174664626SKris Kennaway /* ssl/ssl_ciph.c */ 274664626SKris Kennaway /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 374664626SKris Kennaway * All rights reserved. 474664626SKris Kennaway * 574664626SKris Kennaway * This package is an SSL implementation written 674664626SKris Kennaway * by Eric Young (eay@cryptsoft.com). 774664626SKris Kennaway * The implementation was written so as to conform with Netscapes SSL. 874664626SKris Kennaway * 974664626SKris Kennaway * This library is free for commercial and non-commercial use as long as 1074664626SKris Kennaway * the following conditions are aheared to. The following conditions 1174664626SKris Kennaway * apply to all code found in this distribution, be it the RC4, RSA, 1274664626SKris Kennaway * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1374664626SKris Kennaway * included with this distribution is covered by the same copyright terms 1474664626SKris Kennaway * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1574664626SKris Kennaway * 1674664626SKris Kennaway * Copyright remains Eric Young's, and as such any Copyright notices in 1774664626SKris Kennaway * the code are not to be removed. 1874664626SKris Kennaway * If this package is used in a product, Eric Young should be given attribution 1974664626SKris Kennaway * as the author of the parts of the library used. 2074664626SKris Kennaway * This can be in the form of a textual message at program startup or 2174664626SKris Kennaway * in documentation (online or textual) provided with the package. 2274664626SKris Kennaway * 2374664626SKris Kennaway * Redistribution and use in source and binary forms, with or without 2474664626SKris Kennaway * modification, are permitted provided that the following conditions 2574664626SKris Kennaway * are met: 2674664626SKris Kennaway * 1. Redistributions of source code must retain the copyright 2774664626SKris Kennaway * notice, this list of conditions and the following disclaimer. 2874664626SKris Kennaway * 2. Redistributions in binary form must reproduce the above copyright 2974664626SKris Kennaway * notice, this list of conditions and the following disclaimer in the 3074664626SKris Kennaway * documentation and/or other materials provided with the distribution. 3174664626SKris Kennaway * 3. All advertising materials mentioning features or use of this software 3274664626SKris Kennaway * must display the following acknowledgement: 3374664626SKris Kennaway * "This product includes cryptographic software written by 3474664626SKris Kennaway * Eric Young (eay@cryptsoft.com)" 3574664626SKris Kennaway * The word 'cryptographic' can be left out if the rouines from the library 3674664626SKris Kennaway * being used are not cryptographic related :-). 3774664626SKris Kennaway * 4. If you include any Windows specific code (or a derivative thereof) from 3874664626SKris Kennaway * the apps directory (application code) you must include an acknowledgement: 3974664626SKris Kennaway * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4074664626SKris Kennaway * 4174664626SKris Kennaway * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4274664626SKris Kennaway * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4374664626SKris Kennaway * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4474664626SKris Kennaway * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4574664626SKris Kennaway * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4674664626SKris Kennaway * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4774664626SKris Kennaway * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4874664626SKris Kennaway * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4974664626SKris Kennaway * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5074664626SKris Kennaway * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5174664626SKris Kennaway * SUCH DAMAGE. 5274664626SKris Kennaway * 5374664626SKris Kennaway * The licence and distribution terms for any publically available version or 5474664626SKris Kennaway * derivative of this code cannot be changed. i.e. this code cannot simply be 5574664626SKris Kennaway * copied and put under another distribution licence 5674664626SKris Kennaway * [including the GNU Public Licence.] 5774664626SKris Kennaway */ 583b4e3dcbSSimon L. B. Nielsen /* ==================================================================== 591f13597dSJung-uk Kim * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60ed5d4f9aSSimon L. B. Nielsen * 61ed5d4f9aSSimon L. B. Nielsen * Redistribution and use in source and binary forms, with or without 62ed5d4f9aSSimon L. B. Nielsen * modification, are permitted provided that the following conditions 63ed5d4f9aSSimon L. B. Nielsen * are met: 64ed5d4f9aSSimon L. B. Nielsen * 65ed5d4f9aSSimon L. B. Nielsen * 1. Redistributions of source code must retain the above copyright 66ed5d4f9aSSimon L. B. Nielsen * notice, this list of conditions and the following disclaimer. 67ed5d4f9aSSimon L. B. Nielsen * 68ed5d4f9aSSimon L. B. Nielsen * 2. Redistributions in binary form must reproduce the above copyright 69ed5d4f9aSSimon L. B. Nielsen * notice, this list of conditions and the following disclaimer in 70ed5d4f9aSSimon L. B. Nielsen * the documentation and/or other materials provided with the 71ed5d4f9aSSimon L. B. Nielsen * distribution. 72ed5d4f9aSSimon L. B. Nielsen * 73ed5d4f9aSSimon L. B. Nielsen * 3. All advertising materials mentioning features or use of this 74ed5d4f9aSSimon L. B. Nielsen * software must display the following acknowledgment: 75ed5d4f9aSSimon L. B. Nielsen * "This product includes software developed by the OpenSSL Project 76ed5d4f9aSSimon L. B. Nielsen * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77ed5d4f9aSSimon L. B. Nielsen * 78ed5d4f9aSSimon L. B. Nielsen * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79ed5d4f9aSSimon L. B. Nielsen * endorse or promote products derived from this software without 80ed5d4f9aSSimon L. B. Nielsen * prior written permission. For written permission, please contact 81ed5d4f9aSSimon L. B. Nielsen * openssl-core@openssl.org. 82ed5d4f9aSSimon L. B. Nielsen * 83ed5d4f9aSSimon L. B. Nielsen * 5. Products derived from this software may not be called "OpenSSL" 84ed5d4f9aSSimon L. B. Nielsen * nor may "OpenSSL" appear in their names without prior written 85ed5d4f9aSSimon L. B. Nielsen * permission of the OpenSSL Project. 86ed5d4f9aSSimon L. B. Nielsen * 87ed5d4f9aSSimon L. B. Nielsen * 6. Redistributions of any form whatsoever must retain the following 88ed5d4f9aSSimon L. B. Nielsen * acknowledgment: 89ed5d4f9aSSimon L. B. Nielsen * "This product includes software developed by the OpenSSL Project 90ed5d4f9aSSimon L. B. Nielsen * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91ed5d4f9aSSimon L. B. Nielsen * 92ed5d4f9aSSimon L. B. Nielsen * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93ed5d4f9aSSimon L. B. Nielsen * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94ed5d4f9aSSimon L. B. Nielsen * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95ed5d4f9aSSimon L. B. Nielsen * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96ed5d4f9aSSimon L. B. Nielsen * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97ed5d4f9aSSimon L. B. Nielsen * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98ed5d4f9aSSimon L. B. Nielsen * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99ed5d4f9aSSimon L. B. Nielsen * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100ed5d4f9aSSimon L. B. Nielsen * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101ed5d4f9aSSimon L. B. Nielsen * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102ed5d4f9aSSimon L. B. Nielsen * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103ed5d4f9aSSimon L. B. Nielsen * OF THE POSSIBILITY OF SUCH DAMAGE. 104ed5d4f9aSSimon L. B. Nielsen * ==================================================================== 105ed5d4f9aSSimon L. B. Nielsen * 106ed5d4f9aSSimon L. B. Nielsen * This product includes cryptographic software written by Eric Young 107ed5d4f9aSSimon L. B. Nielsen * (eay@cryptsoft.com). This product includes software written by Tim 108ed5d4f9aSSimon L. B. Nielsen * Hudson (tjh@cryptsoft.com). 109ed5d4f9aSSimon L. B. Nielsen * 110ed5d4f9aSSimon L. B. Nielsen */ 111ed5d4f9aSSimon L. B. Nielsen /* ==================================================================== 1123b4e3dcbSSimon L. B. Nielsen * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 1133b4e3dcbSSimon L. B. Nielsen * ECC cipher suite support in OpenSSL originally developed by 1143b4e3dcbSSimon L. B. Nielsen * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 1153b4e3dcbSSimon L. B. Nielsen */ 1161f13597dSJung-uk Kim /* ==================================================================== 1171f13597dSJung-uk Kim * Copyright 2005 Nokia. All rights reserved. 1181f13597dSJung-uk Kim * 1191f13597dSJung-uk Kim * The portions of the attached software ("Contribution") is developed by 1201f13597dSJung-uk Kim * Nokia Corporation and is licensed pursuant to the OpenSSL open source 1211f13597dSJung-uk Kim * license. 1221f13597dSJung-uk Kim * 1231f13597dSJung-uk Kim * The Contribution, originally written by Mika Kousa and Pasi Eronen of 1241f13597dSJung-uk Kim * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 1251f13597dSJung-uk Kim * support (see RFC 4279) to OpenSSL. 1261f13597dSJung-uk Kim * 1271f13597dSJung-uk Kim * No patent licenses or other rights except those expressly stated in 1281f13597dSJung-uk Kim * the OpenSSL open source license shall be deemed granted or received 1291f13597dSJung-uk Kim * expressly, by implication, estoppel, or otherwise. 1301f13597dSJung-uk Kim * 1311f13597dSJung-uk Kim * No assurances are provided by Nokia that the Contribution does not 1321f13597dSJung-uk Kim * infringe the patent or other intellectual property rights of any third 1331f13597dSJung-uk Kim * party or that the license provides you with all the necessary rights 1341f13597dSJung-uk Kim * to make use of the Contribution. 1351f13597dSJung-uk Kim * 1361f13597dSJung-uk Kim * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 1371f13597dSJung-uk Kim * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 1381f13597dSJung-uk Kim * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 1391f13597dSJung-uk Kim * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 1401f13597dSJung-uk Kim * OTHERWISE. 1411f13597dSJung-uk Kim */ 1421f13597dSJung-uk Kim 14374664626SKris Kennaway #include <stdio.h> 14474664626SKris Kennaway #include <openssl/objects.h> 145db522d3aSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 14674664626SKris Kennaway # include <openssl/comp.h> 147db522d3aSSimon L. B. Nielsen #endif 1481f13597dSJung-uk Kim #ifndef OPENSSL_NO_ENGINE 1491f13597dSJung-uk Kim # include <openssl/engine.h> 1501f13597dSJung-uk Kim #endif 15174664626SKris Kennaway #include "ssl_locl.h" 15274664626SKris Kennaway 15374664626SKris Kennaway #define SSL_ENC_DES_IDX 0 15474664626SKris Kennaway #define SSL_ENC_3DES_IDX 1 15574664626SKris Kennaway #define SSL_ENC_RC4_IDX 2 15674664626SKris Kennaway #define SSL_ENC_RC2_IDX 3 15774664626SKris Kennaway #define SSL_ENC_IDEA_IDX 4 1581f13597dSJung-uk Kim #define SSL_ENC_NULL_IDX 5 1591f13597dSJung-uk Kim #define SSL_ENC_AES128_IDX 6 1601f13597dSJung-uk Kim #define SSL_ENC_AES256_IDX 7 1611f13597dSJung-uk Kim #define SSL_ENC_CAMELLIA128_IDX 8 1621f13597dSJung-uk Kim #define SSL_ENC_CAMELLIA256_IDX 9 1631f13597dSJung-uk Kim #define SSL_ENC_GOST89_IDX 10 164db522d3aSSimon L. B. Nielsen #define SSL_ENC_SEED_IDX 11 1651f13597dSJung-uk Kim #define SSL_ENC_AES128GCM_IDX 12 1661f13597dSJung-uk Kim #define SSL_ENC_AES256GCM_IDX 13 1671f13597dSJung-uk Kim #define SSL_ENC_NUM_IDX 14 168ed5d4f9aSSimon L. B. Nielsen 16974664626SKris Kennaway static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = { 1706f9291ceSJung-uk Kim NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 1716f9291ceSJung-uk Kim NULL, NULL 17274664626SKris Kennaway }; 17374664626SKris Kennaway 1743b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_NULL_IDX 0 1753b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_ZLIB_IDX 1 1763b4e3dcbSSimon L. B. Nielsen #define SSL_COMP_NUM_IDX 2 1773b4e3dcbSSimon L. B. Nielsen 17874664626SKris Kennaway static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; 17974664626SKris Kennaway 18074664626SKris Kennaway #define SSL_MD_MD5_IDX 0 18174664626SKris Kennaway #define SSL_MD_SHA1_IDX 1 1821f13597dSJung-uk Kim #define SSL_MD_GOST94_IDX 2 1831f13597dSJung-uk Kim #define SSL_MD_GOST89MAC_IDX 3 1841f13597dSJung-uk Kim #define SSL_MD_SHA256_IDX 4 1851f13597dSJung-uk Kim #define SSL_MD_SHA384_IDX 5 1866f9291ceSJung-uk Kim /* 1876f9291ceSJung-uk Kim * Constant SSL_MAX_DIGEST equal to size of digests array should be defined 1886f9291ceSJung-uk Kim * in the ssl_locl.h 1896f9291ceSJung-uk Kim */ 1901f13597dSJung-uk Kim #define SSL_MD_NUM_IDX SSL_MAX_DIGEST 19174664626SKris Kennaway static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = { 1921f13597dSJung-uk Kim NULL, NULL, NULL, NULL, NULL, NULL 1931f13597dSJung-uk Kim }; 1946f9291ceSJung-uk Kim 1956f9291ceSJung-uk Kim /* 1966f9291ceSJung-uk Kim * PKEY_TYPE for GOST89MAC is known in advance, but, because implementation 1976f9291ceSJung-uk Kim * is engine-provided, we'll fill it only if corresponding EVP_PKEY_METHOD is 1986f9291ceSJung-uk Kim * found 1991f13597dSJung-uk Kim */ 2001f13597dSJung-uk Kim static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = { 2011f13597dSJung-uk Kim EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef, 2021f13597dSJung-uk Kim EVP_PKEY_HMAC, EVP_PKEY_HMAC 