s3_lib.c revision 298999
1/* ssl/s3_lib.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * 114 * Portions of the attached software ("Contribution") are developed by 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 116 * 117 * The Contribution is licensed pursuant to the OpenSSL open source 118 * license provided above. 119 * 120 * ECC cipher suite support in OpenSSL originally written by 121 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 122 * 123 */ 124/* ==================================================================== 125 * Copyright 2005 Nokia. All rights reserved. 126 * 127 * The portions of the attached software ("Contribution") is developed by 128 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 129 * license. 130 * 131 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 132 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 133 * support (see RFC 4279) to OpenSSL. 134 * 135 * No patent licenses or other rights except those expressly stated in 136 * the OpenSSL open source license shall be deemed granted or received 137 * expressly, by implication, estoppel, or otherwise. 138 * 139 * No assurances are provided by Nokia that the Contribution does not 140 * infringe the patent or other intellectual property rights of any third 141 * party or that the license provides you with all the necessary rights 142 * to make use of the Contribution. 143 * 144 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 145 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 146 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 147 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 148 * OTHERWISE. 149 */ 150 151#include <stdio.h> 152#include <openssl/objects.h> 153#include "ssl_locl.h" 154#include "kssl_lcl.h" 155#ifndef OPENSSL_NO_TLSEXT 156# ifndef OPENSSL_NO_EC 157# include "../crypto/ec/ec_lcl.h" 158# endif /* OPENSSL_NO_EC */ 159#endif /* OPENSSL_NO_TLSEXT */ 160#include <openssl/md5.h> 161#ifndef OPENSSL_NO_DH 162# include <openssl/dh.h> 163#endif 164 165const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT; 166 167#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) 168 169/* list of available SSLv3 ciphers (sorted by id) */ 170OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 171 172/* The RSA ciphers */ 173/* Cipher 01 */ 174 { 175 1, 176 SSL3_TXT_RSA_NULL_MD5, 177 SSL3_CK_RSA_NULL_MD5, 178 SSL_kRSA, 179 SSL_aRSA, 180 SSL_eNULL, 181 SSL_MD5, 182 SSL_SSLV3, 183 SSL_NOT_EXP | SSL_STRONG_NONE, 184 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 185 0, 186 0, 187 }, 188 189/* Cipher 02 */ 190 { 191 1, 192 SSL3_TXT_RSA_NULL_SHA, 193 SSL3_CK_RSA_NULL_SHA, 194 SSL_kRSA, 195 SSL_aRSA, 196 SSL_eNULL, 197 SSL_SHA1, 198 SSL_SSLV3, 199 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 200 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 201 0, 202 0, 203 }, 204 205/* Cipher 03 */ 206#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 207 { 208 1, 209 SSL3_TXT_RSA_RC4_40_MD5, 210 SSL3_CK_RSA_RC4_40_MD5, 211 SSL_kRSA, 212 SSL_aRSA, 213 SSL_RC4, 214 SSL_MD5, 215 SSL_SSLV3, 216 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 217 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 218 40, 219 128, 220 }, 221#endif 222 223/* Cipher 04 */ 224 { 225 1, 226 SSL3_TXT_RSA_RC4_128_MD5, 227 SSL3_CK_RSA_RC4_128_MD5, 228 SSL_kRSA, 229 SSL_aRSA, 230 SSL_RC4, 231 SSL_MD5, 232 SSL_SSLV3, 233 SSL_NOT_EXP | SSL_MEDIUM, 234 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 235 128, 236 128, 237 }, 238 239/* Cipher 05 */ 240 { 241 1, 242 SSL3_TXT_RSA_RC4_128_SHA, 243 SSL3_CK_RSA_RC4_128_SHA, 244 SSL_kRSA, 245 SSL_aRSA, 246 SSL_RC4, 247 SSL_SHA1, 248 SSL_SSLV3, 249 SSL_NOT_EXP | SSL_MEDIUM, 250 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 251 128, 252 128, 253 }, 254 255/* Cipher 06 */ 256#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 257 { 258 1, 259 SSL3_TXT_RSA_RC2_40_MD5, 260 SSL3_CK_RSA_RC2_40_MD5, 261 SSL_kRSA, 262 SSL_aRSA, 263 SSL_RC2, 264 SSL_MD5, 265 SSL_SSLV3, 266 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 267 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 268 40, 269 128, 270 }, 271#endif 272 273/* Cipher 07 */ 274#ifndef OPENSSL_NO_IDEA 275 { 276 1, 277 SSL3_TXT_RSA_IDEA_128_SHA, 278 SSL3_CK_RSA_IDEA_128_SHA, 279 SSL_kRSA, 280 SSL_aRSA, 281 SSL_IDEA, 282 SSL_SHA1, 283 SSL_SSLV3, 284 SSL_NOT_EXP | SSL_MEDIUM, 285 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 286 128, 287 128, 288 }, 289#endif 290 291/* Cipher 08 */ 292#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 293 { 294 1, 295 SSL3_TXT_RSA_DES_40_CBC_SHA, 296 SSL3_CK_RSA_DES_40_CBC_SHA, 297 SSL_kRSA, 298 SSL_aRSA, 299 SSL_DES, 300 SSL_SHA1, 301 SSL_SSLV3, 302 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 303 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 304 40, 305 56, 306 }, 307#endif 308 309/* Cipher 09 */ 310#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 311 { 312 1, 313 SSL3_TXT_RSA_DES_64_CBC_SHA, 314 SSL3_CK_RSA_DES_64_CBC_SHA, 315 SSL_kRSA, 316 SSL_aRSA, 317 SSL_DES, 318 SSL_SHA1, 319 SSL_SSLV3, 320 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 321 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 322 56, 323 56, 324 }, 325#endif 326 327/* Cipher 0A */ 328 { 329 1, 330 SSL3_TXT_RSA_DES_192_CBC3_SHA, 331 SSL3_CK_RSA_DES_192_CBC3_SHA, 332 SSL_kRSA, 333 SSL_aRSA, 334 SSL_3DES, 335 SSL_SHA1, 336 SSL_SSLV3, 337 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 338 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 339 112, 340 168, 341 }, 342 343/* The DH ciphers */ 344/* Cipher 0B */ 345#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 346 { 347 0, 348 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 349 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 350 SSL_kDHd, 351 SSL_aDH, 352 SSL_DES, 353 SSL_SHA1, 354 SSL_SSLV3, 355 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 356 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 357 40, 358 56, 359 }, 360#endif 361 362/* Cipher 0C */ 363#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 364 { 365 0, /* not implemented (non-ephemeral DH) */ 366 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 367 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 368 SSL_kDHd, 369 SSL_aDH, 370 SSL_DES, 371 SSL_SHA1, 372 SSL_SSLV3, 373 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 374 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 375 56, 376 56, 377 }, 378#endif 379 380/* Cipher 0D */ 381 { 382 0, /* not implemented (non-ephemeral DH) */ 383 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 384 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 385 SSL_kDHd, 386 SSL_aDH, 387 SSL_3DES, 388 SSL_SHA1, 389 SSL_SSLV3, 390 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 391 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 392 112, 393 168, 394 }, 395 396/* Cipher 0E */ 397#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 398 { 399 0, /* not implemented (non-ephemeral DH) */ 400 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 401 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 402 SSL_kDHr, 403 SSL_aDH, 404 SSL_DES, 405 SSL_SHA1, 406 SSL_SSLV3, 407 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 408 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 409 40, 410 56, 411 }, 412#endif 413 414/* Cipher 0F */ 415#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 416 { 417 0, /* not implemented (non-ephemeral DH) */ 418 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 419 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 420 