summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_ciph.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_ciph.c')
-rw-r--r--src/lib/libssl/ssl_ciph.c385
1 files changed, 75 insertions, 310 deletions
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index 725f7f3c1f..f622180c69 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -55,67 +55,11 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ==================================================================== 58
59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116#include <stdio.h> 59#include <stdio.h>
117#include <openssl/objects.h> 60#include <openssl/objects.h>
118#include <openssl/comp.h> 61#include <openssl/comp.h>
62#include <openssl/fips.h>
119#include "ssl_locl.h" 63#include "ssl_locl.h"
120 64
121#define SSL_ENC_DES_IDX 0 65#define SSL_ENC_DES_IDX 0
@@ -127,20 +71,12 @@
127#define SSL_ENC_NULL_IDX 6 71#define SSL_ENC_NULL_IDX 6
128#define SSL_ENC_AES128_IDX 7 72#define SSL_ENC_AES128_IDX 7
129#define SSL_ENC_AES256_IDX 8 73#define SSL_ENC_AES256_IDX 8
130#define SSL_ENC_CAMELLIA128_IDX 9 74#define SSL_ENC_NUM_IDX 9
131#define SSL_ENC_CAMELLIA256_IDX 10
132#define SSL_ENC_SEED_IDX 11
133#define SSL_ENC_NUM_IDX 12
134
135 75
136static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ 76static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
137 NULL,NULL,NULL,NULL,NULL,NULL, 77 NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL
138 }; 78 };
139 79
140#define SSL_COMP_NULL_IDX 0
141#define SSL_COMP_ZLIB_IDX 1
142#define SSL_COMP_NUM_IDX 2
143
144static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL; 80static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
145 81
146#define SSL_MD_MD5_IDX 0 82#define SSL_MD_MD5_IDX 0
@@ -166,20 +102,18 @@ typedef struct cipher_order_st
166 102
167static const SSL_CIPHER cipher_aliases[]={ 103static const SSL_CIPHER cipher_aliases[]={
168 /* Don't include eNULL unless specifically enabled. */ 104 /* Don't include eNULL unless specifically enabled. */
169 /* Don't include ECC in ALL because these ciphers are not yet official. */ 105 {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
170 {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL & ~SSL_kECDH & ~SSL_kECDHE, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */ 106 {0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, /* COMPLEMENT OF ALL */
171 /* TODO: COMPLEMENT OF ALL and COMPLEMENT OF DEFAULT do not have ECC cipher suites handled properly. */
172 {0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, /* COMPLEMENT OF ALL */
173 {0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0}, 107 {0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0},
174 {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */ 108 {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */
175 {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0}, 109 {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0},
176 {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0}, 110 {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0},
177 {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0}, 111 {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0},
178 {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0}, 112 {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0},
179 {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0}, 113 {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0},
180 {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0}, 114 {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0},
181 {0,SSL_TXT_ECC, 0,(SSL_kECDH|SSL_kECDHE), 0,0,0,0,SSL_MKEY_MASK,0},
182 {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0}, 115 {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
116
183 {0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0}, /* VRS Kerberos5 */ 117 {0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0}, /* VRS Kerberos5 */
184 {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0}, 118 {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0},
185 {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0}, 119 {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0},
@@ -195,11 +129,9 @@ static const SSL_CIPHER cipher_aliases[]={
195#ifndef OPENSSL_NO_IDEA 129#ifndef OPENSSL_NO_IDEA
196 {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0}, 130 {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