2031f13597dSJung-uk Kim }; 2041f13597dSJung-uk Kim 2051f13597dSJung-uk Kim static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = { 2061f13597dSJung-uk Kim 0, 0, 0, 0, 0, 0 2071f13597dSJung-uk Kim }; 2081f13597dSJung-uk Kim 2091f13597dSJung-uk Kim static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = { 2101f13597dSJung-uk Kim SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA, 2111f13597dSJung-uk Kim SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256, 2121f13597dSJung-uk Kim SSL_HANDSHAKE_MAC_SHA384 21374664626SKris Kennaway }; 21474664626SKris Kennaway 21574664626SKris Kennaway #define CIPHER_ADD 1 21674664626SKris Kennaway #define CIPHER_KILL 2 21774664626SKris Kennaway #define CIPHER_DEL 3 21874664626SKris Kennaway #define CIPHER_ORD 4 219f579bf8eSKris Kennaway #define CIPHER_SPECIAL 5 22074664626SKris Kennaway 2216f9291ceSJung-uk Kim typedef struct cipher_order_st { 2221f13597dSJung-uk Kim const SSL_CIPHER *cipher; 22374664626SKris Kennaway int active; 22474664626SKris Kennaway int dead; 22574664626SKris Kennaway struct cipher_order_st *next, *prev; 22674664626SKris Kennaway } CIPHER_ORDER; 22774664626SKris Kennaway 228f579bf8eSKris Kennaway static const SSL_CIPHER cipher_aliases[] = { 2291f13597dSJung-uk Kim /* "ALL" doesn't include eNULL (must be specifically enabled) */ 2301f13597dSJung-uk Kim {0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, 0}, 2311f13597dSJung-uk Kim /* "COMPLEMENTOFALL" */ 2321f13597dSJung-uk Kim {0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0}, 23374664626SKris Kennaway 2346f9291ceSJung-uk Kim /* 2356f9291ceSJung-uk Kim * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in 2366f9291ceSJung-uk Kim * ALL!) 2376f9291ceSJung-uk Kim */ 238b8721c16SJung-uk Kim {0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0}, 23974664626SKris Kennaway 2406f9291ceSJung-uk Kim /* 2416f9291ceSJung-uk Kim * key exchange aliases (some of those using only a single bit here 2426f9291ceSJung-uk Kim * combine multiple key exchange algs according to the RFCs, e.g. kEDH 2436f9291ceSJung-uk Kim * combines DHE_DSS and DHE_RSA) 2446f9291ceSJung-uk Kim */ 2451f13597dSJung-uk Kim {0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, 0, 0, 0, 0}, 24674664626SKris Kennaway 2476f9291ceSJung-uk Kim {0, SSL_TXT_kDHr, 0, SSL_kDHr, 0, 0, 0, 0, 0, 0, 0, 0}, 2486f9291ceSJung-uk Kim {0, SSL_TXT_kDHd, 0, SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0}, 2496f9291ceSJung-uk Kim {0, SSL_TXT_kDH, 0, SSL_kDHr | SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0}, 2501f13597dSJung-uk Kim {0, SSL_TXT_kEDH, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0}, 2517bded2dbSJung-uk Kim {0, SSL_TXT_kDHE, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0}, 2526f9291ceSJung-uk Kim {0, SSL_TXT_DH, 0, SSL_kDHr | SSL_kDHd | SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 2536f9291ceSJung-uk Kim 0}, 25474664626SKris Kennaway 2551f13597dSJung-uk Kim {0, SSL_TXT_kKRB5, 0, SSL_kKRB5, 0, 0, 0, 0, 0, 0, 0, 0}, 256f579bf8eSKris Kennaway 2571f13597dSJung-uk Kim {0, SSL_TXT_kECDHr, 0, SSL_kECDHr, 0, 0, 0, 0, 0, 0, 0, 0}, 2581f13597dSJung-uk Kim {0, SSL_TXT_kECDHe, 0, SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0}, 2591f13597dSJung-uk Kim {0, SSL_TXT_kECDH, 0, SSL_kECDHr | SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0}, 2601f13597dSJung-uk Kim {0, SSL_TXT_kEECDH, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0}, 2617bded2dbSJung-uk Kim {0, SSL_TXT_kECDHE, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0}, 2626f9291ceSJung-uk Kim {0, SSL_TXT_ECDH, 0, SSL_kECDHr | SSL_kECDHe | SSL_kEECDH, 0, 0, 0, 0, 0, 2636f9291ceSJung-uk Kim 0, 0, 0}, 2641f13597dSJung-uk Kim 2651f13597dSJung-uk Kim {0, SSL_TXT_kPSK, 0, SSL_kPSK, 0, 0, 0, 0, 0, 0, 0, 0}, 2661f13597dSJung-uk Kim {0, SSL_TXT_kSRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0}, 2671f13597dSJung-uk Kim {0, SSL_TXT_kGOST, 0, SSL_kGOST, 0, 0, 0, 0, 0, 0, 0, 0}, 2681f13597dSJung-uk Kim 2691f13597dSJung-uk Kim /* server authentication aliases */ 2701f13597dSJung-uk Kim {0, SSL_TXT_aRSA, 0, 0, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0}, 2711f13597dSJung-uk Kim {0, SSL_TXT_aDSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0}, 2721f13597dSJung-uk Kim {0, SSL_TXT_DSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0}, 2731f13597dSJung-uk Kim {0, SSL_TXT_aKRB5, 0, 0, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0}, 2741f13597dSJung-uk Kim {0, SSL_TXT_aNULL, 0, 0, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2756f9291ceSJung-uk Kim /* no such ciphersuites supported! */ 2766f9291ceSJung-uk Kim {0, SSL_TXT_aDH, 0, 0, SSL_aDH, 0, 0, 0, 0, 0, 0, 0}, 2771f13597dSJung-uk Kim {0, SSL_TXT_aECDH, 0, 0, SSL_aECDH, 0, 0, 0, 0, 0, 0, 0}, 2781f13597dSJung-uk Kim {0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0}, 2791f13597dSJung-uk Kim {0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0}, 2801f13597dSJung-uk Kim {0, SSL_TXT_aPSK, 0, 0, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0}, 2811f13597dSJung-uk Kim {0, SSL_TXT_aGOST94, 0, 0, SSL_aGOST94, 0, 0, 0, 0, 0, 0, 0}, 2821f13597dSJung-uk Kim {0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0}, 2831f13597dSJung-uk Kim {0, SSL_TXT_aGOST, 0, 0, SSL_aGOST94 | SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0}, 284a93cbc2bSJung-uk Kim {0, SSL_TXT_aSRP, 0, 0, SSL_aSRP, 0, 0, 0, 0, 0, 0, 0}, 2851f13597dSJung-uk Kim 2861f13597dSJung-uk Kim /* aliases combining key exchange and server authentication */ 2871f13597dSJung-uk Kim {0, SSL_TXT_EDH, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2887bded2dbSJung-uk Kim {0, SSL_TXT_DHE, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2891f13597dSJung-uk Kim {0, SSL_TXT_EECDH, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2907bded2dbSJung-uk Kim {0, SSL_TXT_ECDHE, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2911f13597dSJung-uk Kim {0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0}, 2921f13597dSJung-uk Kim {0, SSL_TXT_KRB5, 0, SSL_kKRB5, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0}, 2931f13597dSJung-uk Kim {0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0}, 2941f13597dSJung-uk Kim {0, SSL_TXT_ADH, 0, SSL_kEDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2951f13597dSJung-uk Kim {0, SSL_TXT_AECDH, 0, SSL_kEECDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0}, 2961f13597dSJung-uk Kim {0, SSL_TXT_PSK, 0, SSL_kPSK, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0}, 2971f13597dSJung-uk Kim {0, SSL_TXT_SRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0}, 2981f13597dSJung-uk Kim 2991f13597dSJung-uk Kim /* symmetric encryption aliases */ 3001f13597dSJung-uk Kim {0, SSL_TXT_DES, 0, 0, 0, SSL_DES, 0, 0, 0, 0, 0, 0}, 3011f13597dSJung-uk Kim {0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES, 0, 0, 0, 0, 0, 0}, 3021f13597dSJung-uk Kim {0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4, 0, 0, 0, 0, 0, 0}, 3031f13597dSJung-uk Kim {0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2, 0, 0, 0, 0, 0, 0}, 3041f13597dSJung-uk Kim {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0}, 3051f13597dSJung-uk Kim {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0}, 3061f13597dSJung-uk Kim {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0}, 3076f9291ceSJung-uk Kim {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0, 3086f9291ceSJung-uk Kim 0}, 3096f9291ceSJung-uk Kim {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0, 3106f9291ceSJung-uk Kim 0}, 3111f13597dSJung-uk Kim {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0}, 3126f9291ceSJung-uk Kim {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0, 3136f9291ceSJung-uk Kim 0, 0}, 3141f13597dSJung-uk Kim {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0}, 3151f13597dSJung-uk Kim {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0}, 3166f9291ceSJung-uk Kim {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0, 3176f9291ceSJung-uk Kim 0, 0, 0}, 3181f13597dSJung-uk Kim 3191f13597dSJung-uk Kim /* MAC aliases */ 3201f13597dSJung-uk Kim {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0}, 3211f13597dSJung-uk Kim {0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0}, 3221f13597dSJung-uk Kim {0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0}, 3231f13597dSJung-uk Kim {0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94, 0, 0, 0, 0, 0}, 3241f13597dSJung-uk Kim {0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC, 0, 0, 0, 0, 0}, 3251f13597dSJung-uk Kim {0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256, 0, 0, 0, 0, 0}, 3261f13597dSJung-uk Kim {0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384, 0, 0, 0, 0, 0}, 3271f13597dSJung-uk Kim 3281f13597dSJung-uk Kim /* protocol version aliases */ 3291f13597dSJung-uk Kim {0, SSL_TXT_SSLV2, 0, 0, 0, 0, 0, SSL_SSLV2, 0, 0, 0, 0}, 3301f13597dSJung-uk Kim {0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL_SSLV3, 0, 0, 0, 0}, 3311f13597dSJung-uk Kim {0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, SSL_TLSV1, 0, 0, 0, 0}, 33209286989SJung-uk Kim {0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, SSL_TLSV1_2, 0, 0, 0, 0}, 3331f13597dSJung-uk Kim 3341f13597dSJung-uk Kim /* export flag */ 3351f13597dSJung-uk Kim {0, SSL_TXT_EXP, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0}, 3361f13597dSJung-uk Kim {0, SSL_TXT_EXPORT, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0}, 3371f13597dSJung-uk Kim 3381f13597dSJung-uk Kim /* strength classes */ 3391f13597dSJung-uk Kim {0, SSL_TXT_EXP40, 0, 0, 0, 0, 0, 0, SSL_EXP40, 0, 0, 0}, 3401f13597dSJung-uk Kim {0, SSL_TXT_EXP56, 0, 0, 0, 0, 0, 0, SSL_EXP56, 0, 0, 0}, 3411f13597dSJung-uk Kim {0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, SSL_LOW, 0, 0, 0}, 3421f13597dSJung-uk Kim {0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, SSL_MEDIUM, 0, 0, 0}, 3431f13597dSJung-uk Kim {0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, SSL_HIGH, 0, 0, 0}, 3441f13597dSJung-uk Kim /* FIPS 140-2 approved ciphersuite */ 3451f13597dSJung-uk Kim {0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_FIPS, 0, 0, 0}, 3467bded2dbSJung-uk Kim /* "DHE-" aliases to "EDH-" labels (for forward compatibility) */ 3477bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_DSS_DES_40_CBC_SHA, 0, 3487bded2dbSJung-uk Kim SSL_kDHE, SSL_aDSS, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_EXPORT | SSL_EXP40, 3497bded2dbSJung-uk Kim 0, 0, 0,}, 3507bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_DSS_DES_64_CBC_SHA, 0, 3517bded2dbSJung-uk Kim SSL_kDHE, SSL_aDSS, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP | SSL_LOW, 3527bded2dbSJung-uk Kim 0, 0, 0,}, 3537bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA, 0, 3547bded2dbSJung-uk Kim SSL_kDHE, SSL_aDSS, SSL_3DES, SSL_SHA1, SSL_SSLV3, 3557bded2dbSJung-uk Kim SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 0, 0, 0,}, 3567bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_RSA_DES_40_CBC_SHA, 0, 3577bded2dbSJung-uk Kim SSL_kDHE, SSL_aRSA, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_EXPORT | SSL_EXP40, 3587bded2dbSJung-uk Kim 0, 0, 0,}, 3597bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_RSA_DES_64_CBC_SHA, 0, 3607bded2dbSJung-uk Kim SSL_kDHE, SSL_aRSA, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP | SSL_LOW, 3617bded2dbSJung-uk Kim 0, 0, 0,}, 3627bded2dbSJung-uk Kim {0, SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA, 0, 3637bded2dbSJung-uk Kim SSL_kDHE, SSL_aRSA, SSL_3DES, SSL_SHA1, SSL_SSLV3, 3647bded2dbSJung-uk Kim SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 0, 0, 0,}, 36574664626SKris Kennaway }; 3666f9291ceSJung-uk Kim 3676f9291ceSJung-uk Kim /* 3686f9291ceSJung-uk Kim * Search for public key algorithm with given name and return its pkey_id if 3696f9291ceSJung-uk Kim * it is available. Otherwise return 0 3701f13597dSJung-uk Kim */ 3711f13597dSJung-uk Kim #ifdef OPENSSL_NO_ENGINE 3721f13597dSJung-uk Kim 3731f13597dSJung-uk Kim static int get_optional_pkey_id(const char *pkey_name) 3741f13597dSJung-uk Kim { 3751f13597dSJung-uk Kim const EVP_PKEY_ASN1_METHOD *ameth; 3761f13597dSJung-uk Kim int pkey_id = 0; 3771f13597dSJung-uk Kim ameth = EVP_PKEY_asn1_find_str(NULL, pkey_name, -1); 37880815a77SJung-uk Kim if (ameth && EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, 37980815a77SJung-uk Kim ameth) > 0) { 3801f13597dSJung-uk Kim return pkey_id; 3811f13597dSJung-uk Kim } 38280815a77SJung-uk Kim return 0; 38380815a77SJung-uk Kim } 3841f13597dSJung-uk Kim 3851f13597dSJung-uk Kim #else 3861f13597dSJung-uk Kim 3871f13597dSJung-uk Kim static int get_optional_pkey_id(const char *pkey_name) 3881f13597dSJung-uk Kim { 3891f13597dSJung-uk Kim const EVP_PKEY_ASN1_METHOD *ameth; 3901f13597dSJung-uk Kim ENGINE *tmpeng = NULL; 3911f13597dSJung-uk Kim int pkey_id = 0; 3921f13597dSJung-uk Kim ameth = EVP_PKEY_asn1_find_str(&tmpeng, pkey_name, -1); 3936f9291ceSJung-uk Kim if (ameth) { 39480815a77SJung-uk Kim if (EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, 39580815a77SJung-uk Kim ameth) <= 0) 39680815a77SJung-uk Kim pkey_id = 0; 3971f13597dSJung-uk Kim } 3986f9291ceSJung-uk Kim if (tmpeng) 3996f9291ceSJung-uk Kim ENGINE_finish(tmpeng); 4001f13597dSJung-uk Kim return pkey_id; 4011f13597dSJung-uk Kim } 4021f13597dSJung-uk Kim 4031f13597dSJung-uk Kim #endif 40474664626SKris Kennaway 4053b4e3dcbSSimon L. B. Nielsen void ssl_load_ciphers(void) 40674664626SKris Kennaway { 4076f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_DES_IDX] = EVP_get_cipherbyname(SN_des_cbc); 40874664626SKris Kennaway ssl_cipher_methods[SSL_ENC_3DES_IDX] = 40974664626SKris