ced566fdSJacques Vidrine CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; 14781f13597dSJung-uk Kim const SSL_CIPHER **ca_list = NULL; 1479f579bf8eSKris Kennaway 1480f579bf8eSKris Kennaway /* 1481f579bf8eSKris Kennaway * Return with error if nothing to do. 1482f579bf8eSKris Kennaway */ 14833b4e3dcbSSimon L. B. Nielsen if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) 14843b4e3dcbSSimon L. B. Nielsen return NULL; 14857bded2dbSJung-uk Kim #ifndef OPENSSL_NO_EC 14867bded2dbSJung-uk Kim if (!check_suiteb_cipher_list(ssl_method, c, &rule_str)) 14877bded2dbSJung-uk Kim return NULL; 14887bded2dbSJung-uk Kim #endif 1489f579bf8eSKris Kennaway 1490f579bf8eSKris Kennaway /* 1491f579bf8eSKris Kennaway * To reduce the work to do we only want to process the compiled 1492f579bf8eSKris Kennaway * in algorithms, so we first get the mask of disabled ciphers. 1493f579bf8eSKris Kennaway */ 14946f9291ceSJung-uk Kim ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, 14956f9291ceSJung-uk Kim &disabled_mac, &disabled_ssl); 1496f579bf8eSKris Kennaway 1497f579bf8eSKris Kennaway /* 1498f579bf8eSKris Kennaway * Now we have to collect the available ciphers from the compiled 1499f579bf8eSKris Kennaway * in ciphers. We cannot get more than the number compiled in, so 1500f579bf8eSKris Kennaway * it is used for allocation. 1501f579bf8eSKris Kennaway */ 1502f579bf8eSKris Kennaway num_of_ciphers = ssl_method->num_ciphers(); 15035c87c606SMark Murray #ifdef KSSL_DEBUG 15046f9291ceSJung-uk Kim fprintf(stderr, "ssl_create_cipher_list() for %d ciphers\n", 15056f9291ceSJung-uk Kim num_of_ciphers); 15065c87c606SMark Murray #endif /* KSSL_DEBUG */ 15076f9291ceSJung-uk Kim co_list = 15086f9291ceSJung-uk Kim (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); 15096f9291ceSJung-uk Kim if (co_list == NULL) { 1510f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); 1511f579bf8eSKris Kennaway return (NULL); /* Failure */ 1512f579bf8eSKris Kennaway } 1513f579bf8eSKris Kennaway 15141f13597dSJung-uk Kim ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, 15156f9291ceSJung-uk Kim disabled_mkey, disabled_auth, disabled_enc, 15166f9291ceSJung-uk Kim disabled_mac, disabled_ssl, co_list, &head, 15176f9291ceSJung-uk Kim &tail); 15181f13597dSJung-uk Kim 15191f13597dSJung-uk Kim /* Now arrange all ciphers by preference: */ 15201f13597dSJung-uk Kim 15216f9291ceSJung-uk Kim /* 15226f9291ceSJung-uk Kim * Everything else being equal, prefer ephemeral ECDH over other key 15236f9291ceSJung-uk Kim * exchange mechanisms 15246f9291ceSJung-uk Kim */ 15256f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, 15266f9291ceSJung-uk Kim &tail); 15276f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, 15286f9291ceSJung-uk Kim &tail); 15291f13597dSJung-uk Kim 15301f13597dSJung-uk Kim /* AES is our preferred symmetric cipher */ 15316f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, 15326f9291ceSJung-uk Kim &tail); 15331f13597dSJung-uk Kim 15341f13597dSJung-uk Kim /* Temporarily enable everything else for sorting */ 15351f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail); 15361f13597dSJung-uk Kim 15371f13597dSJung-uk Kim /* Low priority for MD5 */ 15386f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head, 15396f9291ceSJung-uk Kim &tail); 15401f13597dSJung-uk Kim 15416f9291ceSJung-uk Kim /* 15426f9291ceSJung-uk Kim * Move anonymous ciphers to the end. Usually, these will remain 15436f9291ceSJung-uk Kim * disabled. (For applications that allow them, they aren't too bad, but 15446f9291ceSJung-uk Kim * we prefer authenticated ciphers.) 