1 files changed, 0 insertions, 284 deletions
diff --git a/src/lib/libssl/ssl_ciphers.c b/src/lib/libssl/ssl_ciphers.c
deleted file mode 100644
index 4e4a0d93a4..0000000000
--- a/src/lib/libssl/ssl_ciphers.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/*      $OpenBSD: ssl_ciphers.c,v 1.11 2021/03/11 17:14:46 jsing Exp $ */
-/*
- * Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org>
- * Copyright (c) 2015-2018, 2020 Joel Sing <jsing@openbsd.org>
- * Copyright (c) 2019 Theo Buehler <tb@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-#include <openssl/safestack.h>
-#include "bytestring.h"
-#include "ssl_locl.h"
-int
-ssl_cipher_in_list(STACK_OF(SSL_CIPHER) *ciphers, const SSL_CIPHER *cipher)
-{
-        int i;
-        for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
-                if (sk_SSL_CIPHER_value(ciphers, i)->id == cipher->id)
-                        return 1;
-        }
-        return 0;
-}
-int
-ssl_cipher_allowed_in_tls_version_range(const SSL_CIPHER *cipher, uint16_t min_ver,
-    uint16_t max_ver)
-{
-        switch(cipher->algorithm_ssl) {
-        case SSL_SSLV3:
-                return (min_ver <= TLS1_2_VERSION);
-        case SSL_TLSV1_2:
-                return (min_ver <= TLS1_2_VERSION && TLS1_2_VERSION <= max_ver);
-        case SSL_TLSV1_3:
-                return (min_ver <= TLS1_3_VERSION && TLS1_3_VERSION <= max_ver);
-        }
-        return 0;
-}
-int
-ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb)
-{
-        SSL_CIPHER *cipher;
-        int num_ciphers = 0;
-        uint16_t min_vers, max_vers;
-        int i;
-        if (ciphers == NULL)
-                return 0;
-        if (!ssl_supported_tls_version_range(s, &min_vers, &max_vers))
-                return 0;
-        for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
-                if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
-                        return 0;
-                if (!ssl_cipher_allowed_in_tls_version_range(cipher, min_vers,
-                    max_vers))
-                        continue;
-                if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher)))
-                        return 0;
-                num_ciphers++;
-        }
-        /* Add SCSV if there are other ciphers and we're not renegotiating. */
-        if (num_ciphers > 0 && !s->internal->renegotiate) {
-                if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
-                        return 0;
-        }
-        if (!CBB_flush(cbb))
-                return 0;
-        return 1;
-}
-STACK_OF(SSL_CIPHER) *
-ssl_bytes_to_cipher_list(SSL *s, CBS *cbs)
-{
-        STACK_OF(SSL_CIPHER) *ciphers = NULL;
-        const SSL_CIPHER *cipher;
-        uint16_t cipher_value;
-        unsigned long cipher_id;
-        S3I(s)->send_connection_binding = 0;
-        if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) {
-                SSLerror(s, ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
-        while (CBS_len(cbs) > 0) {
-                if (!CBS_get_u16(cbs, &cipher_value)) {
-                        SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
-                        goto err;
-                }
-                cipher_id = SSL3_CK_ID | cipher_value;
-                if (cipher_id == SSL3_CK_SCSV) {
-                        /*
-                         * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if
-                         * renegotiating.
-                         */
-                        if (s->internal->renegotiate) {
-                                SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
-                                ssl3_send_alert(s, SSL3_AL_FATAL,
-                                    SSL_AD_HANDSHAKE_FAILURE);
-                                goto err;
-                        }
-                        S3I(s)->send_connection_binding = 1;
-                        continue;
-                }
-                if (cipher_id == SSL3_CK_FALLBACK_SCSV) {
-                        /*
-                         * TLS_FALLBACK_SCSV indicates that the client
-                         * previously tried a higher protocol version.
-                         * Fail if the current version is an unexpected
-                         * downgrade.