Kennaway EVP_get_cipherbyname(SN_des_ede3_cbc); 4106f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_RC4_IDX] = EVP_get_cipherbyname(SN_rc4); 4116f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_RC2_IDX] = EVP_get_cipherbyname(SN_rc2_cbc); 412ced566fdSJacques Vidrine #ifndef OPENSSL_NO_IDEA 4136f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_IDEA_IDX] = EVP_get_cipherbyname(SN_idea_cbc); 414ced566fdSJacques Vidrine #else 415ced566fdSJacques Vidrine ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL; 416ced566fdSJacques Vidrine #endif 4175c87c606SMark Murray ssl_cipher_methods[SSL_ENC_AES128_IDX] = 4185c87c606SMark Murray EVP_get_cipherbyname(SN_aes_128_cbc); 4195c87c606SMark Murray ssl_cipher_methods[SSL_ENC_AES256_IDX] = 4205c87c606SMark Murray EVP_get_cipherbyname(SN_aes_256_cbc); 421ed5d4f9aSSimon L. B. Nielsen ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] = 422ed5d4f9aSSimon L. B. Nielsen EVP_get_cipherbyname(SN_camellia_128_cbc); 423ed5d4f9aSSimon L. B. Nielsen ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] = 424ed5d4f9aSSimon L. B. Nielsen EVP_get_cipherbyname(SN_camellia_256_cbc); 4251f13597dSJung-uk Kim ssl_cipher_methods[SSL_ENC_GOST89_IDX] = 4261f13597dSJung-uk Kim EVP_get_cipherbyname(SN_gost89_cnt); 4276f9291ceSJung-uk Kim ssl_cipher_methods[SSL_ENC_SEED_IDX] = EVP_get_cipherbyname(SN_seed_cbc); 42874664626SKris Kennaway 4291f13597dSJung-uk Kim ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] = 4301f13597dSJung-uk Kim EVP_get_cipherbyname(SN_aes_128_gcm); 4311f13597dSJung-uk Kim ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] = 4321f13597dSJung-uk Kim EVP_get_cipherbyname(SN_aes_256_gcm); 4331f13597dSJung-uk Kim 4346f9291ceSJung-uk Kim ssl_digest_methods[SSL_MD_MD5_IDX] = EVP_get_digestbyname(SN_md5); 4351f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_MD5_IDX] = 4361f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]); 4371f13597dSJung-uk Kim OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0); 4386f9291ceSJung-uk Kim ssl_digest_methods[SSL_MD_SHA1_IDX] = EVP_get_digestbyname(SN_sha1); 4391f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_SHA1_IDX] = 4401f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]); 4411f13597dSJung-uk Kim OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0); 4421f13597dSJung-uk Kim ssl_digest_methods[SSL_MD_GOST94_IDX] = 4431f13597dSJung-uk Kim EVP_get_digestbyname(SN_id_GostR3411_94); 4446f9291ceSJung-uk Kim if (ssl_digest_methods[SSL_MD_GOST94_IDX]) { 4451f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_GOST94_IDX] = 4461f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]); 4471f13597dSJung-uk Kim OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0); 4481f13597dSJung-uk Kim } 4491f13597dSJung-uk Kim ssl_digest_methods[SSL_MD_GOST89MAC_IDX] = 4501f13597dSJung-uk Kim EVP_get_digestbyname(SN_id_Gost28147_89_MAC); 4511f13597dSJung-uk Kim ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac"); 4521f13597dSJung-uk Kim if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) { 4531f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32; 45474664626SKris Kennaway } 45574664626SKris Kennaway 4566f9291ceSJung-uk Kim ssl_digest_methods[SSL_MD_SHA256_IDX] = EVP_get_digestbyname(SN_sha256); 4571f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_SHA256_IDX] = 4581f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]); 4596f9291ceSJung-uk Kim ssl_digest_methods[SSL_MD_SHA384_IDX] = EVP_get_digestbyname(SN_sha384); 4601f13597dSJung-uk Kim ssl_mac_secret_size[SSL_MD_SHA384_IDX] = 4611f13597dSJung-uk Kim EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]); 4621f13597dSJung-uk Kim } 4636f9291ceSJung-uk Kim 4643b4e3dcbSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 4653b4e3dcbSSimon L. B. Nielsen 4666f9291ceSJung-uk Kim static int sk_comp_cmp(const SSL_COMP *const *a, const SSL_COMP *const *b) 4673b4e3dcbSSimon L. B. Nielsen { 4683b4e3dcbSSimon L. B. Nielsen return ((*a)->id - (*b)->id); 4693b4e3dcbSSimon L. B. Nielsen } 4703b4e3dcbSSimon L. B. Nielsen 4713b4e3dcbSSimon L. B. Nielsen static void load_builtin_compressions(void) 4723b4e3dcbSSimon L. B. Nielsen { 473ed5d4f9aSSimon L. B. Nielsen int got_write_lock = 0; 4743b4e3dcbSSimon L. B. Nielsen 475ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_lock(CRYPTO_LOCK_SSL); 4766f9291ceSJung-uk Kim if (ssl_comp_methods == NULL) { 477ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_unlock(CRYPTO_LOCK_SSL); 4783b4e3dcbSSimon L. B. Nielsen CRYPTO_w_lock(CRYPTO_LOCK_SSL); 479ed5d4f9aSSimon L. B. Nielsen got_write_lock = 1; 480ed5d4f9aSSimon L. B. Nielsen 4816f9291ceSJung-uk Kim if (ssl_comp_methods == NULL) { 4823b4e3dcbSSimon L. B. Nielsen SSL_COMP *comp = NULL; 4833b4e3dcbSSimon L. B. Nielsen 4843b4e3dcbSSimon L. B. Nielsen MemCheck_off(); 4853b4e3dcbSSimon L. B. Nielsen ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp); 4866f9291ceSJung-uk Kim if (ssl_comp_methods != NULL) { 4873b4e3dcbSSimon L. B. Nielsen comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); 4886f9291ceSJung-uk Kim if (comp != NULL) { 4893b4e3dcbSSimon L. B. Nielsen comp->method = COMP_zlib(); 4906f9291ceSJung-uk Kim if (comp->method && comp->method->type == NID_undef) 4913b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 4926f9291ceSJung-uk Kim else { 4933b4e3dcbSSimon L. B. Nielsen comp->id = SSL_COMP_ZLIB_IDX; 4943b4e3dcbSSimon L. B. Nielsen comp->name = comp->method->name; 4953b4e3dcbSSimon L. B. Nielsen sk_SSL_COMP_push(ssl_comp_methods, comp); 4963b4e3dcbSSimon L. B. Nielsen } 4973b4e3dcbSSimon L. B. Nielsen } 49812de4ed2SJung-uk Kim sk_SSL_COMP_sort(ssl_comp_methods); 4993b4e3dcbSSimon L. B. Nielsen } 5003b4e3dcbSSimon L. B. Nielsen MemCheck_on(); 5013b4e3dcbSSimon L. B. Nielsen } 502ed5d4f9aSSimon L. B. Nielsen } 503ed5d4f9aSSimon L. B. Nielsen 504ed5d4f9aSSimon L. B. Nielsen if (got_write_lock) 5053b4e3dcbSSimon L. B. Nielsen CRYPTO_w_unlock(CRYPTO_LOCK_SSL); 506ed5d4f9aSSimon L. B. Nielsen else 507ed5d4f9aSSimon L. B. Nielsen CRYPTO_r_unlock(CRYPTO_LOCK_SSL); 5083b4e3dcbSSimon L. B. Nielsen } 5093b4e3dcbSSimon L. B. Nielsen #endif 5103b4e3dcbSSimon L. B. Nielsen 5113b4e3dcbSSimon L. B. Nielsen int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, 5126f9291ceSJung-uk Kim const EVP_MD **md, int *mac_pkey_type, 5136f9291ceSJung-uk Kim int *mac_secret_size, SSL_COMP **comp) 51474664626SKris Kennaway { 51574664626SKris Kennaway int i; 5161f13597dSJung-uk Kim const SSL_CIPHER *c; 51774664626SKris Kennaway 51874664626SKris Kennaway c = s->cipher; 5196f9291ceSJung-uk Kim if (c == NULL) 5206f9291ceSJung-uk Kim return (0); 5216f9291ceSJung-uk Kim if (comp != NULL) { 52274664626SKris Kennaway SSL_COMP ctmp; 5233b4e3dcbSSimon L. B. Nielsen #ifndef OPENSSL_NO_COMP 5243b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 5253b4e3dcbSSimon L. B. Nielsen #endif 52674664626SKris Kennaway 52774664626SKris Kennaway *comp = NULL; 52874664626SKris Kennaway ctmp.id = s->compress_meth; 5296f9291ceSJung-uk Kim if (ssl_comp_methods != NULL) { 53074664626SKris Kennaway i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp); 53174664626SKris Kennaway if (i >= 0) 53274664626SKris Kennaway *comp = sk_SSL_COMP_value(ssl_comp_methods, i); 53374664626SKris Kennaway else 53474664626SKris Kennaway *comp = NULL; 53574664626SKris Kennaway } 53674664626SKris Kennaway } 53774664626SKris Kennaway 5386f9291ceSJung-uk Kim if ((enc == NULL) || (md == NULL)) 5396f9291ceSJung-uk Kim return (0); 54074664626SKris Kennaway 5416f9291ceSJung-uk Kim switch (c->algorithm_enc) { 54274664626SKris Kennaway case SSL_DES: 54374664626SKris Kennaway i = SSL_ENC_DES_IDX; 54474664626SKris Kennaway break; 54574664626SKris Kennaway case SSL_3DES: 54674664626SKris Kennaway i = SSL_ENC_3DES_IDX; 54774664626SKris Kennaway break; 54874664626SKris Kennaway case SSL_RC4: 54974664626SKris Kennaway i = SSL_ENC_RC4_IDX; 55074664626SKris Kennaway break; 55174664626SKris Kennaway case SSL_RC2: 55274664626SKris Kennaway i = SSL_ENC_RC2_IDX; 55374664626SKris Kennaway break; 55474664626SKris Kennaway case SSL_IDEA: 55574664626SKris Kennaway i = SSL_ENC_IDEA_IDX; 55674664626SKris Kennaway break; 55774664626SKris Kennaway case SSL_eNULL: 55874664626SKris Kennaway i = SSL_ENC_NULL_IDX; 55974664626SKris Kennaway break; 5601f13597dSJung-uk Kim case SSL_AES128: 5611f13597dSJung-uk Kim i = SSL_ENC_AES128_IDX; 5625c87c606SMark Murray break; 5631f13597dSJung-uk Kim case SSL_AES256: 5641f13597dSJung-uk Kim i = SSL_ENC_AES256_IDX; 5651f13597dSJung-uk Kim break; 5661f13597dSJung-uk Kim case SSL_CAMELLIA128: 5671f13597dSJung-uk Kim i = SSL_ENC_CAMELLIA128_IDX; 5681f13597dSJung-uk Kim break; 5691f13597dSJung-uk Kim case SSL_CAMELLIA256: 5701f13597dSJung-uk Kim i = SSL_ENC_CAMELLIA256_IDX; 5711f13597dSJung-uk Kim break; 5721f13597dSJung-uk Kim case SSL_eGOST2814789CNT: 5731f13597dSJung-uk Kim i = SSL_ENC_GOST89_IDX; 574ed5d4f9aSSimon L. B. Nielsen break; 575db522d3aSSimon L. B. Nielsen case SSL_SEED: 576db522d3aSSimon L. B. Nielsen i = SSL_ENC_SEED_IDX; 577db522d3aSSimon L. B. Nielsen break; 5781f13597dSJung-uk Kim case SSL_AES128GCM: 5791f13597dSJung-uk Kim i = SSL_ENC_AES128GCM_IDX; 5801f13597dSJung-uk Kim break; 5811f13597dSJung-uk Kim case SSL_AES256GCM: 5821f13597dSJung-uk Kim i = SSL_ENC_AES256GCM_IDX; 5831f13597dSJung-uk Kim break; 58474664626SKris Kennaway default: 58574664626SKris Kennaway i = -1; 58674664626SKris Kennaway break; 58774664626SKris Kennaway } 58874664626SKris Kennaway 589a93cbc2bSJung-uk Kim if ((i < 0) || (i >= SSL_ENC_NUM_IDX)) 59074664626SKris Kennaway *enc = NULL; 5916f9291ceSJung-uk Kim else { 59274664626SKris Kennaway if (i == SSL_ENC_NULL_IDX) 59374664626SKris Kennaway *enc = EVP_enc_null(); 59474664626SKris Kennaway else 59574664626SKris Kennaway *enc = ssl_cipher_methods[i]; 59674664626SKris Kennaway } 59774664626SKris Kennaway 5986f9291ceSJung-uk Kim switch (c->algorithm_mac) { 59974664626SKris Kennaway case SSL_MD5: 60074664626SKris Kennaway i = SSL_MD_MD5_IDX; 60174664626SKris Kennaway break; 60274664626SKris Kennaway case SSL_SHA1: 60374664626SKris Kennaway i = SSL_MD_SHA1_IDX; 60474664626SKris Kennaway break; 6051f13597dSJung-uk Kim case SSL_SHA256: 6061f13597dSJung-uk Kim i = SSL_MD_SHA256_IDX; 6071f13597dSJung-uk Kim break; 6081f13597dSJung-uk Kim case SSL_SHA384: 6091f13597dSJung-uk Kim i = SSL_MD_SHA384_IDX; 6101f13597dSJung-uk Kim break; 6111f13597dSJung-uk Kim case SSL_GOST94: 6121f13597dSJung-uk Kim i = SSL_MD_GOST94_IDX; 6131f13597dSJung-uk Kim break; 6141f13597dSJung-uk Kim case SSL_GOST89MAC: 6151f13597dSJung-uk Kim i = SSL_MD_GOST89MAC_IDX; 6161f13597dSJung-uk Kim break; 61774664626SKris Kennaway default: 61874664626SKris Kennaway i = -1; 61974664626SKris Kennaway break; 62074664626SKris Kennaway } 6216f9291ceSJung-uk Kim if ((i < 0) || (i >= SSL_MD_NUM_IDX)) { 62274664626SKris Kennaway *md = NULL; 6236f9291ceSJung-uk Kim if (mac_pkey_type != NULL) 6246f9291ceSJung-uk Kim *mac_pkey_type = NID_undef; 6256f9291ceSJung-uk Kim if (mac_secret_size != NULL) 6266f9291ceSJung-uk Kim *mac_secret_size = 0; 6271f13597dSJung-uk Kim if (c->algorithm_mac == SSL_AEAD) 6281f13597dSJung-uk Kim mac_pkey_type = NULL; 6296f9291ceSJung-uk Kim } else { 63074664626SKris Kennaway *md = ssl_digest_methods[i]; 6316f9291ceSJung-uk Kim if (mac_pkey_type != NULL) 6326f9291ceSJung-uk Kim *mac_pkey_type = ssl_mac_pkey_id[i]; 6336f9291ceSJung-uk Kim if (mac_secret_size != NULL) 6346f9291ceSJung-uk Kim *mac_secret_size = ssl_mac_secret_size[i]; 6351f13597dSJung-uk Kim } 63674664626SKris Kennaway 6371f13597dSJung-uk Kim if ((*enc != NULL) && 6386f9291ceSJung-uk Kim (*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER)) 6396f9291ceSJung-uk Kim && (!mac_pkey_type || *mac_pkey_type != NID_undef)) { 6401f13597dSJung-uk Kim const EVP_CIPHER *evp; 6411f13597dSJung-uk Kim 6421f13597dSJung-uk Kim if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR || 6431f13597dSJung-uk Kim s->ssl_version < TLS1_VERSION) 6441f13597dSJung-uk Kim return 1; 6451f13597dSJung-uk Kim 6461f13597dSJung-uk Kim #ifdef OPENSSL_FIPS 6471f13597dSJung-uk Kim if (FIPS_mode()) 6481f13597dSJung-uk Kim return 1; 6491f13597dSJung-uk Kim #endif 6501f13597dSJung-uk Kim 6511f13597dSJung-uk Kim if (c->algorithm_enc == SSL_RC4 && 6521f13597dSJung-uk Kim c->algorithm_mac == SSL_MD5 && 6531f13597dSJung-uk Kim (evp = EVP_get_cipherbyname("RC4-HMAC-MD5"))) 6541f13597dSJung-uk Kim *enc = evp, *md = NULL; 6551f13597dSJung-uk Kim else if (c->algorithm_enc == SSL_AES128 && 6561f13597dSJung-uk Kim c->algorithm_mac == SSL_SHA1 && 6571f13597dSJung-uk Kim (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) 6581f13597dSJung-uk Kim *enc = evp, *md = NULL; 6591f13597dSJung-uk Kim else if (c->algorithm_enc == SSL_AES256 && 6601f13597dSJung-uk Kim c->algorithm_mac == SSL_SHA1 && 6611f13597dSJung-uk Kim (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) 6621f13597dSJung-uk Kim *enc = evp, *md = NULL; 6637bded2dbSJung-uk Kim else if (c->algorithm_enc == SSL_AES128 && 6647bded2dbSJung-uk Kim c->algorithm_mac == SSL_SHA256 && 6657bded2dbSJung-uk Kim (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA256"))) 6667bded2dbSJung-uk Kim *enc = evp, *md = NULL; 6677bded2dbSJung-uk Kim else if (c->algorithm_enc == SSL_AES256 && 6687bded2dbSJung-uk Kim c->algorithm_mac == SSL_SHA256 && 6697bded2dbSJung-uk Kim (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256"))) 6707bded2dbSJung-uk Kim *enc = evp, *md = NULL; 67174664626SKris Kennaway return (1); 6726f9291ceSJung-uk Kim } else 67374664626SKris Kennaway return (0); 67474664626SKris Kennaway } 67574664626SKris Kennaway 6761f13597dSJung-uk Kim