SSL_kDHr, 421 SSL_aDH, 422 SSL_DES, 423 SSL_SHA1, 424 SSL_SSLV3, 425 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 426 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 427 56, 428 56, 429 }, 430#endif 431 432/* Cipher 10 */ 433 { 434 0, /* not implemented (non-ephemeral DH) */ 435 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 436 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 437 SSL_kDHr, 438 SSL_aDH, 439 SSL_3DES, 440 SSL_SHA1, 441 SSL_SSLV3, 442 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 443 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 444 112, 445 168, 446 }, 447 448/* The Ephemeral DH ciphers */ 449/* Cipher 11 */ 450#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 451 { 452 1, 453 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 454 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 455 SSL_kEDH, 456 SSL_aDSS, 457 SSL_DES, 458 SSL_SHA1, 459 SSL_SSLV3, 460 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 461 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 462 40, 463 56, 464 }, 465#endif 466 467/* Cipher 12 */ 468#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 469 { 470 1, 471 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 472 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 473 SSL_kEDH, 474 SSL_aDSS, 475 SSL_DES, 476 SSL_SHA1, 477 SSL_SSLV3, 478 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 479 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 480 56, 481 56, 482 }, 483#endif 484 485/* Cipher 13 */ 486 { 487 1, 488 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 489 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 490 SSL_kEDH, 491 SSL_aDSS, 492 SSL_3DES, 493 SSL_SHA1, 494 SSL_SSLV3, 495 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 496 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 497 112, 498 168, 499 }, 500 501/* Cipher 14 */ 502#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 503 { 504 1, 505 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 506 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 507 SSL_kEDH, 508 SSL_aRSA, 509 SSL_DES, 510 SSL_SHA1, 511 SSL_SSLV3, 512 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 513 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 514 40, 515 56, 516 }, 517#endif 518 519/* Cipher 15 */ 520#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 521 { 522 1, 523 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 524 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 525 SSL_kEDH, 526 SSL_aRSA, 527 SSL_DES, 528 SSL_SHA1, 529 SSL_SSLV3, 530 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 531 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 532 56, 533 56, 534 }, 535#endif 536 537/* Cipher 16 */ 538 { 539 1, 540 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 541 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 542 SSL_kEDH, 543 SSL_aRSA, 544 SSL_3DES, 545 SSL_SHA1, 546 SSL_SSLV3, 547 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 548 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 549 112, 550 168, 551 }, 552 553/* Cipher 17 */ 554#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 555 { 556 1, 557 SSL3_TXT_ADH_RC4_40_MD5, 558 SSL3_CK_ADH_RC4_40_MD5, 559 SSL_kEDH, 560 SSL_aNULL, 561 SSL_RC4, 562 SSL_MD5, 563 SSL_SSLV3, 564 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 565 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 566 40, 567 128, 568 }, 569#endif 570 571/* Cipher 18 */ 572 { 573 1, 574 SSL3_TXT_ADH_RC4_128_MD5, 575 SSL3_CK_ADH_RC4_128_MD5, 576 SSL_kEDH, 577 SSL_aNULL, 578 SSL_RC4, 579 SSL_MD5, 580 SSL_SSLV3, 581 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 582 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 583 128, 584 128, 585 }, 586 587/* Cipher 19 */ 588#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 589 { 590 1, 591 SSL3_TXT_ADH_DES_40_CBC_SHA, 592 SSL3_CK_ADH_DES_40_CBC_SHA, 593 SSL_kEDH, 594 SSL_aNULL, 595 SSL_DES, 596 SSL_SHA1, 597 SSL_SSLV3, 598 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 599 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 600 40, 601 128, 602 }, 603#endif 604 605/* Cipher 1A */ 606#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 607 { 608 1, 609 SSL3_TXT_ADH_DES_64_CBC_SHA, 610 SSL3_CK_ADH_DES_64_CBC_SHA, 611 SSL_kEDH, 612 SSL_aNULL, 613 SSL_DES, 614 SSL_SHA1, 615 SSL_SSLV3, 616 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 617 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 618 56, 619 56, 620 }, 621#endif 622 623/* Cipher 1B */ 624 { 625 1, 626 SSL3_TXT_ADH_DES_192_CBC_SHA, 627 SSL3_CK_ADH_DES_192_CBC_SHA, 628 SSL_kEDH, 629 SSL_aNULL, 630 SSL_3DES, 631 SSL_SHA1, 632 SSL_SSLV3, 633 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 634 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 635 112, 636 168, 637 }, 638 639/* Fortezza ciphersuite from SSL 3.0 spec */ 640#if 0 641/* Cipher 1C */ 642 { 643 0, 644 SSL3_TXT_FZA_DMS_NULL_SHA, 645 SSL3_CK_FZA_DMS_NULL_SHA, 646 SSL_kFZA, 647 SSL_aFZA, 648 SSL_eNULL, 649 SSL_SHA1, 650 SSL_SSLV3, 651 SSL_NOT_EXP | SSL_STRONG_NONE, 652 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 653 0, 654 0, 655 }, 656 657/* Cipher 1D */ 658 { 659 0, 660 SSL3_TXT_FZA_DMS_FZA_SHA, 661 SSL3_CK_FZA_DMS_FZA_SHA, 662 SSL_kFZA, 663 SSL_aFZA, 664 SSL_eFZA, 665 SSL_SHA1, 666 SSL_SSLV3, 667 SSL_NOT_EXP | SSL_STRONG_NONE, 668 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 669 0, 670 0, 671 }, 672 673/* Cipher 1E */ 674 { 675 0, 676 SSL3_TXT_FZA_DMS_RC4_SHA, 677 SSL3_CK_FZA_DMS_RC4_SHA, 678 SSL_kFZA, 679 SSL_aFZA, 680 SSL_RC4, 681 SSL_SHA1, 682 SSL_SSLV3, 683 SSL_NOT_EXP | SSL_MEDIUM, 684 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 685 128, 686 128, 687 }, 688#endif 689 690#ifndef OPENSSL_NO_KRB5 691/* The Kerberos ciphers*/ 692/* Cipher 1E */ 693# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 694 { 695 1, 696 SSL3_TXT_KRB5_DES_64_CBC_SHA, 697 SSL3_CK_KRB5_DES_64_CBC_SHA, 698 SSL_kKRB5, 699 SSL_aKRB5, 700 SSL_DES, 701 SSL_SHA1, 702 SSL_SSLV3, 703 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 704 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 705 56, 706 56, 707 }, 708# endif 709 710/* Cipher 1F */ 711 { 712 1, 713 SSL3_TXT_KRB5_DES_192_CBC3_SHA, 714 SSL3_CK_KRB5_DES_192_CBC3_SHA, 715 SSL_kKRB5, 716 SSL_aKRB5, 717 SSL_3DES, 718 SSL_SHA1, 719 SSL_SSLV3, 720 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 721 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 722 112, 723 168, 724 }, 725 726/* Cipher 20 */ 727 { 728 1, 729 SSL3_TXT_KRB5_RC4_128_SHA, 730 SSL3_CK_KRB5_RC4_128_SHA, 731 SSL_kKRB5, 732 SSL_aKRB5, 733 SSL_RC4, 734 SSL_SHA1, 735 SSL_SSLV3, 736 SSL_NOT_EXP | SSL_MEDIUM, 737 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 738 128, 739 128, 740 }, 741 742/* Cipher 21 */ 743 { 744 1, 745 SSL3_TXT_KRB5_IDEA_128_CBC_SHA, 746 SSL3_CK_KRB5_IDEA_128_CBC_SHA, 747 SSL_kKRB5, 748 SSL_aKRB5, 749 SSL_IDEA, 750 SSL_SHA1, 751 SSL_SSLV3, 752 SSL_NOT_EXP | SSL_MEDIUM, 753 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 754 128, 755 128, 756 }, 757 758/* Cipher 22 */ 759# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 760 { 761 1, 762 SSL3_TXT_KRB5_DES_64_CBC_MD5, 763 SSL3_CK_KRB5_DES_64_CBC_MD5, 764 SSL_kKRB5, 765 SSL_aKRB5, 766 SSL_DES, 767 SSL_MD5, 768 SSL_SSLV3, 769 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 770 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 771 56, 772 56, 773 }, 774# endif 775 776/* Cipher 23 */ 777 { 778 1, 779 SSL3_TXT_KRB5_DES_192_CBC3_MD5, 780 SSL3_CK_KRB5_DES_192_CBC3_MD5, 781 SSL_kKRB5, 