]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | /* ssl/ssl_ciph.c */ |
58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
3 | * All rights reserved. |
4 | * | |
5 | * This package is an SSL implementation written | |
6 | * by Eric Young (eay@cryptsoft.com). | |
7 | * The implementation was written so as to conform with Netscapes SSL. | |
8 | * | |
9 | * This library is free for commercial and non-commercial use as long as | |
10 | * the following conditions are aheared to. The following conditions | |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 | * included with this distribution is covered by the same copyright terms | |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 | * | |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 | * the code are not to be removed. | |
18 | * If this package is used in a product, Eric Young should be given attribution | |
19 | * as the author of the parts of the library used. | |
20 | * This can be in the form of a textual message at program startup or | |
21 | * in documentation (online or textual) provided with the package. | |
22 | * | |
23 | * Redistribution and use in source and binary forms, with or without | |
24 | * modification, are permitted provided that the following conditions | |
25 | * are met: | |
26 | * 1. Redistributions of source code must retain the copyright | |
27 | * notice, this list of conditions and the following disclaimer. | |
28 | * 2. Redistributions in binary form must reproduce the above copyright | |
29 | * notice, this list of conditions and the following disclaimer in the | |
30 | * documentation and/or other materials provided with the distribution. | |
31 | * 3. All advertising materials mentioning features or use of this software | |
32 | * must display the following acknowledgement: | |
33 | * "This product includes cryptographic software written by | |
34 | * Eric Young (eay@cryptsoft.com)" | |
35 | * The word 'cryptographic' can be left out if the rouines from the library | |
36 | * being used are not cryptographic related :-). | |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 | * the apps directory (application code) you must include an acknowledgement: | |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 | * | |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 | * SUCH DAMAGE. | |
52 | * | |
53 | * The licence and distribution terms for any publically available version or | |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 | * copied and put under another distribution licence | |
56 | * [including the GNU Public Licence.] | |
57 | */ | |
ea262260 BM |
58 | /* ==================================================================== |
59 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | |
60 | * ECC cipher suite support in OpenSSL originally developed by | |
61 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | |
62 | */ | |
ddac1974 NL |
63 | /* ==================================================================== |
64 | * Copyright 2005 Nokia. All rights reserved. | |
65 | * | |
66 | * The portions of the attached software ("Contribution") is developed by | |
67 | * Nokia Corporation and is licensed pursuant to the OpenSSL open source | |
68 | * license. | |
69 | * | |
70 | * The Contribution, originally written by Mika Kousa and Pasi Eronen of | |
71 | * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites | |
72 | * support (see RFC 4279) to OpenSSL. | |
73 | * | |
74 | * No patent licenses or other rights except those expressly stated in | |
75 | * the OpenSSL open source license shall be deemed granted or received | |
76 | * expressly, by implication, estoppel, or otherwise. | |
77 | * | |
78 | * No assurances are provided by Nokia that the Contribution does not | |
79 | * infringe the patent or other intellectual property rights of any third | |
80 | * party or that the license provides you with all the necessary rights | |
81 | * to make use of the Contribution. | |
82 | * | |
83 | * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN | |
84 | * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA | |
85 | * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY | |
86 | * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR | |
87 | * OTHERWISE. | |
88 | */ | |
89 | ||
d02b48c6 | 90 | #include <stdio.h> |
ec577822 BM |
91 | #include <openssl/objects.h> |
92 | #include <openssl/comp.h> | |
d02b48c6 RE |
93 | #include "ssl_locl.h" |
94 | ||
95 | #define SSL_ENC_DES_IDX 0 | |
96 | #define SSL_ENC_3DES_IDX 1 | |
97 | #define SSL_ENC_RC4_IDX 2 | |
98 | #define SSL_ENC_RC2_IDX 3 | |
99 | #define SSL_ENC_IDEA_IDX 4 | |
100 | #define SSL_ENC_eFZA_IDX 5 | |
101 | #define SSL_ENC_NULL_IDX 6 | |
deb2c1a1 DSH |
102 | #define SSL_ENC_AES128_IDX 7 |
103 | #define SSL_ENC_AES256_IDX 8 | |
104 | #define SSL_ENC_NUM_IDX 9 | |
f3dea9a5 BM |
105 | #define SSL_ENC_CAMELLIA128_IDX 9 |
106 | #define SSL_ENC_CAMELLIA256_IDX 10 | |
107 | #undef SSL_ENC_NUM_IDX | |
108 | #define SSL_ENC_NUM_IDX 11 | |
109 | ||
d02b48c6 | 110 | |
e778802f | 111 | static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ |
d02b48c6 RE |
112 | NULL,NULL,NULL,NULL,NULL,NULL, |
113 | }; | |
114 | ||
7ba666fa RL |
115 | #define SSL_COMP_NULL_IDX 0 |
116 | #define SSL_COMP_ZLIB_IDX 1 | |
117 | #define SSL_COMP_NUM_IDX 2 | |
118 | ||
f73e07cf | 119 | static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL; |
413c4f45 | 120 | |
d02b48c6 | 121 | #define SSL_MD_MD5_IDX 0 |
58964a49 RE |
122 | #define SSL_MD_SHA1_IDX 1 |
123 | #define SSL_MD_NUM_IDX 2 | |
e778802f | 124 | static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={ |
58964a49 | 125 | NULL,NULL, |
d02b48c6 RE |
126 | }; |
127 | ||
d02b48c6 RE |
128 | #define CIPHER_ADD 1 |
129 | #define CIPHER_KILL 2 | |
130 | #define CIPHER_DEL 3 | |
58964a49 | 131 | #define CIPHER_ORD 4 |
018e57c7 | 132 | #define CIPHER_SPECIAL 5 |
d02b48c6 | 133 | |
58964a49 RE |
134 | typedef struct cipher_order_st |
135 | { | |
136 | SSL_CIPHER *cipher; | |
137 | int active; | |