int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md) 6771f13597dSJung-uk Kim { 6786f9291ceSJung-uk Kim if (idx < 0 || idx >= SSL_MD_NUM_IDX) { 6791f13597dSJung-uk Kim return 0; 6801f13597dSJung-uk Kim } 6811f13597dSJung-uk Kim *mask = ssl_handshake_digest_flag[idx]; 6821f13597dSJung-uk Kim if (*mask) 6831f13597dSJung-uk Kim *md = ssl_digest_methods[idx]; 6841f13597dSJung-uk Kim else 6851f13597dSJung-uk Kim *md = NULL; 6861f13597dSJung-uk Kim return 1; 6871f13597dSJung-uk Kim } 6881f13597dSJung-uk Kim 68974664626SKris Kennaway #define ITEM_SEP(a) \ 69074664626SKris Kennaway (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ',')) 69174664626SKris Kennaway 69274664626SKris Kennaway static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr, 69374664626SKris Kennaway CIPHER_ORDER **tail) 69474664626SKris Kennaway { 6956f9291ceSJung-uk Kim if (curr == *tail) 6966f9291ceSJung-uk Kim return; 69774664626SKris Kennaway if (curr == *head) 69874664626SKris Kennaway *head = curr->next; 69974664626SKris Kennaway if (curr->prev != NULL) 70074664626SKris Kennaway curr->prev->next = curr->next; 7011f13597dSJung-uk Kim if (curr->next != NULL) 70274664626SKris Kennaway curr->next->prev = curr->prev; 70374664626SKris Kennaway (*tail)->next = curr; 70474664626SKris Kennaway curr->prev = *tail; 70574664626SKris Kennaway curr->next = NULL; 70674664626SKris Kennaway *tail = curr; 70774664626SKris Kennaway } 70874664626SKris Kennaway 7091f13597dSJung-uk Kim static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr, 7101f13597dSJung-uk Kim CIPHER_ORDER **tail) 71174664626SKris Kennaway { 7126f9291ceSJung-uk Kim if (curr == *head) 7136f9291ceSJung-uk Kim return; 7141f13597dSJung-uk Kim if (curr == *tail) 7151f13597dSJung-uk Kim *tail = curr->prev; 7161f13597dSJung-uk Kim if (curr->next != NULL) 7171f13597dSJung-uk Kim curr->next->prev = curr->prev; 7181f13597dSJung-uk Kim if (curr->prev != NULL) 7191f13597dSJung-uk Kim curr->prev->next = curr->next; 7201f13597dSJung-uk Kim (*head)->prev = curr; 7211f13597dSJung-uk Kim curr->next = *head; 7221f13597dSJung-uk Kim curr->prev = NULL; 7231f13597dSJung-uk Kim *head = curr; 7241f13597dSJung-uk Kim } 72574664626SKris Kennaway 7266f9291ceSJung-uk Kim static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, 7276f9291ceSJung-uk Kim unsigned long *enc, unsigned long *mac, 7286f9291ceSJung-uk Kim unsigned long *ssl) 7291f13597dSJung-uk Kim { 7301f13597dSJung-uk Kim *mkey = 0; 7311f13597dSJung-uk Kim *auth = 0; 7321f13597dSJung-uk Kim *enc = 0; 7331f13597dSJung-uk Kim *mac = 0; 7341f13597dSJung-uk Kim *ssl = 0; 7351f13597dSJung-uk Kim 7365c87c606SMark Murray #ifdef OPENSSL_NO_RSA 7371f13597dSJung-uk Kim *mkey |= SSL_kRSA; 7381f13597dSJung-uk Kim *auth |= SSL_aRSA; 73974664626SKris Kennaway #endif 7405c87c606SMark Murray #ifdef OPENSSL_NO_DSA 7411f13597dSJung-uk Kim *auth |= SSL_aDSS; 74274664626SKris Kennaway #endif 7435c87c606SMark Murray #ifdef OPENSSL_NO_DH 7441f13597dSJung-uk Kim *mkey |= SSL_kDHr | SSL_kDHd | SSL_kEDH; 7451f13597dSJung-uk Kim *auth |= SSL_aDH; 74674664626SKris Kennaway #endif 7475c87c606SMark Murray #ifdef OPENSSL_NO_KRB5 7481f13597dSJung-uk Kim *mkey |= SSL_kKRB5; 7491f13597dSJung-uk Kim *auth |= SSL_aKRB5; 7501f13597dSJung-uk Kim #endif 7511f13597dSJung-uk Kim #ifdef OPENSSL_NO_ECDSA 7521f13597dSJung-uk Kim *auth |= SSL_aECDSA; 7535c87c606SMark Murray #endif 7543b4e3dcbSSimon L. B. Nielsen #ifdef OPENSSL_NO_ECDH 7551f13597dSJung-uk Kim *mkey |= SSL_kECDHe | SSL_kECDHr; 7561f13597dSJung-uk Kim *auth |= SSL_aECDH; 7573b4e3dcbSSimon L. B. Nielsen #endif 7581f13597dSJung-uk Kim #ifdef OPENSSL_NO_PSK 7591f13597dSJung-uk Kim *mkey |= SSL_kPSK; 7601f13597dSJung-uk Kim *auth |= SSL_aPSK; 7611f13597dSJung-uk Kim #endif 7621f13597dSJung-uk Kim #ifdef OPENSSL_NO_SRP 7631f13597dSJung-uk Kim *mkey |= SSL_kSRP; 7641f13597dSJung-uk Kim #endif 7656f9291ceSJung-uk Kim /* 7666f9291ceSJung-uk Kim * Check for presence of GOST 34.10 algorithms, and if they do not 7676f9291ceSJung-uk Kim * present, disable appropriate auth and key exchange 7686f9291ceSJung-uk Kim */ 7691f13597dSJung-uk Kim if (!get_optional_pkey_id("gost94")) { 7701f13597dSJung-uk Kim *auth |= SSL_aGOST94; 7711f13597dSJung-uk Kim } 7721f13597dSJung-uk Kim if (!get_optional_pkey_id("gost2001")) { 7731f13597dSJung-uk Kim *auth |= SSL_aGOST01; 7741f13597dSJung-uk Kim } 7756f9291ceSJung-uk Kim /* 7766f9291ceSJung-uk Kim * Disable GOST key exchange if no GOST signature algs are available * 7776f9291ceSJung-uk Kim */ 7781f13597dSJung-uk Kim if ((*auth & (SSL_aGOST94 | SSL_aGOST01)) == (SSL_aGOST94 | SSL_aGOST01)) { 7791f13597dSJung-uk Kim *mkey |= SSL_kGOST; 7801f13597dSJung-uk Kim } 78174664626SKris Kennaway #ifdef SSL_FORBID_ENULL 7821f13597dSJung-uk Kim *enc |= SSL_eNULL; 78374664626SKris Kennaway #endif 78474664626SKris Kennaway 7851f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX] == NULL) ? SSL_DES : 0; 7861f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0; 7871f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX] == NULL) ? SSL_RC4 : 0; 7881f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0; 7891f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0; 7901f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0; 7911f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0; 7926f9291ceSJung-uk Kim *enc |= 7936f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == 7946f9291ceSJung-uk Kim NULL) ? SSL_AES128GCM : 0; 7956f9291ceSJung-uk Kim *enc |= 7966f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == 7976f9291ceSJung-uk Kim NULL) ? SSL_AES256GCM : 0; 7986f9291ceSJung-uk Kim *enc |= 7996f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == 8006f9291ceSJung-uk Kim NULL) ? SSL_CAMELLIA128 : 0; 8016f9291ceSJung-uk Kim *enc |= 8026f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == 8036f9291ceSJung-uk Kim NULL) ? SSL_CAMELLIA256 : 0; 8046f9291ceSJung-uk Kim *enc |= 8056f9291ceSJung-uk Kim (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == 8066f9291ceSJung-uk Kim NULL) ? SSL_eGOST2814789CNT : 0; 8071f13597dSJung-uk Kim *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED : 0; 8085471f83eSSimon L. B. Nielsen 8091f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX] == NULL) ? SSL_MD5 : 0; 8101f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0; 8111f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0; 8121f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0; 8131f13597dSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0; 8146f9291ceSJung-uk Kim *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL 8156f9291ceSJung-uk Kim || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] == 8166f9291ceSJung-uk Kim NID_undef) ? SSL_GOST89MAC : 0; 8171f13597dSJung-uk Kim 818f579bf8eSKris Kennaway } 819f579bf8eSKris Kennaway 820f579bf8eSKris Kennaway static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, 8211f13597dSJung-uk Kim int num_of_ciphers, 8226f9291ceSJung-uk Kim unsigned long disabled_mkey, 8236f9291ceSJung-uk Kim unsigned long disabled_auth, 8246f9291ceSJung-uk Kim unsigned long disabled_enc, 8256f9291ceSJung-uk Kim unsigned long disabled_mac, 8261f13597dSJung-uk Kim unsigned long disabled_ssl, 8271f13597dSJung-uk Kim CIPHER_ORDER *co_list, 8286f9291ceSJung-uk Kim CIPHER_ORDER **head_p, 8296f9291ceSJung-uk Kim CIPHER_ORDER **tail_p) 830f579bf8eSKris Kennaway { 831ced566fdSJacques Vidrine int i, co_list_num; 8321f13597dSJung-uk Kim const SSL_CIPHER *c; 833f579bf8eSKris Kennaway 834f579bf8eSKris Kennaway /* 835f579bf8eSKris Kennaway * We have num_of_ciphers descriptions compiled in, depending on the 836f579bf8eSKris Kennaway * method selected (SSLv2 and/or SSLv3, TLSv1 etc). 837f579bf8eSKris Kennaway * These will later be sorted in a linked list with at most num 838f579bf8eSKris Kennaway * entries. 839f579bf8eSKris Kennaway */ 84074664626SKris Kennaway 84174664626SKris Kennaway /* Get the initial list of ciphers */ 842ced566fdSJacques Vidrine co_list_num = 0; /* actual count of ciphers */ 8436f9291ceSJung-uk Kim for (i = 0; i < num_of_ciphers; i++) { 844f579bf8eSKris Kennaway c = ssl_method->get_cipher(i); 84574664626SKris Kennaway /* drop those that use any of that is not available */ 8461f13597dSJung-uk Kim if ((c != NULL) && c->valid && 847db522d3aSSimon L. B. Nielsen #ifdef OPENSSL_FIPS 8481f13597dSJung-uk Kim (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) && 849db522d3aSSimon L. B. Nielsen #endif 8501f13597dSJung-uk Kim !(c->algorithm_mkey & disabled_mkey) && 8511f13597dSJung-uk Kim !(c->algorithm_auth & disabled_auth) && 8521f13597dSJung-uk Kim !(c->algorithm_enc & disabled_enc) && 8531f13597dSJung-uk Kim !(c->algorithm_mac & disabled_mac) && 8546f9291ceSJung-uk Kim !(c->algorithm_ssl & disabled_ssl)) { 855ced566fdSJacques Vidrine co_list[co_list_num].cipher = c; 856ced566fdSJacques Vidrine co_list[co_list_num].next = NULL; 857ced566fdSJacques Vidrine co_list[co_list_num].prev = NULL; 858ced566fdSJacques Vidrine co_list[co_list_num].active = 0; 859ced566fdSJacques Vidrine co_list_num++; 8605c87c606SMark Murray #ifdef KSSL_DEBUG 8616f9291ceSJung-uk Kim fprintf(stderr, "\t%d: %s %lx %lx %lx\n", i, c->name, c->id, 8626f9291ceSJung-uk Kim c->algorithm_mkey, c->algorithm_auth); 8635c87c606SMark Murray #endif /* KSSL_DEBUG */ 864f579bf8eSKris Kennaway /* 8656f9291ceSJung-uk Kim * if (!sk_push(ca_list,(char *)c)) goto err; 866f579bf8eSKris Kennaway */ 86774664626SKris Kennaway } 86874664626SKris Kennaway } 86974664626SKris Kennaway 870f579bf8eSKris Kennaway /* 871f579bf8eSKris Kennaway * Prepare linked list from list entries 872f579bf8eSKris Kennaway */ 8736f9291ceSJung-uk Kim if (co_list_num > 0) { 8741f13597dSJung-uk Kim co_list[0].prev = NULL; 8751f13597dSJung-uk Kim 8766f9291ceSJung-uk Kim if (co_list_num > 1) { 8771f13597dSJung-uk Kim co_list[0].next = &co_list[1]; 8781f13597dSJung-uk Kim 8796f9291ceSJung-uk Kim for (i = 1; i < co_list_num - 1; i++) { 8801f13597dSJung-uk Kim co_list[i].prev = &co_list[i - 1]; 8811f13597dSJung-uk Kim co_list[i].next = &co_list[i + 1]; 8821f13597dSJung-uk Kim } 8831f13597dSJung-uk Kim 8841f13597dSJung-uk Kim co_list[co_list_num - 1].prev = &co_list[co_list_num - 2]; 8851f13597dSJung-uk Kim } 8861f13597dSJung-uk Kim 8871f13597dSJung-uk Kim co_list[co_list_num - 1].next = NULL; 8881f13597dSJung-uk Kim 8891f13597dSJung-uk Kim *head_p = &co_list[0]; 8901f13597dSJung-uk Kim *tail_p = &co_list[co_list_num - 1]; 891f579bf8eSKris Kennaway } 89274664626SKris Kennaway } 89374664626SKris Kennaway 8941f13597dSJung-uk Kim static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, 8951f13597dSJung-uk Kim int num_of_group_aliases, 8966f9291ceSJung-uk Kim unsigned long disabled_mkey, 8976f9291ceSJung-uk Kim unsigned long disabled_auth, 8986f9291ceSJung-uk Kim unsigned long disabled_enc, 8996f9291ceSJung-uk Kim unsigned long disabled_mac, 9001f13597dSJung-uk Kim unsigned long disabled_ssl, 901f579bf8eSKris Kennaway CIPHER_ORDER *head) 90274664626SKris Kennaway { 903f579bf8eSKris Kennaway CIPHER_ORDER *ciph_curr; 9041f13597dSJung-uk Kim const SSL_CIPHER **ca_curr; 905f579bf8eSKris Kennaway int i; 9061f13597dSJung-uk Kim unsigned long mask_mkey = ~disabled_mkey; 9071f13597dSJung-uk Kim unsigned long mask_auth = ~disabled_auth; 9081f13597dSJung-uk Kim unsigned long mask_enc = ~disabled_enc; 9091f13597dSJung-uk Kim unsigned long mask_mac = ~disabled_mac; 9101f13597dSJung-uk Kim unsigned long mask_ssl = ~disabled_ssl; 911f579bf8eSKris Kennaway 912f579bf8eSKris Kennaway /* 913f579bf8eSKris Kennaway * First, add the real ciphers as already collected 914f579bf8eSKris Kennaway */ 915f579bf8eSKris Kennaway ciph_curr = head; 916f579bf8eSKris Kennaway ca_curr = ca_list; 9176f9291ceSJung-uk Kim while (ciph_curr != NULL) { 918f579bf8eSKris Kennaway *ca_curr = ciph_curr->cipher; 919f579bf8eSKris Kennaway ca_curr++; 920f579bf8eSKris Kennaway ciph_curr = ciph_curr->next; 92174664626SKris Kennaway } 92274664626SKris Kennaway 923f579bf8eSKris Kennaway /* 924f579bf8eSKris Kennaway * Now we add the available ones from the cipher_aliases[] table. 9251f13597dSJung-uk Kim * They represent either one or more algorithms, some of which 9261f13597dSJung-uk Kim * in any affected category must be supported (set in enabled_mask), 9271f13597dSJung-uk Kim * or represent a cipher strength value (will be added in any case because algorithms=0). 