782 SSL_aKRB5, 783 SSL_3DES, 784 SSL_MD5, 785 SSL_SSLV3, 786 SSL_NOT_EXP | SSL_HIGH, 787 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 788 112, 789 168, 790 }, 791 792/* Cipher 24 */ 793 { 794 1, 795 SSL3_TXT_KRB5_RC4_128_MD5, 796 SSL3_CK_KRB5_RC4_128_MD5, 797 SSL_kKRB5, 798 SSL_aKRB5, 799 SSL_RC4, 800 SSL_MD5, 801 SSL_SSLV3, 802 SSL_NOT_EXP | SSL_MEDIUM, 803 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 804 128, 805 128, 806 }, 807 808/* Cipher 25 */ 809 { 810 1, 811 SSL3_TXT_KRB5_IDEA_128_CBC_MD5, 812 SSL3_CK_KRB5_IDEA_128_CBC_MD5, 813 SSL_kKRB5, 814 SSL_aKRB5, 815 SSL_IDEA, 816 SSL_MD5, 817 SSL_SSLV3, 818 SSL_NOT_EXP | SSL_MEDIUM, 819 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 820 128, 821 128, 822 }, 823 824/* Cipher 26 */ 825# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 826 { 827 1, 828 SSL3_TXT_KRB5_DES_40_CBC_SHA, 829 SSL3_CK_KRB5_DES_40_CBC_SHA, 830 SSL_kKRB5, 831 SSL_aKRB5, 832 SSL_DES, 833 SSL_SHA1, 834 SSL_SSLV3, 835 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 836 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 837 40, 838 56, 839 }, 840# endif 841 842/* Cipher 27 */ 843# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 844 { 845 1, 846 SSL3_TXT_KRB5_RC2_40_CBC_SHA, 847 SSL3_CK_KRB5_RC2_40_CBC_SHA, 848 SSL_kKRB5, 849 SSL_aKRB5, 850 SSL_RC2, 851 SSL_SHA1, 852 SSL_SSLV3, 853 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 854 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 855 40, 856 128, 857 }, 858# endif 859 860/* Cipher 28 */ 861# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 862 { 863 1, 864 SSL3_TXT_KRB5_RC4_40_SHA, 865 SSL3_CK_KRB5_RC4_40_SHA, 866 SSL_kKRB5, 867 SSL_aKRB5, 868 SSL_RC4, 869 SSL_SHA1, 870 SSL_SSLV3, 871 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 872 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 873 40, 874 128, 875 }, 876# endif 877 878/* Cipher 29 */ 879# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 880 { 881 1, 882 SSL3_TXT_KRB5_DES_40_CBC_MD5, 883 SSL3_CK_KRB5_DES_40_CBC_MD5, 884 SSL_kKRB5, 885 SSL_aKRB5, 886 SSL_DES, 887 SSL_MD5, 888 SSL_SSLV3, 889 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 890 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 891 40, 892 56, 893 }, 894# endif 895 896/* Cipher 2A */ 897# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 898 { 899 1, 900 SSL3_TXT_KRB5_RC2_40_CBC_MD5, 901 SSL3_CK_KRB5_RC2_40_CBC_MD5, 902 SSL_kKRB5, 903 SSL_aKRB5, 904 SSL_RC2, 905 SSL_MD5, 906 SSL_SSLV3, 907 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 908 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 909 40, 910 128, 911 }, 912# endif 913 914/* Cipher 2B */ 915# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 916 { 917 1, 918 SSL3_TXT_KRB5_RC4_40_MD5, 919 SSL3_CK_KRB5_RC4_40_MD5, 920 SSL_kKRB5, 921 SSL_aKRB5, 922 SSL_RC4, 923 SSL_MD5, 924 SSL_SSLV3, 925 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 926 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 927 40, 928 128, 929 }, 930# endif 931#endif /* OPENSSL_NO_KRB5 */ 932 933/* New AES ciphersuites */ 934/* Cipher 2F */ 935 { 936 1, 937 TLS1_TXT_RSA_WITH_AES_128_SHA, 938 TLS1_CK_RSA_WITH_AES_128_SHA, 939 SSL_kRSA, 940 SSL_aRSA, 941 SSL_AES128, 942 SSL_SHA1, 943 SSL_TLSV1, 944 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 945 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 946 128, 947 128, 948 }, 949/* Cipher 30 */ 950 { 951 0, 952 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 953 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 954 SSL_kDHd, 955 SSL_aDH, 956 SSL_AES128, 957 SSL_SHA1, 958 SSL_TLSV1, 959 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 960 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 961 128, 962 128, 963 }, 964/* Cipher 31 */ 965 { 966 0, 967 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 968 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 969 SSL_kDHr, 970 SSL_aDH, 971 SSL_AES128, 972 SSL_SHA1, 973 SSL_TLSV1, 974 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 975 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 976 128, 977 128, 978 }, 979/* Cipher 32 */ 980 { 981 1, 982 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 983 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 984 SSL_kEDH, 985 SSL_aDSS, 986 SSL_AES128, 987 SSL_SHA1, 988 SSL_TLSV1, 989 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 990 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 991 128, 992 128, 993 }, 994/* Cipher 33 */ 995 { 996 1, 997 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 998 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 999 SSL_kEDH, 1000 SSL_aRSA, 1001 SSL_AES128, 1002 SSL_SHA1, 1003 SSL_TLSV1, 1004 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1005 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1006 128, 1007 128, 1008 }, 1009/* Cipher 34 */ 1010 { 1011 1, 1012 TLS1_TXT_ADH_WITH_AES_128_SHA, 1013 TLS1_CK_ADH_WITH_AES_128_SHA, 1014 SSL_kEDH, 1015 SSL_aNULL, 1016 SSL_AES128, 1017 SSL_SHA1, 1018 SSL_TLSV1, 1019 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1020 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1021 128, 1022 128, 1023 }, 1024 1025/* Cipher 35 */ 1026 { 1027 1, 1028 TLS1_TXT_RSA_WITH_AES_256_SHA, 1029 TLS1_CK_RSA_WITH_AES_256_SHA, 1030 SSL_kRSA, 1031 SSL_aRSA, 1032 SSL_AES256, 1033 SSL_SHA1, 1034 SSL_TLSV1, 1035 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1036 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1037 256, 1038 256, 1039 }, 1040/* Cipher 36 */ 1041 { 1042 0, 1043 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 1044 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 1045 SSL_kDHd, 1046 SSL_aDH, 1047 SSL_AES256, 1048 SSL_SHA1, 1049 SSL_TLSV1, 1050 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1051 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1052 256, 1053 256, 1054 }, 1055 1056/* Cipher 37 */ 1057 { 1058 0, /* not implemented (non-ephemeral DH) */ 1059 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 1060 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 1061 SSL_kDHr, 1062 SSL_aDH, 1063 SSL_AES256, 1064 SSL_SHA1, 1065 SSL_TLSV1, 1066 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1067 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1068 256, 1069 256, 1070 }, 1071 1072/* Cipher 38 */ 1073 { 1074 1, 1075 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 1076 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 1077 SSL_kEDH, 1078 SSL_aDSS, 1079 SSL_AES256, 1080 SSL_SHA1, 1081 SSL_TLSV1, 1082 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1083 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1084 256, 1085 256, 1086 }, 1087 1088/* Cipher 39 */ 1089 { 1090 1, 1091 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 1092 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 1093 SSL_kEDH, 1094 SSL_aRSA, 1095 SSL_AES256, 1096 SSL_SHA1, 1097 SSL_TLSV1, 1098 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1099 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1100 256, 1101 256, 1102 }, 1103 1104 /* Cipher 3A */ 1105 { 1106 1, 1107 TLS1_TXT_ADH_WITH_AES_256_SHA, 1108 TLS1_CK_ADH_WITH_AES_256_SHA, 1109 SSL_kEDH, 1110 SSL_aNULL, 1111 SSL_AES256, 1112 SSL_SHA1, 1113 SSL_TLSV1, 1114 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1115 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1116 256, 1117 256, 1118 }, 1119 1120 /* TLS v1.2 ciphersuites */ 1121 /* Cipher 3B */ 1122 { 1123 1, 1124 TLS1_TXT_RSA_WITH_NULL_SHA256, 1125 TLS1_CK_RSA_WITH_NULL_SHA256, 1126 SSL_kRSA, 1127 SSL_aRSA, 1128 SSL_eNULL, 