138 | int dead; | |
139 | struct cipher_order_st *next,*prev; | |
140 | } CIPHER_ORDER; | |
141 | ||
018e57c7 | 142 | static const SSL_CIPHER cipher_aliases[]={ |
ea4f109c | 143 | /* Don't include eNULL unless specifically enabled. */ |
ea262260 BM |
144 | /* Don't include ECC in ALL because these ciphers are not yet official. */ |
145 | {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL & ~SSL_kECDH & ~SSL_kECDHE, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */ | |
146 | /* TODO: COMPLEMENT OF ALL and COMPLEMENT OF DEFAULT do not have ECC cipher suites handled properly. */ | |
147 | {0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, /* COMPLEMENT OF ALL */ | |
c6ccf055 | 148 | {0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0}, |
ea262260 | 149 | {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */ |
018e57c7 DSH |
150 | {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0}, |
151 | {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0}, | |
152 | {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0}, | |
153 | {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0}, | |
154 | {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0}, | |
ddac1974 | 155 | {0,SSL_TXT_kPSK,0,SSL_kPSK, 0,0,0,0,SSL_MKEY_MASK,0}, |
018e57c7 | 156 | {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0}, |
ea262260 | 157 | {0,SSL_TXT_ECC, 0,(SSL_kECDH|SSL_kECDHE), 0,0,0,0,SSL_MKEY_MASK,0}, |
018e57c7 | 158 | {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0}, |
f9b3bff6 | 159 | {0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0}, /* VRS Kerberos5 */ |
018e57c7 DSH |
160 | {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0}, |
161 | {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0}, | |
162 | {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0}, | |
ddac1974 | 163 | {0,SSL_TXT_aPSK,0,SSL_aPSK, 0,0,0,0,SSL_AUTH_MASK,0}, |
018e57c7 DSH |
164 | {0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0}, |
165 | {0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0}, | |
166 | {0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0}, | |
167 | ||
168 | {0,SSL_TXT_DES, 0,SSL_DES, 0,0,0,0,SSL_ENC_MASK,0}, | |
169 | {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0}, | |
170 | {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0}, | |
171 | {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0}, | |
5fdf0666 | 172 | #ifndef OPENSSL_NO_IDEA |
018e57c7 | 173 | {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0}, |
5fdf0666 | 174 | #endif |
018e57c7 DSH |
175 | {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, |
176 | {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0}, | |
deb2c1a1 | 177 | {0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0}, |
f3dea9a5 | 178 | {0,SSL_TXT_CAMELLIA, 0,SSL_CAMELLIA, 0,0,0,0,SSL_ENC_MASK,0}, |
018e57c7 DSH |
179 | |
180 | {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0}, | |
181 | {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0}, | |
182 | {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0}, | |
183 | ||
184 | {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0}, | |
f9b3bff6 | 185 | {0,SSL_TXT_KRB5,0,SSL_KRB5, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, |
018e57c7 DSH |
186 | {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, |
187 | {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, | |
188 | {0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0}, | |
ddac1974 | 189 | {0,SSL_TXT_PSK, 0,SSL_PSK, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, |
018e57c7 DSH |
190 | |
191 | {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0}, | |
192 | {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0}, | |
193 | {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0}, | |
194 | ||
195 | {0,SSL_TXT_EXP ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK}, | |
196 | {0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK}, | |
197 | {0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK}, | |
198 | {0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK}, | |
199 | {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK}, | |
200 | {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK}, | |
201 | {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK}, | |
d02b48c6 RE |
202 | }; |
203 | ||
7f3c9036 | 204 | void ssl_load_ciphers(void) |
d02b48c6 | 205 | { |
d02b48c6 RE |
206 | ssl_cipher_methods[SSL_ENC_DES_IDX]= |
207 | EVP_get_cipherbyname(SN_des_cbc); | |
208 | ssl_cipher_methods[SSL_ENC_3DES_IDX]= | |
209 | EVP_get_cipherbyname(SN_des_ede3_cbc); | |
210 | ssl_cipher_methods[SSL_ENC_RC4_IDX]= | |
211 | EVP_get_cipherbyname(SN_rc4); | |
212 | ssl_cipher_methods[SSL_ENC_RC2_IDX]= | |
213 | EVP_get_cipherbyname(SN_rc2_cbc); | |
5fdf0666 | 214 | #ifndef OPENSSL_NO_IDEA |
d02b48c6 RE |
215 | ssl_cipher_methods[SSL_ENC_IDEA_IDX]= |
216 | EVP_get_cipherbyname(SN_idea_cbc); | |
5fdf0666 RL |
217 | #else |
218 | ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL; | |
219 | #endif | |
deb2c1a1 DSH |
220 | ssl_cipher_methods[SSL_ENC_AES128_IDX]= |
221 | EVP_get_cipherbyname(SN_aes_128_cbc); | |
222 | ssl_cipher_methods[SSL_ENC_AES256_IDX]= | |
223 | EVP_get_cipherbyname(SN_aes_256_cbc); | |
f3dea9a5 BM |
224 | ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX]= |
225 | EVP_get_cipherbyname(SN_camellia_128_cbc); | |
226 | ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX]= | |
227 | EVP_get_cipherbyname(SN_camellia_256_cbc); | |
d02b48c6 RE |
228 | |
229 | ssl_digest_methods[SSL_MD_MD5_IDX]= | |
230 | EVP_get_digestbyname(SN_md5); | |
d02b48c6 RE |
231 | ssl_digest_methods[SSL_MD_SHA1_IDX]= |
232 | EVP_get_digestbyname(SN_sha1); | |
233 | } | |
234 | ||
09b6c2ef DSH |
235 | |
236 | #ifndef OPENSSL_NO_COMP | |
237 | ||
7ba666fa RL |
238 | static int sk_comp_cmp(const SSL_COMP * const *a, |
239 | const SSL_COMP * const *b) | |
240 | { | |
241 | return((*a)->id-(*b)->id); | |
242 | } | |
243 | ||
244 | static void load_builtin_compressions(void) | |