15456f9291ceSJung-uk Kim */ 15466f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15476f9291ceSJung-uk Kim &tail); 15481f13597dSJung-uk Kim 15491f13597dSJung-uk Kim /* Move ciphers without forward secrecy to the end */ 15506f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15516f9291ceSJung-uk Kim &tail); 15526f9291ceSJung-uk Kim /* 15536f9291ceSJung-uk Kim * ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1, 15546f9291ceSJung-uk Kim * &head, &tail); 15556f9291ceSJung-uk Kim */ 15566f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15576f9291ceSJung-uk Kim &tail); 15586f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kPSK, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15596f9291ceSJung-uk Kim &tail); 15606f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kKRB5, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15616f9291ceSJung-uk Kim &tail); 15621f13597dSJung-uk Kim 15631f13597dSJung-uk Kim /* RC4 is sort-of broken -- move the the end */ 15646f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, 15656f9291ceSJung-uk Kim &tail); 15661f13597dSJung-uk Kim 15676f9291ceSJung-uk Kim /* 15686f9291ceSJung-uk Kim * Now sort by symmetric encryption strength. The above ordering remains 15696f9291ceSJung-uk Kim * in force within each class 15706f9291ceSJung-uk Kim */ 15716f9291ceSJung-uk Kim if (!ssl_cipher_strength_sort(&head, &tail)) { 15721f13597dSJung-uk Kim OPENSSL_free(co_list); 15731f13597dSJung-uk Kim return NULL; 15741f13597dSJung-uk Kim } 15751f13597dSJung-uk Kim 15761f13597dSJung-uk Kim /* Now disable everything (maintaining the ordering!) */ 15771f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail); 15781f13597dSJung-uk Kim 1579f579bf8eSKris Kennaway /* 1580f579bf8eSKris Kennaway * We also need cipher aliases for selecting based on the rule_str. 1581f579bf8eSKris Kennaway * There might be two types of entries in the rule_str: 1) names 1582f579bf8eSKris Kennaway * of ciphers themselves 2) aliases for groups of ciphers. 1583f579bf8eSKris Kennaway * For 1) we need the available ciphers and for 2) the cipher 1584f579bf8eSKris Kennaway * groups of cipher_aliases added together in one list (otherwise 1585f579bf8eSKris Kennaway * we would be happy with just the cipher_aliases table). 1586f579bf8eSKris Kennaway */ 1587f579bf8eSKris Kennaway num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER); 1588f579bf8eSKris Kennaway num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; 15891f13597dSJung-uk Kim ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); 15906f9291ceSJung-uk Kim if (ca_list == NULL) { 1591ced566fdSJacques Vidrine OPENSSL_free(co_list); 1592f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); 1593f579bf8eSKris Kennaway return (NULL); /* Failure */ 1594f579bf8eSKris Kennaway } 15955471f83eSSimon L. B. Nielsen ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, 15961f13597dSJung-uk Kim disabled_mkey, disabled_auth, disabled_enc, 15971f13597dSJung-uk Kim disabled_mac, disabled_ssl, head); 1598f579bf8eSKris Kennaway 1599f579bf8eSKris Kennaway /* 1600f579bf8eSKris Kennaway * If the rule_string begins with DEFAULT, apply the default rule 1601f579bf8eSKris Kennaway * before using the (possibly available) additional rules. 