197#endif 131#endif
198 {0,SSL_TXT_SEED,0,SSL_SEED, 0,0,0,0,SSL_ENC_MASK,0},
199 {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, 132 {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
200 {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0}, 133 {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
201 {0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0}, 134 {0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0},
202 {0,SSL_TXT_CAMELLIA,0,SSL_CAMELLIA, 0,0,0,0,SSL_ENC_MASK,0},
203 135
204 {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0}, 136 {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
205 {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0}, 137 {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
@@ -222,9 +154,12 @@ static const SSL_CIPHER cipher_aliases[]={
222 {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK}, 154 {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
223 {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK}, 155 {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
224 {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK}, 156 {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
157 {0,SSL_TXT_FIPS, 0, 0, SSL_FIPS, 0,0,0,0,SSL_FIPS|SSL_STRONG_NONE},
225 }; 158 };
226 159
227void ssl_load_ciphers(void) 160static int init_ciphers=1;
161
162static void load_ciphers(void)
228 { 163 {
229 ssl_cipher_methods[SSL_ENC_DES_IDX]= 164 ssl_cipher_methods[SSL_ENC_DES_IDX]=
230 EVP_get_cipherbyname(SN_des_cbc); 165 EVP_get_cipherbyname(SN_des_cbc);
@@ -244,73 +179,14 @@ void ssl_load_ciphers(void)
244 EVP_get_cipherbyname(SN_aes_128_cbc); 179 EVP_get_cipherbyname(SN_aes_128_cbc);
245 ssl_cipher_methods[SSL_ENC_AES256_IDX]= 180 ssl_cipher_methods[SSL_ENC_AES256_IDX]=
246 EVP_get_cipherbyname(SN_aes_256_cbc); 181 EVP_get_cipherbyname(SN_aes_256_cbc);
247 ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX]=
248 EVP_get_cipherbyname(SN_camellia_128_cbc);
249 ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX]=
250 EVP_get_cipherbyname(SN_camellia_256_cbc);
251 ssl_cipher_methods[SSL_ENC_SEED_IDX]=
252 EVP_get_cipherbyname(SN_seed_cbc);
253 182
254 ssl_digest_methods[SSL_MD_MD5_IDX]= 183 ssl_digest_methods[SSL_MD_MD5_IDX]=
255 EVP_get_digestbyname(SN_md5); 184 EVP_get_digestbyname(SN_md5);
256 ssl_digest_methods[SSL_MD_SHA1_IDX]= 185 ssl_digest_methods[SSL_MD_SHA1_IDX]=
257 EVP_get_digestbyname(SN_sha1); 186 EVP_get_digestbyname(SN_sha1);
187 init_ciphers=0;
258 } 188 }
259 189
260
261#ifndef OPENSSL_NO_COMP
262
263static int sk_comp_cmp(const SSL_COMP * const *a,
264 const SSL_COMP * const *b)
265 {
266 return((*a)->id-(*b)->id);
267 }
268
269static void load_builtin_compressions(void)
270 {
271 int got_write_lock = 0;
272
273 CRYPTO_r_lock(CRYPTO_LOCK_SSL);
274 if (ssl_comp_methods == NULL)
275 {
276 CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
277 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
278 got_write_lock = 1;
279
280 if (ssl_comp_methods == NULL)
281 {
282 SSL_COMP *comp = NULL;
283
284 MemCheck_off();
285 ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
286 if (ssl_comp_methods != NULL)
287 {
288 comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
289 if (comp != NULL)
290 {
291 comp->method=COMP_zlib();
292 if (comp->method
293 && comp->method->type == NID_undef)
294 OPENSSL_free(comp);
295 else
296 {
297 comp->id=SSL_COMP_ZLIB_IDX;
298 comp->name=comp->method->name;
299 sk_SSL_COMP_push(ssl_comp_methods,comp);
300 }
301 }
302 }
303 MemCheck_on();
304 }
305 }
306
307 if (got_write_lock)
308 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
309 else
310 CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
311 }
312#endif
313
314int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, 190int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
315 const EVP_MD **md, SSL_COMP **comp) 191 const EVP_MD **md, SSL_COMP **comp)
316 { 192 {
@@ -322,14 +198,18 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
322 if (comp != NULL) 198 if (comp != NULL)
323 { 199 {
324 SSL_COMP ctmp; 200 SSL_COMP ctmp;
325#ifndef OPENSSL_NO_COMP
326 load_builtin_compressions();
327#endif
328 201
329 *comp=NULL; 202 if (s->compress_meth == 0)
330 ctmp.id=s->compress_meth; 203 *comp=NULL;
331 if (ssl_comp_methods != NULL) 204 else if (ssl_comp_methods == NULL)