245 | { | |
f70ddce7 RL |
246 | if (ssl_comp_methods != NULL) |
247 | return; | |
248 | ||
249 | CRYPTO_w_lock(CRYPTO_LOCK_SSL); | |
7ba666fa RL |
250 | if (ssl_comp_methods == NULL) |
251 | { | |
252 | SSL_COMP *comp = NULL; | |
253 | ||
254 | MemCheck_off(); | |
255 | ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp); | |
256 | if (ssl_comp_methods != NULL) | |
257 | { | |
258 | comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); | |
259 | if (comp != NULL) | |
260 | { | |
261 | comp->method=COMP_zlib(); | |
262 | if (comp->method | |
263 | && comp->method->type == NID_undef) | |
264 | OPENSSL_free(comp); | |
265 | else | |
266 | { | |
267 | comp->id=SSL_COMP_ZLIB_IDX; | |
268 | comp->name=comp->method->name; | |
269 | sk_SSL_COMP_push(ssl_comp_methods,comp); | |
270 | } | |
271 | } | |
272 | } | |
273 | MemCheck_on(); | |
274 | } | |
f70ddce7 | 275 | CRYPTO_w_unlock(CRYPTO_LOCK_SSL); |
7ba666fa | 276 | } |
09b6c2ef | 277 | #endif |
7ba666fa | 278 | |
0821bcd4 | 279 | int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, |
6b691a5c | 280 | const EVP_MD **md, SSL_COMP **comp) |
d02b48c6 RE |
281 | { |
282 | int i; | |
413c4f45 | 283 | SSL_CIPHER *c; |
d02b48c6 | 284 | |
413c4f45 | 285 | c=s->cipher; |
d02b48c6 | 286 | if (c == NULL) return(0); |
413c4f45 MC |
287 | if (comp != NULL) |
288 | { | |
289 | SSL_COMP ctmp; | |
09b6c2ef | 290 | #ifndef OPENSSL_NO_COMP |
7ba666fa | 291 | load_builtin_compressions(); |
09b6c2ef | 292 | #endif |
413c4f45 | 293 | |
7ba666fa RL |
294 | *comp=NULL; |
295 | ctmp.id=s->compress_meth; | |
296 | if (ssl_comp_methods != NULL) | |
297 | { | |
f73e07cf | 298 | i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp); |
413c4f45 | 299 | if (i >= 0) |
f73e07cf | 300 | *comp=sk_SSL_COMP_value(ssl_comp_methods,i); |
413c4f45 MC |
301 | else |
302 | *comp=NULL; | |
303 | } | |
304 | } | |
305 | ||
306 | if ((enc == NULL) || (md == NULL)) return(0); | |
d02b48c6 RE |
307 | |
308 | switch (c->algorithms & SSL_ENC_MASK) | |
309 | { | |
310 | case SSL_DES: | |
311 | i=SSL_ENC_DES_IDX; | |
312 | break; | |
313 | case SSL_3DES: | |
314 | i=SSL_ENC_3DES_IDX; | |
315 | break; | |
316 | case SSL_RC4: | |
317 | i=SSL_ENC_RC4_IDX; | |
318 | break; | |
319 | case SSL_RC2: | |
320 | i=SSL_ENC_RC2_IDX; | |
321 | break; | |
322 | case SSL_IDEA: | |
323 | i=SSL_ENC_IDEA_IDX; | |
324 | break; | |
325 | case SSL_eNULL: | |
326 | i=SSL_ENC_NULL_IDX; | |
327 | break; | |
deb2c1a1 | 328 | case SSL_AES: |
259810e0 BL |
329 | switch(c->alg_bits) |
330 | { | |
deb2c1a1 DSH |
331 | case 128: i=SSL_ENC_AES128_IDX; break; |
332 | case 256: i=SSL_ENC_AES256_IDX; break; | |
259810e0 BL |
333 | default: i=-1; break; |
334 | } | |
335 | break; | |
f3dea9a5 BM |
336 | case SSL_CAMELLIA: |
337 | switch(c->alg_bits) | |
338 | { | |
339 | case 128: i=SSL_ENC_CAMELLIA128_IDX; break; | |
340 | case 256: i=SSL_ENC_CAMELLIA256_IDX; break; | |
341 | default: i=-1; break; | |
342 | } | |
343 | break; | |
344 | ||
d02b48c6 RE |
345 | default: |
346 | i= -1; | |
347 | break; | |
348 | } | |
349 | ||
350 | if ((i < 0) || (i > SSL_ENC_NUM_IDX)) | |
351 | *enc=NULL; | |
352 | else | |
353 | { | |
354 | if (i == SSL_ENC_NULL_IDX) | |
355 | *enc=EVP_enc_null(); | |
356 | else | |
357 | *enc=ssl_cipher_methods[i]; | |
358 | } | |
359 | ||
360 | switch (c->algorithms & SSL_MAC_MASK) | |
361 | { | |
362 | case SSL_MD5: | |
363 | i=SSL_MD_MD5_IDX; | |
364 | break; | |
d02b48c6 RE |
365 | case SSL_SHA1: |
366 | i=SSL_MD_SHA1_IDX; | |
367 | break; | |
368 | default: | |
369 | i= -1; | |
370 | break; | |
371 | } | |
372 | if ((i < 0) || (i > SSL_MD_NUM_IDX)) | |
373 | *md=NULL; | |
374 | else | |
375 | *md=ssl_digest_methods[i]; | |
376 | ||
377 | if ((*enc != NULL) && (*md != NULL)) | |
378 | return(1); | |
379 | else | |
380 | return(0); | |
381 | } | |
382 | ||
58964a49 RE |
383 | #define ITEM_SEP(a) \ |
384 | (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ',')) | |
385 | ||
6b691a5c UM |
386 | static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr, |
387 | CIPHER_ORDER **tail) | |
58964a49 RE |
388 | { |
389 | if (curr == *tail) return; | |
390 | if (curr == *head) | |
391 | *head=curr->next; | |
392 | if (curr->prev != NULL) | |
393 | curr->prev->next=curr->next; | |
394 | if (curr->next != NULL) /* should always be true */ | |
395 | curr->next->prev=curr->prev; | |
396 | (*tail)->next=curr; | |
397 | curr->prev= *tail; | |
398 | curr->next=NULL; | |
399 | *tail=curr; | |
400 | } | |
401 | ||
018e57c7 | 402 | static unsigned long ssl_cipher_get_disabled(void) |
d02b48c6 | 403 | { |
018e57c7 | 404 | unsigned long mask; |
d02b48c6 | 405 | |
018e57c7 | 406 | mask = SSL_kFZA; |
bc36ee62 | 407 | #ifdef OPENSSL_NO_RSA |
018e57c7 | 408 | mask |= SSL_aRSA|SSL_kRSA; |
d02b48c6 | 409 | #endif |
bc36ee62 | 410 | #ifdef OPENSSL_NO_DSA |
018e57c7 | 411 | mask |= SSL_aDSS; |
d02b48c6 | 412 | #endif |
bc36ee62 | 413 | #ifdef OPENSSL_NO_DH |
018e57c7 | 414 | mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH; |
d02b48c6 | 415 | #endif |
bc36ee62 | 416 | #ifdef OPENSSL_NO_KRB5 |
f9b3bff6 RL |
417 | mask |= SSL_kKRB5|SSL_aKRB5; |
418 | #endif | |
ea262260 BM |
419 | #ifdef OPENSSL_NO_ECDH |
420 | mask |= SSL_kECDH|SSL_kECDHE; | |
421 | #endif | |
ddac1974 NL |
422 | #ifdef OPENSSL_NO_PSK |
423 | mask |= SSL_kPSK; | |
424 | #endif | |
988788f6 | 425 | #ifdef SSL_FORBID_ENULL |
018e57c7 | 426 | mask |= SSL_eNULL; |
d02b48c6 RE |
427 | #endif |
428 | ||
018e57c7 DSH |
429 | mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0; |
430 | mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0; | |
431 | mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0; | |
432 | mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0; | |
433 | mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0; | |
434 | mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0; | |
deb2c1a1 | 435 | mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0; |
f3dea9a5 | 436 | mask |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA:0; |
