174664626SKris Kennaway /* ssl/ssl_ciph.c */ 274664626SKris Kennaway /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 374664626SKris Kennaway * All rights reserved. 474664626SKris Kennaway * 574664626SKris Kennaway * This package is an SSL implementation written 674664626SKris Kennaway * by Eric Young (eay@cryptsoft.com). 774664626SKris Kennaway * The implementation was written so as to conform with Netscapes SSL. 874664626SKris Kennaway * 974664626SKris Kennaway * This library is free for commercial and non-commercial use as long as 1074664626SKris Kennaway * the following conditions are aheared to. The following conditions 1174664626SKris Kennaway * apply to all code found in this distribution, be it the RC4, RSA, 1274664626SKris Kennaway * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1374664626SKris Kennaway * included with this distribution is covered by the same copyright terms 1474664626SKris Kennaway * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1574664626SKris Kennaway * 1674664626SKris Kennaway * Copyright remains Eric Young's, and as such any Copyright notices in 1774664626SKris Kennaway * the code are not to be removed. 1874664626SKris Kennaway * If this package is used in a product, Eric Young should be given attribution 1974664626SKris Kennaway * as the author of the parts of the library used. 2074664626SKris Kennaway * This can be in the form of a textual message at program startup or 2174664626SKris Kennaway * in documentation (online or textual) provided with the package. 2274664626SKris Kennaway * 2374664626SKris Kennaway * Redistribution and use in source and binary forms, with or without 2474664626SKris Kennaway * modification, are permitted provided that the following conditions 2574664626SKris Kennaway * are met: 2674664626SKris Kennaway * 1. Redistributions of source code must retain the copyright 2774664626SKris Kennaway * notice, this list of conditions and the following disclaimer. 2874664626SKris Kennaway * 2. Redistributions in binary form must reproduce the above copyright 2974664626SKris Kennaway * notice, this list of conditions and the following disclaimer in the 3074664626SKris Kennaway * documentation and/or other materials provided with the distribution. 3174664626SKris Kennaway * 3. All advertising materials mentioning features or use of this software 3274664626SKris Kennaway * must display the following acknowledgement: 3374664626SKris Kennaway * "This product includes cryptographic software written by 3474664626SKris Kennaway * Eric Young (eay@cryptsoft.com)" 3574664626SKris Kennaway * The word 'cryptographic' can be left out if the rouines from the library 3674664626SKris Kennaway * being used are not cryptographic related :-). 3774664626SKris Kennaway * 4. If you include any Windows specific code (or a derivative thereof) from 3874664626SKris Kennaway * the apps directory (application code) you must include an acknowledgement: 3974664626SKris Kennaway * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4074664626SKris Kennaway * 4174664626SKris Kennaway * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4274664626SKris Kennaway * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4374664626SKris Kennaway * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4474664626SKris Kennaway * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4574664626SKris Kennaway * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4674664626SKris Kennaway * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4774664626SKris Kennaway * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4874664626SKris Kennaway * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4974664626SKris Kennaway * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5074664626SKris Kennaway * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5174664626SKris Kennaway * SUCH DAMAGE. 5274664626SKris Kennaway * 5374664626SKris Kennaway * The licence and distribution terms for any publically available version or 5474664626SKris Kennaway * derivative of this code cannot be changed. i.e. this code cannot simply be 5574664626SKris Kennaway * copied and put under another distribution licence 5674664626SKris Kennaway * [including the GNU Public Licence.] 5774664626SKris Kennaway */ 583b4e3dcbSSimon L. B. Nielsen /* ==================================================================== 59ed5d4f9aSSimon L. B. Nielsen * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60ed5d4f9aSSimon L. B. Nielsen * 61ed5d4f9aSSimon L. B. Nielsen * Redistribution and use in source and binary forms, with or without 62ed5d4f9aSSimon L. B. Nielsen * modification, are permitted provided that the following conditions 63ed5d4f9aSSimon L. B. Nielsen * are met: 64ed5d4f9aSSimon L. B. Nielsen * 65ed5d4f9aSSimon L. B. Nielsen * 1. Redistributions of source code must retain the above copyright 66ed5d4f9aSSimon L. B. Nielsen * notice, this list of conditions and the following disclaimer. 67ed5d4f9aSSimon L. B. Nielsen * 68ed5d4f9aSSimon L. B. Nielsen * 2. Redistributions in binary form must reproduce the above copyright 69ed5d4f9aSSimon L. B. Nielsen * notice, this list of conditions and the following disclaimer in 70ed5d4f9aSSimon L. B. Nielsen * the documentation and/or other materials provided with the 71ed5d4f9aSSimon L. B. Nielsen * distribution. 72ed5d4f9aSSimon L. B. Nielsen * 73ed5d4f9aSSimon L. B. Nielsen * 3. All advertising materials mentioning features or use of this 74ed5d4f9aSSimon L. B. Nielsen * software must display the following acknowledgment: 75ed5d4f9aSSimon L. B. Nielsen * "This product includes software developed by the OpenSSL Project 76ed5d4f9aSSimon L. B. Nielsen * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77ed5d4f9aSSimon L. B. Nielsen * 78ed5d4f9aSSimon L. B. Nielsen * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79ed5d4f9aSSimon L. B. Nielsen * endorse or promote products derived from this software without 80ed5d4f9aSSimon L. B. Nielsen * prior written permission. For written permission, please contact 81ed5d4f9aSSimon L. B. Nielsen * openssl-core@openssl.org. 82ed5d4f9aSSimon L. B. Nielsen * 83ed5d4f9aSSimon L. B. Nielsen * 5. Products derived from this software may not be called "OpenSSL" 84ed5d4f9aSSimon L. B. Nielsen * nor may "OpenSSL" appear in their names without prior written 85ed5d4f9aSSimon L. B. Nielsen * permission of the OpenSSL Project. 86ed5d4f9aSSimon L. B. Nielsen * 87ed5d4f9aSSimon L. B. Nielsen * 6. Redistributions of any form whatsoever must retain the following 88ed5d4f9aSSimon L. B. Nielsen * acknowledgment: 89ed5d4f9aSSimon L. B. Nielsen * "This product includes software developed by the OpenSSL Project 90ed5d4f9aSSimon L. B. Nielsen * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91ed5d4f9aSSimon L. B. Nielsen * 92ed5d4f9aSSimon L. B. Nielsen * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93ed5d4f9aSSimon L. B. Nielsen * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94ed5d4f9aSSimon L. B. Nielsen * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95ed5d4f9aSSimon L. B. Nielsen * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96ed5d4f9aSSimon L. B. Nielsen * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97ed5d4f9aSSimon L. B. Nielsen * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98ed5d4f9aSSimon L. B. Nielsen * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99ed5d4f9aSSimon L. B. Nielsen * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100ed5d4f9aSSimon L. B. Nielsen * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101ed5d4f9aSSimon L. B. Nielsen * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102ed5d4f9aSSimon L. B. Nielsen * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103ed5d4f9aSSimon L. B. Nielsen * OF THE POSSIBILITY OF SUCH DAMAGE. 104ed5d4f9aSSimon L. B. Nielsen * ==================================================================== 105ed5d4f9aSSimon L. B. Nielsen * 106ed5d4f9aSSimon L. B. Nielsen * This product includes cryptographic software written by Eric Young 107ed5d4f9aSSimon L. B. Nielsen * (eay@cryptsoft.com). This product includes software written by Tim 108ed5d4f9aSSimon L. B. Nielsen * Hudson (tjh@cryptsoft.com). 