928f579bf8eSKris Kennaway */ 9296f9291ceSJung-uk Kim for (i = 0; i < num_of_group_aliases; i++) { 9301f13597dSJung-uk Kim unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey; 9311f13597dSJung-uk Kim unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth; 9321f13597dSJung-uk Kim unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc; 9331f13597dSJung-uk Kim unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac; 9341f13597dSJung-uk Kim unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl; 9351f13597dSJung-uk Kim 9361f13597dSJung-uk Kim if (algorithm_mkey) 9371f13597dSJung-uk Kim if ((algorithm_mkey & mask_mkey) == 0) 9381f13597dSJung-uk Kim continue; 9391f13597dSJung-uk Kim 9401f13597dSJung-uk Kim if (algorithm_auth) 9411f13597dSJung-uk Kim if ((algorithm_auth & mask_auth) == 0) 9421f13597dSJung-uk Kim continue; 9431f13597dSJung-uk Kim 9441f13597dSJung-uk Kim if (algorithm_enc) 9451f13597dSJung-uk Kim if ((algorithm_enc & mask_enc) == 0) 9461f13597dSJung-uk Kim continue; 9471f13597dSJung-uk Kim 9481f13597dSJung-uk Kim if (algorithm_mac) 9491f13597dSJung-uk Kim if ((algorithm_mac & mask_mac) == 0) 9501f13597dSJung-uk Kim continue; 9511f13597dSJung-uk Kim 9521f13597dSJung-uk Kim if (algorithm_ssl) 9531f13597dSJung-uk Kim if ((algorithm_ssl & mask_ssl) == 0) 9541f13597dSJung-uk Kim continue; 9551f13597dSJung-uk Kim 956f579bf8eSKris Kennaway *ca_curr = (SSL_CIPHER *)(cipher_aliases + i); 957f579bf8eSKris Kennaway ca_curr++; 95874664626SKris Kennaway } 95974664626SKris Kennaway 960f579bf8eSKris Kennaway *ca_curr = NULL; /* end of list */ 961f579bf8eSKris Kennaway } 962f579bf8eSKris Kennaway 9631f13597dSJung-uk Kim static void ssl_cipher_apply_rule(unsigned long cipher_id, 9646f9291ceSJung-uk Kim unsigned long alg_mkey, 9656f9291ceSJung-uk Kim unsigned long alg_auth, 9666f9291ceSJung-uk Kim unsigned long alg_enc, 9676f9291ceSJung-uk Kim unsigned long alg_mac, 9681f13597dSJung-uk Kim unsigned long alg_ssl, 9696f9291ceSJung-uk Kim unsigned long algo_strength, int rule, 9706f9291ceSJung-uk Kim int strength_bits, CIPHER_ORDER **head_p, 9716f9291ceSJung-uk Kim CIPHER_ORDER **tail_p) 97274664626SKris Kennaway { 973a93cbc2bSJung-uk Kim CIPHER_ORDER *head, *tail, *curr, *next, *last; 9741f13597dSJung-uk Kim const SSL_CIPHER *cp; 9751f13597dSJung-uk Kim int reverse = 0; 976f579bf8eSKris Kennaway 977f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 9786f9291ceSJung-uk Kim fprintf(stderr, 9796f9291ceSJung-uk Kim "Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n", 9806f9291ceSJung-uk Kim rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, 9816f9291ceSJung-uk Kim algo_strength, strength_bits); 98274664626SKris Kennaway #endif 98374664626SKris Kennaway 9841f13597dSJung-uk Kim if (rule == CIPHER_DEL) 9856f9291ceSJung-uk Kim reverse = 1; /* needed to maintain sorting between 9866f9291ceSJung-uk Kim * currently deleted ciphers */ 9871f13597dSJung-uk Kim 9881f13597dSJung-uk Kim head = *head_p; 9891f13597dSJung-uk Kim tail = *tail_p; 9901f13597dSJung-uk Kim 9916f9291ceSJung-uk Kim if (reverse) { 992a93cbc2bSJung-uk Kim next = tail; 9931f13597dSJung-uk Kim last = head; 9946f9291ceSJung-uk Kim } else { 995a93cbc2bSJung-uk Kim next = head; 9961f13597dSJung-uk Kim last = tail; 9971f13597dSJung-uk Kim } 9981f13597dSJung-uk Kim 999a93cbc2bSJung-uk Kim curr = NULL; 10006f9291ceSJung-uk Kim for (;;) { 10016f9291ceSJung-uk Kim if (curr == last) 10026f9291ceSJung-uk Kim break; 1003a93cbc2bSJung-uk Kim 1004a93cbc2bSJung-uk Kim curr = next; 1005a93cbc2bSJung-uk Kim 10066f9291ceSJung-uk Kim if (curr == NULL) 10076f9291ceSJung-uk Kim break; 1008a93cbc2bSJung-uk Kim 1009a93cbc2bSJung-uk Kim next = reverse ? curr->prev : curr->next; 101074664626SKris Kennaway 101174664626SKris Kennaway cp = curr->cipher; 1012f579bf8eSKris Kennaway 10131f13597dSJung-uk Kim /* 10141f13597dSJung-uk Kim * Selection criteria is either the value of strength_bits 10151f13597dSJung-uk Kim * or the algorithms used. 10161f13597dSJung-uk Kim */ 10176f9291ceSJung-uk Kim if (strength_bits >= 0) { 10181f13597dSJung-uk Kim if (strength_bits != cp->strength_bits) 10193b4e3dcbSSimon L. B. Nielsen continue; 10206f9291ceSJung-uk Kim } else { 1021f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 10226f9291ceSJung-uk Kim fprintf(stderr, 10236f9291ceSJung-uk Kim "\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n", 10246f9291ceSJung-uk Kim cp->name, cp->algorithm_mkey, cp->algorithm_auth, 10256f9291ceSJung-uk Kim cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl, 10266f9291ceSJung-uk Kim cp->algo_strength); 1027f579bf8eSKris Kennaway #endif 10287bded2dbSJung-uk Kim #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL 10297bded2dbSJung-uk Kim if (cipher_id && cipher_id != cp->id) 10307bded2dbSJung-uk Kim continue; 10317bded2dbSJung-uk Kim #endif 10321f13597dSJung-uk Kim if (alg_mkey && !(alg_mkey & cp->algorithm_mkey)) 10331f13597dSJung-uk Kim continue; 10341f13597dSJung-uk Kim if (alg_auth && !(alg_auth & cp->algorithm_auth)) 10351f13597dSJung-uk Kim continue; 10361f13597dSJung-uk Kim if (alg_enc && !(alg_enc & cp->algorithm_enc)) 10371f13597dSJung-uk Kim continue; 10381f13597dSJung-uk Kim if (alg_mac && !(alg_mac & cp->algorithm_mac)) 10391f13597dSJung-uk Kim continue; 10401f13597dSJung-uk Kim if (alg_ssl && !(alg_ssl & cp->algorithm_ssl)) 10411f13597dSJung-uk Kim continue; 10426f9291ceSJung-uk Kim if ((algo_strength & SSL_EXP_MASK) 10436f9291ceSJung-uk Kim && !(algo_strength & SSL_EXP_MASK & cp->algo_strength)) 10441f13597dSJung-uk Kim continue; 10456f9291ceSJung-uk Kim if ((algo_strength & SSL_STRONG_MASK) 10466f9291ceSJung-uk Kim && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength)) 10471f13597dSJung-uk Kim continue; 1048b8721c16SJung-uk Kim if ((algo_strength & SSL_NOT_DEFAULT) 1049b8721c16SJung-uk Kim && !(cp->algo_strength & SSL_NOT_DEFAULT)) 1050b8721c16SJung-uk Kim continue; 105174664626SKris Kennaway } 1052f579bf8eSKris Kennaway 1053f579bf8eSKris Kennaway #ifdef CIPHER_DEBUG 1054751d2991SJung-uk Kim fprintf(stderr, "Action = %d\n", rule); 1055f579bf8eSKris Kennaway #endif 105674664626SKris Kennaway 105774664626SKris Kennaway /* add the cipher if it has not been added yet. */ 10586f9291ceSJung-uk Kim if (rule == CIPHER_ADD) { 10591f13597dSJung-uk Kim /* reverse == 0 */ 10606f9291ceSJung-uk Kim if (!curr->active) { 106174664626SKris Kennaway ll_append_tail(&head, curr, &tail); 106274664626SKris Kennaway curr->active = 1; 106374664626SKris Kennaway } 106474664626SKris Kennaway } 106574664626SKris Kennaway /* Move the added cipher to this location */ 10666f9291ceSJung-uk Kim else if (rule == CIPHER_ORD) { 10671f13597dSJung-uk Kim /* reverse == 0 */ 10686f9291ceSJung-uk Kim if (curr->active) { 106974664626SKris Kennaway ll_append_tail(&head, curr, &tail); 107074664626SKris Kennaway } 10716f9291ceSJung-uk Kim } else if (rule == CIPHER_DEL) { 10721f13597dSJung-uk Kim /* reverse == 1 */ 10736f9291ceSJung-uk Kim if (curr->active) { 10746f9291ceSJung-uk Kim /* 10756f9291ceSJung-uk Kim * most recently deleted ciphersuites get best positions for 10766f9291ceSJung-uk Kim * any future CIPHER_ADD (note that the CIPHER_DEL loop works 10776f9291ceSJung-uk Kim * in reverse to maintain the order) 10786f9291ceSJung-uk Kim */ 10791f13597dSJung-uk Kim ll_append_head(&head, curr, &tail); 108074664626SKris Kennaway curr->active = 0; 10811f13597dSJung-uk Kim } 10826f9291ceSJung-uk Kim } else if (rule == CIPHER_KILL) { 10831f13597dSJung-uk Kim /* reverse == 0 */ 108474664626SKris Kennaway if (head == curr) 108574664626SKris Kennaway head = curr->next; 108674664626SKris Kennaway else 108774664626SKris Kennaway curr->prev->next = curr->next; 108874664626SKris Kennaway if (tail == curr) 108974664626SKris Kennaway tail = curr->prev; 109074664626SKris Kennaway curr->active = 0; 109174664626SKris Kennaway if (curr->next != NULL) 109274664626SKris Kennaway curr->next->prev = curr->prev; 109374664626SKris Kennaway if (curr->prev != NULL) 109474664626SKris Kennaway curr->prev->next = curr->next; 109574664626SKris Kennaway curr->next = NULL; 109674664626SKris Kennaway curr->prev = NULL; 109774664626SKris Kennaway } 109874664626SKris Kennaway } 1099f579bf8eSKris Kennaway 1100f579bf8eSKris Kennaway *head_p = head; 1101f579bf8eSKris Kennaway *tail_p = tail; 110274664626SKris Kennaway } 110374664626SKris Kennaway 11041f13597dSJung-uk Kim static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, 1105f579bf8eSKris Kennaway CIPHER_ORDER **tail_p) 1106f579bf8eSKris Kennaway { 1107f579bf8eSKris Kennaway int max_strength_bits, i, *number_uses; 1108f579bf8eSKris Kennaway CIPHER_ORDER *curr; 1109f579bf8eSKris Kennaway 1110f579bf8eSKris Kennaway /* 1111f579bf8eSKris Kennaway * This routine sorts the ciphers with descending strength. The sorting 1112f579bf8eSKris Kennaway * must keep the pre-sorted sequence, so we apply the normal sorting 1113f579bf8eSKris Kennaway * routine as '+' movement to the end of the list. 1114f579bf8eSKris Kennaway */ 1115f579bf8eSKris Kennaway max_strength_bits = 0; 1116f579bf8eSKris Kennaway curr = *head_p; 11176f9291ceSJung-uk Kim while (curr != NULL) { 11186f9291ceSJung-uk Kim if (curr->active && (curr->cipher->strength_bits > max_strength_bits)) 1119f579bf8eSKris Kennaway max_strength_bits = curr->cipher->strength_bits; 1120f579bf8eSKris Kennaway curr = curr->next; 1121f579bf8eSKris Kennaway } 1122f579bf8eSKris Kennaway 1123ddd58736SKris Kennaway number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); 11246f9291ceSJung-uk Kim if (!number_uses) { 1125f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE); 1126f579bf8eSKris Kennaway return (0); 1127f579bf8eSKris Kennaway } 1128f579bf8eSKris Kennaway memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int)); 1129f579bf8eSKris Kennaway 1130f579bf8eSKris Kennaway /* 1131f579bf8eSKris Kennaway * Now find the strength_bits values actually used 1132f579bf8eSKris Kennaway */ 1133f579bf8eSKris Kennaway curr = *head_p; 11346f9291ceSJung-uk Kim while (curr != NULL) { 1135f579bf8eSKris Kennaway if (curr->active) 1136f579bf8eSKris Kennaway number_uses[curr->cipher->strength_bits]++; 1137f579bf8eSKris Kennaway curr = curr->next; 1138f579bf8eSKris Kennaway } 1139f579bf8eSKris Kennaway /* 1140f579bf8eSKris Kennaway * Go through the list of used strength_bits values in descending 1141f579bf8eSKris Kennaway * order. 1142f579bf8eSKris Kennaway */ 1143f579bf8eSKris Kennaway for (i = max_strength_bits; i >= 0; i--) 1144f579bf8eSKris Kennaway if (number_uses[i] > 0) 11456f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p, 11466f9291ceSJung-uk Kim tail_p); 1147f579bf8eSKris Kennaway 1148ddd58736SKris Kennaway OPENSSL_free(number_uses); 1149f579bf8eSKris Kennaway return (1); 1150f579bf8eSKris Kennaway } 1151f579bf8eSKris Kennaway 1152f579bf8eSKris Kennaway static int ssl_cipher_process_rulestr(const char *rule_str, 11536f9291ceSJung-uk Kim CIPHER_ORDER **head_p, 11546f9291ceSJung-uk Kim CIPHER_ORDER **tail_p, 11551f13597dSJung-uk Kim const SSL_CIPHER **ca_list) 1156f579bf8eSKris Kennaway { 11576f9291ceSJung-uk Kim unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, 11586f9291ceSJung-uk Kim algo_strength; 1159a3ddd25aSSimon L. B. Nielsen const char *l, *buf; 1160f579bf8eSKris Kennaway int j, multi, found, rule, retval, ok, buflen; 11611f13597dSJung-uk Kim unsigned long cipher_id = 0; 1162f579bf8eSKris Kennaway char ch; 1163f579bf8eSKris Kennaway 1164f579bf8eSKris Kennaway retval = 1; 1165f579bf8eSKris Kennaway l = rule_str; 11666f9291ceSJung-uk Kim for (;;) { 1167f579bf8eSKris Kennaway ch = *l; 1168f579bf8eSKris Kennaway 1169f579bf8eSKris Kennaway if (ch == '\0') 1170f579bf8eSKris Kennaway break; /* done */ 11716f9291ceSJung-uk Kim if (ch == '-') { 11726f9291ceSJung-uk Kim rule = CIPHER_DEL; 11736f9291ceSJung-uk Kim l++; 11746f9291ceSJung-uk Kim } else if (ch == '+') { 11756f9291ceSJung-uk Kim rule = CIPHER_ORD; 11766f9291ceSJung-uk Kim l++; 11776f9291ceSJung-uk Kim } else if (ch == '!') { 11786f9291ceSJung-uk Kim rule = CIPHER_KILL; 11796f9291ceSJung-uk Kim l++; 11806f9291ceSJung-uk Kim } else if (ch == '@') { 11816f9291ceSJung-uk Kim rule = CIPHER_SPECIAL; 11826f9291ceSJung-uk Kim l++; 11836f9291ceSJung-uk Kim } else { 11846f9291ceSJung-uk Kim rule = CIPHER_ADD; 11856f9291ceSJung-uk Kim } 1186f579bf8eSKris Kennaway 11876f9291ceSJung-uk Kim if (ITEM_SEP(ch)) { 1188f579bf8eSKris Kennaway l++; 1189f579bf8eSKris Kennaway continue; 1190f579bf8eSKris Kennaway } 1191f579bf8eSKris Kennaway 11921f13597dSJung-uk Kim alg_mkey = 0; 11931f13597dSJung-uk Kim alg_auth = 0; 11941f13597dSJung-uk Kim alg_enc = 0; 11951f13597dSJung-uk Kim alg_mac = 0; 11961f13597dSJung-uk Kim alg_ssl = 0; 11971f13597dSJung-uk Kim algo_strength = 0; 1198f579bf8eSKris Kennaway 11996f9291ceSJung-uk Kim for (;;) { 1200f579bf8eSKris Kennaway ch = *l; 1201f579bf8eSKris Kennaway buf = l; 1202f579bf8eSKris Kennaway buflen = 0; 1203f579bf8eSKris Kennaway #ifndef CHARSET_EBCDIC 1204f579bf8eSKris Kennaway while (((ch >= 'A') && (ch <= 'Z')) || 1205f579bf8eSKris Kennaway ((ch >= '0') && (ch <= '9')) || 12066f9291ceSJung-uk Kim ((ch >= 'a') && (ch <= 'z')) || (ch == '-') || (ch == '.')) 1207f579bf8eSKris Kennaway #else 120809286989SJung-uk Kim while (isalnum(ch) || (ch == '-') || (ch == '.')) 1209f579bf8eSKris Kennaway #endif 1210f579bf8eSKris Kennaway { 1211f579bf8eSKris Kennaway ch = *(++l); 1212f579bf8eSKris Kennaway buflen++; 1213f579bf8eSKris Kennaway } 1214f579bf8eSKris Kennaway 12156f9291ceSJung-uk Kim if (buflen == 0) { 1216f579bf8eSKris Kennaway /* 1217f579bf8eSKris Kennaway * We hit something we cannot deal with, 1218f579bf8eSKris Kennaway * it is no command or separator nor 1219f579bf8eSKris Kennaway * alphanumeric, so we call this an error. 1220f579bf8eSKris Kennaway */ 1221f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, 1222f579bf8eSKris Kennaway SSL_R_INVALID_COMMAND); 1223f579bf8eSKris Kennaway retval = found = 0; 1224f579bf8eSKris Kennaway l++; 1225f579bf8eSKris Kennaway break; 1226f579bf8eSKris Kennaway } 1227f579bf8eSKris Kennaway 12286f9291ceSJung-uk Kim if (rule == CIPHER_SPECIAL) { 1229f579bf8eSKris Kennaway found = 0; /* unused -- avoid compiler warning */ 1230f579bf8eSKris Kennaway break; /* special treatment */ 1231f579bf8eSKris Kennaway } 1232f579bf8eSKris Kennaway 1233f579bf8eSKris Kennaway /* check for multi-part specification */ 12346f9291ceSJung-uk Kim if (ch == '+') { 1235f579bf8eSKris Kennaway multi = 1; 1236f579bf8eSKris Kennaway l++; 12376f9291ceSJung-uk Kim } else 1238f579bf8eSKris Kennaway multi = 0; 1239f579bf8eSKris Kennaway 1240f579bf8eSKris Kennaway /* 1241f579bf8eSKris Kennaway * Now search for the cipher alias in the ca_list. Be careful 1242f579bf8eSKris Kennaway * with the strncmp, because the "buflen" limitation 1243f579bf8eSKris Kennaway * will make the rule "ADH:SOME" and the cipher 1244f579bf8eSKris Kennaway * "ADH-MY-CIPHER" look like a match for buflen=3. 