d02b48c6 | 437 | |
018e57c7 DSH |
438 | mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0; |
439 | mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0; | |
d02b48c6 | 440 | |
018e57c7 DSH |
441 | return(mask); |
442 | } | |
443 | ||
444 | static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, | |
3822740c | 445 | int num_of_ciphers, unsigned long mask, CIPHER_ORDER *co_list, |
018e57c7 DSH |
446 | CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) |
447 | { | |
3822740c | 448 | int i, co_list_num; |
018e57c7 DSH |
449 | SSL_CIPHER *c; |
450 | ||
451 | /* | |
452 | * We have num_of_ciphers descriptions compiled in, depending on the | |
453 | * method selected (SSLv2 and/or SSLv3, TLSv1 etc). | |
454 | * These will later be sorted in a linked list with at most num | |
455 | * entries. | |
456 | */ | |
58964a49 | 457 | |
d02b48c6 | 458 | /* Get the initial list of ciphers */ |
3822740c | 459 | co_list_num = 0; /* actual count of ciphers */ |
018e57c7 | 460 | for (i = 0; i < num_of_ciphers; i++) |
d02b48c6 | 461 | { |
018e57c7 | 462 | c = ssl_method->get_cipher(i); |
d02b48c6 RE |
463 | /* drop those that use any of that is not available */ |
464 | if ((c != NULL) && c->valid && !(c->algorithms & mask)) | |
465 | { | |
3822740c RL |
466 | co_list[co_list_num].cipher = c; |
467 | co_list[co_list_num].next = NULL; | |
468 | co_list[co_list_num].prev = NULL; | |
469 | co_list[co_list_num].active = 0; | |
470 | co_list_num++; | |
f9b3bff6 RL |
471 | #ifdef KSSL_DEBUG |
472 | printf("\t%d: %s %lx %lx\n",i,c->name,c->id,c->algorithms); | |
473 | #endif /* KSSL_DEBUG */ | |
018e57c7 | 474 | /* |
d02b48c6 | 475 | if (!sk_push(ca_list,(char *)c)) goto err; |
018e57c7 | 476 | */ |
d02b48c6 RE |
477 | } |
478 | } | |
018e57c7 DSH |
479 | |
480 | /* | |
481 | * Prepare linked list from list entries | |
482 | */ | |
3822740c | 483 | for (i = 1; i < co_list_num - 1; i++) |
58964a49 | 484 | { |
3822740c RL |
485 | co_list[i].prev = &(co_list[i-1]); |
486 | co_list[i].next = &(co_list[i+1]); | |
58964a49 | 487 | } |
3822740c | 488 | if (co_list_num > 0) |
58964a49 | 489 | { |
3822740c | 490 | (*head_p) = &(co_list[0]); |
018e57c7 | 491 | (*head_p)->prev = NULL; |
3822740c RL |
492 | (*head_p)->next = &(co_list[1]); |
493 | (*tail_p) = &(co_list[co_list_num - 1]); | |
494 | (*tail_p)->prev = &(co_list[co_list_num - 2]); | |
018e57c7 | 495 | (*tail_p)->next = NULL; |
58964a49 | 496 | } |
018e57c7 | 497 | } |
d02b48c6 | 498 | |
018e57c7 DSH |
499 | static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list, |
500 | int num_of_group_aliases, unsigned long mask, | |
501 | CIPHER_ORDER *head) | |
502 | { | |
503 | CIPHER_ORDER *ciph_curr; | |
504 | SSL_CIPHER **ca_curr; | |
505 | int i; | |
d02b48c6 | 506 | |
018e57c7 DSH |
507 | /* |
508 | * First, add the real ciphers as already collected | |
509 | */ | |
510 | ciph_curr = head; | |
511 | ca_curr = ca_list; | |
512 | while (ciph_curr != NULL) | |
d02b48c6 | 513 | { |
018e57c7 DSH |
514 | *ca_curr = ciph_curr->cipher; |
515 | ca_curr++; | |
516 | ciph_curr = ciph_curr->next; | |
d02b48c6 RE |
517 | } |
518 | ||
018e57c7 DSH |
519 | /* |
520 | * Now we add the available ones from the cipher_aliases[] table. | |
521 | * They represent either an algorithm, that must be fully | |
522 | * supported (not match any bit in mask) or represent a cipher | |
523 | * strength value (will be added in any case because algorithms=0). | |
524 | */ | |
525 | for (i = 0; i < num_of_group_aliases; i++) | |
526 | { | |
527 | if ((i == 0) || /* always fetch "ALL" */ | |
528 | !(cipher_aliases[i].algorithms & mask)) | |
529 | { | |
530 | *ca_curr = (SSL_CIPHER *)(cipher_aliases + i); | |
531 | ca_curr++; | |
532 | } | |
533 | } | |
d02b48c6 | 534 | |
018e57c7 DSH |
535 | *ca_curr = NULL; /* end of list */ |
536 | } | |
d02b48c6 | 537 | |
ba1ba5f0 DSH |
538 | static void ssl_cipher_apply_rule(unsigned long cipher_id, |
539 | unsigned long algorithms, unsigned long mask, | |
018e57c7 | 540 | unsigned long algo_strength, unsigned long mask_strength, |
3822740c | 541 | int rule, int strength_bits, CIPHER_ORDER *co_list, |
018e57c7 DSH |
542 | CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) |
543 | { | |
544 | CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2; | |
545 | SSL_CIPHER *cp; | |
546 | unsigned long ma, ma_s; | |
547 | ||
548 | #ifdef CIPHER_DEBUG | |
549 | printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n", | |
550 | rule, algorithms, mask, algo_strength, mask_strength, | |
551 | strength_bits); | |
552 | #endif | |
d02b48c6 | 553 | |
018e57c7 DSH |
554 | curr = head = *head_p; |
555 | curr2 = head; | |
556 | tail2 = tail = *tail_p; | |
d02b48c6 RE |
557 | for (;;) |
558 | { | |
018e57c7 DSH |
559 | if ((curr == NULL) || (curr == tail2)) break; |
560 | curr = curr2; | |
561 | curr2 = curr->next; | |
562 | ||
563 | cp = curr->cipher; | |
564 | ||
ba1ba5f0 DSH |
565 | /* If explicit cipher suite match that one only */ |
566 | ||
567 | if (cipher_id) | |
568 | { | |
569 | if (cp->id != cipher_id) | |
570 | continue; | |
571 | } | |
572 | ||
018e57c7 DSH |
573 | /* |
574 | * Selection criteria is either the number of strength_bits | |
575 | * or the algorithm used. | |
576 | */ | |
ba1ba5f0 | 577 | else if (strength_bits == -1) |
018e57c7 DSH |
578 | { |
579 | ma = mask & cp->algorithms; | |
580 | ma_s = mask_strength & cp->algo_strength; | |
581 | ||
582 | #ifdef CIPHER_DEBUG | |
583 | printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength); | |
584 | printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength); | |
585 | #endif | |
586 | /* | |
587 | * Select: if none of the mask bit was met from the | |
588 | * cipher or not all of the bits were met, the | |
589 | * selection does not apply. | |
590 | */ | |
591 | if (((ma == 0) && (ma_s == 0)) || | |
592 | ((ma & algorithms) != ma) || | |
593 | ((ma_s & algo_strength) != ma_s)) | |
594 | continue; /* does not apply */ | |
595 | } | |
596 | else if (strength_bits != cp->strength_bits) | |