109ed5d4f9aSSimon L. B. Nielsen * 110ed5d4f9aSSimon L. B. Nielsen */ 111ed5d4f9aSSimon L. B. Nielsen /* ==================================================================== 1123b4e3dcbSSimon L. B. Nielsen * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 1133b4e3dcbSSimon L. B. Nielsen * ECC cipher suite support in OpenSSL originally developed by 1143b4e3dcbSSimon L. B. Nielsen * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 1153b4e3dcbSSimon L. B. Nielsen */ 11674664626SKris Kennaway #include <stdio.h> 11774664626SKris Kennaway #include <openssl/objects.h> 11874664626SKris Kennaway #include <openssl/comp.h> 11974664626SKris Kennaway #include "ssl_locl.h" 12074664626SKris Kennaway 12174664626SKris Kennaway #define SSL_ENC_DES_IDX 0 12274664626SKris Kennaway #define SSL_ENC_3DES_IDX 1 12374664626SKris Kennaway #define SSL_ENC_RC4_IDX 2 12474664626SKris Kennaway #define SSL_ENC_RC2_IDX 3 12574664626SKris Kennaway #define SSL_ENC_IDEA_IDX 4 12674664626SKris Kennaway #define SSL_ENC_eFZA_IDX 5 12774664626SKris Kennaway #define SSL_ENC_NULL_IDX 6 1285c87c606SMark Murray #define SSL_ENC_AES128_IDX 7 1295c87c606SMark Murray #define SSL_ENC_AES256_IDX 8 1305c87c606SMark Murray #define SSL_ENC_NUM_IDX 9 131ed5d4f9aSSimon L. B. Nielsen #define SSL_ENC_CAMELLIA128_IDX 9 132ed5d4f9aSSimon L. B. Nielsen #define SSL_ENC_CAMELLIA256_IDX 10 133ed5d4f9aSSimon L. B. Nielsen #undef SSL_ENC_NUM_IDX 134ed5d4f9aSSimon L. B. Nielsen #define SSL_ENC_NUM_IDX 11 135ed5d4f9aSSimon L. B. Nielsen 13674664626SKris Kennaway 13774664626SKris Kennaway static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ 13874664626SKris Kennaway NULL,NULL,NULL,NULL,NULL,NULL, 13974664626SKris Kennaway }; 14074664626SKris Kennaway 1413b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_NULL_IDX 0 1423b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_ZLIB_IDX 1 1433b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_NUM_IDX 2 1443b4e3dcbSSimon L. B. Nielsen 14574664626SKris Kennaway static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL; 14674664626SKris Kennaway 14774664626SKris Kennaway #define SSL_MD_MD5_IDX 0 14874664626SKris Kennaway #define SSL_MD_SHA1_IDX 1 14974664626SKris Kennaway #define SSL_MD_NUM_IDX 2 15074664626SKris Kennaway static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={ 15174664626SKris Kennaway NULL,NULL, 15274664626SKris Kennaway }; 15374664626SKris Kennaway 15474664626SKris Kennaway #define CIPHER_ADD 1 15574664626SKris Kennaway #define CIPHER_KILL 2 15674664626SKris Kennaway #define CIPHER_DEL 3 15774664626SKris Kennaway #define CIPHER_ORD 4 158f579bf8eSKris Kennaway #define CIPHER_SPECIAL 5 15974664626SKris Kennaway 16074664626SKris Kennaway typedef struct cipher_order_st 16174664626SKris Kennaway { 16274664626SKris Kennaway SSL_CIPHER *cipher; 16374664626SKris Kennaway int active; 16474664626SKris Kennaway int dead; 16574664626SKris Kennaway struct cipher_order_st *next,*prev; 16674664626SKris Kennaway } CIPHER_ORDER; 16774664626SKris Kennaway 168f579bf8eSKris Kennaway static const SSL_CIPHER cipher_aliases[]={ 1695c87c606SMark Murray /* Don't include eNULL unless specifically enabled. */ 1703b4e3dcbSSimon L. B. Nielsen /* Don't include ECC in ALL because these ciphers are not yet official. */ 1713b4e3dcbSSimon L. B. Nielsen {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL & ~SSL_kECDH & ~SSL_kECDHE, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */ 1723b4e3dcbSSimon L. B. Nielsen /* TODO: COMPLEMENT OF ALL and COMPLEMENT OF DEFAULT do not have ECC cipher suites handled properly. */ 1735c87c606SMark Murray {0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, /* COMPLEMENT OF ALL */ 1745c87c606SMark Murray {0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0}, 1755c87c606SMark Murray {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */ 176f579bf8eSKris Kennaway {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0}, 177f579bf8eSKris Kennaway {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0}, 178f579bf8eSKris Kennaway {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0}, 179f579bf8eSKris Kennaway {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0}, 180f579bf8eSKris Kennaway {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0}, 181f579bf8eSKris Kennaway {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0}, 1823b4e3dcbSSimon L. B. Nielsen {0,SSL_TXT_ECC, 0,(SSL_kECDH|SSL_kECDHE), 0,0,0,0,SSL_MKEY_MASK,0}, 183f579bf8eSKris Kennaway {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0}, 1845c87c606SMark Murray {0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0}, /* VRS Kerberos5 */ 185f579bf8eSKris Kennaway {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0}, 186f579bf8eSKris Kennaway {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0}, 187f579bf8eSKris Kennaway {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0}, 188f579bf8eSKris Kennaway {0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0}, 189f579bf8eSKris Kennaway {0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0}, 190f579bf8eSKris Kennaway {0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0}, 19174664626SKris Kennaway 192f579bf8eSKris Kennaway {0,SSL_TXT_DES, 0,SSL_DES, 0,0,0,0,SSL_ENC_MASK,0}, 193f579bf8eSKris Kennaway {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0}, 194f579bf8eSKris Kennaway {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0}, 195f579bf8eSKris Kennaway {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0}, 196ced566fdSJacques Vidrine #ifndef OPENSSL_NO_IDEA 197f579bf8eSKris Kennaway {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0}, 198ced566fdSJacques Vidrine #endif 199f579bf8eSKris Kennaway {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, 200f579bf8eSKris Kennaway {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0}, 2015c87c606SMark Murray {0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0}, 202ed5d4f9aSSimon L. B. Nielsen {0,SSL_TXT_CAMELLIA, 0,SSL_CAMELLIA, 0,0,0,0,SSL_ENC_MASK,0}, 20374664626SKris Kennaway 204f579bf8eSKris Kennaway {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0}, 205f579bf8eSKris Kennaway {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0}, 206f579bf8eSKris Kennaway {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0}, 20774664626SKris Kennaway 208f579bf8eSKris Kennaway {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0}, 2095c87c606SMark Murray {0,SSL_TXT_KRB5,0,SSL_KRB5, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, 210f579bf8eSKris Kennaway {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, 211f579bf8eSKris Kennaway {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, 212f579bf8eSKris Kennaway {0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0}, 21374664626SKris Kennaway 214f579bf8eSKris Kennaway {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0}, 215f579bf8eSKris Kennaway {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0}, 216f579bf8eSKris Kennaway {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0}, 217f579bf8eSKris Kennaway 218f579bf8eSKris Kennaway {0,SSL_TXT_EXP ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK}, 219f579bf8eSKris Kennaway {0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK}, 220f579bf8eSKris Kennaway {0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK}, 221f579bf8eSKris Kennaway {0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK}, 222f579bf8eSKris Kennaway {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK}, 223f579bf8eSKris Kennaway {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK}, 224f579bf8eSKris Kennaway {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK}, 22574664626SKris Kennaway }; 22674664626SKris Kennaway 2273b4e3dcbSSimon L. B. Nielsen void ssl_load_ciphers(void) 22874664626SKris Kennaway { 22974664626SKris Kennaway ssl_cipher_methods[SSL_ENC_DES_IDX]= 23074664626SKris Kennaway EVP_get_cipherbyname(SN_des_cbc); 23174664626SKris Kennaway ssl_cipher_methods[SSL_ENC_3DES_IDX]= 23274664626SKris Kennaway EVP_get_cipherbyname(SN_des_ede3_cbc); 23374664626SKris Kennaway ssl_cipher_methods[SSL_ENC_RC4_IDX]= 23474664626SKris Kennaway EVP_get_cipherbyname(SN_rc4); 23574664626SKris Kennaway ssl_cipher_methods[SSL_ENC_RC2_IDX]= 23674664626SKris Kennaway EVP_get_cipherbyname(SN_rc2_cbc); 237ced566fdSJacques Vidrine #ifndef OPENSSL_NO_IDEA 23874664626SKris Kennaway ssl_cipher_methods[SSL_ENC_IDEA_IDX]= 23974664626SKris Kennaway EVP_get_cipherbyname(SN_idea_cbc); 240ced566fdSJacques Vidrine #else 241ced566fdSJacques Vidrine ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL; 242ced566fdSJacques Vidrine #endif 2435c87c606SMark Murray ssl_cipher_methods[SSL_ENC_AES128_IDX]= 2445c87c606SMark Murray EVP_get_cipherbyname(SN_aes_128_cbc); 2455c87c606SMark Murray ssl_cipher_methods[SSL_ENC_AES256_IDX]= 2465c87c606SMark Murray EVP_get_cipherbyname(SN_aes_256_cbc); 247ed5d4f9aSSimon L. B. Nielsen ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX]= 248ed5d4f9aSSimon L. B. Nielsen EVP_get_cipherbyname(SN_camellia_128_cbc); 249ed5d4f9aSSimon L. B. Nielsen ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX]= 250ed5d4f9aSSimon L. B. Nielsen EVP_get_cipherbyname(SN_camellia_256_cbc); 25174664626SKris Kennaway 25274664626SKris Kennaway