1245f579bf8eSKris Kennaway * So additionally check whether the cipher name found 1246f579bf8eSKris Kennaway * has the correct length. We can save a strlen() call: 1247f579bf8eSKris Kennaway * just checking for the '\0' at the right place is 124850ef0093SJacques Vidrine * sufficient, we have to strncmp() anyway. (We cannot 124950ef0093SJacques Vidrine * use strcmp(), because buf is not '\0' terminated.) 1250f579bf8eSKris Kennaway */ 1251f579bf8eSKris Kennaway j = found = 0; 12523b4e3dcbSSimon L. B. Nielsen cipher_id = 0; 12536f9291ceSJung-uk Kim while (ca_list[j]) { 125450ef0093SJacques Vidrine if (!strncmp(buf, ca_list[j]->name, buflen) && 12556f9291ceSJung-uk Kim (ca_list[j]->name[buflen] == '\0')) { 1256f579bf8eSKris Kennaway found = 1; 1257f579bf8eSKris Kennaway break; 12586f9291ceSJung-uk Kim } else 1259f579bf8eSKris Kennaway j++; 1260f579bf8eSKris Kennaway } 12611f13597dSJung-uk Kim 1262f579bf8eSKris Kennaway if (!found) 1263f579bf8eSKris Kennaway break; /* ignore this entry */ 1264f579bf8eSKris Kennaway 12656f9291ceSJung-uk Kim if (ca_list[j]->algorithm_mkey) { 12666f9291ceSJung-uk Kim if (alg_mkey) { 12671f13597dSJung-uk Kim alg_mkey &= ca_list[j]->algorithm_mkey; 12686f9291ceSJung-uk Kim if (!alg_mkey) { 12696f9291ceSJung-uk Kim found = 0; 12706f9291ceSJung-uk Kim break; 12711f13597dSJung-uk Kim } 12726f9291ceSJung-uk Kim } else 12731f13597dSJung-uk Kim alg_mkey = ca_list[j]->algorithm_mkey; 12741f13597dSJung-uk Kim } 1275f579bf8eSKris Kennaway 12766f9291ceSJung-uk Kim if (ca_list[j]->algorithm_auth) { 12776f9291ceSJung-uk Kim if (alg_auth) { 12781f13597dSJung-uk Kim alg_auth &= ca_list[j]->algorithm_auth; 12796f9291ceSJung-uk Kim if (!alg_auth) { 12806f9291ceSJung-uk Kim found = 0; 12816f9291ceSJung-uk Kim break; 12821f13597dSJung-uk Kim } 12836f9291ceSJung-uk Kim } else 12841f13597dSJung-uk Kim alg_auth = ca_list[j]->algorithm_auth; 12851f13597dSJung-uk Kim } 12861f13597dSJung-uk Kim 12876f9291ceSJung-uk Kim if (ca_list[j]->algorithm_enc) { 12886f9291ceSJung-uk Kim if (alg_enc) { 12891f13597dSJung-uk Kim alg_enc &= ca_list[j]->algorithm_enc; 12906f9291ceSJung-uk Kim if (!alg_enc) { 12916f9291ceSJung-uk Kim found = 0; 12926f9291ceSJung-uk Kim break; 12931f13597dSJung-uk Kim } 12946f9291ceSJung-uk Kim } else 12951f13597dSJung-uk Kim alg_enc = ca_list[j]->algorithm_enc; 12961f13597dSJung-uk Kim } 12971f13597dSJung-uk Kim 12986f9291ceSJung-uk Kim if (ca_list[j]->algorithm_mac) { 12996f9291ceSJung-uk Kim if (alg_mac) { 13001f13597dSJung-uk Kim alg_mac &= ca_list[j]->algorithm_mac; 13016f9291ceSJung-uk Kim if (!alg_mac) { 13026f9291ceSJung-uk Kim found = 0; 13036f9291ceSJung-uk Kim break; 13041f13597dSJung-uk Kim } 13056f9291ceSJung-uk Kim } else 13061f13597dSJung-uk Kim alg_mac = ca_list[j]->algorithm_mac; 13071f13597dSJung-uk Kim } 13081f13597dSJung-uk Kim 13096f9291ceSJung-uk Kim if (ca_list[j]->algo_strength & SSL_EXP_MASK) { 13106f9291ceSJung-uk Kim if (algo_strength & SSL_EXP_MASK) { 13116f9291ceSJung-uk Kim algo_strength &= 13126f9291ceSJung-uk Kim (ca_list[j]->algo_strength & SSL_EXP_MASK) | 13136f9291ceSJung-uk Kim ~SSL_EXP_MASK; 13146f9291ceSJung-uk Kim if (!(algo_strength & SSL_EXP_MASK)) { 13156f9291ceSJung-uk Kim found = 0; 13166f9291ceSJung-uk Kim break; 13171f13597dSJung-uk Kim } 13186f9291ceSJung-uk Kim } else 13191f13597dSJung-uk Kim algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK; 13201f13597dSJung-uk Kim } 13211f13597dSJung-uk Kim 13226f9291ceSJung-uk Kim if (ca_list[j]->algo_strength & SSL_STRONG_MASK) { 13236f9291ceSJung-uk Kim if (algo_strength & SSL_STRONG_MASK) { 13246f9291ceSJung-uk Kim algo_strength &= 13256f9291ceSJung-uk Kim (ca_list[j]->algo_strength & SSL_STRONG_MASK) | 13266f9291ceSJung-uk Kim ~SSL_STRONG_MASK; 13276f9291ceSJung-uk Kim if (!(algo_strength & SSL_STRONG_MASK)) { 13286f9291ceSJung-uk Kim found = 0; 13296f9291ceSJung-uk Kim break; 13301f13597dSJung-uk Kim } 13316f9291ceSJung-uk Kim } else 13326f9291ceSJung-uk Kim algo_strength |= 13336f9291ceSJung-uk Kim ca_list[j]->algo_strength & SSL_STRONG_MASK; 13341f13597dSJung-uk Kim } 13351f13597dSJung-uk Kim 1336b8721c16SJung-uk Kim if (ca_list[j]->algo_strength & SSL_NOT_DEFAULT) { 1337b8721c16SJung-uk Kim algo_strength |= SSL_NOT_DEFAULT; 1338b8721c16SJung-uk Kim } 1339b8721c16SJung-uk Kim 13406f9291ceSJung-uk Kim if (ca_list[j]->valid) { 13416f9291ceSJung-uk Kim /* 13426f9291ceSJung-uk Kim * explicit ciphersuite found; its protocol version does not 13436f9291ceSJung-uk Kim * become part of the search pattern! 13446f9291ceSJung-uk Kim */ 13451f13597dSJung-uk Kim 1346ed5d4f9aSSimon L. B. Nielsen cipher_id = ca_list[j]->id; 13476f9291ceSJung-uk Kim } else { 13486f9291ceSJung-uk Kim /* 13496f9291ceSJung-uk Kim * not an explicit ciphersuite; only in this case, the 13506f9291ceSJung-uk Kim * protocol version is considered part of the search pattern 13516f9291ceSJung-uk Kim */ 13521f13597dSJung-uk Kim 13536f9291ceSJung-uk Kim if (ca_list[j]->algorithm_ssl) { 13546f9291ceSJung-uk Kim if (alg_ssl) { 13551f13597dSJung-uk Kim alg_ssl &= ca_list[j]->algorithm_ssl; 13566f9291ceSJung-uk Kim if (!alg_ssl) { 13576f9291ceSJung-uk Kim found = 0; 13586f9291ceSJung-uk Kim break; 13591f13597dSJung-uk Kim } 13606f9291ceSJung-uk Kim } else 13611f13597dSJung-uk Kim alg_ssl = ca_list[j]->algorithm_ssl; 13621f13597dSJung-uk Kim } 1363ed5d4f9aSSimon L. B. Nielsen } 1364ed5d4f9aSSimon L. B. Nielsen 13656f9291ceSJung-uk Kim if (!multi) 13666f9291ceSJung-uk Kim break; 1367f579bf8eSKris Kennaway } 1368f579bf8eSKris Kennaway 1369f579bf8eSKris Kennaway /* 1370f579bf8eSKris Kennaway * Ok, we have the rule, now apply it 1371f579bf8eSKris Kennaway */ 13726f9291ceSJung-uk Kim if (rule == CIPHER_SPECIAL) { /* special command */ 1373f579bf8eSKris Kennaway ok = 0; 13746f9291ceSJung-uk Kim if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8)) 13751f13597dSJung-uk Kim ok = ssl_cipher_strength_sort(head_p, tail_p); 1376f579bf8eSKris Kennaway else 1377f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, 1378f579bf8eSKris Kennaway SSL_R_INVALID_COMMAND); 1379f579bf8eSKris Kennaway if (ok == 0) 1380f579bf8eSKris Kennaway retval = 0; 1381f579bf8eSKris Kennaway /* 1382f579bf8eSKris Kennaway * We do not support any "multi" options 1383f579bf8eSKris Kennaway * together with "@", so throw away the 1384f579bf8eSKris Kennaway * rest of the command, if any left, until 1385f579bf8eSKris Kennaway * end or ':' is found. 1386f579bf8eSKris Kennaway */ 13875471f83eSSimon L. B. Nielsen while ((*l != '\0') && !ITEM_SEP(*l)) 1388f579bf8eSKris Kennaway l++; 13896f9291ceSJung-uk Kim } else if (found) { 13901f13597dSJung-uk Kim ssl_cipher_apply_rule(cipher_id, 13916f9291ceSJung-uk Kim alg_mkey, alg_auth, alg_enc, alg_mac, 13926f9291ceSJung-uk Kim alg_ssl, algo_strength, rule, -1, head_p, 13936f9291ceSJung-uk Kim tail_p); 13946f9291ceSJung-uk Kim } else { 13955471f83eSSimon L. B. Nielsen while ((*l != '\0') && !ITEM_SEP(*l)) 1396f579bf8eSKris Kennaway l++; 1397f579bf8eSKris Kennaway } 13986f9291ceSJung-uk Kim if (*l == '\0') 13996f9291ceSJung-uk Kim break; /* done */ 1400f579bf8eSKris Kennaway } 1401f579bf8eSKris Kennaway 1402f579bf8eSKris Kennaway return (retval); 1403f579bf8eSKris Kennaway } 1404f579bf8eSKris Kennaway 14057bded2dbSJung-uk Kim #ifndef OPENSSL_NO_EC 14067bded2dbSJung-uk Kim static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c, 14077bded2dbSJung-uk Kim const char **prule_str) 14087bded2dbSJung-uk Kim { 14097bded2dbSJung-uk Kim unsigned int suiteb_flags = 0, suiteb_comb2 = 0; 141080815a77SJung-uk Kim if (strncmp(*prule_str, "SUITEB128ONLY", 13) == 0) { 14117bded2dbSJung-uk Kim suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY; 141280815a77SJung-uk Kim } else if (strncmp(*prule_str, "SUITEB128C2", 11) == 0) { 14137bded2dbSJung-uk Kim suiteb_comb2 = 1; 14147bded2dbSJung-uk Kim suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS; 141580815a77SJung-uk Kim } else if (strncmp(*prule_str, "SUITEB128", 9) == 0) { 141680815a77SJung-uk Kim suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS; 141780815a77SJung-uk Kim } else if (strncmp(*prule_str, "SUITEB192", 9) == 0) { 14187bded2dbSJung-uk Kim suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS; 141980815a77SJung-uk Kim } 14207bded2dbSJung-uk Kim 14217bded2dbSJung-uk Kim if (suiteb_flags) { 14227bded2dbSJung-uk Kim c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS; 14237bded2dbSJung-uk Kim c->cert_flags |= suiteb_flags; 14247bded2dbSJung-uk Kim } else 14257bded2dbSJung-uk Kim suiteb_flags = c->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS; 14267bded2dbSJung-uk Kim 14277bded2dbSJung-uk Kim if (!suiteb_flags) 14287bded2dbSJung-uk Kim return 1; 14297bded2dbSJung-uk Kim /* Check version: if TLS 1.2 ciphers allowed we can use Suite B */ 14307bded2dbSJung-uk Kim 14317bded2dbSJung-uk Kim if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)) { 14327bded2dbSJung-uk Kim if (meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS) 14337bded2dbSJung-uk Kim SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, 14347bded2dbSJung-uk Kim SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE); 14357bded2dbSJung-uk Kim else 14367bded2dbSJung-uk Kim SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, 14377bded2dbSJung-uk Kim SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE); 14387bded2dbSJung-uk Kim return 0; 14397bded2dbSJung-uk Kim } 14407bded2dbSJung-uk Kim # ifndef OPENSSL_NO_ECDH 14417bded2dbSJung-uk Kim switch (suiteb_flags) { 14427bded2dbSJung-uk Kim case SSL_CERT_FLAG_SUITEB_128_LOS: 14437bded2dbSJung-uk Kim if (suiteb_comb2) 14447bded2dbSJung-uk Kim *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384"; 14457bded2dbSJung-uk Kim else 14467bded2dbSJung-uk Kim *prule_str = 14477bded2dbSJung-uk Kim "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384"; 14487bded2dbSJung-uk Kim break; 14497bded2dbSJung-uk Kim case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY: 14507bded2dbSJung-uk Kim *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256"; 14517bded2dbSJung-uk Kim break; 14527bded2dbSJung-uk Kim case SSL_CERT_FLAG_SUITEB_192_LOS: 14537bded2dbSJung-uk Kim *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384"; 14547bded2dbSJung-uk Kim break; 14557bded2dbSJung-uk Kim } 14567bded2dbSJung-uk Kim /* Set auto ECDH parameter determination */ 14577bded2dbSJung-uk Kim c->ecdh_tmp_auto = 1; 14587bded2dbSJung-uk Kim return 1; 14597bded2dbSJung-uk Kim # else 14607bded2dbSJung-uk Kim SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, 14617bded2dbSJung-uk Kim SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE); 14627bded2dbSJung-uk Kim return 0; 14637bded2dbSJung-uk Kim # endif 14647bded2dbSJung-uk Kim } 14657bded2dbSJung-uk Kim #endif 14667bded2dbSJung-uk Kim 14676f9291ceSJung-uk Kim STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK_OF(SSL_CIPHER) 14686f9291ceSJung-uk Kim **cipher_list, STACK_OF(SSL_CIPHER) 14696f9291ceSJung-uk Kim **cipher_list_by_id, 14707bded2dbSJung-uk Kim const char *rule_str, CERT *c) 1471f579bf8eSKris Kennaway { 1472f579bf8eSKris Kennaway int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; 14736f9291ceSJung-uk Kim unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, 14746f9291ceSJung-uk Kim disabled_ssl; 14753b4e3dcbSSimon L. B. Nielsen STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list; 1476f579bf8eSKris Kennaway const char *rule_p; 1477ced566fdSJacques Vidrine CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; 14781f13597dSJung-uk Kim const SSL_CIPHER **ca_list = NULL; 1479f579bf8eSKris Kennaway 1480f579bf8eSKris Kennaway /* 1481f579bf8eSKris Kennaway * Return with error if nothing to do. 1482f579bf8eSKris Kennaway */ 14833b4e3dcbSSimon L. B. Nielsen if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) 14843b4e3dcbSSimon L. B. Nielsen return NULL; 14857bded2dbSJung-uk Kim #ifndef OPENSSL_NO_EC 14867bded2dbSJung-uk Kim if (!check_suiteb_cipher_list(ssl_method, c, &rule_str)) 14877bded2dbSJung-uk Kim return NULL; 14887bded2dbSJung-uk Kim #endif 1489f579bf8eSKris Kennaway 1490f579bf8eSKris Kennaway /* 1491f579bf8eSKris Kennaway * To reduce the work to do we only want to process the compiled 1492f579bf8eSKris Kennaway * in algorithms, so we first get the mask of disabled ciphers. 1493f579bf8eSKris Kennaway */ 14946f9291ceSJung-uk Kim ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, 14956f9291ceSJung-uk Kim &disabled_mac, &disabled_ssl); 1496f579bf8eSKris Kennaway 1497f579bf8eSKris Kennaway /* 1498f579bf8eSKris Kennaway * Now we have to collect the available ciphers from the compiled 1499f579bf8eSKris Kennaway * in ciphers. We cannot get more than the number compiled in, so 1500f579bf8eSKris Kennaway * it is used for allocation. 