1602f579bf8eSKris Kennaway */ 1603f579bf8eSKris Kennaway ok = 1; 1604f579bf8eSKris Kennaway rule_p = rule_str; 16056f9291ceSJung-uk Kim if (strncmp(rule_str, "DEFAULT", 7) == 0) { 1606f579bf8eSKris Kennaway ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, 16071f13597dSJung-uk Kim &head, &tail, ca_list); 1608f579bf8eSKris Kennaway rule_p += 7; 1609f579bf8eSKris Kennaway if (*rule_p == ':') 1610f579bf8eSKris Kennaway rule_p++; 1611f579bf8eSKris Kennaway } 1612f579bf8eSKris Kennaway 1613f579bf8eSKris Kennaway if (ok && (strlen(rule_p) > 0)) 16141f13597dSJung-uk Kim ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list); 1615f579bf8eSKris Kennaway 16161f13597dSJung-uk Kim OPENSSL_free((void *)ca_list); /* Not needed anymore */ 1617f579bf8eSKris Kennaway 16186f9291ceSJung-uk Kim if (!ok) { /* Rule processing failure */ 1619ced566fdSJacques Vidrine OPENSSL_free(co_list); 1620f579bf8eSKris Kennaway return (NULL); 1621f579bf8eSKris Kennaway } 16221f13597dSJung-uk Kim 1623f579bf8eSKris Kennaway /* 1624f579bf8eSKris Kennaway * Allocate new "cipherstack" for the result, return with error 1625f579bf8eSKris Kennaway * if we cannot get one. 1626f579bf8eSKris Kennaway */ 16276f9291ceSJung-uk Kim if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) { 1628ced566fdSJacques Vidrine OPENSSL_free(co_list); 1629f579bf8eSKris Kennaway return (NULL); 1630f579bf8eSKris Kennaway } 1631f579bf8eSKris Kennaway 1632f579bf8eSKris Kennaway /* 1633f579bf8eSKris Kennaway * The cipher selection for the list is done. The ciphers are added 1634f579bf8eSKris Kennaway * to the resulting precedence to the STACK_OF(SSL_CIPHER). 1635f579bf8eSKris Kennaway */ 16366f9291ceSJung-uk Kim for (curr = head; curr != NULL; curr = curr->next) { 1637db522d3aSSimon L. B. Nielsen #ifdef OPENSSL_FIPS 16386f9291ceSJung-uk Kim if (curr->active 16396f9291ceSJung-uk Kim && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) 1640db522d3aSSimon L. B. Nielsen #else 164174664626SKris Kennaway if (curr->active) 1642db522d3aSSimon L. B. Nielsen #endif 164374664626SKris Kennaway { 1644f579bf8eSKris Kennaway sk_SSL_CIPHER_push(cipherstack, curr->cipher); 164574664626SKris Kennaway #ifdef CIPHER_DEBUG 1646751d2991SJung-uk Kim fprintf(stderr, "<%s>\n", curr->cipher->name); 164774664626SKris Kennaway #endif 164874664626SKris Kennaway } 164974664626SKris Kennaway } 1650ced566fdSJacques Vidrine OPENSSL_free(co_list); /* Not needed any longer */ 165174664626SKris Kennaway 16523b4e3dcbSSimon L. B. Nielsen tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack); 16536f9291ceSJung-uk Kim if (tmp_cipher_list == NULL) { 16543b4e3dcbSSimon L. B. Nielsen sk_SSL_CIPHER_free(cipherstack); 16553b4e3dcbSSimon L. B. Nielsen return NULL; 16563b4e3dcbSSimon L. B. Nielsen } 165774664626SKris Kennaway if (*cipher_list != NULL) 165874664626SKris Kennaway sk_SSL_CIPHER_free(*cipher_list); 1659f579bf8eSKris Kennaway *cipher_list = cipherstack; 166074664626SKris Kennaway if (*cipher_list_by_id != NULL) 166174664626SKris Kennaway sk_SSL_CIPHER_free(*cipher_list_by_id); 16623b4e3dcbSSimon L. B. Nielsen *cipher_list_by_id = tmp_cipher_list; 16636f9291ceSJung-uk Kim (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id, 16646f9291ceSJung-uk Kim ssl_cipher_ptr_id_cmp); 166574664626SKris Kennaway 16666a599222SSimon L. B. Nielsen sk_SSL_CIPHER_sort(*cipher_list_by_id); 1667f579bf8eSKris Kennaway return (cipherstack); 166874664626SKris Kennaway } 166974664626SKris Kennaway 16706a599222SSimon L. B. Nielsen char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) 167174664626SKris Kennaway { 167274664626SKris Kennaway int is_export, pkl, kl; 16733b4e3dcbSSimon L. B. Nielsen const char *ver, *exp_str; 16743b4e3dcbSSimon L. B. Nielsen const char *kx, *au, *enc, *mac; 16751f13597dSJung-uk Kim unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2; 16765c87c606SMark Murray #ifdef KSSL_DEBUG 16776f9291ceSJung-uk Kim static const char *format = 16786f9291ceSJung-uk Kim "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n"; 