ssl_digest_methods[SSL_MD_MD5_IDX]= 25374664626SKris Kennaway EVP_get_digestbyname(SN_md5); 25474664626SKris Kennaway ssl_digest_methods[SSL_MD_SHA1_IDX]= 25574664626SKris Kennaway EVP_get_digestbyname(SN_sha1); 25674664626SKris Kennaway } 25774664626SKris Kennaway 2583b4e3dcbSSimon L. B. Nielsen 2593b4e3dcbSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 2603b4e3dcbSSimon L. B. Nielsen 2613b4e3dcbSSimon L. B. Nielsen static int sk_comp_cmp(const SSL_COMP * const *a, 2623b4e3dcbSSimon L. B. Nielsen const SSL_COMP * const *b) 2633b4e3dcbSSimon L. B. Nielsen { 2643b4e3dcbSSimon L. B. Nielsen return((*a)->id-(*b)->id); 2653b4e3dcbSSimon L. B. Nielsen } 2663b4e3dcbSSimon L. B. Nielsen 2673b4e3dcbSSimon L. B. Nielsen static void load_builtin_compressions(void) 2683b4e3dcbSSimon L. B. Nielsen { 269ed5d4f9aSSimon L. B. Nielsen int got_write_lock = 0; 2703b4e3dcbSSimon L. B. Nielsen 271ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_lock(CRYPTO_LOCK_SSL); 272ed5d4f9aSSimon L. B. Nielsen if (ssl_comp_methods == NULL) 273ed5d4f9aSSimon L. B. Nielsen { 274ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_unlock(CRYPTO_LOCK_SSL); 2753b4e3dcbSSimon L. B. Nielsen CRYPTO_w_lock(CRYPTO_LOCK_SSL); 276ed5d4f9aSSimon L. B. Nielsen got_write_lock = 1; 277ed5d4f9aSSimon L. B. Nielsen 2783b4e3dcbSSimon L. B. Nielsen if (ssl_comp_methods == NULL) 2793b4e3dcbSSimon L. B. Nielsen { 2803b4e3dcbSSimon L. B. Nielsen SSL_COMP *comp = NULL; 2813b4e3dcbSSimon L. B. Nielsen 2823b4e3dcbSSimon L. B. Nielsen MemCheck_off(); 2833b4e3dcbSSimon L. B. Nielsen ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp); 2843b4e3dcbSSimon L. B. Nielsen if (ssl_comp_methods != NULL) 2853b4e3dcbSSimon L. B. Nielsen { 2863b4e3dcbSSimon L. B. Nielsen comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); 2873b4e3dcbSSimon L. B. Nielsen if (comp != NULL) 2883b4e3dcbSSimon L. B. Nielsen { 2893b4e3dcbSSimon L. B. Nielsen comp->method=COMP_zlib(); 2903b4e3dcbSSimon L. B. Nielsen if (comp->method 2913b4e3dcbSSimon L. B. Nielsen && comp->method->type == NID_undef) 2923b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 2933b4e3dcbSSimon L. B. Nielsen else 2943b4e3dcbSSimon L. B. Nielsen { 2953b4e3dcbSSimon L. B. Nielsen comp->id=SSL_COMP_ZLIB_IDX; 2963b4e3dcbSSimon L. B. Nielsen comp->name=comp->method->name; 2973b4e3dcbSSimon L. B. Nielsen sk_SSL_COMP_push(ssl_comp_methods,comp); 2983b4e3dcbSSimon L. B. Nielsen } 2993b4e3dcbSSimon L. B. Nielsen } 3003b4e3dcbSSimon L. B. Nielsen } 3013b4e3dcbSSimon L. B. Nielsen MemCheck_on(); 3023b4e3dcbSSimon L. B. Nielsen } 303ed5d4f9aSSimon L. B. Nielsen } 304ed5d4f9aSSimon L. B. Nielsen 305ed5d4f9aSSimon L. B. Nielsen if (got_write_lock) 3063b4e3dcbSSimon L. B. Nielsen CRYPTO_w_unlock(CRYPTO_LOCK_SSL); 307ed5d4f9aSSimon L. B. Nielsen else 308ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_unlock(CRYPTO_LOCK_SSL); 3093b4e3dcbSSimon L. B. Nielsen } 3103b4e3dcbSSimon L. B. Nielsen #endif 3113b4e3dcbSSimon L. B. Nielsen 3123b4e3dcbSSimon L. B. Nielsen int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, 31374664626SKris Kennaway const EVP_MD **md, SSL_COMP **comp) 31474664626SKris Kennaway { 31574664626SKris Kennaway int i; 31674664626SKris Kennaway SSL_CIPHER *c; 31774664626SKris Kennaway 31874664626SKris Kennaway c=s->cipher; 31974664626SKris Kennaway if (c == NULL) return(0); 32074664626SKris Kennaway if (comp != NULL) 32174664626SKris Kennaway { 32274664626SKris Kennaway SSL_COMP ctmp; 3233b4e3dcbSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 3243b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 3253b4e3dcbSSimon L. B. Nielsen #endif 32674664626SKris Kennaway 32774664626SKris Kennaway *comp=NULL; 32874664626SKris Kennaway ctmp.id=s->compress_meth; 3293b4e3dcbSSimon L. B. Nielsen if (ssl_comp_methods != NULL) 3303b4e3dcbSSimon L. B. Nielsen { 33174664626SKris Kennaway i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp); 33274664626SKris Kennaway if (i >= 0) 33374664626SKris Kennaway *comp=sk_SSL_COMP_value(ssl_comp_methods,i); 33474664626SKris Kennaway else 33574664626SKris Kennaway *comp=NULL; 33674664626SKris Kennaway } 33774664626SKris Kennaway } 33874664626SKris Kennaway 33974664626SKris Kennaway if ((enc == NULL) || (md == NULL)) return(0); 34074664626SKris Kennaway 34174664626SKris Kennaway switch (c->algorithms & SSL_ENC_MASK) 34274664626SKris Kennaway { 34374664626SKris Kennaway case SSL_DES: 34474664626SKris Kennaway i=SSL_ENC_DES_IDX; 34574664626SKris Kennaway break; 34674664626SKris Kennaway case SSL_3DES: 34774664626SKris Kennaway i=SSL_ENC_3DES_IDX; 34874664626SKris Kennaway break; 34974664626SKris Kennaway case SSL_RC4: 35074664626SKris Kennaway i=SSL_ENC_RC4_IDX; 35174664626SKris Kennaway break; 35274664626SKris Kennaway case SSL_RC2: 35374664626SKris Kennaway i=SSL_ENC_RC2_IDX; 35474664626SKris Kennaway break; 35574664626SKris Kennaway case SSL_IDEA: 35674664626SKris Kennaway i=SSL_ENC_IDEA_IDX; 35774664626SKris Kennaway break; 35874664626SKris Kennaway case SSL_eNULL: 35974664626SKris Kennaway i=SSL_ENC_NULL_IDX; 36074664626SKris Kennaway break; 3615c87c606SMark Murray case SSL_AES: 3625c87c606SMark Murray switch(c->alg_bits) 3635c87c606SMark Murray { 3645c87c606SMark Murray case 128: i=SSL_ENC_AES128_IDX; break; 3655c87c606SMark Murray case 256: i=SSL_ENC_AES256_IDX; break; 3665c87c606SMark Murray default: i=-1; break; 3675c87c606SMark Murray } 3685c87c606SMark Murray break; 369ed5d4f9aSSimon L. B. Nielsen case SSL_CAMELLIA: 370ed5d4f9aSSimon L. B. Nielsen switch(c->alg_bits) 371ed5d4f9aSSimon L. B. Nielsen { 372ed5d4f9aSSimon L. B. Nielsen case 128: i=SSL_ENC_CAMELLIA128_IDX; break; 373ed5d4f9aSSimon L. B. Nielsen case 256: i=SSL_ENC_CAMELLIA256_IDX; break; 374ed5d4f9aSSimon L. B. Nielsen default: i=-1; break; 375ed5d4f9aSSimon L. B. Nielsen } 376ed5d4f9aSSimon L. B. Nielsen break; 377ed5d4f9aSSimon L. B. Nielsen 37874664626SKris Kennaway default: 37974664626SKris Kennaway i= -1; 38074664626SKris Kennaway break; 38174664626SKris Kennaway } 38274664626SKris Kennaway 38374664626SKris Kennaway if ((i < 0) || (i > SSL_ENC_NUM_IDX)) 38474664626SKris Kennaway *enc=NULL; 38574664626SKris Kennaway else 38674664626SKris Kennaway { 38774664626SKris Kennaway if (i == SSL_ENC_NULL_IDX) 38874664626SKris Kennaway *enc=EVP_enc_null(); 38974664626SKris Kennaway else 39074664626SKris Kennaway *enc=ssl_cipher_methods[i]; 39174664626SKris Kennaway } 39274664626SKris Kennaway 39374664626SKris Kennaway switch (c->algorithms & SSL_MAC_MASK) 39474664626SKris Kennaway { 39574664626SKris Kennaway case SSL_MD5: 39674664626SKris Kennaway i=SSL_MD_MD5_IDX; 39774664626SKris Kennaway break; 39874664626SKris Kennaway case SSL_SHA1: 39974664626SKris Kennaway i=SSL_MD_SHA1_IDX; 40074664626SKris Kennaway break; 40174664626SKris Kennaway default: 40274664626SKris Kennaway i= -1; 40374664626SKris Kennaway break; 40474664626SKris Kennaway } 40574664626SKris Kennaway if ((i < 0) || (i > SSL_MD_NUM_IDX)) 40674664626SKris Kennaway *md=NULL; 40774664626SKris Kennaway else 40874664626SKris Kennaway *md=ssl_digest_methods[i]; 40974664626SKris Kennaway 41074664626SKris Kennaway if ((*enc != NULL) && (*md != NULL)) 41174664626SKris Kennaway return(1); 41274664626SKris Kennaway else 41374664626SKris Kennaway return(0); 41474664626SKris Kennaway } 41574664626SKris Kennaway 41674664626SKris Kennaway #define ITEM_SEP(a) \ 41774664626SKris Kennaway (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ',')) 41874664626SKris Kennaway 41974664626SKris Kennaway static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr, 42074664626SKris Kennaway CIPHER_ORDER **tail) 42174664626SKris Kennaway { 42274664626SKris Kennaway if (curr == *tail) return; 42374664626SKris Kennaway if (curr == *head) 42474664626SKris Kennaway *head=curr->next; 42574664626SKris Kennaway if (curr->prev != NULL) 42674664626SKris Kennaway curr->prev->next=curr->next; 42774664626SKris Kennaway if (curr->next != NULL) /* should always be true */ 42874664626SKris Kennaway curr->next->prev=curr->prev; 42974664626SKris Kennaway (*tail)->next=curr; 43074664626SKris Kennaway curr->prev= *tail; 43174664626SKris Kennaway curr->next=NULL; 43274664626SKris Kennaway *tail=curr; 43374664626SKris Kennaway } 43474664626SKris Kennaway 435f579bf8eSKris Kennaway static unsigned long ssl_cipher_get_disabled(void) 43674664626SKris Kennaway { 437f579bf8eSKris Kennaway unsigned long mask; 43874664626SKris Kennaway 43974664626SKris Kennaway mask = SSL_kFZA; 4405c87c606SMark Murray #ifdef OPENSSL_NO_RSA 44174664626SKris Kennaway mask |= SSL_aRSA|SSL_kRSA; 44274664626SKris Kennaway #endif 4435c87c606SMark Murray #ifdef OPENSSL_NO_DSA 44474664626SKris Kennaway mask |= SSL_aDSS; 44574664626SKris Kennaway #endif 4465c87c606SMark Murray #ifdef