1129 SSL_SHA256, 1130 SSL_TLSV1_2, 1131 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 1132 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1133 0, 1134 0, 1135 }, 1136 1137 /* Cipher 3C */ 1138 { 1139 1, 1140 TLS1_TXT_RSA_WITH_AES_128_SHA256, 1141 TLS1_CK_RSA_WITH_AES_128_SHA256, 1142 SSL_kRSA, 1143 SSL_aRSA, 1144 SSL_AES128, 1145 SSL_SHA256, 1146 SSL_TLSV1_2, 1147 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1148 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1149 128, 1150 128, 1151 }, 1152 1153 /* Cipher 3D */ 1154 { 1155 1, 1156 TLS1_TXT_RSA_WITH_AES_256_SHA256, 1157 TLS1_CK_RSA_WITH_AES_256_SHA256, 1158 SSL_kRSA, 1159 SSL_aRSA, 1160 SSL_AES256, 1161 SSL_SHA256, 1162 SSL_TLSV1_2, 1163 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1164 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1165 256, 1166 256, 1167 }, 1168 1169 /* Cipher 3E */ 1170 { 1171 0, /* not implemented (non-ephemeral DH) */ 1172 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, 1173 TLS1_CK_DH_DSS_WITH_AES_128_SHA256, 1174 SSL_kDHd, 1175 SSL_aDH, 1176 SSL_AES128, 1177 SSL_SHA256, 1178 SSL_TLSV1_2, 1179 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1180 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1181 128, 1182 128, 1183 }, 1184 1185 /* Cipher 3F */ 1186 { 1187 0, /* not implemented (non-ephemeral DH) */ 1188 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, 1189 TLS1_CK_DH_RSA_WITH_AES_128_SHA256, 1190 SSL_kDHr, 1191 SSL_aDH, 1192 SSL_AES128, 1193 SSL_SHA256, 1194 SSL_TLSV1_2, 1195 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1196 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1197 128, 1198 128, 1199 }, 1200 1201 /* Cipher 40 */ 1202 { 1203 1, 1204 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 1205 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 1206 SSL_kEDH, 1207 SSL_aDSS, 1208 SSL_AES128, 1209 SSL_SHA256, 1210 SSL_TLSV1_2, 1211 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1212 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1213 128, 1214 128, 1215 }, 1216 1217#ifndef OPENSSL_NO_CAMELLIA 1218 /* Camellia ciphersuites from RFC4132 (128-bit portion) */ 1219 1220 /* Cipher 41 */ 1221 { 1222 1, 1223 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 1224 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 1225 SSL_kRSA, 1226 SSL_aRSA, 1227 SSL_CAMELLIA128, 1228 SSL_SHA1, 1229 SSL_TLSV1, 1230 SSL_NOT_EXP | SSL_HIGH, 1231 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1232 128, 1233 128, 1234 }, 1235 1236 /* Cipher 42 */ 1237 { 1238 0, /* not implemented (non-ephemeral DH) */ 1239 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1240 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1241 SSL_kDHd, 1242 SSL_aDH, 1243 SSL_CAMELLIA128, 1244 SSL_SHA1, 1245 SSL_TLSV1, 1246 SSL_NOT_EXP | SSL_HIGH, 1247 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1248 128, 1249 128, 1250 }, 1251 1252 /* Cipher 43 */ 1253 { 1254 0, /* not implemented (non-ephemeral DH) */ 1255 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1256 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1257 SSL_kDHr, 1258 SSL_aDH, 1259 SSL_CAMELLIA128, 1260 SSL_SHA1, 1261 SSL_TLSV1, 1262 SSL_NOT_EXP | SSL_HIGH, 1263 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1264 128, 1265 128, 1266 }, 1267 1268 /* Cipher 44 */ 1269 { 1270 1, 1271 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1272 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1273 SSL_kEDH, 1274 SSL_aDSS, 1275 SSL_CAMELLIA128, 1276 SSL_SHA1, 1277 SSL_TLSV1, 1278 SSL_NOT_EXP | SSL_HIGH, 1279 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1280 128, 1281 128, 1282 }, 1283 1284 /* Cipher 45 */ 1285 { 1286 1, 1287 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1288 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1289 SSL_kEDH, 1290 SSL_aRSA, 1291 SSL_CAMELLIA128, 1292 SSL_SHA1, 1293 SSL_TLSV1, 1294 SSL_NOT_EXP | SSL_HIGH, 1295 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1296 128, 1297 128, 1298 }, 1299 1300 /* Cipher 46 */ 1301 { 1302 1, 1303 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 1304 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 1305 SSL_kEDH, 1306 SSL_aNULL, 1307 SSL_CAMELLIA128, 1308 SSL_SHA1, 1309 SSL_TLSV1, 1310 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH, 1311 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1312 128, 1313 128, 1314 }, 1315#endif /* OPENSSL_NO_CAMELLIA */ 1316 1317#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1318 /* New TLS Export CipherSuites from expired ID */ 1319# if 0 1320 /* Cipher 60 */ 1321 { 1322 1, 1323 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5, 1324 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5, 1325 SSL_kRSA, 1326 SSL_aRSA, 1327 SSL_RC4, 1328 SSL_MD5, 1329 SSL_TLSV1, 1330 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1331 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1332 56, 1333 128, 1334 }, 1335 1336 /* Cipher 61 */ 1337 { 1338 1, 1339 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1340 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1341 SSL_kRSA, 1342 SSL_aRSA, 1343 SSL_RC2, 1344 SSL_MD5, 1345 SSL_TLSV1, 1346 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1347 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1348 56, 1349 128, 1350 }, 1351# endif 1352 1353 /* Cipher 62 */ 1354# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1355 { 1356 1, 1357 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1358 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1359 SSL_kRSA, 1360 SSL_aRSA, 1361 SSL_DES, 1362 SSL_SHA1, 1363 SSL_TLSV1, 1364 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1365 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1366 56, 1367 56, 1368 }, 1369# endif 1370 1371 /* Cipher 63 */ 1372# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1373 { 1374 1, 1375 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1376 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1377 SSL_kEDH, 1378 SSL_aDSS, 1379 SSL_DES, 1380 SSL_SHA1, 1381 SSL_TLSV1, 1382 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1383 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1384 56, 1385 56, 1386 }, 1387# endif 1388 1389 /* Cipher 64 */ 1390# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1391 { 1392 1, 1393 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, 1394 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA, 1395 SSL_kRSA, 1396 SSL_aRSA, 1397 SSL_RC4, 1398 SSL_SHA1, 1399 SSL_TLSV1, 1400 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1401 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1402 56, 1403 128, 1404 }, 1405# endif 1406 1407 /* Cipher 65 */ 1408# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1409 { 1410 1, 1411 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1412 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1413 SSL_kEDH, 1414 SSL_aDSS, 1415 SSL_RC4, 1416 SSL_SHA1, 1417 SSL_TLSV1, 1418 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1419 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1420 56, 1421 128, 1422 }, 1423# endif 1424 1425 /* Cipher 66 */ 1426 { 1427 1, 1428 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 1429 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 1430 SSL_kEDH, 1431 SSL_aDSS, 1432 SSL_RC4, 1433 SSL_SHA1, 1434 SSL_TLSV1, 1435 SSL_NOT_EXP | SSL_MEDIUM, 1436 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1437 128, 1438 128, 1439 }, 1440#endif 1441 1442 /* TLS v1.2 ciphersuites */ 1443 /* Cipher 67 */ 1444 { 1445 1, 1446 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 