332 { 205 {
206 /* bad */
207 *comp=NULL;
208 }
209 else
210 {
211
212 ctmp.id=s->compress_meth;
333 i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp); 213 i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
334 if (i >= 0) 214 if (i >= 0)
335 *comp=sk_SSL_COMP_value(ssl_comp_methods,i); 215 *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
@@ -368,24 +248,12 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
368 default: i=-1; break; 248 default: i=-1; break;
369 } 249 }
370 break; 250 break;
371 case SSL_CAMELLIA:
372 switch(c->alg_bits)
373 {
374 case 128: i=SSL_ENC_CAMELLIA128_IDX; break;
375 case 256: i=SSL_ENC_CAMELLIA256_IDX; break;
376 default: i=-1; break;
377 }
378 break;
379 case SSL_SEED:
380 i=SSL_ENC_SEED_IDX;
381 break;
382
383 default: 251 default:
384 i= -1; 252 i= -1;
385 break; 253 break;
386 } 254 }
387 255
388 if ((i < 0) || (i > SSL_ENC_NUM_IDX)) 256 if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
389 *enc=NULL; 257 *enc=NULL;
390 else 258 else
391 { 259 {
@@ -407,7 +275,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
407 i= -1; 275 i= -1;
408 break; 276 break;
409 } 277 }
410 if ((i < 0) || (i > SSL_MD_NUM_IDX)) 278 if ((i < 0) || (i >= SSL_MD_NUM_IDX))
411 *md=NULL; 279 *md=NULL;
412 else 280 else
413 *md=ssl_digest_methods[i]; 281 *md=ssl_digest_methods[i];
@@ -437,18 +305,9 @@ static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
437 *tail=curr; 305 *tail=curr;
438 } 306 }
439 307
440struct disabled_masks { /* This is a kludge no longer needed with OpenSSL 0.9.9, 308static unsigned long ssl_cipher_get_disabled(void)
441 * where 128-bit and 256-bit algorithms simply will get
442 * separate bits. */
443 unsigned long mask; /* everything except m256 */
444 unsigned long m256; /* applies to 256-bit algorithms only */
445};
446
447static struct disabled_masks ssl_cipher_get_disabled(void)
448 { 309 {
449 unsigned long mask; 310 unsigned long mask;
450 unsigned long m256;
451 struct disabled_masks ret;
452 311
453 mask = SSL_kFZA; 312 mask = SSL_kFZA;
454#ifdef OPENSSL_NO_RSA 313#ifdef OPENSSL_NO_RSA
@@ -463,9 +322,7 @@ static struct disabled_masks ssl_cipher_get_disabled(void)
463#ifdef OPENSSL_NO_KRB5 322#ifdef OPENSSL_NO_KRB5
464 mask |= SSL_kKRB5|SSL_aKRB5; 323 mask |= SSL_kKRB5|SSL_aKRB5;
465#endif 324#endif
466#ifdef OPENSSL_NO_ECDH 325
467 mask |= SSL_kECDH|SSL_kECDHE;
468#endif
469#ifdef SSL_FORBID_ENULL 326#ifdef SSL_FORBID_ENULL
470 mask |= SSL_eNULL; 327 mask |= SSL_eNULL;
471#endif 328#endif
@@ -476,27 +333,17 @@ static struct disabled_masks ssl_cipher_get_disabled(void)
476 mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0; 333 mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
477 mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0; 334 mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
478 mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0; 335 mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
479 mask |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED:0; 336 mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
480 337
481 mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0; 338 mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
482 mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0; 339 mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
483 340
484 /* finally consider algorithms where mask and m256 differ */ 341 return(mask);
485 m256 = mask;
486 mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
487 mask |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA:0;
488 m256 |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES:0;
489 m256 |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA:0;
490
491 ret.mask = mask;
492 ret.m256 = m256;
493 return ret;
494 } 342 }
495 343
496static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, 344static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
497 int num_of_ciphers, unsigned long mask, unsigned long m256, 345 int num_of_ciphers, unsigned long mask, CIPHER_ORDER *co_list,
498 CIPHER_ORDER *co_list, CIPHER_ORDER **head_p, 346 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
499 CIPHER_ORDER **tail_p)
500 { 347 {
501 int i, co_list_num; 348 int i, co_list_num;
502 SSL_CIPHER *c; 349 SSL_CIPHER *c;
@@ -513,9 +360,13 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