OPENSSL_NO_DH 44774664626SKris Kennaway mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH; 44874664626SKris Kennaway #endif 4495c87c606SMark Murray #ifdef OPENSSL_NO_KRB5 4505c87c606SMark Murray mask |= SSL_kKRB5|SSL_aKRB5; 4515c87c606SMark Murray #endif 4523b4e3dcbSSimon L. B. Nielsen #ifdef OPENSSL_NO_ECDH 4533b4e3dcbSSimon L. B. Nielsen mask |= SSL_kECDH|SSL_kECDHE; 4543b4e3dcbSSimon L. B. Nielsen #endif 45574664626SKris Kennaway #ifdef SSL_FORBID_ENULL 45674664626SKris Kennaway mask |= SSL_eNULL; 45774664626SKris Kennaway #endif 45874664626SKris Kennaway 45974664626SKris Kennaway mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0; 46074664626SKris Kennaway mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0; 46174664626SKris Kennaway mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0; 46274664626SKris Kennaway mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0; 46374664626SKris Kennaway mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0; 46474664626SKris Kennaway mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0; 4655c87c606SMark Murray mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0; 466ed5d4f9aSSimon L. B. Nielsen mask |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA:0; 46774664626SKris Kennaway 46874664626SKris Kennaway mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0; 46974664626SKris Kennaway mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0; 47074664626SKris Kennaway 471f579bf8eSKris Kennaway return(mask); 472f579bf8eSKris Kennaway } 473f579bf8eSKris Kennaway 474f579bf8eSKris Kennaway static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, 475ced566fdSJacques Vidrine int num_of_ciphers, unsigned long mask, CIPHER_ORDER *co_list, 476f579bf8eSKris Kennaway CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) 477f579bf8eSKris Kennaway { 478ced566fdSJacques Vidrine int i, co_list_num; 479f579bf8eSKris Kennaway SSL_CIPHER *c; 480f579bf8eSKris Kennaway 481f579bf8eSKris Kennaway /* 482f579bf8eSKris Kennaway * We have num_of_ciphers descriptions compiled in, depending on the 483f579bf8eSKris Kennaway * method selected (SSLv2 and/or SSLv3, TLSv1 etc). 484f579bf8eSKris Kennaway * These will later be sorted in a linked list with at most num 485f579bf8eSKris Kennaway * entries. 486f579bf8eSKris Kennaway */ 48774664626SKris Kennaway 48874664626SKris Kennaway /* Get the initial list of ciphers */ 489ced566fdSJacques Vidrine co_list_num = 0; /* actual count of ciphers */ 490f579bf8eSKris Kennaway for (i = 0; i < num_of_ciphers; i++) 49174664626SKris Kennaway { 492f579bf8eSKris Kennaway c = ssl_method->get_cipher(i); 49374664626SKris Kennaway /* drop those that use any of that is not available */ 49474664626SKris Kennaway if ((c != NULL) && c->valid && !(c->algorithms & mask)) 49574664626SKris Kennaway { 496ced566fdSJacques Vidrine co_list[co_list_num].cipher = c; 497ced566fdSJacques Vidrine co_list[co_list_num].next = NULL; 498ced566fdSJacques Vidrine co_list[co_list_num].prev = NULL; 499ced566fdSJacques Vidrine co_list[co_list_num].active = 0; 500ced566fdSJacques Vidrine co_list_num++; 5015c87c606SMark Murray #ifdef KSSL_DEBUG 5025c87c606SMark Murray printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms); 5035c87c606SMark Murray #endif /* KSSL_DEBUG */ 504f579bf8eSKris Kennaway /* 50574664626SKris Kennaway if (!sk_push(ca_list,(char *)c)) goto err; 506f579bf8eSKris Kennaway */ 50774664626SKris Kennaway } 50874664626SKris Kennaway } 50974664626SKris Kennaway 510f579bf8eSKris Kennaway /* 511f579bf8eSKris Kennaway * Prepare linked list from list entries 512f579bf8eSKris Kennaway */ 513ced566fdSJacques Vidrine for (i = 1; i < co_list_num - 1; i++) 51474664626SKris Kennaway { 515ced566fdSJacques Vidrine co_list[i].prev = &(co_list[i-1]); 516ced566fdSJacques Vidrine co_list[i].next = &(co_list[i+1]); 51774664626SKris Kennaway } 518ced566fdSJacques Vidrine if (co_list_num > 0) 51974664626SKris Kennaway { 520ced566fdSJacques Vidrine (*head_p) = &(co_list[0]); 521f579bf8eSKris Kennaway (*head_p)->prev = NULL; 522ced566fdSJacques Vidrine (*head_p)->next = &(co_list[1]); 523ced566fdSJacques Vidrine (*tail_p) = &(co_list[co_list_num - 1]); 524ced566fdSJacques Vidrine (*tail_p)->prev = &(co_list[co_list_num - 2]); 525f579bf8eSKris Kennaway (*tail_p)->next = NULL; 526f579bf8eSKris Kennaway } 52774664626SKris Kennaway } 52874664626SKris Kennaway 529f579bf8eSKris Kennaway static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list, 530f579bf8eSKris Kennaway int num_of_group_aliases, unsigned long mask, 531f579bf8eSKris Kennaway CIPHER_ORDER *head) 53274664626SKris Kennaway { 533f579bf8eSKris Kennaway CIPHER_ORDER *ciph_curr; 534f579bf8eSKris Kennaway SSL_CIPHER **ca_curr; 535f579bf8eSKris Kennaway int i; 536f579bf8eSKris Kennaway 537f579bf8eSKris Kennaway /* 538f579bf8eSKris Kennaway * First, add the real ciphers as already collected 539f579bf8eSKris Kennaway */ 540f579bf8eSKris Kennaway ciph_curr = head; 541f579bf8eSKris Kennaway ca_curr = ca_list; 542f579bf8eSKris Kennaway while (ciph_curr != NULL) 543f579bf8eSKris Kennaway { 544f579bf8eSKris Kennaway *ca_curr = ciph_curr->cipher; 545f579bf8eSKris Kennaway ca_curr++; 546f579bf8eSKris Kennaway ciph_curr = ciph_curr->next; 54774664626SKris Kennaway } 54874664626SKris Kennaway 549f579bf8eSKris Kennaway /* 550f579bf8eSKris Kennaway * Now we add the available ones from the cipher_aliases[] table. 551f579bf8eSKris Kennaway * They represent either an algorithm, that must be fully 552f579bf8eSKris Kennaway * supported (not match any bit in mask) or represent a cipher 553f579bf8eSKris Kennaway * strength value (will be added in any case because algorithms=0). 554f579bf8eSKris Kennaway */ 555f579bf8eSKris Kennaway for (i = 0; i < num_of_group_aliases; i++) 55674664626SKris Kennaway { 557f579bf8eSKris Kennaway if ((i == 0) || /* always fetch "ALL" */ 558f579bf8eSKris Kennaway !(cipher_aliases[i].algorithms & mask)) 55974664626SKris Kennaway { 560f579bf8eSKris Kennaway *ca_curr = (SSL_CIPHER *)(cipher_aliases + i); 561f579bf8eSKris Kennaway ca_curr++; 56274664626SKris Kennaway } 563f579bf8eSKris Kennaway } 56474664626SKris Kennaway 565f579bf8eSKris Kennaway *ca_curr = NULL; /* end of list */ 566f579bf8eSKris Kennaway } 567f579bf8eSKris Kennaway 568ed5d4f9aSSimon L. B. Nielsen static void ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long ssl_version, 5693b4e3dcbSSimon L. B. Nielsen unsigned long algorithms, unsigned long mask, 570f579bf8eSKris Kennaway unsigned long algo_strength, unsigned long mask_strength, 571ced566fdSJacques Vidrine int rule, int strength_bits, CIPHER_ORDER *co_list, 572f579bf8eSKris Kennaway CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) 57374664626SKris Kennaway { 574f579bf8eSKris Kennaway CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2; 575f579bf8eSKris Kennaway SSL_CIPHER *cp; 576f579bf8eSKris Kennaway unsigned long ma, ma_s; 577f579bf8eSKris Kennaway 578f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 579f579bf8eSKris Kennaway printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n", 580f579bf8eSKris Kennaway rule, algorithms, mask, algo_strength, mask_strength, 581f579bf8eSKris Kennaway strength_bits); 58274664626SKris Kennaway #endif 58374664626SKris Kennaway 584f579bf8eSKris Kennaway curr = head = *head_p; 58574664626SKris Kennaway curr2 = head; 586f579bf8eSKris Kennaway tail2 = tail = *tail_p; 58774664626SKris Kennaway for (;;) 58874664626SKris Kennaway { 58974664626SKris Kennaway if ((curr == NULL) || (curr == tail2)) break; 59074664626SKris Kennaway curr = curr2; 59174664626SKris Kennaway curr2 = curr->next; 59274664626SKris Kennaway 59374664626SKris Kennaway cp = curr->cipher; 594f579bf8eSKris Kennaway 595ed5d4f9aSSimon L. B. Nielsen /* If explicit cipher suite, match only that one for its own protocol version. 596ed5d4f9aSSimon L. B. Nielsen * Usual selection criteria will be used for similar ciphersuites from other version! */ 5973b4e3dcbSSimon L. B. Nielsen 598ed5d4f9aSSimon L. B. Nielsen if (cipher_id && (cp->algorithms & SSL_SSL_MASK) == ssl_version) 5993b4e3dcbSSimon L. B. Nielsen { 6003b4e3dcbSSimon L. B. Nielsen if (cp->id != cipher_id) 6013b4e3dcbSSimon L. B. Nielsen continue; 6023b4e3dcbSSimon L. B. Nielsen } 6033b4e3dcbSSimon L. B. Nielsen 604f579bf8eSKris Kennaway /* 605f579bf8eSKris Kennaway * Selection criteria is either the number of strength_bits 606f579bf8eSKris Kennaway * or the algorithm used. 607f579bf8eSKris Kennaway */ 6083b4e3dcbSSimon L. B. Nielsen else if (strength_bits == -1) 60974664626SKris Kennaway { 610f579bf8eSKris Kennaway ma = mask & cp->algorithms; 611f579bf8eSKris Kennaway ma_s = mask_strength & cp->algo_strength; 612f579bf8eSKris Kennaway 613f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 614f579bf8eSKris Kennaway printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength); 615f579bf8eSKris Kennaway printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength); 616f579bf8eSKris Kennaway #endif 617f579bf8eSKris Kennaway /* 618f579bf8eSKris Kennaway * Select: if none of the mask bit was met from the 619f579bf8eSKris Kennaway * cipher or not all of the bits were met, the 620f579bf8eSKris Kennaway * selection does not apply. 