1447 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 1448 SSL_kEDH, 1449 SSL_aRSA, 1450 SSL_AES128, 1451 SSL_SHA256, 1452 SSL_TLSV1_2, 1453 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1454 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1455 128, 1456 128, 1457 }, 1458 1459 /* Cipher 68 */ 1460 { 1461 0, /* not implemented (non-ephemeral DH) */ 1462 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, 1463 TLS1_CK_DH_DSS_WITH_AES_256_SHA256, 1464 SSL_kDHd, 1465 SSL_aDH, 1466 SSL_AES256, 1467 SSL_SHA256, 1468 SSL_TLSV1_2, 1469 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1470 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1471 256, 1472 256, 1473 }, 1474 1475 /* Cipher 69 */ 1476 { 1477 0, /* not implemented (non-ephemeral DH) */ 1478 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, 1479 TLS1_CK_DH_RSA_WITH_AES_256_SHA256, 1480 SSL_kDHr, 1481 SSL_aDH, 1482 SSL_AES256, 1483 SSL_SHA256, 1484 SSL_TLSV1_2, 1485 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1486 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1487 256, 1488 256, 1489 }, 1490 1491 /* Cipher 6A */ 1492 { 1493 1, 1494 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 1495 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 1496 SSL_kEDH, 1497 SSL_aDSS, 1498 SSL_AES256, 1499 SSL_SHA256, 1500 SSL_TLSV1_2, 1501 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1502 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1503 256, 1504 256, 1505 }, 1506 1507 /* Cipher 6B */ 1508 { 1509 1, 1510 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 1511 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 1512 SSL_kEDH, 1513 SSL_aRSA, 1514 SSL_AES256, 1515 SSL_SHA256, 1516 SSL_TLSV1_2, 1517 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1518 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1519 256, 1520 256, 1521 }, 1522 1523 /* Cipher 6C */ 1524 { 1525 1, 1526 TLS1_TXT_ADH_WITH_AES_128_SHA256, 1527 TLS1_CK_ADH_WITH_AES_128_SHA256, 1528 SSL_kEDH, 1529 SSL_aNULL, 1530 SSL_AES128, 1531 SSL_SHA256, 1532 SSL_TLSV1_2, 1533 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1534 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1535 128, 1536 128, 1537 }, 1538 1539 /* Cipher 6D */ 1540 { 1541 1, 1542 TLS1_TXT_ADH_WITH_AES_256_SHA256, 1543 TLS1_CK_ADH_WITH_AES_256_SHA256, 1544 SSL_kEDH, 1545 SSL_aNULL, 1546 SSL_AES256, 1547 SSL_SHA256, 1548 SSL_TLSV1_2, 1549 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1550 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1551 256, 1552 256, 1553 }, 1554 1555 /* GOST Ciphersuites */ 1556 1557 { 1558 1, 1559 "GOST94-GOST89-GOST89", 1560 0x3000080, 1561 SSL_kGOST, 1562 SSL_aGOST94, 1563 SSL_eGOST2814789CNT, 1564 SSL_GOST89MAC, 1565 SSL_TLSV1, 1566 SSL_NOT_EXP | SSL_HIGH, 1567 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1568 256, 1569 256}, 1570 { 1571 1, 1572 "GOST2001-GOST89-GOST89", 1573 0x3000081, 1574 SSL_kGOST, 1575 SSL_aGOST01, 1576 SSL_eGOST2814789CNT, 1577 SSL_GOST89MAC, 1578 SSL_TLSV1, 1579 SSL_NOT_EXP | SSL_HIGH, 1580 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1581 256, 1582 256}, 1583 { 1584 1, 1585 "GOST94-NULL-GOST94", 1586 0x3000082, 1587 SSL_kGOST, 1588 SSL_aGOST94, 1589 SSL_eNULL, 1590 SSL_GOST94, 1591 SSL_TLSV1, 1592 SSL_NOT_EXP | SSL_STRONG_NONE, 1593 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1594 0, 1595 0}, 1596 { 1597 1, 1598 "GOST2001-NULL-GOST94", 1599 0x3000083, 1600 SSL_kGOST, 1601 SSL_aGOST01, 1602 SSL_eNULL, 1603 SSL_GOST94, 1604 SSL_TLSV1, 1605 SSL_NOT_EXP | SSL_STRONG_NONE, 1606 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1607 0, 1608 0}, 1609 1610#ifndef OPENSSL_NO_CAMELLIA 1611 /* Camellia ciphersuites from RFC4132 (256-bit portion) */ 1612 1613 /* Cipher 84 */ 1614 { 1615 1, 1616 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1617 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1618 SSL_kRSA, 1619 SSL_aRSA, 1620 SSL_CAMELLIA256, 1621 SSL_SHA1, 1622 SSL_TLSV1, 1623 SSL_NOT_EXP | SSL_HIGH, 1624 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1625 256, 1626 256, 1627 }, 1628 /* Cipher 85 */ 1629 { 1630 0, /* not implemented (non-ephemeral DH) */ 1631 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1632 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1633 SSL_kDHd, 1634 SSL_aDH, 1635 SSL_CAMELLIA256, 1636 SSL_SHA1, 1637 SSL_TLSV1, 1638 SSL_NOT_EXP | SSL_HIGH, 1639 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1640 256, 1641 256, 1642 }, 1643 1644 /* Cipher 86 */ 1645 { 1646 0, /* not implemented (non-ephemeral DH) */ 1647 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1648 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1649 SSL_kDHr, 1650 SSL_aDH, 1651 SSL_CAMELLIA256, 1652 SSL_SHA1, 1653 SSL_TLSV1, 1654 SSL_NOT_EXP | SSL_HIGH, 1655 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1656 256, 1657 256, 1658 }, 1659 1660 /* Cipher 87 */ 1661 { 1662 1, 1663 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1664 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1665 SSL_kEDH, 1666 SSL_aDSS, 1667 SSL_CAMELLIA256, 1668 SSL_SHA1, 1669 SSL_TLSV1, 1670 SSL_NOT_EXP | SSL_HIGH, 1671 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1672 256, 1673 256, 1674 }, 1675 1676 /* Cipher 88 */ 1677 { 1678 1, 1679 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1680 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1681 SSL_kEDH, 1682 SSL_aRSA, 1683 SSL_CAMELLIA256, 1684 SSL_SHA1, 1685 SSL_TLSV1, 1686 SSL_NOT_EXP | SSL_HIGH, 1687 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1688 256, 1689 256, 1690 }, 1691 1692 /* Cipher 89 */ 1693 { 1694 1, 1695 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1696 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1697 SSL_kEDH, 1698 SSL_aNULL, 1699 SSL_CAMELLIA256, 1700 SSL_SHA1, 1701 SSL_TLSV1, 1702 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH, 1703 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1704 256, 1705 256, 1706 }, 1707#endif /* OPENSSL_NO_CAMELLIA */ 1708 1709#ifndef OPENSSL_NO_PSK 1710 /* Cipher 8A */ 1711 { 1712 1, 1713 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1714 TLS1_CK_PSK_WITH_RC4_128_SHA, 1715 SSL_kPSK, 1716 SSL_aPSK, 1717 SSL_RC4, 1718 SSL_SHA1, 1719 SSL_TLSV1, 1720 SSL_NOT_EXP | SSL_MEDIUM, 1721 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1722 128, 1723 128, 1724 }, 1725 1726 /* Cipher 8B */ 1727 { 1728 1, 1729 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1730 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1731 SSL_kPSK, 1732 SSL_aPSK, 1733 SSL_3DES, 1734 SSL_SHA1, 1735 SSL_TLSV1, 1736 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1737 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1738 112, 1739 168, 1740 }, 1741 1742 /* Cipher 8C */ 1743 { 1744 1, 1745 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1746 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1747 SSL_kPSK, 1748 SSL_aPSK, 1749 SSL_AES128, 1750 SSL_SHA1, 1751 SSL_TLSV1, 1752 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1753 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1754 128, 1755 128, 1756 }, 1757 1758 /* Cipher 8D */ 1759 { 1760 1, 1761 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1762 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1763 SSL_kPSK, 1764 SSL_aPSK, 1765 SSL_AES256, 1766 SSL_SHA1, 1767 SSL_TLSV1, 1768 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1769 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1770 256, 1771 256, 1772 }, 1773#endif /* OPENSSL_NO_PSK */ 1774 1775#ifndef OPENSSL_NO_SEED 1776 /* SEED ciphersuites from RFC4162 */ 1777 1778 /* Cipher 96 */ 1779 { 1780 1, 1781 TLS1_TXT_RSA_WITH_SEED_SHA, 1782 TLS1_CK_RSA_WITH_SEED_SHA, 1783 SSL_kRSA, 1784 SSL_aRSA, 1785 SSL_SEED, 1786 SSL_SHA1, 1787 SSL_TLSV1, 1788 SSL_NOT_EXP | SSL_MEDIUM, 1789 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1790 128, 1791 128, 1792 }, 1793 1794 /* Cipher 97 */ 1795 { 1796 0, /* not implemented (non-ephemeral DH) */ 1797 TLS1_TXT_DH_DSS_WITH_SEED_SHA, 1798 TLS1_CK_DH_DSS_WITH_SEED_SHA, 1799 SSL_kDHd, 1800 SSL_aDH, 1801 SSL_SEED, 1802 SSL_SHA1, 1803 SSL_TLSV1, 1804 SSL_NOT_EXP | SSL_MEDIUM, 1805 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1806 128, 1807 128, 1808 }, 1809 1810 /* Cipher 98 */ 1811 { 1812 0, /* not implemented (non-ephemeral DH) */ 1813 TLS1_TXT_DH_RSA_WITH_SEED_SHA, 1814 TLS1_CK_DH_RSA_WITH_SEED_SHA, 1815 SSL_kDHr, 1816 SSL_aDH, 1817 SSL_SEED, 1818 SSL_SHA1, 1819 SSL_TLSV1, 1820 SSL_NOT_EXP | SSL_MEDIUM, 1821 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1822 128, 1823 128, 1824 }, 1825 1826 /* Cipher 99 */ 1827 { 1828 1, 1829 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 1830 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 1831 SSL_kEDH, 1832 SSL_aDSS, 1833 SSL_SEED, 1834 SSL_SHA1, 1835 SSL_TLSV1, 1836 SSL_NOT_EXP | SSL_MEDIUM, 1837 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1838 128, 1839 128, 1840 }, 1841 1842 /* Cipher 9A */ 1843 { 1844 1, 1845 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 1846 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 1847 SSL_kEDH, 1848 SSL_aRSA, 1849 SSL_SEED, 1850 SSL_SHA1, 1851 SSL_TLSV1, 1852 SSL_NOT_EXP | SSL_MEDIUM, 1853 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1854 128, 1855 128, 1856 }, 1857 1858 /* Cipher 9B */ 1859 { 1860 1, 1861 TLS1_TXT_ADH_WITH_SEED_SHA, 1862 TLS1_CK_ADH_WITH_SEED_SHA, 1863 SSL_kEDH, 1864 SSL_aNULL, 1865 SSL_SEED, 1866 SSL_SHA1, 1867 SSL_TLSV1, 1868 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 1869 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1870 128, 1871 128, 1872 }, 1873 1874#endif /* OPENSSL_NO_SEED */ 1875 1876 /* GCM ciphersuites from RFC5288 */ 1877 1878 /* Cipher 9C */ 1879 { 1880 1, 1881 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1882 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1883 SSL_kRSA, 1884 SSL_aRSA, 1885 SSL_AES128GCM, 1886 SSL_AEAD, 1887 SSL_TLSV1_2, 1888 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1889 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1890 128, 1891 128, 1892 }, 1893 1894 /* Cipher 9D */ 1895 { 1896 1, 1897 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1898 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1899 SSL_kRSA, 1900 SSL_aRSA, 1901 SSL_AES256GCM, 1902 SSL_AEAD, 1903 SSL_TLSV1_2, 1904 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1905 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1906 256, 1907 256, 1908 }, 1909 1910 /* Cipher 9E */ 1911 { 1912 1, 1913 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1914 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1915 SSL_kEDH, 1916 SSL_aRSA, 1917 SSL_AES128GCM, 1918 SSL_AEAD, 1919 SSL_TLSV1_2, 1920 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1921 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1922 128, 1923 128, 1924 }, 1925 1926 /* Cipher 9F */ 1927 { 1928 1, 1929 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1930 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1931 SSL_kEDH, 1932 SSL_aRSA, 1933 SSL_AES256GCM, 1934 SSL_AEAD, 1935 SSL_TLSV1_2, 1936 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1937 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1938 256, 1939 256, 1940 }, 1941 1942 /* Cipher A0 */ 1943 { 1944 0, 1945 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1946 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1947 SSL_kDHr, 1948 SSL_aDH, 1949 SSL_AES128GCM, 1950 SSL_AEAD, 1951 SSL_TLSV1_2, 1952 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1953 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1954 128, 1955 128, 1956 }, 1957 1958 /* Cipher A1 */ 1959 { 1960 0, 1961 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1962 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1963 SSL_kDHr, 1964 SSL_aDH, 1965 SSL_AES256GCM, 1966 SSL_AEAD, 1967 SSL_TLSV1_2, 1968 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1969 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1970 256, 1971 256, 1972 }, 1973 1974 /* Cipher A2 */ 1975 { 1976 1, 1977 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 1978 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 1979 SSL_kEDH, 1980 SSL_aDSS, 1981 SSL_AES128GCM, 1982 SSL_AEAD, 1983 SSL_TLSV1_2, 1984 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1985 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1986 128, 1987 128, 1988 }, 1989 1990 /* Cipher A3 */ 1991 { 1992 1, 1993 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 1994 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 1995 SSL_kEDH, 1996 SSL_aDSS, 1997 SSL_AES256GCM, 1998 SSL_AEAD, 1999 SSL_TLSV1_2, 2000 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2001 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2002 256, 2003 256, 2004 }, 2005 2006 /* Cipher A4 */ 2007 { 2008 0, 2009 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 2010 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 2011 SSL_kDHd, 2012 SSL_aDH, 2013 SSL_AES128GCM, 2014 SSL_AEAD, 2015 SSL_TLSV1_2, 2016 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2017 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2018 128, 2019 128, 2020 }, 2021 2022 /* Cipher A5 */ 2023 { 2024 0, 2025 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 2026 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 2027 SSL_kDHd, 2028 SSL_aDH, 2029 SSL_AES256GCM, 2030 SSL_AEAD, 2031 SSL_TLSV1_2, 2032 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2033 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2034 256, 2035 256, 2036 }, 2037 2038 /* Cipher A6 */ 2039 { 2040 1, 2041 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 2042 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 2043 SSL_kEDH, 2044 SSL_aNULL, 2045 SSL_AES128GCM, 2046 SSL_AEAD, 2047 SSL_TLSV1_2, 2048 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2049 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2050 128, 2051 128, 2052 }, 2053 2054 /* Cipher A7 */ 2055 { 2056 1, 2057 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 2058 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 2059 SSL_kEDH, 2060 SSL_aNULL, 2061 SSL_AES256GCM, 2062 SSL_AEAD, 2063 SSL_TLSV1_2, 2064 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2065 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2066 256, 2067 256, 2068 }, 2069 2070#ifndef OPENSSL_NO_ECDH 2071 /* Cipher C001 */ 2072 { 2073 1, 2074 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 2075 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 2076 SSL_kECDHe, 2077 SSL_aECDH, 2078 SSL_eNULL, 2079 SSL_SHA1, 2080 SSL_TLSV1, 2081 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2082 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2083 0, 2084 0, 2085 }, 2086 2087 /* Cipher C002 */ 2088 { 2089 1, 2090 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 2091 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 2092 SSL_kECDHe, 2093 SSL_aECDH, 2094 SSL_RC4, 2095 SSL_SHA1, 2096 SSL_TLSV1, 2097 SSL_NOT_EXP | SSL_MEDIUM, 2098 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2099 128, 2100 128, 2101 }, 2102 2103 /* Cipher C003 */ 2104 { 2105 1, 2106 