513 for (i = 0; i < num_of_ciphers; i++) 360 for (i = 0; i < num_of_ciphers; i++)
514 { 361 {
515 c = ssl_method->get_cipher(i); 362 c = ssl_method->get_cipher(i);
516#define IS_MASKED(c) ((c)->algorithms & (((c)->alg_bits == 256) ? m256 : mask))
517 /* drop those that use any of that is not available */ 363 /* drop those that use any of that is not available */
518 if ((c != NULL) && c->valid && !IS_MASKED(c)) 364#ifdef OPENSSL_FIPS
365 if ((c != NULL) && c->valid && !(c->algorithms & mask)
366 && (!FIPS_mode() || (c->algo_strength & SSL_FIPS)))
367#else
368 if ((c != NULL) && c->valid && !(c->algorithms & mask))
369#endif
519 { 370 {
520 co_list[co_list_num].cipher = c; 371 co_list[co_list_num].cipher = c;
521 co_list[co_list_num].next = NULL; 372 co_list[co_list_num].next = NULL;
@@ -589,8 +440,7 @@ static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
589 *ca_curr = NULL; /* end of list */ 440 *ca_curr = NULL; /* end of list */
590 } 441 }
591 442
592static void ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long ssl_version, 443static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
593 unsigned long algorithms, unsigned long mask,
594 unsigned long algo_strength, unsigned long mask_strength, 444 unsigned long algo_strength, unsigned long mask_strength,
595 int rule, int strength_bits, CIPHER_ORDER *co_list, 445 int rule, int strength_bits, CIPHER_ORDER *co_list,
596 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) 446 CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
@@ -616,20 +466,11 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long ssl_ver
616 466
617 cp = curr->cipher; 467 cp = curr->cipher;
618 468
619 /* If explicit cipher suite, match only that one for its own protocol version.
620 * Usual selection criteria will be used for similar ciphersuites from other version! */
621
622 if (cipher_id && (cp->algorithms & SSL_SSL_MASK) == ssl_version)
623 {
624 if (cp->id != cipher_id)
625 continue;
626 }
627
628 /* 469 /*
629 * Selection criteria is either the number of strength_bits 470 * Selection criteria is either the number of strength_bits
630 * or the algorithm used. 471 * or the algorithm used.
631 */ 472 */
632 else if (strength_bits == -1) 473 if (strength_bits == -1)
633 { 474 {
634 ma = mask & cp->algorithms; 475 ma = mask & cp->algorithms;
635 ma_s = mask_strength & cp->algo_strength; 476 ma_s = mask_strength & cp->algo_strength;
@@ -660,22 +501,8 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long ssl_ver
660 { 501 {
661 if (!curr->active) 502 if (!curr->active)
662 { 503 {
663 int add_this_cipher = 1; 504 ll_append_tail(&head, curr, &tail);
664 505 curr->active = 1;
665 if (((cp->algorithms & (SSL_kECDHE|SSL_kECDH|SSL_aECDSA)) != 0))
666 {
667 /* Make sure "ECCdraft" ciphersuites are activated only if
668 * *explicitly* requested, but not implicitly (such as
669 * as part of the "AES" alias). */
670
671 add_this_cipher = (mask & (SSL_kECDHE|SSL_kECDH|SSL_aECDSA)) != 0 || cipher_id != 0;
672 }
673
674 if (add_this_cipher)
675 {
676 ll_append_tail(&head, curr, &tail);
677 curr->active = 1;
678 }
679 } 506 }
680 } 507 }
681 /* Move the added cipher to this location */ 508 /* Move the added cipher to this location */
@@ -756,7 +583,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list,
756 */ 583 */
757 for (i = max_strength_bits; i >= 0; i--) 584 for (i = max_strength_bits; i >= 0; i--)
758 if (number_uses[i] > 0) 585 if (number_uses[i] > 0)
759 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, CIPHER_ORD, i, 586 ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i,
760 co_list, head_p, tail_p); 587 co_list, head_p, tail_p);
761 588
762 OPENSSL_free(number_uses); 589 OPENSSL_free(number_uses);
@@ -770,7 +597,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
770 unsigned long algorithms, mask, algo_strength, mask_strength; 597 unsigned long algorithms, mask, algo_strength, mask_strength;
771 const char *l, *start, *buf; 598 const char *l, *start, *buf;
772 int j, multi, found, rule, retval, ok, buflen; 599 int j, multi, found, rule, retval, ok, buflen;
773 unsigned long cipher_id = 0, ssl_version = 0;
774 char ch; 600 char ch;
775 601
776 retval = 1; 602 retval = 1;
@@ -860,8 +686,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
860 * use strcmp(), because buf is not '\0' terminated.) 686 * use strcmp(), because buf is not '\0' terminated.)