597 | continue; /* does not apply */ | |
598 | ||
599 | #ifdef CIPHER_DEBUG | |
600 | printf("Action = %d\n", rule); | |
601 | #endif | |
602 | ||
603 | /* add the cipher if it has not been added yet. */ | |
604 | if (rule == CIPHER_ADD) | |
605 | { | |
606 | if (!curr->active) | |
607 | { | |
608 | ll_append_tail(&head, curr, &tail); | |
609 | curr->active = 1; | |
610 | } | |
611 | } | |
612 | /* Move the added cipher to this location */ | |
613 | else if (rule == CIPHER_ORD) | |
614 | { | |
615 | if (curr->active) | |
616 | { | |
617 | ll_append_tail(&head, curr, &tail); | |
618 | } | |
619 | } | |
620 | else if (rule == CIPHER_DEL) | |
621 | curr->active = 0; | |
622 | else if (rule == CIPHER_KILL) | |
623 | { | |
624 | if (head == curr) | |
625 | head = curr->next; | |
626 | else | |
627 | curr->prev->next = curr->next; | |
628 | if (tail == curr) | |
629 | tail = curr->prev; | |
630 | curr->active = 0; | |
631 | if (curr->next != NULL) | |
632 | curr->next->prev = curr->prev; | |
633 | if (curr->prev != NULL) | |
634 | curr->prev->next = curr->next; | |
635 | curr->next = NULL; | |
636 | curr->prev = NULL; | |
637 | } | |
638 | } | |
639 | ||
640 | *head_p = head; | |
641 | *tail_p = tail; | |
642 | } | |
643 | ||
3822740c RL |
644 | static int ssl_cipher_strength_sort(CIPHER_ORDER *co_list, |
645 | CIPHER_ORDER **head_p, | |
646 | CIPHER_ORDER **tail_p) | |
018e57c7 DSH |
647 | { |
648 | int max_strength_bits, i, *number_uses; | |
649 | CIPHER_ORDER *curr; | |
650 | ||
651 | /* | |
652 | * This routine sorts the ciphers with descending strength. The sorting | |
653 | * must keep the pre-sorted sequence, so we apply the normal sorting | |
654 | * routine as '+' movement to the end of the list. | |
655 | */ | |
656 | max_strength_bits = 0; | |
657 | curr = *head_p; | |
658 | while (curr != NULL) | |
659 | { | |
660 | if (curr->active && | |
661 | (curr->cipher->strength_bits > max_strength_bits)) | |
662 | max_strength_bits = curr->cipher->strength_bits; | |
663 | curr = curr->next; | |
664 | } | |
665 | ||
26a3a48d | 666 | number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); |
018e57c7 DSH |
667 | if (!number_uses) |
668 | { | |
669 | SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE); | |
670 | return(0); | |
671 | } | |
672 | memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int)); | |
673 | ||
674 | /* | |
675 | * Now find the strength_bits values actually used | |
676 | */ | |
677 | curr = *head_p; | |
678 | while (curr != NULL) | |
679 | { | |
680 | if (curr->active) | |
681 | number_uses[curr->cipher->strength_bits]++; | |
682 | curr = curr->next; | |
683 | } | |
018e57c7 DSH |
684 | /* |
685 | * Go through the list of used strength_bits values in descending | |
64287002 | 686 | * order. |
018e57c7 | 687 | */ |
018e57c7 | 688 | for (i = max_strength_bits; i >= 0; i--) |
018e57c7 | 689 | if (number_uses[i] > 0) |
ba1ba5f0 | 690 | ssl_cipher_apply_rule(0, 0, 0, 0, 0, CIPHER_ORD, i, |
3822740c | 691 | co_list, head_p, tail_p); |
018e57c7 | 692 | |
26a3a48d | 693 | OPENSSL_free(number_uses); |
018e57c7 DSH |
694 | return(1); |
695 | } | |
696 | ||
697 | static int ssl_cipher_process_rulestr(const char *rule_str, | |
3822740c | 698 | CIPHER_ORDER *co_list, CIPHER_ORDER **head_p, |
018e57c7 DSH |
699 | CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list) |
700 | { | |
701 | unsigned long algorithms, mask, algo_strength, mask_strength; | |
702 | const char *l, *start, *buf; | |
703 | int j, multi, found, rule, retval, ok, buflen; | |
ba1ba5f0 | 704 | unsigned long cipher_id; |
018e57c7 | 705 | char ch; |
58964a49 | 706 | |
018e57c7 DSH |
707 | retval = 1; |
708 | l = rule_str; | |
709 | for (;;) | |
710 | { | |
711 | ch = *l; | |
58964a49 | 712 | |
018e57c7 DSH |
713 | if (ch == '\0') |
714 | break; /* done */ | |
d02b48c6 | 715 | if (ch == '-') |
018e57c7 | 716 | { rule = CIPHER_DEL; l++; } |
d02b48c6 | 717 | else if (ch == '+') |
018e57c7 | 718 | { rule = CIPHER_ORD; l++; } |
d02b48c6 | 719 | else if (ch == '!') |
018e57c7 DSH |
720 | { rule = CIPHER_KILL; l++; } |
721 | else if (ch == '@') | |
722 | { rule = CIPHER_SPECIAL; l++; } | |
723 | else | |
724 | { rule = CIPHER_ADD; } | |
d02b48c6 | 725 | |
58964a49 | 726 | if (ITEM_SEP(ch)) |
d02b48c6 RE |
727 | { |
728 | l++; | |
729 | continue; | |
730 | } | |
018e57c7 DSH |
731 | |
732 | algorithms = mask = algo_strength = mask_strength = 0; | |
d02b48c6 RE |
733 | |
734 | start=l; | |
735 | for (;;) | |
736 | { | |
018e57c7 DSH |
737 | ch = *l; |
738 | buf = l; | |
739 | buflen = 0; | |
ca570cfd | 740 | #ifndef CHARSET_EBCDIC |
d02b48c6 RE |
741 | while ( ((ch >= 'A') && (ch <= 'Z')) || |
742 | ((ch >= '0') && (ch <= '9')) || | |
743 | ((ch >= 'a') && (ch <= 'z')) || | |
744 | (ch == '-')) | |
ca570cfd UM |
745 | #else |
746 | while ( isalnum(ch) || (ch == '-')) | |
747 | #endif | |
d02b48c6 | 748 | { |
018e57c7 DSH |
749 | ch = *(++l); |
750 | buflen++; | |
d02b48c6 | 751 | } |
018e57c7 DSH |
752 | |
753 | if (buflen == 0) | |
754 | { | |
755 | /* | |
4013f3bf | 756 | * We hit something we cannot deal with, |
657e60fa | 757 | * it is no command or separator nor |
018e57c7 DSH |
758 | * alphanumeric, so we call this an error. |
759 | */ | |
760 | SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, | |
761 | SSL_R_INVALID_COMMAND); | |
762 | retval = found = 0; | |
763 | l++; | |
764 | break; | |
765 | } | |
766 | ||
767 | if (rule == CIPHER_SPECIAL) | |
768 | { | |
4013f3bf | 769 | found = 0; /* unused -- avoid compiler warning */ |
018e57c7 DSH |
770 | break; /* special treatment */ |
771 | } | |
d02b48c6 RE |
772 | |
773 | /* check for multi-part specification */ | |
58964a49 RE |
774 | if (ch == '+') |
775 | { | |
776 | multi=1; | |
777 | l++; | |
778 | } | |
779 | else | |
780 | multi=0; | |
d02b48c6 | 781 | |
018e57c7 | 782 | /* |
4013f3bf | 783 | * Now search for the cipher alias in the ca_list. Be careful |
018e57c7 DSH |
784 | * with the strncmp, because the "buflen" limitation |