16795c87c606SMark Murray #else 16806f9291ceSJung-uk Kim static const char *format = 16816f9291ceSJung-uk Kim "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; 16825c87c606SMark Murray #endif /* KSSL_DEBUG */ 168374664626SKris Kennaway 16841f13597dSJung-uk Kim alg_mkey = cipher->algorithm_mkey; 16851f13597dSJung-uk Kim alg_auth = cipher->algorithm_auth; 16861f13597dSJung-uk Kim alg_enc = cipher->algorithm_enc; 16871f13597dSJung-uk Kim alg_mac = cipher->algorithm_mac; 16881f13597dSJung-uk Kim alg_ssl = cipher->algorithm_ssl; 16891f13597dSJung-uk Kim 169074664626SKris Kennaway alg2 = cipher->algorithm2; 169174664626SKris Kennaway 1692f579bf8eSKris Kennaway is_export = SSL_C_IS_EXPORT(cipher); 1693f579bf8eSKris Kennaway pkl = SSL_C_EXPORT_PKEYLENGTH(cipher); 1694f579bf8eSKris Kennaway kl = SSL_C_EXPORT_KEYLENGTH(cipher); 1695ced566fdSJacques Vidrine exp_str = is_export ? " export" : ""; 169674664626SKris Kennaway 16971f13597dSJung-uk Kim if (alg_ssl & SSL_SSLV2) 169874664626SKris Kennaway ver = "SSLv2"; 16991f13597dSJung-uk Kim else if (alg_ssl & SSL_SSLV3) 170074664626SKris Kennaway ver = "SSLv3"; 17011f13597dSJung-uk Kim else if (alg_ssl & SSL_TLSV1_2) 17021f13597dSJung-uk Kim ver = "TLSv1.2"; 170374664626SKris Kennaway else 170474664626SKris Kennaway ver = "unknown"; 170574664626SKris Kennaway 17066f9291ceSJung-uk Kim switch (alg_mkey) { 170774664626SKris Kennaway case SSL_kRSA: 170874664626SKris Kennaway kx = is_export ? (pkl == 512 ? "RSA(512)" : "RSA(1024)") : "RSA"; 170974664626SKris Kennaway break; 171074664626SKris Kennaway case SSL_kDHr: 171174664626SKris Kennaway kx = "DH/RSA"; 171274664626SKris Kennaway break; 171374664626SKris Kennaway case SSL_kDHd: 171474664626SKris Kennaway kx = "DH/DSS"; 171574664626SKris Kennaway break; 17161f13597dSJung-uk Kim case SSL_kKRB5: 17175c87c606SMark Murray kx = "KRB5"; 17185c87c606SMark Murray break; 171974664626SKris Kennaway case SSL_kEDH: 172074664626SKris Kennaway kx = is_export ? (pkl == 512 ? "DH(512)" : "DH(1024)") : "DH"; 172174664626SKris Kennaway break; 17221f13597dSJung-uk Kim case SSL_kECDHr: 17231f13597dSJung-uk Kim kx = "ECDH/RSA"; 17241f13597dSJung-uk Kim break; 17251f13597dSJung-uk Kim case SSL_kECDHe: 17261f13597dSJung-uk Kim kx = "ECDH/ECDSA"; 17271f13597dSJung-uk Kim break; 17281f13597dSJung-uk Kim case SSL_kEECDH: 17291f13597dSJung-uk Kim kx = "ECDH"; 17301f13597dSJung-uk Kim break; 17311f13597dSJung-uk Kim case SSL_kPSK: 17321f13597dSJung-uk Kim kx = "PSK"; 17331f13597dSJung-uk Kim break; 17341f13597dSJung-uk Kim case SSL_kSRP: 17351f13597dSJung-uk Kim kx = "SRP"; 17363b4e3dcbSSimon L. B. Nielsen break; 1737a93cbc2bSJung-uk Kim case SSL_kGOST: 1738a93cbc2bSJung-uk Kim kx = "GOST"; 1739a93cbc2bSJung-uk Kim break; 174074664626SKris Kennaway default: 174174664626SKris Kennaway kx = "unknown"; 174274664626SKris Kennaway } 174374664626SKris Kennaway 17446f9291ceSJung-uk Kim switch (alg_auth) { 174574664626SKris Kennaway case SSL_aRSA: 174674664626SKris Kennaway au = "RSA"; 174774664626SKris Kennaway break; 174874664626SKris Kennaway case SSL_aDSS: 174974664626SKris Kennaway au = "DSS"; 175074664626SKris Kennaway break; 175174664626SKris Kennaway case SSL_aDH: 175274664626SKris Kennaway au = "DH"; 175374664626SKris Kennaway break; 17541f13597dSJung-uk Kim case SSL_aKRB5: 17555c87c606SMark Murray au = "KRB5"; 17565c87c606SMark Murray break; 17571f13597dSJung-uk Kim case SSL_aECDH: 17581f13597dSJung-uk Kim au = "ECDH"; 17591f13597dSJung-uk Kim break; 176074664626SKris Kennaway case SSL_aNULL: 176174664626SKris Kennaway au = "None"; 176274664626SKris Kennaway break; 17633b4e3dcbSSimon L. B. Nielsen