861 */ 687 */
862 j = found = 0; 688 j = found = 0;
863 cipher_id = 0;
864 ssl_version = 0;
865 while (ca_list[j]) 689 while (ca_list[j])
866 { 690 {
867 if (!strncmp(buf, ca_list[j]->name, buflen) && 691 if (!strncmp(buf, ca_list[j]->name, buflen) &&
@@ -890,14 +714,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
890 (algo_strength & ca_list[j]->algo_strength); 714 (algo_strength & ca_list[j]->algo_strength);
891 mask_strength |= ca_list[j]->mask_strength; 715 mask_strength |= ca_list[j]->mask_strength;
892 716
893 /* explicit ciphersuite found */
894 if (ca_list[j]->valid)
895 {
896 cipher_id = ca_list[j]->id;
897 ssl_version = ca_list[j]->algorithms & SSL_SSL_MASK;
898 break;
899 }
900
901 if (!multi) break; 717 if (!multi) break;
902 } 718 }
903 719
@@ -922,18 +738,18 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
922 * rest of the command, if any left, until 738 * rest of the command, if any left, until
923 * end or ':' is found. 739 * end or ':' is found.
924 */ 740 */
925 while ((*l != '\0') && !ITEM_SEP(*l)) 741 while ((*l != '\0') && ITEM_SEP(*l))
926 l++; 742 l++;
927 } 743 }
928 else if (found) 744 else if (found)
929 { 745 {
930 ssl_cipher_apply_rule(cipher_id, ssl_version, algorithms, mask, 746 ssl_cipher_apply_rule(algorithms, mask,
931 algo_strength, mask_strength, rule, -1, 747 algo_strength, mask_strength, rule, -1,
932 co_list, head_p, tail_p); 748 co_list, head_p, tail_p);
933 } 749 }
934 else 750 else
935 { 751 {
936 while ((*l != '\0') && !ITEM_SEP(*l)) 752 while ((*l != '\0') && ITEM_SEP(*l))
937 l++; 753 l++;
938 } 754 }
939 if (*l == '\0') break; /* done */ 755 if (*l == '\0') break; /* done */
@@ -949,7 +765,6 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
949 { 765 {
950 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; 766 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
951 unsigned long disabled_mask; 767 unsigned long disabled_mask;
952 unsigned long disabled_m256;
953 STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list; 768 STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
954 const char *rule_p; 769 const char *rule_p;
955 CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; 770 CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
@@ -961,16 +776,18 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
961 if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) 776 if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
962 return NULL; 777 return NULL;
963 778
779 if (init_ciphers)
780 {
781 CRYPTO_w_lock(CRYPTO_LOCK_SSL);
782 if (init_ciphers) load_ciphers();
783 CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
784 }
785
964 /* 786 /*
965 * To reduce the work to do we only want to process the compiled 787 * To reduce the work to do we only want to process the compiled
966 * in algorithms, so we first get the mask of disabled ciphers. 788 * in algorithms, so we first get the mask of disabled ciphers.