785 | * will make the rule "ADH:SOME" and the cipher | |
786 | * "ADH-MY-CIPHER" look like a match for buflen=3. | |
4013f3bf BM |
787 | * So additionally check whether the cipher name found |
788 | * has the correct length. We can save a strlen() call: | |
018e57c7 | 789 | * just checking for the '\0' at the right place is |
f65a7578 LJ |
790 | * sufficient, we have to strncmp() anyway. (We cannot |
791 | * use strcmp(), because buf is not '\0' terminated.) | |
018e57c7 DSH |
792 | */ |
793 | j = found = 0; | |
ba1ba5f0 | 794 | cipher_id = 0; |
018e57c7 DSH |
795 | while (ca_list[j]) |
796 | { | |
f65a7578 LJ |
797 | if (!strncmp(buf, ca_list[j]->name, buflen) && |
798 | (ca_list[j]->name[buflen] == '\0')) | |
018e57c7 DSH |
799 | { |
800 | found = 1; | |
801 | break; | |
802 | } | |
803 | else | |
804 | j++; | |
805 | } | |
806 | if (!found) | |
807 | break; /* ignore this entry */ | |
808 | ||
ba1ba5f0 DSH |
809 | if (ca_list[j]->valid) |
810 | { | |
811 | cipher_id = ca_list[j]->id; | |
812 | break; | |
813 | } | |
814 | ||
f0747cd9 NL |
815 | /* New algorithms: |
816 | * 1 - any old restrictions apply outside new mask | |
817 | * 2 - any new restrictions apply outside old mask | |
818 | * 3 - enforce old & new where masks intersect | |
819 | */ | |
820 | algorithms = (algorithms & ~ca_list[j]->mask) | /* 1 */ | |
821 | (ca_list[j]->algorithms & ~mask) | /* 2 */ | |
822 | (algorithms & ca_list[j]->algorithms); /* 3 */ | |
018e57c7 | 823 | mask |= ca_list[j]->mask; |
f0747cd9 NL |
824 | algo_strength = (algo_strength & ~ca_list[j]->mask_strength) | |
825 | (ca_list[j]->algo_strength & ~mask_strength) | | |
826 | (algo_strength & ca_list[j]->algo_strength); | |
018e57c7 | 827 | mask_strength |= ca_list[j]->mask_strength; |
d02b48c6 | 828 | |
d02b48c6 RE |
829 | if (!multi) break; |
830 | } | |
018e57c7 | 831 | |
4013f3bf BM |
832 | /* |
833 | * Ok, we have the rule, now apply it | |
834 | */ | |
835 | if (rule == CIPHER_SPECIAL) | |
836 | { /* special command */ | |
837 | ok = 0; | |
838 | if ((buflen == 8) && | |
839 | !strncmp(buf, "STRENGTH", 8)) | |
3822740c | 840 | ok = ssl_cipher_strength_sort(co_list, |
4013f3bf BM |
841 | head_p, tail_p); |
842 | else | |
843 | SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, | |
844 | SSL_R_INVALID_COMMAND); | |
845 | if (ok == 0) | |
846 | retval = 0; | |
018e57c7 | 847 | /* |
4013f3bf BM |
848 | * We do not support any "multi" options |
849 | * together with "@", so throw away the | |
850 | * rest of the command, if any left, until | |
851 | * end or ':' is found. | |
018e57c7 | 852 | */ |
4013f3bf BM |
853 | while ((*l != '\0') && ITEM_SEP(*l)) |
854 | l++; | |
855 | } | |
856 | else if (found) | |
857 | { | |
ba1ba5f0 | 858 | ssl_cipher_apply_rule(cipher_id, algorithms, mask, |
4013f3bf | 859 | algo_strength, mask_strength, rule, -1, |
3822740c | 860 | co_list, head_p, tail_p); |
4013f3bf BM |
861 | } |
862 | else | |
863 | { | |
864 | while ((*l != '\0') && ITEM_SEP(*l)) | |
865 | l++; | |
866 | } | |
867 | if (*l == '\0') break; /* done */ | |
d02b48c6 RE |
868 | } |
869 | ||
018e57c7 DSH |
870 | return(retval); |
871 | } | |
872 | ||
873 | STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, | |
874 | STACK_OF(SSL_CIPHER) **cipher_list, | |
875 | STACK_OF(SSL_CIPHER) **cipher_list_by_id, | |
876 | const char *rule_str) | |
877 | { | |
878 | int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; | |
879 | unsigned long disabled_mask; | |
f0747cd9 | 880 | STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list; |
018e57c7 | 881 | const char *rule_p; |
3822740c | 882 | CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; |
018e57c7 DSH |
883 | SSL_CIPHER **ca_list = NULL; |
884 | ||
885 | /* | |
886 | * Return with error if nothing to do. | |
887 | */ | |
f0747cd9 NL |
888 | if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL) |
889 | return NULL; | |
018e57c7 | 890 | |
018e57c7 DSH |
891 | /* |
892 | * To reduce the work to do we only want to process the compiled | |
893 | * in algorithms, so we first get the mask of disabled ciphers. | |
894 | */ | |
895 | disabled_mask = ssl_cipher_get_disabled(); | |
896 | ||
897 | /* | |
898 | * Now we have to collect the available ciphers from the compiled | |
899 | * in ciphers. We cannot get more than the number compiled in, so | |
900 | * it is used for allocation. | |
901 | */ | |
902 | num_of_ciphers = ssl_method->num_ciphers(); | |
f9b3bff6 RL |
903 | #ifdef KSSL_DEBUG |
904 | printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); | |
905 | #endif /* KSSL_DEBUG */ | |
3822740c RL |
906 | co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); |
907 | if (co_list == NULL) | |
d02b48c6 | 908 | { |
018e57c7 DSH |
909 | SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); |
910 | return(NULL); /* Failure */ | |
911 | } | |
58964a49 | 912 | |
018e57c7 | 913 | ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask, |
3822740c | 914 | co_list, &head, &tail); |
018e57c7 DSH |
915 | |
916 | /* | |
917 | * We also need cipher aliases for selecting based on the rule_str. | |
918 | * There might be two types of entries in the rule_str: 1) names | |
919 | * of ciphers themselves 2) aliases for groups of ciphers. | |
920 | * For 1) we need the available ciphers and for 2) the cipher | |
657e60fa | 921 | * groups of cipher_aliases added together in one list (otherwise |
018e57c7 DSH |
922 | * we would be happy with just the cipher_aliases table). |
923 | */ | |
924 | num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER); | |
925 | num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; | |
926 | ca_list = | |
26a3a48d | 927 | (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); |
018e57c7 DSH |
928 | if (ca_list == NULL) |
929 | { | |
3822740c | 930 | OPENSSL_free(co_list); |
018e57c7 DSH |
931 | SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); |
932 | return(NULL); /* Failure */ | |
933 | } | |
934 | ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask, | |