621f579bf8eSKris Kennaway */ 622f579bf8eSKris Kennaway if (((ma == 0) && (ma_s == 0)) || 623f579bf8eSKris Kennaway ((ma & algorithms) != ma) || 624f579bf8eSKris Kennaway ((ma_s & algo_strength) != ma_s)) 625f579bf8eSKris Kennaway continue; /* does not apply */ 62674664626SKris Kennaway } 627f579bf8eSKris Kennaway else if (strength_bits != cp->strength_bits) 628f579bf8eSKris Kennaway continue; /* does not apply */ 629f579bf8eSKris Kennaway 630f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 631f579bf8eSKris Kennaway printf("Action = %d\n", rule); 632f579bf8eSKris Kennaway #endif 63374664626SKris Kennaway 63474664626SKris Kennaway /* add the cipher if it has not been added yet. */ 635f579bf8eSKris Kennaway if (rule == CIPHER_ADD) 63674664626SKris Kennaway { 63774664626SKris Kennaway if (!curr->active) 63874664626SKris Kennaway { 639ed5d4f9aSSimon L. B. Nielsen int add_this_cipher = 1; 640ed5d4f9aSSimon L. B. Nielsen 641ed5d4f9aSSimon L. B. Nielsen if (((cp->algorithms & (SSL_kECDHE|SSL_kECDH|SSL_aECDSA)) != 0)) 642ed5d4f9aSSimon L. B. Nielsen { 643ed5d4f9aSSimon L. B. Nielsen /* Make sure "ECCdraft" ciphersuites are activated only if 644ed5d4f9aSSimon L. B. Nielsen * *explicitly* requested, but not implicitly (such as 645ed5d4f9aSSimon L. B. Nielsen * as part of the "AES" alias). */ 646ed5d4f9aSSimon L. B. Nielsen 647ed5d4f9aSSimon L. B. Nielsen add_this_cipher = (mask & (SSL_kECDHE|SSL_kECDH|SSL_aECDSA)) != 0 || cipher_id != 0; 648ed5d4f9aSSimon L. B. Nielsen } 649ed5d4f9aSSimon L. B. Nielsen 650ed5d4f9aSSimon L. B. Nielsen if (add_this_cipher) 651ed5d4f9aSSimon L. B. Nielsen { 65274664626SKris Kennaway ll_append_tail(&head, curr, &tail); 65374664626SKris Kennaway curr->active = 1; 65474664626SKris Kennaway } 65574664626SKris Kennaway } 656ed5d4f9aSSimon L. B. Nielsen } 65774664626SKris Kennaway /* Move the added cipher to this location */ 658f579bf8eSKris Kennaway else if (rule == CIPHER_ORD) 65974664626SKris Kennaway { 66074664626SKris Kennaway if (curr->active) 66174664626SKris Kennaway { 66274664626SKris Kennaway ll_append_tail(&head, curr, &tail); 66374664626SKris Kennaway } 66474664626SKris Kennaway } 665f579bf8eSKris Kennaway else if (rule == CIPHER_DEL) 66674664626SKris Kennaway curr->active = 0; 667f579bf8eSKris Kennaway else if (rule == CIPHER_KILL) 66874664626SKris Kennaway { 66974664626SKris Kennaway if (head == curr) 67074664626SKris Kennaway head = curr->next; 67174664626SKris Kennaway else 67274664626SKris Kennaway curr->prev->next = curr->next; 67374664626SKris Kennaway if (tail == curr) 67474664626SKris Kennaway tail = curr->prev; 67574664626SKris Kennaway curr->active = 0; 67674664626SKris Kennaway if (curr->next != NULL) 67774664626SKris Kennaway curr->next->prev = curr->prev; 67874664626SKris Kennaway if (curr->prev != NULL) 67974664626SKris Kennaway curr->prev->next = curr->next; 68074664626SKris Kennaway curr->next = NULL; 68174664626SKris Kennaway curr->prev = NULL; 68274664626SKris Kennaway } 68374664626SKris Kennaway } 684f579bf8eSKris Kennaway 685f579bf8eSKris Kennaway *head_p = head; 686f579bf8eSKris Kennaway *tail_p = tail; 68774664626SKris Kennaway } 68874664626SKris Kennaway 689ced566fdSJacques Vidrine static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list, 690ced566fdSJacques Vidrine CIPHER_ORDER **head_p, 691f579bf8eSKris Kennaway CIPHER_ORDER **tail_p) 692f579bf8eSKris Kennaway { 693f579bf8eSKris Kennaway int max_strength_bits, i, *number_uses; 694f579bf8eSKris Kennaway CIPHER_ORDER *curr; 695f579bf8eSKris Kennaway 696f579bf8eSKris Kennaway /* 697f579bf8eSKris Kennaway * This routine sorts the ciphers with descending strength. The sorting 698f579bf8eSKris Kennaway * must keep the pre-sorted sequence, so we apply the normal sorting 699f579bf8eSKris Kennaway * routine as '+' movement to the end of the list. 700f579bf8eSKris Kennaway */ 701f579bf8eSKris Kennaway max_strength_bits = 0; 702f579bf8eSKris Kennaway curr = *head_p; 703f579bf8eSKris Kennaway while (curr != NULL) 704f579bf8eSKris Kennaway { 705f579bf8eSKris Kennaway if (curr->active && 706f579bf8eSKris Kennaway (curr->cipher->strength_bits > max_strength_bits)) 707f579bf8eSKris Kennaway max_strength_bits = curr->cipher->strength_bits; 708f579bf8eSKris Kennaway curr = curr->next; 709f579bf8eSKris Kennaway } 710f579bf8eSKris Kennaway 711ddd58736SKris Kennaway number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); 712f579bf8eSKris Kennaway if (!number_uses) 713f579bf8eSKris Kennaway { 714f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE); 715f579bf8eSKris Kennaway return(0); 716f579bf8eSKris Kennaway } 717f579bf8eSKris Kennaway memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int)); 718f579bf8eSKris Kennaway 719f579bf8eSKris Kennaway /* 720f579bf8eSKris Kennaway * Now find the strength_bits values actually used 721f579bf8eSKris Kennaway */ 722f579bf8eSKris Kennaway curr = *head_p; 723f579bf8eSKris Kennaway while (curr != NULL) 724f579bf8eSKris Kennaway { 725f579bf8eSKris Kennaway if (curr->active) 726f579bf8eSKris Kennaway number_uses[curr->cipher->strength_bits]++; 727f579bf8eSKris Kennaway curr = curr->next; 728f579bf8eSKris Kennaway } 729f579bf8eSKris Kennaway /* 730f579bf8eSKris Kennaway * Go through the list of used strength_bits values in descending 731f579bf8eSKris Kennaway * order. 732f579bf8eSKris Kennaway */ 733f579bf8eSKris Kennaway for (i = max_strength_bits; i >= 0; i--) 734f579bf8eSKris Kennaway if (number_uses[i] > 0) 735ed5d4f9aSSimon L. B. Nielsen ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, CIPHER_ORD, i, 736ced566fdSJacques Vidrine co_list, head_p, tail_p); 737f579bf8eSKris Kennaway 738ddd58736SKris Kennaway OPENSSL_free(number_uses); 739f579bf8eSKris Kennaway return(1); 740f579bf8eSKris Kennaway } 741f579bf8eSKris Kennaway 742f579bf8eSKris Kennaway static int ssl_cipher_process_rulestr(const char *rule_str, 743ced566fdSJacques Vidrine CIPHER_ORDER *co_list, CIPHER_ORDER **head_p, 744f579bf8eSKris Kennaway CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list) 745f579bf8eSKris Kennaway { 746f579bf8eSKris Kennaway unsigned long algorithms, mask, algo_strength, mask_strength; 747f579bf8eSKris Kennaway const char *l, *start, *buf; 748f579bf8eSKris Kennaway int j, multi, found, rule, retval, ok, buflen; 749ed5d4f9aSSimon L. B. Nielsen unsigned long cipher_id = 0, ssl_version = 0; 750f579bf8eSKris Kennaway char ch; 751f579bf8eSKris Kennaway 752f579bf8eSKris Kennaway retval = 1; 753f579bf8eSKris Kennaway l = rule_str; 754f579bf8eSKris Kennaway for (;;) 755f579bf8eSKris Kennaway { 756f579bf8eSKris Kennaway ch = *l; 757f579bf8eSKris Kennaway 758f579bf8eSKris Kennaway if (ch == '\0') 759f579bf8eSKris Kennaway break; /* done */ 760f579bf8eSKris Kennaway if (ch == '-') 761f579bf8eSKris Kennaway { rule = CIPHER_DEL; l++; } 762f579bf8eSKris Kennaway else if (ch == '+') 763f579bf8eSKris Kennaway { rule = CIPHER_ORD; l++; } 764f579bf8eSKris Kennaway else if (ch == '!') 765f579bf8eSKris Kennaway { rule = CIPHER_KILL; l++; } 766f579bf8eSKris Kennaway else if (ch == '@') 767f579bf8eSKris Kennaway { rule = CIPHER_SPECIAL; l++; } 768f579bf8eSKris Kennaway else 769f579bf8eSKris Kennaway { rule = CIPHER_ADD; } 770f579bf8eSKris Kennaway 771f579bf8eSKris Kennaway if (ITEM_SEP(ch)) 772f579bf8eSKris Kennaway { 773f579bf8eSKris Kennaway l++; 774f579bf8eSKris Kennaway continue; 775f579bf8eSKris Kennaway } 776f579bf8eSKris Kennaway 777f579bf8eSKris Kennaway algorithms = mask = algo_strength = mask_strength = 0; 778f579bf8eSKris Kennaway 779f579bf8eSKris Kennaway start=l; 780f579bf8eSKris Kennaway for (;;) 781f579bf8eSKris Kennaway { 782f579bf8eSKris Kennaway ch = *l; 783f579bf8eSKris Kennaway buf = l; 784f579bf8eSKris Kennaway buflen = 0; 785f579bf8eSKris Kennaway #ifndef CHARSET_EBCDIC 786f579bf8eSKris Kennaway while ( ((ch >= 'A') && (ch <= 'Z')) || 787f579bf8eSKris Kennaway ((ch >= '0') && (ch <= '9')) || 788f579bf8eSKris Kennaway ((ch >= 'a') && (ch <= 'z')) || 789f579bf8eSKris Kennaway (ch == '-')) 790f579bf8eSKris Kennaway #else 791f579bf8eSKris Kennaway while ( isalnum(ch) || (ch == '-')) 792f579bf8eSKris Kennaway #endif 793f579bf8eSKris Kennaway { 794f579bf8eSKris Kennaway ch = *(++l); 795f579bf8eSKris Kennaway buflen++; 796f579bf8eSKris Kennaway } 797f579bf8eSKris Kennaway 798f579bf8eSKris Kennaway if (buflen == 0) 799f579bf8eSKris Kennaway { 800f579bf8eSKris Kennaway /* 801f579bf8eSKris Kennaway * We hit something we cannot deal with, 802f579bf8eSKris Kennaway * it is no command or separator nor 803f579bf8eSKris Kennaway * alphanumeric, so we call this an error. 