967 */ 789 */
968 { 790 disabled_mask = ssl_cipher_get_disabled();
969 struct disabled_masks d;
970 d = ssl_cipher_get_disabled();
971 disabled_mask = d.mask;
972 disabled_m256 = d.m256;
973 }
974 791
975 /* 792 /*
976 * Now we have to collect the available ciphers from the compiled 793 * Now we have to collect the available ciphers from the compiled
@@ -989,7 +806,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
989 } 806 }
990 807
991 ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask, 808 ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
992 disabled_m256, co_list, &head, &tail); 809 co_list, &head, &tail);
993 810
994 /* 811 /*
995 * We also need cipher aliases for selecting based on the rule_str. 812 * We also need cipher aliases for selecting based on the rule_str.
@@ -1009,8 +826,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1009 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); 826 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
1010 return(NULL); /* Failure */ 827 return(NULL); /* Failure */
1011 } 828 }
1012 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, 829 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask,
1013 (disabled_mask & disabled_m256), head); 830 head);
1014 831
1015 /* 832 /*
1016 * If the rule_string begins with DEFAULT, apply the default rule 833 * If the rule_string begins with DEFAULT, apply the default rule
@@ -1054,7 +871,11 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1054 */ 871 */
1055 for (curr = head; curr != NULL; curr = curr->next) 872 for (curr = head; curr != NULL; curr = curr->next)
1056 { 873 {
874#ifdef OPENSSL_FIPS
875 if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
876#else
1057 if (curr->active) 877 if (curr->active)
878#endif
1058 { 879 {
1059 sk_SSL_CIPHER_push(cipherstack, curr->cipher); 880 sk_SSL_CIPHER_push(cipherstack, curr->cipher);
1060#ifdef CIPHER_DEBUG 881#ifdef CIPHER_DEBUG
@@ -1076,7 +897,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1076 if (*cipher_list_by_id != NULL) 897 if (*cipher_list_by_id != NULL)
1077 sk_SSL_CIPHER_free(*cipher_list_by_id); 898 sk_SSL_CIPHER_free(*cipher_list_by_id);
1078 *cipher_list_by_id = tmp_cipher_list; 899 *cipher_list_by_id = tmp_cipher_list;
1079 (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp); 900 sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
1080 901
1081 return(cipherstack); 902 return(cipherstack);
1082 } 903 }
@@ -1084,13 +905,13 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1084char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) 905char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
1085 { 906 {
1086 int is_export,pkl,kl; 907 int is_export,pkl,kl;
1087 const char *ver,*exp_str; 908 char *ver,*exp_str;
1088 const char *kx,*au,*enc,*mac; 909 char *kx,*au,*enc,*mac;
1089 unsigned long alg,alg2,alg_s; 910 unsigned long alg,alg2,alg_s;
1090#ifdef KSSL_DEBUG 911#ifdef KSSL_DEBUG
1091 static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n"; 912 static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n";
1092#else 913#else
1093 static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; 914 static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
1094#endif /* KSSL_DEBUG */ 915#endif /* KSSL_DEBUG */
1095 916
1096 alg=cipher->algorithms; 917 alg=cipher->algorithms;
@@ -1101,7 +922,7 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
1101 pkl=SSL_C_EXPORT_PKEYLENGTH(cipher); 922 pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
1102 kl=SSL_C_EXPORT_KEYLENGTH(cipher); 923 kl=SSL_C_EXPORT_KEYLENGTH(cipher);
1103 exp_str=is_export?" export":""; 924 exp_str=is_export?" export":"";
1104 925
1105 if (alg & SSL_SSLV2) 926 if (alg & SSL_SSLV2)
1106 ver="SSLv2"; 927 ver="SSLv2";
1107 else if (alg & SSL_SSLV3) 928 else if (alg & SSL_SSLV3)
@@ -1130,10 +951,6 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
1130 case SSL_kEDH: 951 case SSL_kEDH:
1131 kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH"; 952 kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