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2107 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2108 SSL_kECDHe, 2109 SSL_aECDH, 2110 SSL_3DES, 2111 SSL_SHA1, 2112 SSL_TLSV1, 2113 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2114 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2115 112, 2116 168, 2117 }, 2118 2119 /* Cipher C004 */ 2120 { 2121 1, 2122 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2123 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2124 SSL_kECDHe, 2125 SSL_aECDH, 2126 SSL_AES128, 2127 SSL_SHA1, 2128 SSL_TLSV1, 2129 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2130 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2131 128, 2132 128, 2133 }, 2134 2135 /* Cipher C005 */ 2136 { 2137 1, 2138 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2139 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2140 SSL_kECDHe, 2141 SSL_aECDH, 2142 SSL_AES256, 2143 SSL_SHA1, 2144 SSL_TLSV1, 2145 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2146 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2147 256, 2148 256, 2149 }, 2150 2151 /* Cipher C006 */ 2152 { 2153 1, 2154 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 2155 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 2156 SSL_kEECDH, 2157 SSL_aECDSA, 2158 SSL_eNULL, 2159 SSL_SHA1, 2160 SSL_TLSV1, 2161 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2162 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2163 0, 2164 0, 2165 }, 2166 2167 /* Cipher C007 */ 2168 { 2169 1, 2170 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 2171 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 2172 SSL_kEECDH, 2173 SSL_aECDSA, 2174 SSL_RC4, 2175 SSL_SHA1, 2176 SSL_TLSV1, 2177 SSL_NOT_EXP | SSL_MEDIUM, 2178 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2179 128, 2180 128, 2181 }, 2182 2183 /* Cipher C008 */ 2184 { 2185 1, 2186 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2187 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2188 SSL_kEECDH, 2189 SSL_aECDSA, 2190 SSL_3DES, 2191 SSL_SHA1, 2192 SSL_TLSV1, 2193 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2194 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2195 112, 2196 168, 2197 }, 2198 2199 /* Cipher C009 */ 2200 { 2201 1, 2202 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2203 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2204 SSL_kEECDH, 2205 SSL_aECDSA, 2206 SSL_AES128, 2207 SSL_SHA1, 2208 SSL_TLSV1, 2209 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2210 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2211 128, 2212 128, 2213 }, 2214 2215 /* Cipher C00A */ 2216 { 2217 1, 2218 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2219 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2220 SSL_kEECDH, 2221 SSL_aECDSA, 2222 SSL_AES256, 2223 SSL_SHA1, 2224 SSL_TLSV1, 2225 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2226 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2227 256, 2228 256, 2229 }, 2230 2231 /* Cipher C00B */ 2232 { 2233 1, 2234 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 2235 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 2236 SSL_kECDHr, 2237 SSL_aECDH, 2238 SSL_eNULL, 2239 SSL_SHA1, 2240 SSL_TLSV1, 2241 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2242 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2243 0, 2244 0, 2245 }, 2246 2247 /* Cipher C00C */ 2248 { 2249 1, 2250 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 2251 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 2252 SSL_kECDHr, 2253 SSL_aECDH, 2254 SSL_RC4, 2255 SSL_SHA1, 2256 SSL_TLSV1, 2257 SSL_NOT_EXP | SSL_MEDIUM, 2258 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2259 128, 2260 128, 2261 }, 2262 2263 /* Cipher C00D */ 2264 { 2265 1, 2266 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2267 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2268 SSL_kECDHr, 2269 SSL_aECDH, 2270 SSL_3DES, 2271 SSL_SHA1, 2272 SSL_TLSV1, 2273 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2274 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2275 112, 2276 168, 2277 }, 2278 2279 /* Cipher C00E */ 2280 { 2281 1, 2282 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 2283 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 2284 SSL_kECDHr, 2285 SSL_aECDH, 2286 SSL_AES128, 2287 SSL_SHA1, 2288 SSL_TLSV1, 2289 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2290 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2291 128, 2292 128, 2293 }, 2294 2295 /* Cipher C00F */ 2296 { 2297 1, 2298 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 2299 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 2300 SSL_kECDHr, 2301 SSL_aECDH, 2302 SSL_AES256, 2303 SSL_SHA1, 2304 SSL_TLSV1, 2305 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2306 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2307 256, 2308 256, 2309 }, 2310 2311 /* Cipher C010 */ 2312 { 2313 1, 2314 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 2315 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 2316 SSL_kEECDH, 2317 SSL_aRSA, 2318 SSL_eNULL, 2319 SSL_SHA1, 2320 SSL_TLSV1, 2321 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2322 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2323 0, 2324 0, 2325 }, 2326 2327 /* Cipher C011 */ 2328 { 2329 1, 2330 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 2331 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 2332 SSL_kEECDH, 2333 SSL_aRSA, 2334 SSL_RC4, 2335 SSL_SHA1, 2336 SSL_TLSV1, 2337 SSL_NOT_EXP | SSL_MEDIUM, 2338 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2339 128, 2340 128, 2341 }, 2342 2343 /* Cipher C012 */ 2344 { 2345 1, 2346 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2347 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2348 SSL_kEECDH, 2349 SSL_aRSA, 2350 SSL_3DES, 2351 SSL_SHA1, 2352 SSL_TLSV1, 2353 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2354 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2355 112, 2356 168, 2357 }, 2358 2359 /* Cipher C013 */ 2360 { 2361 1, 2362 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2363 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2364 SSL_kEECDH, 2365 SSL_aRSA, 2366 SSL_AES128, 2367 SSL_SHA1, 2368 SSL_TLSV1, 2369 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2370 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2371 128, 2372 128, 2373 }, 2374 2375 /* Cipher C014 */ 2376 { 2377 1, 2378 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2379 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2380 SSL_kEECDH, 2381 SSL_aRSA, 2382 SSL_AES256, 2383 SSL_SHA1, 2384 SSL_TLSV1, 2385 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2386 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2387 256, 2388 256, 2389 }, 2390 2391 /* Cipher C015 */ 2392 { 2393 1, 2394 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 2395 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 2396 SSL_kEECDH, 2397 SSL_aNULL, 2398 SSL_eNULL, 2399 SSL_SHA1, 2400 SSL_TLSV1, 2401 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2402 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2403 0, 2404 0, 2405 }, 2406 2407 /* Cipher C016 */ 2408 { 2409 1, 2410 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 2411 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 2412 SSL_kEECDH, 2413 SSL_aNULL, 2414 SSL_RC4, 2415 SSL_SHA1, 2416 SSL_TLSV1, 2417 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 2418 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2419 128, 2420 128, 2421 }, 2422 2423 /* Cipher C017 */ 2424 { 2425 1, 2426 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 