-                         */
-                        if (S3I(s)->hs.negotiated_tls_version <
-                            S3I(s)->hs.our_max_tls_version) {
-                                SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);
-                                ssl3_send_alert(s, SSL3_AL_FATAL,
-                                        SSL_AD_INAPPROPRIATE_FALLBACK);
-                                goto err;
-                        }
-                        continue;
-                }
-                if ((cipher = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
-                        if (!sk_SSL_CIPHER_push(ciphers, cipher)) {
-                                SSLerror(s, ERR_R_MALLOC_FAILURE);
-                                goto err;
-                        }
-                }
-        }
-        return (ciphers);
- err:
-        sk_SSL_CIPHER_free(ciphers);
-        return (NULL);
-}
-struct ssl_tls13_ciphersuite {
-        const char *name;
-        const char *alias;
-        unsigned long cid;
-};
-static const struct ssl_tls13_ciphersuite ssl_tls13_ciphersuites[] = {
-        {
-                .name = TLS1_3_TXT_AES_128_GCM_SHA256,
-                .alias = "TLS_AES_128_GCM_SHA256",
-                .cid = TLS1_3_CK_AES_128_GCM_SHA256,
-        },
-        {
-                .name = TLS1_3_TXT_AES_256_GCM_SHA384,
-                .alias = "TLS_AES_256_GCM_SHA384",
-                .cid = TLS1_3_CK_AES_256_GCM_SHA384,
-        },
-        {
-                .name = TLS1_3_TXT_CHACHA20_POLY1305_SHA256,
-                .alias = "TLS_CHACHA20_POLY1305_SHA256",
-                .cid = TLS1_3_CK_CHACHA20_POLY1305_SHA256,
-        },
-        {
-                .name = TLS1_3_TXT_AES_128_CCM_SHA256,
-                .alias = "TLS_AES_128_CCM_SHA256",
-                .cid = TLS1_3_CK_AES_128_CCM_SHA256,
-        },
-        {
-                .name = TLS1_3_TXT_AES_128_CCM_8_SHA256,
-                .alias = "TLS_AES_128_CCM_8_SHA256",
-                .cid = TLS1_3_CK_AES_128_CCM_8_SHA256,
-        },
-        {
-                .name = NULL,
-        },
-};
-int
-ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str)
-{
-        const struct ssl_tls13_ciphersuite *ciphersuite;
-        STACK_OF(SSL_CIPHER) *ciphers;
-        const SSL_CIPHER *cipher;
-        char *s = NULL;
-        char *p, *q;
-        int i;
-        int ret = 0;
-        if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL)
-                goto err;
-        /* An empty string is valid and means no ciphers. */
-        if (strcmp(str, "") == 0)
-                goto done;
-        if ((s = strdup(str)) == NULL)
-                goto err;
-        q = s;
-        while ((p = strsep(&q, ":")) != NULL) {
-                ciphersuite = &ssl_tls13_ciphersuites[0];
-                for (i = 0; ciphersuite->name != NULL; i++) {
-                        if (strcmp(p, ciphersuite->name) == 0)
-                                break;
-                        if (strcmp(p, ciphersuite->alias) == 0)
-                                break;
-                        ciphersuite = &ssl_tls13_ciphersuites[i];
-                }
-                if (ciphersuite->name == NULL)
-                        goto err;
-                /* We know about the cipher suite, but it is not supported. */
-                if ((cipher = ssl3_get_cipher_by_id(ciphersuite->cid)) == NULL)
-                        continue;
-                if (!sk_SSL_CIPHER_push(ciphers, cipher))
-                        goto err;
-        }
- done:
-        sk_SSL_CIPHER_free(*out_ciphers);
-        *out_ciphers = ciphers;
-        ciphers = NULL;
-        ret = 1;
- err:
-        sk_SSL_CIPHER_free(ciphers);
-        free(s);
-        return ret;
-}
-int
-ssl_merge_cipherlists(STACK_OF(SSL_CIPHER) *cipherlist,
-    STACK_OF(SSL_CIPHER) *cipherlist_tls13,
-    STACK_OF(SSL_CIPHER) **out_cipherlist)
-{
-        STACK_OF(SSL_CIPHER) *ciphers = NULL;
-        const SSL_CIPHER *cipher;
-        int i, ret = 0;
-        if ((ciphers = sk_SSL_CIPHER_dup(cipherlist_tls13)) == NULL)
-                goto err;
-        for (i = 0; i < sk_SSL_CIPHER_num(cipherlist); i++) {
-                cipher = sk_SSL_CIPHER_value(cipherlist, i);
-                if (cipher->algorithm_ssl == SSL_TLSV1_3)
-                        continue;
-                if (!sk_SSL_CIPHER_push(ciphers, cipher))
-                        goto err;
-        }
-        sk_SSL_CIPHER_free(*out_cipherlist);
-        *out_cipherlist = ciphers;
-        ciphers = NULL;
-        ret = 1;
- err:
-        sk_SSL_CIPHER_free(ciphers);
-        return ret;
-}

diff --git a/src/lib/libssl/ssl_ciphers.c b/src/lib/libssl/ssl_ciphers.c deleted file mode 100644 index 4e4a0d93a4..0000000000 --- a/src/lib/libssl/ssl_ciphers.c +++ /dev/null
@@ -1,284 +0,0 @@
1	/* $OpenBSD: ssl_ciphers.c,v 1.11 2021/03/11 17:14:46 jsing Exp $ */
2	/*
3	* Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org>
4	* Copyright (c) 2015-2018, 2020 Joel Sing <jsing@openbsd.org>
5	* Copyright (c) 2019 Theo Buehler <tb@openbsd.org>
6	*
7	* Permission to use, copy, modify, and distribute this software for any
8	* purpose with or without fee is hereby granted, provided that the above
9	* copyright notice and this permission notice appear in all copies.