804f579bf8eSKris Kennaway */ 805f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, 806f579bf8eSKris Kennaway SSL_R_INVALID_COMMAND); 807f579bf8eSKris Kennaway retval = found = 0; 808f579bf8eSKris Kennaway l++; 809f579bf8eSKris Kennaway break; 810f579bf8eSKris Kennaway } 811f579bf8eSKris Kennaway 812f579bf8eSKris Kennaway if (rule == CIPHER_SPECIAL) 813f579bf8eSKris Kennaway { 814f579bf8eSKris Kennaway found = 0; /* unused -- avoid compiler warning */ 815f579bf8eSKris Kennaway break; /* special treatment */ 816f579bf8eSKris Kennaway } 817f579bf8eSKris Kennaway 818f579bf8eSKris Kennaway /* check for multi-part specification */ 819f579bf8eSKris Kennaway if (ch == '+') 820f579bf8eSKris Kennaway { 821f579bf8eSKris Kennaway multi=1; 822f579bf8eSKris Kennaway l++; 823f579bf8eSKris Kennaway } 824f579bf8eSKris Kennaway else 825f579bf8eSKris Kennaway multi=0; 826f579bf8eSKris Kennaway 827f579bf8eSKris Kennaway /* 828f579bf8eSKris Kennaway * Now search for the cipher alias in the ca_list. Be careful 829f579bf8eSKris Kennaway * with the strncmp, because the "buflen" limitation 830f579bf8eSKris Kennaway * will make the rule "ADH:SOME" and the cipher 831f579bf8eSKris Kennaway * "ADH-MY-CIPHER" look like a match for buflen=3. 832f579bf8eSKris Kennaway * So additionally check whether the cipher name found 833f579bf8eSKris Kennaway * has the correct length. We can save a strlen() call: 834f579bf8eSKris Kennaway * just checking for the '\0' at the right place is 83550ef0093SJacques Vidrine * sufficient, we have to strncmp() anyway. (We cannot 83650ef0093SJacques Vidrine * use strcmp(), because buf is not '\0' terminated.) 837f579bf8eSKris Kennaway */ 838f579bf8eSKris Kennaway j = found = 0; 8393b4e3dcbSSimon L. B. Nielsen cipher_id = 0; 840ed5d4f9aSSimon L. B. Nielsen ssl_version = 0; 841f579bf8eSKris Kennaway while (ca_list[j]) 842f579bf8eSKris Kennaway { 84350ef0093SJacques Vidrine if (!strncmp(buf, ca_list[j]->name, buflen) && 84450ef0093SJacques Vidrine (ca_list[j]->name[buflen] == '\0')) 845f579bf8eSKris Kennaway { 846f579bf8eSKris Kennaway found = 1; 847f579bf8eSKris Kennaway break; 848f579bf8eSKris Kennaway } 849f579bf8eSKris Kennaway else 850f579bf8eSKris Kennaway j++; 851f579bf8eSKris Kennaway } 852f579bf8eSKris Kennaway if (!found) 853f579bf8eSKris Kennaway break; /* ignore this entry */ 854f579bf8eSKris Kennaway 8553b4e3dcbSSimon L. B. Nielsen /* New algorithms: 8563b4e3dcbSSimon L. B. Nielsen * 1 - any old restrictions apply outside new mask 8573b4e3dcbSSimon L. B. Nielsen * 2 - any new restrictions apply outside old mask 8583b4e3dcbSSimon L. B. Nielsen * 3 - enforce old & new where masks intersect 8593b4e3dcbSSimon L. B. Nielsen */ 8603b4e3dcbSSimon L. B. Nielsen algorithms = (algorithms & ~ca_list[j]->mask) | /* 1 */ 8613b4e3dcbSSimon L. B. Nielsen (ca_list[j]->algorithms & ~mask) | /* 2 */ 8623b4e3dcbSSimon L. B. Nielsen (algorithms & ca_list[j]->algorithms); /* 3 */ 863f579bf8eSKris Kennaway mask |= ca_list[j]->mask; 8643b4e3dcbSSimon L. B. Nielsen algo_strength = (algo_strength & ~ca_list[j]->mask_strength) | 8653b4e3dcbSSimon L. B. Nielsen (ca_list[j]->algo_strength & ~mask_strength) | 8663b4e3dcbSSimon L. B. Nielsen (algo_strength & ca_list[j]->algo_strength); 867f579bf8eSKris Kennaway mask_strength |= ca_list[j]->mask_strength; 868f579bf8eSKris Kennaway 869ed5d4f9aSSimon L. B. Nielsen /* explicit ciphersuite found */ 870ed5d4f9aSSimon L. B. Nielsen if (ca_list[j]->valid) 871ed5d4f9aSSimon L. B. Nielsen { 872ed5d4f9aSSimon L. B. Nielsen cipher_id = ca_list[j]->id; 873ed5d4f9aSSimon L. B. Nielsen ssl_version = ca_list[j]->algorithms & SSL_SSL_MASK; 874ed5d4f9aSSimon L. B. Nielsen break; 875ed5d4f9aSSimon L. B. Nielsen } 876ed5d4f9aSSimon L. B. Nielsen 877f579bf8eSKris Kennaway if (!multi) break; 878f579bf8eSKris Kennaway } 879f579bf8eSKris Kennaway 880f579bf8eSKris Kennaway /* 881f579bf8eSKris Kennaway * Ok, we have the rule, now apply it 882f579bf8eSKris Kennaway */ 883f579bf8eSKris Kennaway if (rule == CIPHER_SPECIAL) 884f579bf8eSKris Kennaway { /* special command */ 885f579bf8eSKris Kennaway ok = 0; 886f579bf8eSKris Kennaway if ((buflen == 8) && 887f579bf8eSKris Kennaway !strncmp(buf, "STRENGTH", 8)) 888ced566fdSJacques Vidrine ok = ssl_cipher_strength_sort(co_list, 889f579bf8eSKris Kennaway head_p, tail_p); 890f579bf8eSKris Kennaway else 891f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, 892f579bf8eSKris Kennaway SSL_R_INVALID_COMMAND); 893f579bf8eSKris Kennaway if (ok == 0) 894f579bf8eSKris Kennaway retval = 0; 895f579bf8eSKris Kennaway /* 896f579bf8eSKris Kennaway * We do not support any "multi" options 897f579bf8eSKris Kennaway * together with "@", so throw away the 898f579bf8eSKris Kennaway * rest of the command, if any left, until 899f579bf8eSKris Kennaway * end or ':' is found. 900f579bf8eSKris Kennaway */ 901f579bf8eSKris Kennaway while ((*l != '\0') && ITEM_SEP(*l)) 902f579bf8eSKris Kennaway l++; 903f579bf8eSKris Kennaway } 904f579bf8eSKris Kennaway else if (found) 905f579bf8eSKris Kennaway { 906ed5d4f9aSSimon L. B. Nielsen ssl_cipher_apply_rule(cipher_id, ssl_version, algorithms, mask, 907f579bf8eSKris Kennaway algo_strength, mask_strength, rule, -1, 908ced566fdSJacques Vidrine co_list, head_p, tail_p); 909f579bf8eSKris Kennaway } 910f579bf8eSKris Kennaway else 911f579bf8eSKris Kennaway { 912f579bf8eSKris Kennaway while ((*l != '\0') && ITEM_SEP(*l)) 913f579bf8eSKris Kennaway l++; 914f579bf8eSKris Kennaway } 915f579bf8eSKris Kennaway if (*l == '\0') break; /* done */ 916f579bf8eSKris Kennaway } 917f579bf8eSKris Kennaway 918f579bf8eSKris Kennaway return(retval); 919f579bf8eSKris Kennaway } 920f579bf8eSKris Kennaway 921f579bf8eSKris Kennaway STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, 922f579bf8eSKris Kennaway STACK_OF(SSL_CIPHER) **cipher_list, 923f579bf8eSKris Kennaway STACK_OF(SSL_CIPHER) **cipher_list_by_id, 924f579bf8eSKris Kennaway const char *rule_str) 925f579bf8eSKris Kennaway { 926f579bf8eSKris Kennaway int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; 927f579bf8eSKris Kennaway unsigned long disabled_mask; 9283b4e3dcbSSimon L. B. Nielsen STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list; 929f579bf8eSKris Kennaway const char *rule_p; 930ced566fdSJacques Vidrine CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; 931f579bf8eSKris Kennaway SSL_CIPHER **ca_list = NULL; 932f579bf8eSKris Kennaway 933f579bf8eSKris Kennaway /* 934f579bf8eSKris Kennaway * Return with error if nothing to do. 935f579bf8eSKris Kennaway */ 9363b4e3dcbSSimon L. B. Nielsen if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) 9373b4e3dcbSSimon L. B. Nielsen return NULL; 938f579bf8eSKris Kennaway 939f579bf8eSKris Kennaway /* 940f579bf8eSKris Kennaway * To reduce the work to do we only want to process the compiled 941f579bf8eSKris Kennaway * in algorithms, so we first get the mask of disabled ciphers. 942f579bf8eSKris Kennaway */ 943f579bf8eSKris Kennaway disabled_mask = ssl_cipher_get_disabled(); 944f579bf8eSKris Kennaway 945f579bf8eSKris Kennaway /* 946f579bf8eSKris Kennaway * Now we have to collect the available ciphers from the compiled 947f579bf8eSKris Kennaway * in ciphers. We cannot get more than the number compiled in, so 948f579bf8eSKris Kennaway * it is used for allocation. 949f579bf8eSKris Kennaway */ 950f579bf8eSKris Kennaway num_of_ciphers = ssl_method->num_ciphers(); 9515c87c606SMark Murray #ifdef KSSL_DEBUG 9525c87c606SMark Murray printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); 9535c87c606SMark Murray #endif /* KSSL_DEBUG */ 954ced566fdSJacques Vidrine co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); 955ced566fdSJacques Vidrine if (co_list == NULL) 956f579bf8eSKris Kennaway { 957f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); 958f579bf8eSKris Kennaway return(NULL); /* Failure */ 959f579bf8eSKris Kennaway } 960f579bf8eSKris Kennaway 961f579bf8eSKris Kennaway ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask, 962ced566fdSJacques Vidrine co_list, &head, &tail); 963f579bf8eSKris Kennaway 964f579bf8eSKris Kennaway /* 965f579bf8eSKris Kennaway * We also need cipher aliases for selecting based on the rule_str. 966f579bf8eSKris Kennaway * There might be two types of entries in the rule_str: 1) names 967f579bf8eSKris Kennaway * of ciphers themselves 2) aliases for groups of ciphers. 968f579bf8eSKris Kennaway * For 1) we need the available ciphers and for 2) the cipher 969f579bf8eSKris Kennaway * groups of cipher_aliases added together in one list (otherwise 970f579bf8eSKris Kennaway * we would be happy with just the cipher_aliases table). 