1501f579bf8eSKris Kennaway */ 1502f579bf8eSKris Kennaway num_of_ciphers = ssl_method->num_ciphers(); 15035c87c606SMark Murray #ifdef KSSL_DEBUG 15046f9291ceSJung-uk Kim fprintf(stderr, "ssl_create_cipher_list() for %d ciphers\n", 15056f9291ceSJung-uk Kim num_of_ciphers); 15065c87c606SMark Murray #endif /* KSSL_DEBUG */ 15076f9291ceSJung-uk Kim co_list = 15086f9291ceSJung-uk Kim (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); 15096f9291ceSJung-uk Kim if (co_list == NULL) { 1510f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); 1511f579bf8eSKris Kennaway return (NULL); /* Failure */ 1512f579bf8eSKris Kennaway } 1513f579bf8eSKris Kennaway 15141f13597dSJung-uk Kim ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, 15156f9291ceSJung-uk Kim disabled_mkey, disabled_auth, disabled_enc, 15166f9291ceSJung-uk Kim disabled_mac, disabled_ssl, co_list, &head, 15176f9291ceSJung-uk Kim &tail); 15181f13597dSJung-uk Kim 15191f13597dSJung-uk Kim /* Now arrange all ciphers by preference: */ 15201f13597dSJung-uk Kim 15216f9291ceSJung-uk Kim /* 15226f9291ceSJung-uk Kim * Everything else being equal, prefer ephemeral ECDH over other key 15236f9291ceSJung-uk Kim * exchange mechanisms 15246f9291ceSJung-uk Kim */ 15256f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, 15266f9291ceSJung-uk Kim &tail); 15276f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, 15286f9291ceSJung-uk Kim &tail); 15291f13597dSJung-uk Kim 15301f13597dSJung-uk Kim /* AES is our preferred symmetric cipher */ 15316f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, 15326f9291ceSJung-uk Kim &tail); 15331f13597dSJung-uk Kim 15341f13597dSJung-uk Kim /* Temporarily enable everything else for sorting */ 15351f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail); 15361f13597dSJung-uk Kim 15371f13597dSJung-uk Kim /* Low priority for MD5 */ 15386f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head, 15396f9291ceSJung-uk Kim &tail); 15401f13597dSJung-uk Kim 15416f9291ceSJung-uk Kim /* 15426f9291ceSJung-uk Kim * Move anonymous ciphers to the end. Usually, these will remain 15436f9291ceSJung-uk Kim * disabled. (For applications that allow them, they aren't too bad, but 15446f9291ceSJung-uk Kim * we prefer authenticated ciphers.) 15456f9291ceSJung-uk Kim */ 15466f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15476f9291ceSJung-uk Kim &tail); 15481f13597dSJung-uk Kim 15491f13597dSJung-uk Kim /* Move ciphers without forward secrecy to the end */ 15506f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15516f9291ceSJung-uk Kim &tail); 15526f9291ceSJung-uk Kim /* 15536f9291ceSJung-uk Kim * ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1, 15546f9291ceSJung-uk Kim * &head, &tail); 15556f9291ceSJung-uk Kim */ 15566f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15576f9291ceSJung-uk Kim &tail); 15586f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kPSK, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15596f9291ceSJung-uk Kim &tail); 15606f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, SSL_kKRB5, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, 15616f9291ceSJung-uk Kim &tail); 15621f13597dSJung-uk Kim 15631f13597dSJung-uk Kim /* RC4 is sort-of broken -- move the the end */ 15646f9291ceSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, 15656f9291ceSJung-uk Kim &tail); 15661f13597dSJung-uk Kim 15676f9291ceSJung-uk Kim /* 15686f9291ceSJung-uk Kim * Now sort by symmetric encryption strength. The above ordering remains 15696f9291ceSJung-uk Kim * in force within each class 15706f9291ceSJung-uk Kim */ 15716f9291ceSJung-uk Kim if (!ssl_cipher_strength_sort(&head, &tail)) { 15721f13597dSJung-uk Kim OPENSSL_free(co_list); 15731f13597dSJung-uk Kim return NULL; 15741f13597dSJung-uk Kim } 15751f13597dSJung-uk Kim 15761f13597dSJung-uk Kim /* Now disable everything (maintaining the ordering!) */ 15771f13597dSJung-uk Kim ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail); 15781f13597dSJung-uk Kim 1579f579bf8eSKris Kennaway /* 1580f579bf8eSKris Kennaway * We also need cipher aliases for selecting based on the rule_str. 1581f579bf8eSKris Kennaway * There might be two types of entries in the rule_str: 1) names 1582f579bf8eSKris Kennaway * of ciphers themselves 2) aliases for groups of ciphers. 1583f579bf8eSKris Kennaway * For 1) we need the available ciphers and for 2) the cipher 1584f579bf8eSKris Kennaway * groups of cipher_aliases added together in one list (otherwise 1585f579bf8eSKris Kennaway * we would be happy with just the cipher_aliases table). 1586f579bf8eSKris Kennaway */ 1587f579bf8eSKris Kennaway num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER); 1588f579bf8eSKris Kennaway num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; 15891f13597dSJung-uk Kim ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); 15906f9291ceSJung-uk Kim if (ca_list == NULL) { 1591ced566fdSJacques Vidrine OPENSSL_free(co_list); 1592f579bf8eSKris Kennaway SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); 1593f579bf8eSKris Kennaway return (NULL); /* Failure */ 1594f579bf8eSKris Kennaway } 15955471f83eSSimon L. B. Nielsen ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, 15961f13597dSJung-uk Kim disabled_mkey, disabled_auth, disabled_enc, 15971f13597dSJung-uk Kim disabled_mac, disabled_ssl, head); 1598f579bf8eSKris Kennaway 1599f579bf8eSKris Kennaway /* 1600f579bf8eSKris Kennaway * If the rule_string begins with DEFAULT, apply the default rule 1601f579bf8eSKris Kennaway * before using the (possibly available) additional rules. 1602f579bf8eSKris Kennaway */ 1603f579bf8eSKris Kennaway ok = 1; 1604f579bf8eSKris Kennaway rule_p = rule_str; 16056f9291ceSJung-uk Kim if (strncmp(rule_str, "DEFAULT", 7) == 0) { 1606f579bf8eSKris Kennaway ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, 16071f13597dSJung-uk Kim &head, &tail, ca_list); 1608f579bf8eSKris Kennaway rule_p += 7; 1609f579bf8eSKris Kennaway if (*rule_p == ':') 1610f579bf8eSKris Kennaway rule_p++; 1611f579bf8eSKris Kennaway } 1612f579bf8eSKris Kennaway 1613f579bf8eSKris Kennaway if (ok && (strlen(rule_p) > 0)) 16141f13597dSJung-uk Kim ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list); 1615f579bf8eSKris Kennaway 16161f13597dSJung-uk Kim OPENSSL_free((void *)ca_list); /* Not needed anymore */ 1617f579bf8eSKris Kennaway 16186f9291ceSJung-uk Kim if (!ok) { /* Rule processing failure */ 1619ced566fdSJacques Vidrine OPENSSL_free(co_list); 1620f579bf8eSKris Kennaway return (NULL); 1621f579bf8eSKris Kennaway } 16221f13597dSJung-uk Kim 1623f579bf8eSKris Kennaway /* 1624f579bf8eSKris Kennaway * Allocate new "cipherstack" for the result, return with error 1625f579bf8eSKris Kennaway * if we cannot get one. 1626f579bf8eSKris Kennaway */ 16276f9291ceSJung-uk Kim if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) { 1628ced566fdSJacques Vidrine OPENSSL_free(co_list); 1629f579bf8eSKris Kennaway return (NULL); 1630f579bf8eSKris Kennaway } 1631f579bf8eSKris Kennaway 1632f579bf8eSKris Kennaway /* 1633f579bf8eSKris Kennaway * The cipher selection for the list is done. The ciphers are added 1634f579bf8eSKris Kennaway * to the resulting precedence to the STACK_OF(SSL_CIPHER). 1635f579bf8eSKris Kennaway */ 16366f9291ceSJung-uk Kim for (curr = head; curr != NULL; curr = curr->next) { 1637db522d3aSSimon L. B. Nielsen #ifdef OPENSSL_FIPS 16386f9291ceSJung-uk Kim if (curr->active 16396f9291ceSJung-uk Kim && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) 1640db522d3aSSimon L. B. Nielsen #else 164174664626SKris Kennaway if (curr->active) 1642db522d3aSSimon L. B. Nielsen #endif 164374664626SKris Kennaway { 1644f579bf8eSKris Kennaway sk_SSL_CIPHER_push(cipherstack, curr->cipher); 164574664626SKris Kennaway #ifdef CIPHER_DEBUG 1646751d2991SJung-uk Kim fprintf(stderr, "<%s>\n", curr->cipher->name); 164774664626SKris Kennaway #endif 164874664626SKris Kennaway } 164974664626SKris Kennaway } 1650ced566fdSJacques Vidrine OPENSSL_free(co_list); /* Not needed any longer */ 165174664626SKris Kennaway 16523b4e3dcbSSimon L. B. Nielsen tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack); 16536f9291ceSJung-uk Kim if (tmp_cipher_list == NULL) { 16543b4e3dcbSSimon L. B. Nielsen sk_SSL_CIPHER_free(cipherstack); 16553b4e3dcbSSimon L. B. Nielsen return NULL; 16563b4e3dcbSSimon L. B. Nielsen } 165774664626SKris Kennaway if (*cipher_list != NULL) 165874664626SKris Kennaway sk_SSL_CIPHER_free(*cipher_list); 1659f579bf8eSKris Kennaway *cipher_list = cipherstack; 166074664626SKris Kennaway if (*cipher_list_by_id != NULL) 166174664626SKris Kennaway sk_SSL_CIPHER_free(*cipher_list_by_id); 16623b4e3dcbSSimon L. B. Nielsen *cipher_list_by_id = tmp_cipher_list; 16636f9291ceSJung-uk Kim (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id, 16646f9291ceSJung-uk Kim ssl_cipher_ptr_id_cmp); 166574664626SKris Kennaway 16666a599222SSimon L. B. Nielsen sk_SSL_CIPHER_sort(*cipher_list_by_id); 1667f579bf8eSKris Kennaway return (cipherstack); 166874664626SKris Kennaway } 166974664626SKris Kennaway 16706a599222SSimon L. B. Nielsen char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) 167174664626SKris Kennaway { 167274664626SKris Kennaway int is_export, pkl, kl; 16733b4e3dcbSSimon L. B. Nielsen const char *ver, *exp_str; 16743b4e3dcbSSimon L. B. Nielsen const char *kx, *au, *enc, *mac; 16751f13597dSJung-uk Kim unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2; 16765c87c606SMark Murray #ifdef KSSL_DEBUG 16776f9291ceSJung-uk Kim static const char *format = 16786f9291ceSJung-uk Kim "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n"; 16795c87c606SMark Murray #else 16806f9291ceSJung-uk Kim static const char *format = 16816f9291ceSJung-uk Kim "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; 16825c87c606SMark Murray #endif /* KSSL_DEBUG */ 168374664626SKris Kennaway 16841f13597dSJung-uk Kim alg_mkey = cipher->algorithm_mkey; 16851f13597dSJung-uk Kim alg_auth = cipher->algorithm_auth; 16861f13597dSJung-uk Kim alg_enc = cipher->algorithm_enc; 16871f13597dSJung-uk Kim alg_mac = cipher->algorithm_mac; 16881f13597dSJung-uk Kim alg_ssl = cipher->algorithm_ssl; 16891f13597dSJung-uk Kim 169074664626SKris Kennaway alg2 = cipher->algorithm2; 169174664626SKris Kennaway 1692f579bf8eSKris Kennaway is_export = SSL_C_IS_EXPORT(cipher); 1693f579bf8eSKris Kennaway pkl = SSL_C_EXPORT_PKEYLENGTH(cipher); 1694f579bf8eSKris Kennaway kl = SSL_C_EXPORT_KEYLENGTH(cipher); 1695ced566fdSJacques Vidrine exp_str = is_export ? " export" : ""; 169674664626SKris Kennaway 16971f13597dSJung-uk Kim if (alg_ssl & SSL_SSLV2) 169874664626SKris Kennaway ver = "SSLv2"; 16991f13597dSJung-uk Kim else if (alg_ssl & SSL_SSLV3) 170074664626SKris Kennaway ver = "SSLv3"; 17011f13597dSJung-uk Kim else if (alg_ssl & SSL_TLSV1_2) 17021f13597dSJung-uk Kim ver = "TLSv1.2"; 170374664626SKris Kennaway else 170474664626SKris Kennaway ver = "unknown"; 170574664626SKris Kennaway 17066f9291ceSJung-uk Kim switch (alg_mkey) { 170774664626SKris Kennaway case SSL_kRSA: 170874664626SKris Kennaway kx = is_export ? (pkl == 512 ? "RSA(512)" : "RSA(1024)") : "RSA"; 170974664626SKris Kennaway break; 171074664626SKris Kennaway case SSL_kDHr: 171174664626SKris Kennaway kx = "DH/RSA"; 171274664626SKris Kennaway break; 171374664626SKris Kennaway case SSL_kDHd: 171474664626SKris Kennaway kx = "DH/DSS"; 171574664626SKris Kennaway break; 17161f13597dSJung-uk Kim case SSL_kKRB5: 17175c87c606SMark Murray kx = "KRB5"; 17185c87c606SMark Murray break; 171974664626SKris Kennaway case SSL_kEDH: 172074664626SKris Kennaway kx = is_export ? (pkl == 512 ? "DH(512)" : "DH(1024)") : "DH"; 172174664626SKris Kennaway break; 17221f13597dSJung-uk Kim case SSL_kECDHr: 17231f13597dSJung-uk Kim kx = "ECDH/RSA"; 17241f13597dSJung-uk Kim break; 17251f13597dSJung-uk Kim case SSL_kECDHe: 17261f13597dSJung-uk Kim kx = "ECDH/ECDSA"; 17271f13597dSJung-uk Kim break; 17281f13597dSJung-uk Kim case SSL_kEECDH: 17291f13597dSJung-uk Kim kx = "ECDH"; 17301f13597dSJung-uk Kim break; 17311f13597dSJung-uk Kim case SSL_kPSK: 17321f13597dSJung-uk Kim kx = "PSK"; 17331f13597dSJung-uk Kim break; 17341f13597dSJung-uk Kim case SSL_kSRP: 17351f13597dSJung-uk Kim kx = "SRP"; 17363b4e3dcbSSimon L. B. Nielsen break; 1737a93cbc2bSJung-uk Kim case SSL_kGOST: 1738a93cbc2bSJung-uk Kim kx = "GOST"; 1739a93cbc2bSJung-uk Kim break; 174074664626SKris Kennaway default: 174174664626SKris Kennaway kx = "unknown"; 174274664626SKris Kennaway } 174374664626SKris Kennaway 17446f9291ceSJung-uk Kim switch (alg_auth) { 174574664626SKris Kennaway case SSL_aRSA: 174674664626SKris Kennaway au = "RSA"; 174774664626SKris Kennaway break; 174874664626SKris Kennaway case SSL_aDSS: 174974664626SKris Kennaway au = "DSS"; 175074664626SKris Kennaway break; 175174664626SKris Kennaway case SSL_aDH: 175274664626SKris Kennaway au = "DH"; 175374664626SKris Kennaway break; 17541f13597dSJung-uk Kim case SSL_aKRB5: 17555c87c606SMark Murray au = "KRB5"; 17565c87c606SMark Murray break; 17571f13597dSJung-uk Kim case SSL_aECDH: 17581f13597dSJung-uk Kim au = "ECDH"; 17591f13597dSJung-uk Kim break; 176074664626SKris Kennaway case SSL_aNULL: 176174664626SKris Kennaway au = "None"; 176274664626SKris Kennaway break; 17633b4e3dcbSSimon L. B. Nielsen case SSL_aECDSA: 17643b4e3dcbSSimon L. B. Nielsen au = "ECDSA"; 17653b4e3dcbSSimon L. B. Nielsen break; 17661f13597dSJung-uk Kim case SSL_aPSK: 17671f13597dSJung-uk Kim au = "PSK"; 17681f13597dSJung-uk Kim break; 1769a93cbc2bSJung-uk Kim case SSL_aSRP: 1770a93cbc2bSJung-uk Kim au = "SRP"; 1771a93cbc2bSJung-uk Kim break; 1772a93cbc2bSJung-uk Kim case SSL_aGOST94: 1773a93cbc2bSJung-uk Kim au = "GOST94"; 1774a93cbc2bSJung-uk Kim break; 1775a93cbc2bSJung-uk Kim case SSL_aGOST01: 1776a93cbc2bSJung-uk Kim au = "GOST01"; 1777a93cbc2bSJung-uk Kim break; 177874664626SKris Kennaway default: 177974664626SKris Kennaway au = "unknown"; 178074664626SKris Kennaway break; 178174664626SKris Kennaway } 178274664626SKris Kennaway 17836f9291ceSJung-uk Kim switch (alg_enc) { 178474664626SKris Kennaway case SSL_DES: 178574664626SKris Kennaway enc = (is_export && kl == 5) ? "DES(40)" : "DES(56)"; 178674664626SKris Kennaway break; 178774664626SKris Kennaway case SSL_3DES: 178874664626SKris Kennaway enc = "3DES(168)"; 178974664626SKris Kennaway break; 179074664626SKris Kennaway case SSL_RC4: 179174664626SKris Kennaway enc = is_export ? (kl == 5 ? "RC4(40)" : "RC4(56)") 179274664626SKris Kennaway : ((alg2 & SSL2_CF_8_BYTE_ENC) ? "RC4(64)" : "RC4(128)"); 179374664626SKris Kennaway break; 179474664626SKris Kennaway case SSL_RC2: 179574664626SKris Kennaway enc = is_export ? (kl == 5 ? "RC2(40)" : "RC2(56)") : "RC2(128)"; 179674664626SKris Kennaway break; 