case SSL_aECDSA: 17643b4e3dcbSSimon L. B. Nielsen au = "ECDSA"; 17653b4e3dcbSSimon L. B. Nielsen break; 17661f13597dSJung-uk Kim case SSL_aPSK: 17671f13597dSJung-uk Kim au = "PSK"; 17681f13597dSJung-uk Kim break; 1769a93cbc2bSJung-uk Kim case SSL_aSRP: 1770a93cbc2bSJung-uk Kim au = "SRP"; 1771a93cbc2bSJung-uk Kim break; 1772a93cbc2bSJung-uk Kim case SSL_aGOST94: 1773a93cbc2bSJung-uk Kim au = "GOST94"; 1774a93cbc2bSJung-uk Kim break; 1775a93cbc2bSJung-uk Kim case SSL_aGOST01: 1776a93cbc2bSJung-uk Kim au = "GOST01"; 1777a93cbc2bSJung-uk Kim break; 177874664626SKris Kennaway default: 177974664626SKris Kennaway au = "unknown"; 178074664626SKris Kennaway break; 178174664626SKris Kennaway } 178274664626SKris Kennaway 17836f9291ceSJung-uk Kim switch (alg_enc) { 178474664626SKris Kennaway case SSL_DES: 178574664626SKris Kennaway enc = (is_export && kl == 5) ? "DES(40)" : "DES(56)"; 178674664626SKris Kennaway break; 178774664626SKris Kennaway case SSL_3DES: 178874664626SKris Kennaway enc = "3DES(168)"; 178974664626SKris Kennaway break; 179074664626SKris Kennaway case SSL_RC4: 179174664626SKris Kennaway enc = is_export ? (kl == 5 ? "RC4(40)" : "RC4(56)") 179274664626SKris Kennaway : ((alg2 & SSL2_CF_8_BYTE_ENC) ? "RC4(64)" : "RC4(128)"); 179374664626SKris Kennaway break; 179474664626SKris Kennaway case SSL_RC2: 179574664626SKris Kennaway enc = is_export ? (kl == 5 ? "RC2(40)" : "RC2(56)") : "RC2(128)"; 179674664626SKris Kennaway break; 179774664626SKris Kennaway case SSL_IDEA: 179874664626SKris Kennaway enc = "IDEA(128)"; 179974664626SKris Kennaway break; 180074664626SKris Kennaway case SSL_eNULL: 180174664626SKris Kennaway enc = "None"; 180274664626SKris Kennaway break; 18031f13597dSJung-uk Kim case SSL_AES128: 18041f13597dSJung-uk Kim enc = "AES(128)"; 18055c87c606SMark Murray break; 18061f13597dSJung-uk Kim case SSL_AES256: 18071f13597dSJung-uk Kim enc = "AES(256)"; 18081f13597dSJung-uk Kim break; 18091f13597dSJung-uk Kim case SSL_AES128GCM: 18101f13597dSJung-uk Kim enc = "AESGCM(128)"; 18111f13597dSJung-uk Kim break; 18121f13597dSJung-uk Kim case SSL_AES256GCM: 18131f13597dSJung-uk Kim enc = "AESGCM(256)"; 18141f13597dSJung-uk Kim break; 18151f13597dSJung-uk Kim case SSL_CAMELLIA128: 18161f13597dSJung-uk Kim enc = "Camellia(128)"; 18171f13597dSJung-uk Kim break; 18181f13597dSJung-uk Kim case SSL_CAMELLIA256: 18191f13597dSJung-uk Kim enc = "Camellia(256)"; 1820ed5d4f9aSSimon L. B. Nielsen break; 1821db522d3aSSimon L. B. Nielsen case SSL_SEED: 1822db522d3aSSimon L. B. Nielsen enc = "SEED(128)"; 1823db522d3aSSimon L. B. Nielsen break; 1824a93cbc2bSJung-uk Kim case SSL_eGOST2814789CNT: 1825a93cbc2bSJung-uk Kim enc = "GOST89(256)"; 1826a93cbc2bSJung-uk Kim break; 182774664626SKris Kennaway default: 182874664626SKris Kennaway enc = "unknown"; 182974664626SKris Kennaway break; 183074664626SKris Kennaway } 183174664626SKris Kennaway 18326f9291ceSJung-uk Kim switch (alg_mac) { 183374664626SKris Kennaway case SSL_MD5: 183474664626SKris Kennaway mac = "MD5"; 183574664626SKris Kennaway break; 183674664626SKris Kennaway case SSL_SHA1: 183774664626SKris Kennaway mac = "SHA1"; 183874664626SKris Kennaway break; 18391f13597dSJung-uk Kim case SSL_SHA256: 18401f13597dSJung-uk Kim mac = "SHA256"; 18411f13597dSJung-uk Kim break; 18421f13597dSJung-uk Kim case SSL_SHA384: 18431f13597dSJung-uk Kim mac = "SHA384"; 18441f13597dSJung-uk Kim break; 18451f13597dSJung-uk Kim case SSL_AEAD: 18461f13597dSJung-uk Kim mac = "AEAD"; 18471f13597dSJung-uk Kim break; 1848a93cbc2bSJung-uk Kim case SSL_GOST89MAC: 1849a93cbc2bSJung-uk Kim mac = "GOST89"; 1850a93cbc2bSJung-uk Kim break; 