971f579bf8eSKris Kennaway */ 972f579bf8eSKris Kennaway num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER); 973f579bf8eSKris Kennaway num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; 974f579bf8eSKris Kennaway ca_list = 975ddd58736SKris Kennaway (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); 976f579bf8eSKris Kennaway if (ca_list == NULL) 977f579bf8eSKris Kennaway { 978ced566fdSJacques Vidrine OPENSSL_free(co_list); 979f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); 980f579bf8eSKris Kennaway return(NULL); /* Failure */ 981f579bf8eSKris Kennaway } 982f579bf8eSKris Kennaway ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask, 983f579bf8eSKris Kennaway head); 984f579bf8eSKris Kennaway 985f579bf8eSKris Kennaway /* 986f579bf8eSKris Kennaway * If the rule_string begins with DEFAULT, apply the default rule 987f579bf8eSKris Kennaway * before using the (possibly available) additional rules. 988f579bf8eSKris Kennaway */ 989f579bf8eSKris Kennaway ok = 1; 990f579bf8eSKris Kennaway rule_p = rule_str; 991f579bf8eSKris Kennaway if (strncmp(rule_str,"DEFAULT",7) == 0) 992f579bf8eSKris Kennaway { 993f579bf8eSKris Kennaway ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, 994ced566fdSJacques Vidrine co_list, &head, &tail, ca_list); 995f579bf8eSKris Kennaway rule_p += 7; 996f579bf8eSKris Kennaway if (*rule_p == ':') 997f579bf8eSKris Kennaway rule_p++; 998f579bf8eSKris Kennaway } 999f579bf8eSKris Kennaway 1000f579bf8eSKris Kennaway if (ok && (strlen(rule_p) > 0)) 1001ced566fdSJacques Vidrine ok = ssl_cipher_process_rulestr(rule_p, co_list, &head, &tail, 1002f579bf8eSKris Kennaway ca_list); 1003f579bf8eSKris Kennaway 1004ddd58736SKris Kennaway OPENSSL_free(ca_list); /* Not needed anymore */ 1005f579bf8eSKris Kennaway 1006f579bf8eSKris Kennaway if (!ok) 1007f579bf8eSKris Kennaway { /* Rule processing failure */ 1008ced566fdSJacques Vidrine OPENSSL_free(co_list); 1009f579bf8eSKris Kennaway return(NULL); 1010f579bf8eSKris Kennaway } 1011f579bf8eSKris Kennaway /* 1012f579bf8eSKris Kennaway * Allocate new "cipherstack" for the result, return with error 1013f579bf8eSKris Kennaway * if we cannot get one. 1014f579bf8eSKris Kennaway */ 1015ddd58736SKris Kennaway if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) 1016f579bf8eSKris Kennaway { 1017ced566fdSJacques Vidrine OPENSSL_free(co_list); 1018f579bf8eSKris Kennaway return(NULL); 1019f579bf8eSKris Kennaway } 1020f579bf8eSKris Kennaway 1021f579bf8eSKris Kennaway /* 1022f579bf8eSKris Kennaway * The cipher selection for the list is done. The ciphers are added 1023f579bf8eSKris Kennaway * to the resulting precedence to the STACK_OF(SSL_CIPHER). 1024f579bf8eSKris Kennaway */ 102574664626SKris Kennaway for (curr = head; curr != NULL; curr = curr->next) 102674664626SKris Kennaway { 102774664626SKris Kennaway if (curr->active) 102874664626SKris Kennaway { 1029f579bf8eSKris Kennaway sk_SSL_CIPHER_push(cipherstack, curr->cipher); 103074664626SKris Kennaway #ifdef CIPHER_DEBUG 103174664626SKris Kennaway printf("<%s>\n",curr->cipher->name); 103274664626SKris Kennaway #endif 103374664626SKris Kennaway } 103474664626SKris Kennaway } 1035ced566fdSJacques Vidrine OPENSSL_free(co_list); /* Not needed any longer */ 103674664626SKris Kennaway 10373b4e3dcbSSimon L. B. Nielsen tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack); 10383b4e3dcbSSimon L. B. Nielsen if (tmp_cipher_list == NULL) 103974664626SKris Kennaway { 10403b4e3dcbSSimon L. B. Nielsen sk_SSL_CIPHER_free(cipherstack); 10413b4e3dcbSSimon L. B. Nielsen return NULL; 10423b4e3dcbSSimon L. B. Nielsen } 104374664626SKris Kennaway if (*cipher_list != NULL) 104474664626SKris Kennaway sk_SSL_CIPHER_free(*cipher_list); 1045f579bf8eSKris Kennaway *cipher_list = cipherstack; 104674664626SKris Kennaway if (*cipher_list_by_id != NULL) 104774664626SKris Kennaway sk_SSL_CIPHER_free(*cipher_list_by_id); 10483b4e3dcbSSimon L. B. Nielsen *cipher_list_by_id = tmp_cipher_list; 104974664626SKris Kennaway sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp); 105074664626SKris Kennaway 1051f579bf8eSKris Kennaway return(cipherstack); 105274664626SKris Kennaway } 105374664626SKris Kennaway 105474664626SKris Kennaway char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) 105574664626SKris Kennaway { 105674664626SKris Kennaway int is_export,pkl,kl; 10573b4e3dcbSSimon L. B. Nielsen const char *ver,*exp_str; 10583b4e3dcbSSimon L. B. Nielsen const char *kx,*au,*enc,*mac; 1059f579bf8eSKris Kennaway unsigned long alg,alg2,alg_s; 10605c87c606SMark Murray #ifdef KSSL_DEBUG 10613b4e3dcbSSimon L. B. Nielsen static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n"; 10625c87c606SMark Murray #else 10633b4e3dcbSSimon L. B. Nielsen static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; 10645c87c606SMark Murray #endif /* KSSL_DEBUG */ 106574664626SKris Kennaway 106674664626SKris Kennaway alg=cipher->algorithms; 1067f579bf8eSKris Kennaway alg_s=cipher->algo_strength; 106874664626SKris Kennaway alg2=cipher->algorithm2; 106974664626SKris Kennaway 1070f579bf8eSKris Kennaway is_export=SSL_C_IS_EXPORT(cipher); 1071f579bf8eSKris Kennaway pkl=SSL_C_EXPORT_PKEYLENGTH(cipher); 1072f579bf8eSKris Kennaway kl=SSL_C_EXPORT_KEYLENGTH(cipher); 1073ced566fdSJacques Vidrine exp_str=is_export?" export":""; 107474664626SKris Kennaway 107574664626SKris Kennaway if (alg & SSL_SSLV2) 107674664626SKris Kennaway ver="SSLv2"; 107774664626SKris Kennaway else if (alg & SSL_SSLV3) 107874664626SKris Kennaway ver="SSLv3"; 107974664626SKris Kennaway else 108074664626SKris Kennaway ver="unknown"; 108174664626SKris Kennaway 108274664626SKris Kennaway switch (alg&SSL_MKEY_MASK) 108374664626SKris Kennaway { 108474664626SKris Kennaway case SSL_kRSA: 108574664626SKris Kennaway kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA"; 108674664626SKris Kennaway break; 108774664626SKris Kennaway case SSL_kDHr: 108874664626SKris Kennaway kx="DH/RSA"; 108974664626SKris Kennaway break; 109074664626SKris Kennaway case SSL_kDHd: 109174664626SKris Kennaway kx="DH/DSS"; 109274664626SKris Kennaway break; 10935c87c606SMark Murray case SSL_kKRB5: /* VRS */ 10945c87c606SMark Murray case SSL_KRB5: /* VRS */ 10955c87c606SMark Murray kx="KRB5"; 10965c87c606SMark Murray break; 109774664626SKris Kennaway case SSL_kFZA: 109874664626SKris Kennaway kx="Fortezza"; 109974664626SKris Kennaway break; 110074664626SKris Kennaway case SSL_kEDH: 110174664626SKris Kennaway kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH"; 110274664626SKris Kennaway break; 11033b4e3dcbSSimon L. B. Nielsen case SSL_kECDH: 11043b4e3dcbSSimon L. B. Nielsen case SSL_kECDHE: 11053b4e3dcbSSimon L. B. Nielsen kx=is_export?"ECDH(<=163)":"ECDH"; 11063b4e3dcbSSimon L. B. Nielsen break; 110774664626SKris Kennaway default: 110874664626SKris Kennaway kx="unknown"; 110974664626SKris Kennaway } 111074664626SKris Kennaway 111174664626SKris Kennaway switch (alg&SSL_AUTH_MASK) 111274664626SKris Kennaway { 111374664626SKris Kennaway case SSL_aRSA: 111474664626SKris Kennaway au="RSA"; 111574664626SKris Kennaway break; 111674664626SKris Kennaway case SSL_aDSS: 111774664626SKris Kennaway au="DSS"; 111874664626SKris Kennaway break; 111974664626SKris Kennaway case SSL_aDH: 112074664626SKris Kennaway au="DH"; 112174664626SKris Kennaway break; 11225c87c606SMark Murray case SSL_aKRB5: /* VRS */ 11235c87c606SMark Murray case SSL_KRB5: /* VRS */ 11245c87c606SMark Murray au="KRB5"; 11255c87c606SMark Murray break; 112674664626SKris Kennaway case SSL_aFZA: 112774664626SKris Kennaway case SSL_aNULL: 112874664626SKris Kennaway au="None"; 112974664626SKris Kennaway break; 11303b4e3dcbSSimon L. B. Nielsen case SSL_aECDSA: 11313b4e3dcbSSimon L. B. Nielsen au="ECDSA"; 11323b4e3dcbSSimon L. B. Nielsen break; 113374664626SKris Kennaway default: 113474664626SKris Kennaway au="unknown"; 113574664626SKris Kennaway break; 113674664626SKris Kennaway } 113774664626SKris Kennaway 113874664626SKris Kennaway switch (alg&SSL_ENC_MASK) 113974664626SKris Kennaway { 114074664626SKris Kennaway case SSL_DES: 114174664626SKris Kennaway enc=(is_export && kl == 5)?"DES(40)":"DES(56)"; 114274664626SKris Kennaway break; 114374664626SKris Kennaway case SSL_3DES: 114474664626SKris Kennaway enc="3DES(168)"; 114574664626SKris Kennaway break; 114674664626SKris Kennaway case SSL_RC4: 114774664626SKris Kennaway enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)") 114874664626SKris Kennaway :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)"); 114974664626SKris Kennaway break; 115074664626SKris Kennaway case SSL_RC2: 115174664626SKris Kennaway enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)"; 115274664626SKris Kennaway break; 115374664626SKris Kennaway case SSL_IDEA: 115474664626SKris Kennaway enc="IDEA(128)"; 115574664626SKris Kennaway break; 115674664626SKris Kennaway case SSL_eFZA: 115774664626SKris Kennaway enc="Fortezza"; 115874664626SKris Kennaway break; 115974664626SKris Kennaway case SSL_eNULL: 116074664626SKris Kennaway enc="None"; 116174664626SKris Kennaway break; 11625c87c606SMark Murray case SSL_AES: 11635c87c606SMark Murray switch(cipher->strength_bits) 11645c87c606SMark Murray { 11655c87c606SMark Murray case 128: enc="AES(128)"; break; 11665c87c606SMark Murray case 192: enc="AES(192)"; break; 11675c87c606SMark Murray case 256: enc="AES(256)"; break; 11685c87c606SMark Murray default: enc="AES(?""