1132 break; 953 break;
1133 case SSL_kECDH:
1134 case SSL_kECDHE:
1135 kx=is_export?"ECDH(<=163)":"ECDH";
1136 break;
1137 default: 954 default:
1138 kx="unknown"; 955 kx="unknown";
1139 } 956 }
@@ -1157,9 +974,6 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
1157 case SSL_aNULL: 974 case SSL_aNULL:
1158 au="None"; 975 au="None";
1159 break; 976 break;
1160 case SSL_aECDSA:
1161 au="ECDSA";
1162 break;
1163 default: 977 default:
1164 au="unknown"; 978 au="unknown";
1165 break; 979 break;
@@ -1198,18 +1012,6 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
1198 default: enc="AES(?""?""?)"; break; 1012 default: enc="AES(?""?""?)"; break;
1199 } 1013 }
1200 break; 1014 break;
1201 case SSL_CAMELLIA:
1202 switch(cipher->strength_bits)
1203 {
1204 case 128: enc="Camellia(128)"; break;
1205 case 256: enc="Camellia(256)"; break;
1206 default: enc="Camellia(?""?""?)"; break;
1207 }
1208 break;
1209 case SSL_SEED:
1210 enc="SEED(128)";
1211 break;
1212
1213 default: 1015 default:
1214 enc="unknown"; 1016 enc="unknown";
1215 break; 1017 break;
@@ -1296,63 +1098,35 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
1296 return(NULL); 1098 return(NULL);
1297 } 1099 }
1298 1100
1299#ifdef OPENSSL_NO_COMP 1101static int sk_comp_cmp(const SSL_COMP * const *a,
1300void *SSL_COMP_get_compression_methods(void) 1102 const SSL_COMP * const *b)
1301 {
1302 return NULL;
1303 }
1304int SSL_COMP_add_compression_method(int id, void *cm)
1305 { 1103 {
1306 return 1; 1104 return((*a)->id-(*b)->id);
1307 } 1105 }
1308 1106
1309const char *SSL_COMP_get_name(const void *comp)
1310 {
1311 return NULL;
1312 }
1313#else
1314STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) 1107STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
1315 { 1108 {
1316 load_builtin_compressions();
1317 return(ssl_comp_methods); 1109 return(ssl_comp_methods);
1318 } 1110 }
1319 1111
1320int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) 1112int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
1321 { 1113 {
1322 SSL_COMP *comp; 1114 SSL_COMP *comp;
1115 STACK_OF(SSL_COMP) *sk;
1323 1116
1324 if (cm == NULL || cm->type == NID_undef) 1117 if (cm == NULL || cm->type == NID_undef)
1325 return 1; 1118 return 1;
1326 1119
1327 /* According to draft-ietf-tls-compression-04.txt, the
1328 compression number ranges should be the following:
1329
1330 0 to 63: methods defined by the IETF
1331 64 to 192: external party methods assigned by IANA
1332 193 to 255: reserved for private use */
1333 if (id < 193 || id > 255)
1334 {
1335 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
1336 return 0;
1337 }
1338
1339 MemCheck_off(); 1120 MemCheck_off();
1340 comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); 1121 comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
1341 comp->id=id; 1122 comp->id=id;
1342 comp->method=cm; 1123 comp->method=cm;
1343 load_builtin_compressions(); 1124 if (ssl_comp_methods == NULL)
1344 if (ssl_comp_methods 1125 sk=ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
1345 && !sk_SSL_COMP_find(ssl_comp_methods,comp)) 1126 else
1346 { 1127 sk=ssl_comp_methods;
1347 OPENSSL_free(comp); 1128 if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp))
1348 MemCheck_on();
1349 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_DUPLICATE_COMPRESSION_ID);
1350 return(1);
1351 }
1352 else if ((ssl_comp_methods == NULL)
1353 || !sk_SSL_COMP_push(ssl_comp_methods,comp))
1354 { 1129 {
1355 OPENSSL_free(comp);
1356 MemCheck_on(); 1130 MemCheck_on();
1357 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE); 1131 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
1358 return(1); 1132 return(1);
@@ -1363,12 +1137,3 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
1363 return(0); 1137 return(0);
1364 } 1138 }
1365 } 1139 }
1366
1367const char *SSL_COMP_get_name(const COMP_METHOD *comp)
1368 {
1369 if (comp)
1370 return comp->name;
1371 return NULL;
1372 }
1373
1374#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 17:44:08 +0000