1851a93cbc2bSJung-uk Kim case SSL_GOST94: 1852a93cbc2bSJung-uk Kim mac = "GOST94"; 1853a93cbc2bSJung-uk Kim break; 185474664626SKris Kennaway default: 185574664626SKris Kennaway mac = "unknown"; 185674664626SKris Kennaway break; 185774664626SKris Kennaway } 185874664626SKris Kennaway 18596f9291ceSJung-uk Kim if (buf == NULL) { 1860ddd58736SKris Kennaway len = 128; 1861ddd58736SKris Kennaway buf = OPENSSL_malloc(len); 18626f9291ceSJung-uk Kim if (buf == NULL) 18636f9291ceSJung-uk Kim return ("OPENSSL_malloc Error"); 18646f9291ceSJung-uk Kim } else if (len < 128) 186574664626SKris Kennaway return ("Buffer too small"); 186674664626SKris Kennaway 18675c87c606SMark Murray #ifdef KSSL_DEBUG 18686f9291ceSJung-uk Kim BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac, 18696f9291ceSJung-uk Kim exp_str, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl); 18705c87c606SMark Murray #else 18716f9291ceSJung-uk Kim BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac, 18726f9291ceSJung-uk Kim exp_str); 18735c87c606SMark Murray #endif /* KSSL_DEBUG */ 187474664626SKris Kennaway return (buf); 187574664626SKris Kennaway } 187674664626SKris Kennaway 18773b4e3dcbSSimon L. B. Nielsen char *SSL_CIPHER_get_version(const SSL_CIPHER *c) 187874664626SKris Kennaway { 187974664626SKris Kennaway int i; 188074664626SKris Kennaway 18816f9291ceSJung-uk Kim if (c == NULL) 18826f9291ceSJung-uk Kim return ("(NONE)"); 188374664626SKris Kennaway i = (int)(c->id >> 24L); 188474664626SKris Kennaway if (i == 3) 188574664626SKris Kennaway return ("TLSv1/SSLv3"); 188674664626SKris Kennaway else if (i == 2) 188774664626SKris Kennaway return ("SSLv2"); 188874664626SKris Kennaway else 188974664626SKris Kennaway return ("unknown"); 189074664626SKris Kennaway } 189174664626SKris Kennaway 189274664626SKris Kennaway /* return the actual cipher being used */ 18933b4e3dcbSSimon L. B. Nielsen const char *SSL_CIPHER_get_name(const SSL_CIPHER *c) 189474664626SKris Kennaway { 189574664626SKris Kennaway if (c != NULL) 189674664626SKris Kennaway return (c->name); 189774664626SKris Kennaway return ("(NONE)"); 189874664626SKris Kennaway } 189974664626SKris Kennaway 1900f579bf8eSKris Kennaway /* number of bits for symmetric cipher */ 19013b4e3dcbSSimon L. B. Nielsen int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits) 190274664626SKris Kennaway { 1903f579bf8eSKris Kennaway int ret = 0; 190474664626SKris Kennaway 19056f9291ceSJung-uk Kim if (c != NULL) { 19066f9291ceSJung-uk Kim if (alg_bits != NULL) 19076f9291ceSJung-uk Kim *alg_bits = c->alg_bits; 1908f579bf8eSKris Kennaway ret = c->strength_bits; 190974664626SKris Kennaway } 191074664626SKris Kennaway return (ret); 191174664626SKris Kennaway } 191274664626SKris Kennaway 19131f13597dSJung-uk Kim unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c) 19141f13597dSJung-uk Kim { 19151f13597dSJung-uk Kim return c->id; 19161f13597dSJung-uk Kim } 19171f13597dSJung-uk Kim 191874664626SKris Kennaway SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n) 191974664626SKris Kennaway { 192074664626SKris Kennaway SSL_COMP *ctmp; 192174664626SKris Kennaway int i, nn; 192274664626SKris Kennaway 19236f9291ceSJung-uk Kim if ((n == 0) || (sk == NULL)) 19246f9291ceSJung-uk Kim return (NULL); 192574664626SKris Kennaway nn = sk_SSL_COMP_num(sk); 19266f9291ceSJung-uk Kim for (i = 0; i < nn; i++) { 192774664626SKris Kennaway ctmp = sk_SSL_COMP_value(sk, i); 192874664626SKris Kennaway if (ctmp->id == n) 192974664626SKris Kennaway return (ctmp); 193074664626SKris Kennaway } 193174664626SKris Kennaway return (NULL); 193274664626SKris Kennaway } 193374664626SKris