?""?)"; break; 11695c87c606SMark Murray } 11705c87c606SMark Murray break; 1171ed5d4f9aSSimon L. B. Nielsen case SSL_CAMELLIA: 1172ed5d4f9aSSimon L. B. Nielsen switch(cipher->strength_bits) 1173ed5d4f9aSSimon L. B. Nielsen { 1174ed5d4f9aSSimon L. B. Nielsen case 128: enc="Camellia(128)"; break; 1175ed5d4f9aSSimon L. B. Nielsen case 256: enc="Camellia(256)"; break; 1176ed5d4f9aSSimon L. B. Nielsen default: enc="Camellia(?""?""?)"; break; 1177ed5d4f9aSSimon L. B. Nielsen } 1178ed5d4f9aSSimon L. B. Nielsen break; 1179ed5d4f9aSSimon L. B. Nielsen 118074664626SKris Kennaway default: 118174664626SKris Kennaway enc="unknown"; 118274664626SKris Kennaway break; 118374664626SKris Kennaway } 118474664626SKris Kennaway 118574664626SKris Kennaway switch (alg&SSL_MAC_MASK) 118674664626SKris Kennaway { 118774664626SKris Kennaway case SSL_MD5: 118874664626SKris Kennaway mac="MD5"; 118974664626SKris Kennaway break; 119074664626SKris Kennaway case SSL_SHA1: 119174664626SKris Kennaway mac="SHA1"; 119274664626SKris Kennaway break; 119374664626SKris Kennaway default: 119474664626SKris Kennaway mac="unknown"; 119574664626SKris Kennaway break; 119674664626SKris Kennaway } 119774664626SKris Kennaway 119874664626SKris Kennaway if (buf == NULL) 119974664626SKris Kennaway { 1200ddd58736SKris Kennaway len=128; 1201ddd58736SKris Kennaway buf=OPENSSL_malloc(len); 1202ddd58736SKris Kennaway if (buf == NULL) return("OPENSSL_malloc Error"); 120374664626SKris Kennaway } 120474664626SKris Kennaway else if (len < 128) 120574664626SKris Kennaway return("Buffer too small"); 120674664626SKris Kennaway 12075c87c606SMark Murray #ifdef KSSL_DEBUG 1208ced566fdSJacques Vidrine BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str,alg); 12095c87c606SMark Murray #else 1210ced566fdSJacques Vidrine BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str); 12115c87c606SMark Murray #endif /* KSSL_DEBUG */ 121274664626SKris Kennaway return(buf); 121374664626SKris Kennaway } 121474664626SKris Kennaway 12153b4e3dcbSSimon L. B. Nielsen char *SSL_CIPHER_get_version(const SSL_CIPHER *c) 121674664626SKris Kennaway { 121774664626SKris Kennaway int i; 121874664626SKris Kennaway 121974664626SKris Kennaway if (c == NULL) return("(NONE)"); 122074664626SKris Kennaway i=(int)(c->id>>24L); 122174664626SKris Kennaway if (i == 3) 122274664626SKris Kennaway return("TLSv1/SSLv3"); 122374664626SKris Kennaway else if (i == 2) 122474664626SKris Kennaway return("SSLv2"); 122574664626SKris Kennaway else 122674664626SKris Kennaway return("unknown"); 122774664626SKris Kennaway } 122874664626SKris Kennaway 122974664626SKris Kennaway /* return the actual cipher being used */ 12303b4e3dcbSSimon L. B. Nielsen const char *SSL_CIPHER_get_name(const SSL_CIPHER *c) 123174664626SKris Kennaway { 123274664626SKris Kennaway if (c != NULL) 123374664626SKris Kennaway return(c->name); 123474664626SKris Kennaway return("(NONE)"); 123574664626SKris Kennaway } 123674664626SKris Kennaway 1237f579bf8eSKris Kennaway /* number of bits for symmetric cipher */ 12383b4e3dcbSSimon L. B. Nielsen int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits) 123974664626SKris Kennaway { 1240f579bf8eSKris Kennaway int ret=0; 124174664626SKris Kennaway 124274664626SKris Kennaway if (c != NULL) 124374664626SKris Kennaway { 1244f579bf8eSKris Kennaway if (alg_bits != NULL) *alg_bits = c->alg_bits; 1245f579bf8eSKris Kennaway ret = c->strength_bits; 124674664626SKris Kennaway } 124774664626SKris Kennaway return(ret); 124874664626SKris Kennaway } 124974664626SKris Kennaway 125074664626SKris Kennaway SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n) 125174664626SKris Kennaway { 125274664626SKris Kennaway SSL_COMP *ctmp; 125374664626SKris Kennaway int i,nn; 125474664626SKris Kennaway 125574664626SKris Kennaway if ((n == 0) || (sk == NULL)) return(NULL); 125674664626SKris Kennaway nn=sk_SSL_COMP_num(sk); 125774664626SKris Kennaway for (i=0; i<nn; i++) 125874664626SKris Kennaway { 125974664626SKris Kennaway ctmp=sk_SSL_COMP_value(sk,i); 126074664626SKris Kennaway if (ctmp->id == n) 126174664626SKris Kennaway return(ctmp); 126274664626SKris Kennaway } 126374664626SKris Kennaway return(NULL); 126474664626SKris Kennaway } 126574664626SKris Kennaway 12663b4e3dcbSSimon L. B. Nielsen #ifdef OPENSSL_NO_COMP 12673b4e3dcbSSimon L. B. Nielsen void *SSL_COMP_get_compression_methods(void) 126874664626SKris Kennaway { 12693b4e3dcbSSimon L. B. Nielsen return NULL; 12703b4e3dcbSSimon L. B. Nielsen } 12713b4e3dcbSSimon L. B. Nielsen int SSL_COMP_add_compression_method(int id, void *cm) 12723b4e3dcbSSimon L. B. Nielsen { 12733b4e3dcbSSimon L. B. Nielsen return 1; 127474664626SKris Kennaway } 127574664626SKris Kennaway 12763b4e3dcbSSimon L. B. Nielsen const char *SSL_COMP_get_name(const void *comp) 12773b4e3dcbSSimon L. B. Nielsen { 12783b4e3dcbSSimon L. B. Nielsen return NULL; 12793b4e3dcbSSimon L. B. Nielsen } 12803b4e3dcbSSimon L. B. Nielsen #else 128174664626SKris Kennaway STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) 128274664626SKris Kennaway { 12833b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 128474664626SKris Kennaway return(ssl_comp_methods); 128574664626SKris Kennaway } 128674664626SKris Kennaway 128774664626SKris Kennaway int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) 128874664626SKris Kennaway { 128974664626SKris Kennaway SSL_COMP *comp; 129074664626SKris Kennaway 12915c87c606SMark Murray if (cm == NULL || cm->type == NID_undef) 12925c87c606SMark Murray return 1; 12935c87c606SMark Murray 12943b4e3dcbSSimon L. B. Nielsen /* According to draft-ietf-tls-compression-04.txt, the 12953b4e3dcbSSimon L. B. Nielsen compression number ranges should be the following: 12963b4e3dcbSSimon L. B. Nielsen 12973b4e3dcbSSimon L. B. Nielsen 0 to 63: methods defined by the IETF 12983b4e3dcbSSimon L. B. Nielsen 64 to 192: external party methods assigned by IANA 12993b4e3dcbSSimon L. B. Nielsen 193 to 255: reserved for private use */ 13003b4e3dcbSSimon L. B. Nielsen if (id < 193 || id > 255) 13013b4e3dcbSSimon L. B. Nielsen { 13023b4e3dcbSSimon L. B. Nielsen SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); 13033b4e3dcbSSimon L. B. Nielsen return 0; 13043b4e3dcbSSimon L. B. Nielsen } 13053b4e3dcbSSimon L. B. Nielsen 13065c87c606SMark Murray MemCheck_off(); 1307ddd58736SKris Kennaway comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); 130874664626SKris Kennaway comp->id=id; 130974664626SKris Kennaway comp->method=cm; 13103b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 13113b4e3dcbSSimon L. B. Nielsen if (ssl_comp_methods 13123b4e3dcbSSimon L. B. Nielsen && !sk_SSL_COMP_find(ssl_comp_methods,comp)) 131374664626SKris Kennaway { 13143b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 13153b4e3dcbSSimon L. B. Nielsen MemCheck_on(); 13163b4e3dcbSSimon L. B. Nielsen SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_DUPLICATE_COMPRESSION_ID); 13173b4e3dcbSSimon L. B. Nielsen return(1); 13183b4e3dcbSSimon L. B. Nielsen } 13193b4e3dcbSSimon L. B. Nielsen else if ((ssl_comp_methods == NULL) 13203b4e3dcbSSimon L. B. Nielsen || !sk_SSL_COMP_push(ssl_comp_methods,comp)) 13213b4e3dcbSSimon L. B. Nielsen { 13223b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 13235c87c606SMark Murray MemCheck_on(); 132474664626SKris Kennaway SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE); 1325ced566fdSJacques Vidrine return(1); 132674664626SKris Kennaway } 132774664626SKris Kennaway else 13285c87c606SMark Murray { 13295c87c606SMark Murray MemCheck_on(); 1330ced566fdSJacques Vidrine return(0); 133174664626SKris Kennaway } 13325c87c606SMark Murray } 13333b4e3dcbSSimon L. B. Nielsen 13343b4e3dcbSSimon L. B. Nielsen const char *SSL_COMP_get_name(const COMP_METHOD *comp) 13353b4e3dcbSSimon L. B. Nielsen { 13363b4e3dcbSSimon L. B. Nielsen if (comp) 13373b4e3dcbSSimon L. B. Nielsen return comp->name; 13383b4e3dcbSSimon L. B. Nielsen return NULL; 13393b4e3dcbSSimon L. B. Nielsen } 13403b4e3dcbSSimon L. B. Nielsen 13413b4e3dcbSSimon L. B. Nielsen #endif 1342