935 | head); | |
936 | ||
937 | /* | |
938 | * If the rule_string begins with DEFAULT, apply the default rule | |
939 | * before using the (possibly available) additional rules. | |
940 | */ | |
941 | ok = 1; | |
942 | rule_p = rule_str; | |
943 | if (strncmp(rule_str,"DEFAULT",7) == 0) | |
944 | { | |
945 | ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, | |
3822740c | 946 | co_list, &head, &tail, ca_list); |
018e57c7 DSH |
947 | rule_p += 7; |
948 | if (*rule_p == ':') | |
949 | rule_p++; | |
950 | } | |
58964a49 | 951 | |
018e57c7 | 952 | if (ok && (strlen(rule_p) > 0)) |
3822740c | 953 | ok = ssl_cipher_process_rulestr(rule_p, co_list, &head, &tail, |
018e57c7 | 954 | ca_list); |
d02b48c6 | 955 | |
26a3a48d | 956 | OPENSSL_free(ca_list); /* Not needed anymore */ |
018e57c7 DSH |
957 | |
958 | if (!ok) | |
959 | { /* Rule processing failure */ | |
3822740c | 960 | OPENSSL_free(co_list); |
018e57c7 DSH |
961 | return(NULL); |
962 | } | |
963 | /* | |
964 | * Allocate new "cipherstack" for the result, return with error | |
965 | * if we cannot get one. | |
966 | */ | |
62324627 | 967 | if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) |
018e57c7 | 968 | { |
3822740c | 969 | OPENSSL_free(co_list); |
018e57c7 | 970 | return(NULL); |
d02b48c6 RE |
971 | } |
972 | ||
018e57c7 DSH |
973 | /* |
974 | * The cipher selection for the list is done. The ciphers are added | |
975 | * to the resulting precedence to the STACK_OF(SSL_CIPHER). | |
976 | */ | |
977 | for (curr = head; curr != NULL; curr = curr->next) | |
d02b48c6 | 978 | { |
58964a49 | 979 | if (curr->active) |
d02b48c6 | 980 | { |
018e57c7 | 981 | sk_SSL_CIPHER_push(cipherstack, curr->cipher); |
d02b48c6 | 982 | #ifdef CIPHER_DEBUG |
58964a49 | 983 | printf("<%s>\n",curr->cipher->name); |
d02b48c6 | 984 | #endif |
d02b48c6 RE |
985 | } |
986 | } | |
3822740c | 987 | OPENSSL_free(co_list); /* Not needed any longer */ |
018e57c7 | 988 | |
f0747cd9 NL |
989 | tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack); |
990 | if (tmp_cipher_list == NULL) | |
018e57c7 DSH |
991 | { |
992 | sk_SSL_CIPHER_free(cipherstack); | |
f0747cd9 | 993 | return NULL; |
018e57c7 | 994 | } |
f0747cd9 NL |
995 | if (*cipher_list != NULL) |
996 | sk_SSL_CIPHER_free(*cipher_list); | |
997 | *cipher_list = cipherstack; | |
998 | if (*cipher_list_by_id != NULL) | |
999 | sk_SSL_CIPHER_free(*cipher_list_by_id); | |
1000 | *cipher_list_by_id = tmp_cipher_list; | |
f73e07cf | 1001 | sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp); |
d02b48c6 | 1002 | |
018e57c7 | 1003 | return(cipherstack); |
d02b48c6 RE |
1004 | } |
1005 | ||
6b691a5c | 1006 | char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) |
d02b48c6 | 1007 | { |
b1c4fe36 | 1008 | int is_export,pkl,kl; |
f4bfd357 NL |
1009 | const char *ver,*exp_str; |
1010 | const char *kx,*au,*enc,*mac; | |
018e57c7 | 1011 | unsigned long alg,alg2,alg_s; |
f9b3bff6 | 1012 | #ifdef KSSL_DEBUG |
f4bfd357 | 1013 | static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n"; |
f9b3bff6 | 1014 | #else |
f4bfd357 | 1015 | static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; |
f9b3bff6 RL |
1016 | #endif /* KSSL_DEBUG */ |
1017 | ||
d02b48c6 | 1018 | alg=cipher->algorithms; |
018e57c7 | 1019 | alg_s=cipher->algo_strength; |
d02b48c6 RE |
1020 | alg2=cipher->algorithm2; |
1021 | ||
018e57c7 DSH |
1022 | is_export=SSL_C_IS_EXPORT(cipher); |
1023 | pkl=SSL_C_EXPORT_PKEYLENGTH(cipher); | |
1024 | kl=SSL_C_EXPORT_KEYLENGTH(cipher); | |
d8ec0dcf | 1025 | exp_str=is_export?" export":""; |
ea262260 | 1026 | |
d02b48c6 RE |
1027 | if (alg & SSL_SSLV2) |
1028 | ver="SSLv2"; | |
1029 | else if (alg & SSL_SSLV3) | |
1030 | ver="SSLv3"; | |
1031 | else | |
1032 | ver="unknown"; | |
1033 | ||
1034 | switch (alg&SSL_MKEY_MASK) | |
1035 | { | |
1036 | case SSL_kRSA: | |
b1c4fe36 | 1037 | kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA"; |
d02b48c6 RE |
1038 | break; |
1039 | case SSL_kDHr: | |
1040 | kx="DH/RSA"; | |
1041 | break; | |
1042 | case SSL_kDHd: | |
1043 | kx="DH/DSS"; | |
1044 | break; | |
f9b3bff6 RL |
1045 | case SSL_kKRB5: /* VRS */ |
1046 | case SSL_KRB5: /* VRS */ | |
1047 | kx="KRB5"; | |
1048 | break; | |
d02b48c6 RE |
1049 | case SSL_kFZA: |
1050 | kx="Fortezza"; | |
1051 | break; | |
1052 | case SSL_kEDH: | |
b1c4fe36 | 1053 | kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH"; |
d02b48c6 | 1054 | break; |
ea262260 BM |
1055 | case SSL_kECDH: |
1056 | case SSL_kECDHE: | |
1057 | kx=is_export?"ECDH(<=163)":"ECDH"; | |
1058 | break; | |
ddac1974 NL |
1059 | case SSL_kPSK: |
1060 | kx="PSK"; | |
1061 | break; | |
d02b48c6 RE |
1062 | default: |
1063 | kx="unknown"; | |
1064 | } | |
1065 | ||
1066 | switch (alg&SSL_AUTH_MASK) | |
1067 | { | |
1068 | case SSL_aRSA: | |
1069 | au="RSA"; | |
1070 | break; | |
1071 | case SSL_aDSS: | |
1072 | au="DSS"; | |
1073 | break; | |
1074 | case SSL_aDH: | |
1075 | au="DH"; | |
1076 | break; | |
f9b3bff6 RL |
1077 | case SSL_aKRB5: /* VRS */ |
1078 | case SSL_KRB5: /* VRS */ | |
1079 | au="KRB5"; | |
1080 | break; | |
d02b48c6 RE |
1081 | case SSL_aFZA: |
1082 | case SSL_aNULL: | |
1083 | au="None"; | |
1084 | break; | |
ea262260 BM |
1085 | case SSL_aECDSA: |
1086 | au="ECDSA"; | |
1087 | break; | |
ddac1974 NL |
1088 | case SSL_aPSK: |
1089 | au="PSK"; | |
1090 | break; | |
d02b48c6 RE |
1091 | default: |
1092 | au="unknown"; | |
1093 | break; | |
1094 | } | |
1095 | ||
1096 | switch (alg&SSL_ENC_MASK) | |
1097 | { | |
1098 | case SSL_DES: | |
b1c4fe36 | 1099 | enc=(is_export && kl == 5)?"DES(40)":"DES(56)"; |
d02b48c6 RE |
1100 | break; |
1101 | case SSL_3DES: | |
1102 | enc="3DES(168)"; | |
1103 | break; | |
1104 | case SSL_RC4: | |
b1c4fe36 | 1105 | enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)") |
06ab81f9 | 1106 | :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)"); |
d02b48c6 RE |
1107 | break; |
1108 | case SSL_RC2: | |
b1c4fe36 | 1109 | enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)"; |
d02b48c6 RE |
1110 | break; |