Kennaway 19343b4e3dcbSSimon L. B. Nielsen #ifdef OPENSSL_NO_COMP 19353b4e3dcbSSimon L. B. Nielsen void *SSL_COMP_get_compression_methods(void) 193674664626SKris Kennaway { 19373b4e3dcbSSimon L. B. Nielsen return NULL; 19383b4e3dcbSSimon L. B. Nielsen } 19396f9291ceSJung-uk Kim 19403b4e3dcbSSimon L. B. Nielsen int SSL_COMP_add_compression_method(int id, void *cm) 19413b4e3dcbSSimon L. B. Nielsen { 19423b4e3dcbSSimon L. B. Nielsen return 1; 194374664626SKris Kennaway } 194474664626SKris Kennaway 19453b4e3dcbSSimon L. B. Nielsen const char *SSL_COMP_get_name(const void *comp) 19463b4e3dcbSSimon L. B. Nielsen { 19473b4e3dcbSSimon L. B. Nielsen return NULL; 19483b4e3dcbSSimon L. B. Nielsen } 19493b4e3dcbSSimon L. B. Nielsen #else 195074664626SKris Kennaway STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) 195174664626SKris Kennaway { 19523b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 195374664626SKris Kennaway return (ssl_comp_methods); 195474664626SKris Kennaway } 195574664626SKris Kennaway 19567bded2dbSJung-uk Kim STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) 19577bded2dbSJung-uk Kim *meths) 19587bded2dbSJung-uk Kim { 19597bded2dbSJung-uk Kim STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods; 19607bded2dbSJung-uk Kim ssl_comp_methods = meths; 19617bded2dbSJung-uk Kim return old_meths; 19627bded2dbSJung-uk Kim } 19637bded2dbSJung-uk Kim 19647bded2dbSJung-uk Kim static void cmeth_free(SSL_COMP *cm) 19657bded2dbSJung-uk Kim { 19667bded2dbSJung-uk Kim OPENSSL_free(cm); 19677bded2dbSJung-uk Kim } 19687bded2dbSJung-uk Kim 19697bded2dbSJung-uk Kim void SSL_COMP_free_compression_methods(void) 19707bded2dbSJung-uk Kim { 19717bded2dbSJung-uk Kim STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods; 19727bded2dbSJung-uk Kim ssl_comp_methods = NULL; 19737bded2dbSJung-uk Kim sk_SSL_COMP_pop_free(old_meths, cmeth_free); 19747bded2dbSJung-uk Kim } 19757bded2dbSJung-uk Kim 197674664626SKris Kennaway int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) 197774664626SKris Kennaway { 197874664626SKris Kennaway SSL_COMP *comp; 197974664626SKris Kennaway 19805c87c606SMark Murray if (cm == NULL || cm->type == NID_undef) 19815c87c606SMark Murray return 1; 19825c87c606SMark Murray 19836f9291ceSJung-uk Kim /*- 19846f9291ceSJung-uk Kim * According to draft-ietf-tls-compression-04.txt, the 19856f9291ceSJung-uk Kim * compression number ranges should be the following: 19866f9291ceSJung-uk Kim * 19876f9291ceSJung-uk Kim * 0 to 63: methods defined by the IETF 19886f9291ceSJung-uk Kim * 64 to 192: external party methods assigned by IANA 19896f9291ceSJung-uk Kim * 193 to 255: reserved for private use 19906f9291ceSJung-uk Kim */ 19916f9291ceSJung-uk Kim if (id < 193 || id > 255) { 19926f9291ceSJung-uk Kim SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, 19936f9291ceSJung-uk Kim SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); 19943b4e3dcbSSimon L. B. Nielsen return 0; 19953b4e3dcbSSimon L. B. Nielsen } 19963b4e3dcbSSimon L. B. Nielsen 19975c87c606SMark Murray MemCheck_off(); 1998ddd58736SKris Kennaway comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); 199974664626SKris Kennaway comp->id = id; 200074664626SKris Kennaway comp->method = cm; 20013b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 20026f9291ceSJung-uk Kim if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) { 20033b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 20043b4e3dcbSSimon L. B. Nielsen MemCheck_on(); 20056f9291ceSJung-uk Kim SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, 20066f9291ceSJung-uk Kim SSL_R_DUPLICATE_COMPRESSION_ID); 