179774664626SKris Kennaway case SSL_IDEA: 179874664626SKris Kennaway enc = "IDEA(128)"; 179974664626SKris Kennaway break; 180074664626SKris Kennaway case SSL_eNULL: 180174664626SKris Kennaway enc = "None"; 180274664626SKris Kennaway break; 18031f13597dSJung-uk Kim case SSL_AES128: 18041f13597dSJung-uk Kim enc = "AES(128)"; 18055c87c606SMark Murray break; 18061f13597dSJung-uk Kim case SSL_AES256: 18071f13597dSJung-uk Kim enc = "AES(256)"; 18081f13597dSJung-uk Kim break; 18091f13597dSJung-uk Kim case SSL_AES128GCM: 18101f13597dSJung-uk Kim enc = "AESGCM(128)"; 18111f13597dSJung-uk Kim break; 18121f13597dSJung-uk Kim case SSL_AES256GCM: 18131f13597dSJung-uk Kim enc = "AESGCM(256)"; 18141f13597dSJung-uk Kim break; 18151f13597dSJung-uk Kim case SSL_CAMELLIA128: 18161f13597dSJung-uk Kim enc = "Camellia(128)"; 18171f13597dSJung-uk Kim break; 18181f13597dSJung-uk Kim case SSL_CAMELLIA256: 18191f13597dSJung-uk Kim enc = "Camellia(256)"; 1820ed5d4f9aSSimon L. B. Nielsen break; 1821db522d3aSSimon L. B. Nielsen case SSL_SEED: 1822db522d3aSSimon L. B. Nielsen enc = "SEED(128)"; 1823db522d3aSSimon L. B. Nielsen break; 1824a93cbc2bSJung-uk Kim case SSL_eGOST2814789CNT: 1825a93cbc2bSJung-uk Kim enc = "GOST89(256)"; 1826a93cbc2bSJung-uk Kim break; 182774664626SKris Kennaway default: 182874664626SKris Kennaway enc = "unknown"; 182974664626SKris Kennaway break; 183074664626SKris Kennaway } 183174664626SKris Kennaway 18326f9291ceSJung-uk Kim switch (alg_mac) { 183374664626SKris Kennaway case SSL_MD5: 183474664626SKris Kennaway mac = "MD5"; 183574664626SKris Kennaway break; 183674664626SKris Kennaway case SSL_SHA1: 183774664626SKris Kennaway mac = "SHA1"; 183874664626SKris Kennaway break; 18391f13597dSJung-uk Kim case SSL_SHA256: 18401f13597dSJung-uk Kim mac = "SHA256"; 18411f13597dSJung-uk Kim break; 18421f13597dSJung-uk Kim case SSL_SHA384: 18431f13597dSJung-uk Kim mac = "SHA384"; 18441f13597dSJung-uk Kim break; 18451f13597dSJung-uk Kim case SSL_AEAD: 18461f13597dSJung-uk Kim mac = "AEAD"; 18471f13597dSJung-uk Kim break; 1848a93cbc2bSJung-uk Kim case SSL_GOST89MAC: 1849a93cbc2bSJung-uk Kim mac = "GOST89"; 1850a93cbc2bSJung-uk Kim break; 1851a93cbc2bSJung-uk Kim case SSL_GOST94: 1852a93cbc2bSJung-uk Kim mac = "GOST94"; 1853a93cbc2bSJung-uk Kim break; 185474664626SKris Kennaway default: 185574664626SKris Kennaway mac = "unknown"; 185674664626SKris Kennaway break; 185774664626SKris Kennaway } 185874664626SKris Kennaway 18596f9291ceSJung-uk Kim if (buf == NULL) { 1860ddd58736SKris Kennaway len = 128; 1861ddd58736SKris Kennaway buf = OPENSSL_malloc(len); 18626f9291ceSJung-uk Kim if (buf == NULL) 18636f9291ceSJung-uk Kim return ("OPENSSL_malloc Error"); 18646f9291ceSJung-uk Kim } else if (len < 128) 186574664626SKris Kennaway return ("Buffer too small"); 186674664626SKris Kennaway 18675c87c606SMark Murray #ifdef KSSL_DEBUG 18686f9291ceSJung-uk Kim BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac, 18696f9291ceSJung-uk Kim exp_str, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl); 18705c87c606SMark Murray #else 18716f9291ceSJung-uk Kim BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac, 18726f9291ceSJung-uk Kim exp_str); 18735c87c606SMark Murray #endif /* KSSL_DEBUG */ 187474664626SKris Kennaway return (buf); 187574664626SKris Kennaway } 187674664626SKris Kennaway 18773b4e3dcbSSimon L. B. Nielsen char *SSL_CIPHER_get_version(const SSL_CIPHER *c) 187874664626SKris Kennaway { 187974664626SKris Kennaway int i; 188074664626SKris Kennaway 18816f9291ceSJung-uk Kim if (c == NULL) 18826f9291ceSJung-uk Kim return ("(NONE)"); 188374664626SKris Kennaway i = (int)(c->id >> 24L); 188474664626SKris Kennaway if (i == 3) 188574664626SKris Kennaway return ("TLSv1/SSLv3"); 188674664626SKris Kennaway else if (i == 2) 188774664626SKris Kennaway return ("SSLv2"); 188874664626SKris Kennaway else 188974664626SKris Kennaway return ("unknown"); 189074664626SKris Kennaway } 189174664626SKris Kennaway 189274664626SKris Kennaway /* return the actual cipher being used */ 18933b4e3dcbSSimon L. B. Nielsen const char *SSL_CIPHER_get_name(const SSL_CIPHER *c) 189474664626SKris Kennaway { 189574664626SKris Kennaway if (c != NULL) 189674664626SKris Kennaway return (c->name); 189774664626SKris Kennaway return ("(NONE)"); 189874664626SKris Kennaway } 189974664626SKris Kennaway 1900f579bf8eSKris Kennaway /* number of bits for symmetric cipher */ 19013b4e3dcbSSimon L. B. Nielsen int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits) 190274664626SKris Kennaway { 1903f579bf8eSKris Kennaway int ret = 0; 190474664626SKris Kennaway 19056f9291ceSJung-uk Kim if (c != NULL) { 19066f9291ceSJung-uk Kim if (alg_bits != NULL) 19076f9291ceSJung-uk Kim *alg_bits = c->alg_bits; 1908f579bf8eSKris Kennaway ret = c->strength_bits; 190974664626SKris Kennaway } 191074664626SKris Kennaway return (ret); 191174664626SKris Kennaway } 191274664626SKris Kennaway 19131f13597dSJung-uk Kim unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c) 19141f13597dSJung-uk Kim { 19151f13597dSJung-uk Kim return c->id; 19161f13597dSJung-uk Kim } 19171f13597dSJung-uk Kim 191874664626SKris Kennaway SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n) 191974664626SKris Kennaway { 192074664626SKris Kennaway SSL_COMP *ctmp; 192174664626SKris Kennaway int i, nn; 192274664626SKris Kennaway 19236f9291ceSJung-uk Kim if ((n == 0) || (sk == NULL)) 19246f9291ceSJung-uk Kim return (NULL); 192574664626SKris Kennaway nn = sk_SSL_COMP_num(sk); 19266f9291ceSJung-uk Kim for (i = 0; i < nn; i++) { 192774664626SKris Kennaway ctmp = sk_SSL_COMP_value(sk, i); 192874664626SKris Kennaway if (ctmp->id == n) 192974664626SKris Kennaway return (ctmp); 193074664626SKris Kennaway } 193174664626SKris Kennaway return (NULL); 193274664626SKris Kennaway } 193374664626SKris Kennaway 19343b4e3dcbSSimon L. B. Nielsen #ifdef OPENSSL_NO_COMP 1935aeb5019cSJung-uk Kim STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) 193674664626SKris Kennaway { 19373b4e3dcbSSimon L. B. Nielsen return NULL; 19383b4e3dcbSSimon L. B. Nielsen } 19396f9291ceSJung-uk Kim 1940aeb5019cSJung-uk Kim STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) 1941aeb5019cSJung-uk Kim *meths) 1942aeb5019cSJung-uk Kim { 1943aeb5019cSJung-uk Kim return NULL; 1944aeb5019cSJung-uk Kim } 1945aeb5019cSJung-uk Kim 1946aeb5019cSJung-uk Kim void SSL_COMP_free_compression_methods(void) 1947aeb5019cSJung-uk Kim { 1948aeb5019cSJung-uk Kim } 1949aeb5019cSJung-uk Kim 1950aeb5019cSJung-uk Kim int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) 19513b4e3dcbSSimon L. B. Nielsen { 19523b4e3dcbSSimon L. B. Nielsen return 1; 195374664626SKris Kennaway } 195474664626SKris Kennaway 1955aeb5019cSJung-uk Kim const char *SSL_COMP_get_name(const COMP_METHOD *comp) 19563b4e3dcbSSimon L. B. Nielsen { 19573b4e3dcbSSimon L. B. Nielsen return NULL; 19583b4e3dcbSSimon L. B. Nielsen } 19593b4e3dcbSSimon L. B. Nielsen #else 196074664626SKris Kennaway STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) 196174664626SKris Kennaway { 19623b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 196374664626SKris Kennaway return (ssl_comp_methods); 196474664626SKris Kennaway } 196574664626SKris Kennaway 19667bded2dbSJung-uk Kim STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) 19677bded2dbSJung-uk Kim *meths) 19687bded2dbSJung-uk Kim { 19697bded2dbSJung-uk Kim STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods; 19707bded2dbSJung-uk Kim ssl_comp_methods = meths; 19717bded2dbSJung-uk Kim return old_meths; 19727bded2dbSJung-uk Kim } 19737bded2dbSJung-uk Kim 19747bded2dbSJung-uk Kim static void cmeth_free(SSL_COMP *cm) 19757bded2dbSJung-uk Kim { 19767bded2dbSJung-uk Kim OPENSSL_free(cm); 19777bded2dbSJung-uk Kim } 19787bded2dbSJung-uk Kim 19797bded2dbSJung-uk Kim void SSL_COMP_free_compression_methods(void) 19807bded2dbSJung-uk Kim { 19817bded2dbSJung-uk Kim STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods; 19827bded2dbSJung-uk Kim ssl_comp_methods = NULL; 19837bded2dbSJung-uk Kim sk_SSL_COMP_pop_free(old_meths, cmeth_free); 19847bded2dbSJung-uk Kim } 19857bded2dbSJung-uk Kim 198674664626SKris Kennaway int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) 198774664626SKris Kennaway { 198874664626SKris Kennaway SSL_COMP *comp; 198974664626SKris Kennaway 19905c87c606SMark Murray if (cm == NULL || cm->type == NID_undef) 19915c87c606SMark Murray return 1; 19925c87c606SMark Murray 19936f9291ceSJung-uk Kim /*- 19946f9291ceSJung-uk Kim * According to draft-ietf-tls-compression-04.txt, the 19956f9291ceSJung-uk Kim * compression number ranges should be the following: 19966f9291ceSJung-uk Kim * 19976f9291ceSJung-uk Kim * 0 to 63: methods defined by the IETF 19986f9291ceSJung-uk Kim * 64 to 192: external party methods assigned by IANA 19996f9291ceSJung-uk Kim * 193 to 255: reserved for private use 20006f9291ceSJung-uk Kim */ 20016f9291ceSJung-uk Kim if (id < 193 || id > 255) { 20026f9291ceSJung-uk Kim SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, 20036f9291ceSJung-uk Kim SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); 2004*ed7112f0SJung-uk Kim return 1; 20053b4e3dcbSSimon L. B. Nielsen } 20063b4e3dcbSSimon L. B. Nielsen 20075c87c606SMark Murray MemCheck_off(); 2008ddd58736SKris Kennaway comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); 2009aeb5019cSJung-uk Kim if (comp == NULL) { 2010aeb5019cSJung-uk Kim MemCheck_on(); 2011aeb5019cSJung-uk Kim SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE); 2012aeb5019cSJung-uk Kim return 1; 2013aeb5019cSJung-uk Kim } 201474664626SKris Kennaway comp->id = id; 201574664626SKris Kennaway comp->method = cm; 2016*ed7112f0SJung-uk Kim comp->name = cm->name; 20173b4e3dcbSSimon L. B. Nielsen load_builtin_compressions(); 20186f9291ceSJung-uk Kim if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) { 20193b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 20203b4e3dcbSSimon L. B. Nielsen MemCheck_on(); 20216f9291ceSJung-uk Kim SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, 20226f9291ceSJung-uk Kim SSL_R_DUPLICATE_COMPRESSION_ID); 20233b4e3dcbSSimon L. B. Nielsen return (1); 20246f9291ceSJung-uk Kim } else if ((ssl_comp_methods == NULL) 20256f9291ceSJung-uk Kim || !sk_SSL_COMP_push(ssl_comp_methods, comp)) { 20263b4e3dcbSSimon L. B. Nielsen OPENSSL_free(comp); 20275c87c606SMark Murray MemCheck_on(); 202874664626SKris Kennaway SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE); 2029ced566fdSJacques Vidrine return (1); 20306f9291ceSJung-uk Kim } else { 20315c87c606SMark Murray MemCheck_on(); 2032ced566fdSJacques Vidrine return (0); 203374664626SKris Kennaway } 20345c87c606SMark Murray } 20353b4e3dcbSSimon L. B. Nielsen 20363b4e3dcbSSimon L. B. Nielsen const char *SSL_COMP_get_name(const COMP_METHOD *comp) 20373b4e3dcbSSimon L. B. Nielsen { 20383b4e3dcbSSimon L. B. Nielsen if (comp) 20393b4e3dcbSSimon L. B. Nielsen return comp->name; 20403b4e3dcbSSimon L. B. Nielsen return NULL; 20413b4e3dcbSSimon L. B. Nielsen } 20423b4e3dcbSSimon L. B. Nielsen #endif 20437bded2dbSJung-uk Kim /* For a cipher return the index corresponding to the certificate type */ 20447bded2dbSJung-uk Kim int ssl_cipher_get_cert_index(const SSL_CIPHER *c) 20457bded2dbSJung-uk Kim { 20467bded2dbSJung-uk Kim unsigned long alg_k, alg_a; 20477bded2dbSJung-uk Kim 20487bded2dbSJung-uk Kim alg_k = c->algorithm_mkey; 20497bded2dbSJung-uk Kim alg_a = c->algorithm_auth; 20507bded2dbSJung-uk Kim 20517bded2dbSJung-uk Kim if (alg_k & (SSL_kECDHr | SSL_kECDHe)) { 20527bded2dbSJung-uk Kim /* 20537bded2dbSJung-uk Kim * we don't need to look at SSL_kEECDH since no certificate is needed 20547bded2dbSJung-uk Kim * for anon ECDH and for authenticated EECDH, the check for the auth 20557bded2dbSJung-uk Kim * algorithm will set i correctly NOTE: For ECDH-RSA, we need an ECC 20567bded2dbSJung-uk Kim * not an RSA cert but for EECDH-RSA we need an RSA cert. Placing the 20577bded2dbSJung-uk Kim * checks for SSL_kECDH before RSA checks ensures the correct cert is 20587bded2dbSJung-uk Kim * chosen. 20597bded2dbSJung-uk Kim */ 20607bded2dbSJung-uk Kim return SSL_PKEY_ECC; 20617bded2dbSJung-uk Kim } else if (alg_a & SSL_aECDSA) 20627bded2dbSJung-uk Kim return SSL_PKEY_ECC; 20637bded2dbSJung-uk Kim else if (alg_k & SSL_kDHr) 20647bded2dbSJung-uk Kim return SSL_PKEY_DH_RSA; 20657bded2dbSJung-uk Kim else if (alg_k & SSL_kDHd) 20667bded2dbSJung-uk Kim return SSL_PKEY_DH_DSA; 20677bded2dbSJung-uk Kim else if (alg_a & SSL_aDSS) 20687bded2dbSJung-uk Kim return SSL_PKEY_DSA_SIGN; 20697bded2dbSJung-uk Kim else if (alg_a & SSL_aRSA) 20707bded2dbSJung-uk Kim return SSL_PKEY_RSA_ENC; 20717bded2dbSJung-uk Kim else if (alg_a & SSL_aKRB5) 20727bded2dbSJung-uk Kim /* VRS something else here? */ 20737bded2dbSJung-uk Kim return -1; 20747bded2dbSJung-uk Kim else if (alg_a & SSL_aGOST94) 20757bded2dbSJung-uk Kim return SSL_PKEY_GOST94; 20767bded2dbSJung-uk Kim else if (alg_a & SSL_aGOST01) 20777bded2dbSJung-uk Kim return SSL_PKEY_GOST01; 20787bded2dbSJung-uk Kim return -1; 20797bded2dbSJung-uk Kim } 20807bded2dbSJung-uk Kim 20817bded2dbSJung-uk Kim const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr) 20827bded2dbSJung-uk Kim { 20837bded2dbSJung-uk Kim const SSL_CIPHER *c; 20847bded2dbSJung-uk Kim c = ssl->method->get_cipher_by_char(ptr); 20857bded2dbSJung-uk Kim if (c == NULL || c->valid == 0) 20867bded2dbSJung-uk Kim return NULL; 20877bded2dbSJung-uk Kim return c; 20887bded2dbSJung-uk Kim } 20897bded2dbSJung-uk Kim 20907bded2dbSJung-uk Kim const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr) 20917bded2dbSJung-uk Kim { 20927bded2dbSJung-uk Kim return ssl->method->get_cipher_by_char(ptr); 20937bded2dbSJung-uk Kim } 2094