1111 | case SSL_IDEA: | |
1112 | enc="IDEA(128)"; | |
1113 | break; | |
1114 | case SSL_eFZA: | |
1115 | enc="Fortezza"; | |
1116 | break; | |
1117 | case SSL_eNULL: | |
1118 | enc="None"; | |
1119 | break; | |
deb2c1a1 DSH |
1120 | case SSL_AES: |
1121 | switch(cipher->strength_bits) | |
259810e0 | 1122 | { |
ea4f109c BM |
1123 | case 128: enc="AES(128)"; break; |
1124 | case 192: enc="AES(192)"; break; | |
1125 | case 256: enc="AES(256)"; break; | |
1126 | default: enc="AES(?""?""?)"; break; | |
259810e0 BL |
1127 | } |
1128 | break; | |
f3dea9a5 BM |
1129 | case SSL_CAMELLIA: |
1130 | switch(cipher->strength_bits) | |
1131 | { | |
1132 | case 128: enc="Camellia(128)"; break; | |
1133 | case 256: enc="Camellia(256)"; break; | |
1134 | default: enc="Camellia(?""?""?)"; break; | |
1135 | } | |
1136 | break; | |
1137 | ||
d02b48c6 RE |
1138 | default: |
1139 | enc="unknown"; | |
1140 | break; | |
1141 | } | |
1142 | ||
1143 | switch (alg&SSL_MAC_MASK) | |
1144 | { | |
1145 | case SSL_MD5: | |
1146 | mac="MD5"; | |
1147 | break; | |
d02b48c6 RE |
1148 | case SSL_SHA1: |
1149 | mac="SHA1"; | |
1150 | break; | |
1151 | default: | |
1152 | mac="unknown"; | |
1153 | break; | |
1154 | } | |
1155 | ||
1156 | if (buf == NULL) | |
1157 | { | |
063c0502 | 1158 | len=128; |
26a3a48d RL |
1159 | buf=OPENSSL_malloc(len); |
1160 | if (buf == NULL) return("OPENSSL_malloc Error"); | |
d02b48c6 RE |
1161 | } |
1162 | else if (len < 128) | |
1163 | return("Buffer too small"); | |
1164 | ||
f9b3bff6 | 1165 | #ifdef KSSL_DEBUG |
d8ec0dcf | 1166 | BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str,alg); |
f9b3bff6 | 1167 | #else |
d8ec0dcf | 1168 | BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str); |
f9b3bff6 | 1169 | #endif /* KSSL_DEBUG */ |
d02b48c6 RE |
1170 | return(buf); |
1171 | } | |
1172 | ||
0821bcd4 | 1173 | char *SSL_CIPHER_get_version(const SSL_CIPHER *c) |
d02b48c6 RE |
1174 | { |
1175 | int i; | |
1176 | ||
58964a49 | 1177 | if (c == NULL) return("(NONE)"); |
d02b48c6 RE |
1178 | i=(int)(c->id>>24L); |
1179 | if (i == 3) | |
58964a49 | 1180 | return("TLSv1/SSLv3"); |
d02b48c6 RE |
1181 | else if (i == 2) |
1182 | return("SSLv2"); | |
1183 | else | |
1184 | return("unknown"); | |
1185 | } | |
1186 | ||
1187 | /* return the actual cipher being used */ | |
0821bcd4 | 1188 | const char *SSL_CIPHER_get_name(const SSL_CIPHER *c) |
d02b48c6 RE |
1189 | { |
1190 | if (c != NULL) | |
1191 | return(c->name); | |
1192 | return("(NONE)"); | |
1193 | } | |
1194 | ||
657e60fa | 1195 | /* number of bits for symmetric cipher */ |
0821bcd4 | 1196 | int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits) |
d02b48c6 | 1197 | { |
018e57c7 | 1198 | int ret=0; |
d02b48c6 RE |
1199 | |
1200 | if (c != NULL) | |
1201 | { | |
018e57c7 DSH |
1202 | if (alg_bits != NULL) *alg_bits = c->alg_bits; |
1203 | ret = c->strength_bits; | |
d02b48c6 | 1204 | } |
d02b48c6 RE |
1205 | return(ret); |
1206 | } | |
1207 | ||
6b691a5c | 1208 | SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n) |
413c4f45 MC |
1209 | { |
1210 | SSL_COMP *ctmp; | |
1211 | int i,nn; | |
1212 | ||
1213 | if ((n == 0) || (sk == NULL)) return(NULL); | |
f73e07cf | 1214 | nn=sk_SSL_COMP_num(sk); |
413c4f45 MC |
1215 | for (i=0; i<nn; i++) |
1216 | { | |
f73e07cf | 1217 | ctmp=sk_SSL_COMP_value(sk,i); |
413c4f45 MC |
1218 | if (ctmp->id == n) |
1219 | return(ctmp); | |
1220 | } | |
1221 | return(NULL); | |
1222 | } | |
1223 | ||
09b6c2ef DSH |
1224 | #ifdef OPENSSL_NO_COMP |
1225 | void *SSL_COMP_get_compression_methods(void) | |
1226 | { | |
1227 | return NULL; | |
1228 | } | |
1229 | int SSL_COMP_add_compression_method(int id, void *cm) | |
1230 | { | |
1231 | return 1; | |
1232 | } | |
1233 | ||
1234 | const char *SSL_COMP_get_name(const void *comp) | |
1235 | { | |
1236 | return NULL; | |
1237 | } | |
1238 | #else | |
6b691a5c | 1239 | STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) |
413c4f45 | 1240 | { |
7ba666fa | 1241 | load_builtin_compressions(); |
413c4f45 MC |
1242 | return(ssl_comp_methods); |
1243 | } | |
1244 | ||
6b691a5c | 1245 | int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) |
413c4f45 MC |
1246 | { |
1247 | SSL_COMP *comp; | |
413c4f45 | 1248 | |
9f495243 RL |
1249 | if (cm == NULL || cm->type == NID_undef) |
1250 | return 1; | |
1251 | ||
7ba666fa RL |
1252 | /* According to draft-ietf-tls-compression-04.txt, the |
1253 | compression number ranges should be the following: | |
1254 | ||
1255 | 0 to 63: methods defined by the IETF | |
1256 | 64 to 192: external party methods assigned by IANA | |
1257 | 193 to 255: reserved for private use */ | |
1258 | if (id < 193 || id > 255) | |
1259 | { | |
1260 | SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); | |
1261 | return 0; | |
1262 | } | |
1263 | ||
058123af | 1264 | MemCheck_off(); |
26a3a48d | 1265 | comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); |
413c4f45 MC |
1266 | comp->id=id; |
1267 | comp->method=cm; | |
7ba666fa | 1268 | load_builtin_compressions(); |
82423549 RL |
1269 | if (ssl_comp_methods |
1270 | && !sk_SSL_COMP_find(ssl_comp_methods,comp)) | |
1271 | { | |
1272 | OPENSSL_free(comp); | |
1273 | MemCheck_on(); | |
1274 | SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_DUPLICATE_COMPRESSION_ID); | |
1275 | return(1); | |
1276 | } | |
1277 | else if ((ssl_comp_methods == NULL) | |
7ba666fa | 1278 | || !sk_SSL_COMP_push(ssl_comp_methods,comp)) |
413c4f45 | 1279 | { |
7ba666fa | 1280 | OPENSSL_free(comp); |
058123af | 1281 | MemCheck_on(); |
413c4f45 | 1282 | SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE); |
f6e8c19e | 1283 | return(1); |
413c4f45 MC |
1284 | } |
1285 | else | |
058123af RL |
1286 | { |
1287 | MemCheck_on(); | |
f6e8c19e | 1288 | return(0); |
058123af | 1289 | } |
413c4f45 | 1290 | } |
377dcdba RL |
1291 | |
1292 | const char *SSL_COMP_get_name(const COMP_METHOD *comp) | |
1293 | { | |
1294 | if (comp) | |
1295 | return comp->name; | |
1296 | return NULL; | |
1297 | } | |
1298 | ||
09b6c2ef | 1299 | #endif |