20073b4e3dcbSSimon L. B. Nielsen return (1); 20086f9291ceSJung-uk Kim } else if ((ssl_comp_methods == NULL) 20096f9291ceSJung-uk Kim || !sk_SSL_COMP_push(ssl_comp_methods, comp)) { 20103b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 20115c87c606SMark Murray MemCheck_on(); 201274664626SKris Kennaway SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE); 2013ced566fdSJacques Vidrine return (1); 20146f9291ceSJung-uk Kim } else { 20155c87c606SMark Murray MemCheck_on(); 2016ced566fdSJacques Vidrine return (0); 201774664626SKris Kennaway } 20185c87c606SMark Murray } 20193b4e3dcbSSimon L. B. Nielsen 20203b4e3dcbSSimon L. B. Nielsen const char *SSL_COMP_get_name(const COMP_METHOD *comp) 20213b4e3dcbSSimon L. B. Nielsen { 20223b4e3dcbSSimon L. B. Nielsen if (comp) 20233b4e3dcbSSimon L. B. Nielsen return comp->name; 20243b4e3dcbSSimon L. B. Nielsen return NULL; 20253b4e3dcbSSimon L. B. Nielsen } 20263b4e3dcbSSimon L. B. Nielsen #endif 20277bded2dbSJung-uk Kim /* For a cipher return the index corresponding to the certificate type */ 20287bded2dbSJung-uk Kim int ssl_cipher_get_cert_index(const SSL_CIPHER *c) 20297bded2dbSJung-uk Kim { 20307bded2dbSJung-uk Kim unsigned long alg_k, alg_a; 20317bded2dbSJung-uk Kim 20327bded2dbSJung-uk Kim alg_k = c->algorithm_mkey; 20337bded2dbSJung-uk Kim alg_a = c->algorithm_auth; 20347bded2dbSJung-uk Kim 20357bded2dbSJung-uk Kim if (alg_k & (SSL_kECDHr | SSL_kECDHe)) { 20367bded2dbSJung-uk Kim /* 20377bded2dbSJung-uk Kim * we don't need to look at SSL_kEECDH since no certificate is needed 20387bded2dbSJung-uk Kim * for anon ECDH and for authenticated EECDH, the check for the auth 20397bded2dbSJung-uk Kim * algorithm will set i correctly NOTE: For ECDH-RSA, we need an ECC 20407bded2dbSJung-uk Kim * not an RSA cert but for EECDH-RSA we need an RSA cert. Placing the 20417bded2dbSJung-uk Kim * checks for SSL_kECDH before RSA checks ensures the correct cert is 20427bded2dbSJung-uk Kim * chosen. 20437bded2dbSJung-uk Kim */ 20447bded2dbSJung-uk Kim return SSL_PKEY_ECC; 20457bded2dbSJung-uk Kim } else if (alg_a & SSL_aECDSA) 20467bded2dbSJung-uk Kim return SSL_PKEY_ECC; 20477bded2dbSJung-uk Kim else if (alg_k & SSL_kDHr) 20487bded2dbSJung-uk Kim return SSL_PKEY_DH_RSA; 20497bded2dbSJung-uk Kim else if (alg_k & SSL_kDHd) 20507bded2dbSJung-uk Kim return SSL_PKEY_DH_DSA; 20517bded2dbSJung-uk Kim else if (alg_a & SSL_aDSS) 20527bded2dbSJung-uk Kim return SSL_PKEY_DSA_SIGN; 20537bded2dbSJung-uk Kim else if (alg_a & SSL_aRSA) 20547bded2dbSJung-uk Kim return SSL_PKEY_RSA_ENC; 20557bded2dbSJung-uk Kim else if (alg_a & SSL_aKRB5) 20567bded2dbSJung-uk Kim /* VRS something else here? */ 20577bded2dbSJung-uk Kim return -1; 20587bded2dbSJung-uk Kim else if (alg_a & SSL_aGOST94) 20597bded2dbSJung-uk Kim return SSL_PKEY_GOST94; 20607bded2dbSJung-uk Kim else if (alg_a & SSL_aGOST01) 20617bded2dbSJung-uk Kim return SSL_PKEY_GOST01; 20627bded2dbSJung-uk Kim return -1; 20637bded2dbSJung-uk Kim } 20647bded2dbSJung-uk Kim 20657bded2dbSJung-uk Kim const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr) 20667bded2dbSJung-uk Kim { 20677bded2dbSJung-uk Kim const SSL_CIPHER *c; 20687bded2dbSJung-uk Kim c = ssl->method->get_cipher_by_char(ptr); 20697bded2dbSJung-uk Kim if (c == NULL || c->valid == 0) 20707bded2dbSJung-uk Kim return NULL; 20717bded2dbSJung-uk Kim return c; 20727bded2dbSJung-uk Kim } 20737bded2dbSJung-uk Kim 20747bded2dbSJung-uk Kim const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr) 20757bded2dbSJung-uk Kim { 20767bded2dbSJung-uk Kim return ssl->method->get_cipher_by_char(ptr); 20777bded2dbSJung-uk Kim } 2078