10	*
11	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18	*/
19
20	#include <openssl/safestack.h>
21
22	#include "bytestring.h"
23	#include "ssl_locl.h"
24
25	int
26	ssl_cipher_in_list(STACK_OF(SSL_CIPHER) ciphers, const SSL_CIPHER cipher)
27	{
28	int i;
29
30	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
31	if (sk_SSL_CIPHER_value(ciphers, i)->id == cipher->id)
32	return 1;
33	}
34
35	return 0;
36	}
37
38	int
39	ssl_cipher_allowed_in_tls_version_range(const SSL_CIPHER *cipher, uint16_t min_ver,
40	uint16_t max_ver)
41	{
42	switch(cipher->algorithm_ssl) {
43	case SSL_SSLV3:
44	return (min_ver <= TLS1_2_VERSION);
45	case SSL_TLSV1_2:
46	return (min_ver <= TLS1_2_VERSION && TLS1_2_VERSION <= max_ver);
47	case SSL_TLSV1_3:
48	return (min_ver <= TLS1_3_VERSION && TLS1_3_VERSION <= max_ver);
49	}
50	return 0;
51	}
52
53	int
54	ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) ciphers, CBB *cbb)
55	{
56	SSL_CIPHER *cipher;
57	int num_ciphers = 0;
58	uint16_t min_vers, max_vers;
59	int i;
60
61	if (ciphers == NULL)
62	return 0;
63
64	if (!ssl_supported_tls_version_range(s, &min_vers, &max_vers))
65	return 0;
66
67	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
68	if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
69	return 0;
70	if (!ssl_cipher_allowed_in_tls_version_range(cipher, min_vers,
71	max_vers))
72	continue;
73	if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher)))
74	return 0;
75
76	num_ciphers++;
77	}
78
79	/* Add SCSV if there are other ciphers and we're not renegotiating. */
80	if (num_ciphers > 0 && !s->internal->renegotiate) {
81	if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
82	return 0;
83	}
84
85	if (!CBB_flush(cbb))
86	return 0;
87
88	return 1;
89	}
90
91	STACK_OF(SSL_CIPHER) *
92	ssl_bytes_to_cipher_list(SSL s, CBS cbs)
93	{
94	STACK_OF(SSL_CIPHER) *ciphers = NULL;
95	const SSL_CIPHER *cipher;
96	uint16_t cipher_value;
97	unsigned long cipher_id;
98
99	S3I(s)->send_connection_binding = 0;
100
101	if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) {
102	SSLerror(s, ERR_R_MALLOC_FAILURE);
103	goto err;
104	}
105
106	while (CBS_len(cbs) > 0) {
107	if (!CBS_get_u16(cbs, &cipher_value)) {
108	SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
109	goto err;
110	}
111
112	cipher_id = SSL3_CK_ID \| cipher_value;
113
114	if (cipher_id == SSL3_CK_SCSV) {
115	/*
116	* TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if
117	* renegotiating.
118	*/
119	if (s->internal->renegotiate) {
120	SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
121	ssl3_send_alert(s, SSL3_AL_FATAL,
122	SSL_AD_HANDSHAKE_FAILURE);
123
124	goto err;
125	}
126	S3I(s)->send_connection_binding = 1;
127	continue;
128	}
129
130	if (cipher_id == SSL3_CK_FALLBACK_SCSV) {
131	/*
132	* TLS_FALLBACK_SCSV indicates that the client
133	* previously tried a higher protocol version.
134	* Fail if the current version is an unexpected
135	* downgrade.
136	*/
137	if (S3I(s)->hs.negotiated_tls_version <
138	S3I(s)->hs.our_max_tls_version) {
139	SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);
140	ssl3_send_alert(s, SSL3_AL_FATAL,
141	SSL_AD_INAPPROPRIATE_FALLBACK);
142	goto err;
143	}
144	continue;
145	}
146
147	if ((cipher = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
148	if (!sk_SSL_CIPHER_push(ciphers, cipher)) {
149	SSLerror(s, ERR_R_MALLOC_FAILURE);
150	goto err;
151	}
152	}
153	}
154
155	return (ciphers);
156
157	err:
158	sk_SSL_CIPHER_free(ciphers);
159
160	return (NULL);
161	}
162
163	struct ssl_tls13_ciphersuite {
164	const char *name;
165	const char *alias;
166	unsigned long cid;
167	};
168
169	static const struct ssl_tls13_ciphersuite ssl_tls13_ciphersuites[] = {
170	{
171	.name = TLS1_3_TXT_AES_128_GCM_SHA256,
172	.alias = "TLS_AES_128_GCM_SHA256",
173	.cid = TLS1_3_CK_AES_128_GCM_SHA256,
174	},
175	{
176	.name = TLS1_3_TXT_AES_256_GCM_SHA384,
177	.alias = "TLS_AES_256_GCM_SHA384",
178	.cid = TLS1_3_CK_AES_256_GCM_SHA384,
179	},
180	{
181	.name = TLS1_3_TXT_CHACHA20_POLY1305_SHA256,
182	.alias = "TLS_CHACHA20_POLY1305_SHA256",
183	.cid = TLS1_3_CK_CHACHA20_POLY1305_SHA256,
184	},
185	{
186	.name = TLS1_3_TXT_AES_128_CCM_SHA256,
187	.alias = "TLS_AES_128_CCM_SHA256",
188	.cid = TLS1_3_CK_AES_128_CCM_SHA256,
189	},
190	{
191	.name = TLS1_3_TXT_AES_128_CCM_8_SHA256,
192	.alias = "TLS_AES_128_CCM_8_SHA256",
193	.cid = TLS1_3_CK_AES_128_CCM_8_SHA256,
194	},
195	{
196	.name = NULL,
197	},
198	};
199
200	int
201	ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) *out_ciphers, const char str)
202	{
203	const struct ssl_tls13_ciphersuite *ciphersuite;
204	STACK_OF(SSL_CIPHER) *ciphers;
205	const SSL_CIPHER *cipher;
206	char *s = NULL;
207	char p, q;
208	int i;
209	int ret = 0;
210
211	if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL)
212	goto err;
213
214	/* An empty string is valid and means no ciphers. */
215	if (strcmp(str, "") == 0)
216	goto done;
217
218	if ((s = strdup(str)) == NULL)
219	goto err;
220
221	q = s;
222	while ((p = strsep(&q, ":")) != NULL) {
223	ciphersuite = &ssl_tls13_ciphersuites[0];
224	for (i = 0; ciphersuite->name != NULL; i++) {
225	if (strcmp(p, ciphersuite->name) == 0)
226	break;
227	if (strcmp(p, ciphersuite->alias) == 0)
228	break;
229	ciphersuite = &ssl_tls13_ciphersuites[i];
230	}
231	if (ciphersuite->name == NULL)
232	goto err;
233
234	/* We know about the cipher suite, but it is not supported. */
235	if ((cipher = ssl3_get_cipher_by_id(ciphersuite->cid)) == NULL)
236	continue;
237
238	if (!sk_SSL_CIPHER_push(ciphers, cipher))
239	goto err;
240	}
241
242	done:
243	sk_SSL_CIPHER_free(*out_ciphers);
244	*out_ciphers = ciphers;
245	ciphers = NULL;
246	ret = 1;
247
248	err:
249	sk_SSL_CIPHER_free(ciphers);
250	free(s);
251
252	return ret;
253	}
254
255	int
256	ssl_merge_cipherlists(STACK_OF(SSL_CIPHER) *cipherlist,
257	STACK_OF(SSL_CIPHER) *cipherlist_tls13,
258	STACK_OF(SSL_CIPHER) **out_cipherlist)
259	{
260	STACK_OF(SSL_CIPHER) *ciphers = NULL;
261	const SSL_CIPHER *cipher;
262	int i, ret = 0;
263
264	if ((ciphers = sk_SSL_CIPHER_dup(cipherlist_tls13)) == NULL)
265	goto err;
266	for (i = 0; i < sk_SSL_CIPHER_num(cipherlist); i++) {
267	cipher = sk_SSL_CIPHER_value(cipherlist, i);
268	if (cipher->algorithm_ssl == SSL_TLSV1_3)
269	continue;
270	if (!sk_SSL_CIPHER_push(ciphers, cipher))
271	goto err;
272	}
273
274	sk_SSL_CIPHER_free(*out_cipherlist);
275	*out_cipherlist = ciphers;
276	ciphers = NULL;
277
278	ret = 1;
279
280	err:
281	sk_SSL_CIPHER_free(ciphers);
282
283	return ret;
284	}