2427 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 2428 SSL_kEECDH, 2429 SSL_aNULL, 2430 SSL_3DES, 2431 SSL_SHA1, 2432 SSL_TLSV1, 2433 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2434 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2435 112, 2436 168, 2437 }, 2438 2439 /* Cipher C018 */ 2440 { 2441 1, 2442 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 2443 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 2444 SSL_kEECDH, 2445 SSL_aNULL, 2446 SSL_AES128, 2447 SSL_SHA1, 2448 SSL_TLSV1, 2449 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2450 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2451 128, 2452 128, 2453 }, 2454 2455 /* Cipher C019 */ 2456 { 2457 1, 2458 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 2459 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 2460 SSL_kEECDH, 2461 SSL_aNULL, 2462 SSL_AES256, 2463 SSL_SHA1, 2464 SSL_TLSV1, 2465 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2466 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2467 256, 2468 256, 2469 }, 2470#endif /* OPENSSL_NO_ECDH */ 2471 2472#ifndef OPENSSL_NO_SRP 2473 /* Cipher C01A */ 2474 { 2475 1, 2476 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2477 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2478 SSL_kSRP, 2479 SSL_aSRP, 2480 SSL_3DES, 2481 SSL_SHA1, 2482 SSL_TLSV1, 2483 SSL_NOT_EXP | SSL_HIGH, 2484 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2485 112, 2486 168, 2487 }, 2488 2489 /* Cipher C01B */ 2490 { 2491 1, 2492 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2493 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2494 SSL_kSRP, 2495 SSL_aRSA, 2496 SSL_3DES, 2497 SSL_SHA1, 2498 SSL_TLSV1, 2499 SSL_NOT_EXP | SSL_HIGH, 2500 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2501 112, 2502 168, 2503 }, 2504 2505 /* Cipher C01C */ 2506 { 2507 1, 2508 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2509 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2510 SSL_kSRP, 2511 SSL_aDSS, 2512 SSL_3DES, 2513 SSL_SHA1, 2514 SSL_TLSV1, 2515 SSL_NOT_EXP | SSL_HIGH, 2516 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2517 112, 2518 168, 2519 }, 2520 2521 /* Cipher C01D */ 2522 { 2523 1, 2524 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, 2525 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, 2526 SSL_kSRP, 2527 SSL_aSRP, 2528 SSL_AES128, 2529 SSL_SHA1, 2530 SSL_TLSV1, 2531 SSL_NOT_EXP | SSL_HIGH, 2532 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2533 128, 2534 128, 2535 }, 2536 2537 /* Cipher C01E */ 2538 { 2539 1, 2540 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2541 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2542 SSL_kSRP, 2543 SSL_aRSA, 2544 SSL_AES128, 2545 SSL_SHA1, 2546 SSL_TLSV1, 2547 SSL_NOT_EXP | SSL_HIGH, 2548 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2549 128, 2550 128, 2551 }, 2552 2553 /* Cipher C01F */ 2554 { 2555 1, 2556 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2557 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2558 SSL_kSRP, 2559 SSL_aDSS, 2560 SSL_AES128, 2561 SSL_SHA1, 2562 SSL_TLSV1, 2563 SSL_NOT_EXP | SSL_HIGH, 2564 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2565 128, 2566 128, 2567 }, 2568 2569 /* Cipher C020 */ 2570 { 2571 1, 2572 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, 2573 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, 2574 SSL_kSRP, 2575 SSL_aSRP, 2576 SSL_AES256, 2577 SSL_SHA1, 2578 SSL_TLSV1, 2579 SSL_NOT_EXP | SSL_HIGH, 2580 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2581 256, 2582 256, 2583 }, 2584 2585 /* Cipher C021 */ 2586 { 2587 1, 2588 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2589 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2590 SSL_kSRP, 2591 SSL_aRSA, 2592 SSL_AES256, 2593 SSL_SHA1, 2594 SSL_TLSV1, 2595 SSL_NOT_EXP | SSL_HIGH, 2596 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2597 256, 2598 256, 2599 }, 2600 2601 /* Cipher C022 */ 2602 { 2603 1, 2604 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2605 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2606 SSL_kSRP, 2607 SSL_aDSS, 2608 SSL_AES256, 2609 SSL_SHA1, 2610 SSL_TLSV1, 2611 SSL_NOT_EXP | SSL_HIGH, 2612 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2613 256, 2614 256, 2615 }, 2616#endif /* OPENSSL_NO_SRP */ 2617#ifndef OPENSSL_NO_ECDH 2618 2619 /* HMAC based TLS v1.2 ciphersuites from RFC5289 */ 2620 2621 /* Cipher C023 */ 2622 { 2623 1, 2624 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 2625 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 2626 SSL_kEECDH, 2627 SSL_aECDSA, 2628 SSL_AES128, 2629 SSL_SHA256, 2630 SSL_TLSV1_2, 2631 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2632 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2633 128, 2634 128, 2635 }, 2636 2637 /* Cipher C024 */ 2638 { 2639 1, 2640 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 2641 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 2642 SSL_kEECDH, 2643 SSL_aECDSA, 2644 SSL_AES256, 2645 SSL_SHA384, 2646 SSL_TLSV1_2, 2647 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2648 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2649 256, 2650 256, 2651 }, 2652 2653 /* Cipher C025 */ 2654 { 2655 1, 2656 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256, 2657 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256, 2658 SSL_kECDHe, 2659 SSL_aECDH, 2660 SSL_AES128, 2661 SSL_SHA256, 2662 SSL_TLSV1_2, 2663 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2664 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2665 128, 2666 128, 2667 }, 2668 2669 /* Cipher C026 */ 2670 { 2671 1, 2672 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384, 2673 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384, 2674 SSL_kECDHe, 2675 SSL_aECDH, 2676 SSL_AES256, 2677 SSL_SHA384, 2678 SSL_TLSV1_2, 2679 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2680 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2681 256, 2682 256, 2683 }, 2684 2685 /* Cipher C027 */ 2686 { 2687 1, 2688 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 2689 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 2690 SSL_kEECDH, 2691 SSL_aRSA, 2692 SSL_AES128, 2693 SSL_SHA256, 2694 SSL_TLSV1_2, 2695 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2696 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2697 128, 2698 128, 2699 }, 2700 2701 /* Cipher C028 */ 2702 { 2703 1, 2704 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 2705 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 2706 SSL_kEECDH, 2707 SSL_aRSA, 2708 SSL_AES256, 2709 SSL_SHA384, 2710 SSL_TLSV1_2, 2711 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2712 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2713 256, 2714 256, 2715 }, 2716 2717 /* Cipher C029 */ 2718 { 2719 1, 2720 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, 2721 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, 2722 SSL_kECDHr, 2723 SSL_aECDH, 2724 SSL_AES128, 2725 SSL_SHA256, 2726 SSL_TLSV1_2, 2727 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2728 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2729 128, 2730 128, 2731 }, 2732 2733 /* Cipher C02A */ 2734 { 2735 1, 2736 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, 2737 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, 2738 SSL_kECDHr, 2739 SSL_aECDH, 2740 SSL_AES256, 2741 SSL_SHA384, 2742 SSL_TLSV1_2, 2743 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2744 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2745 256, 2746 256, 2747 }, 2748 2749 /* GCM based TLS v1.2 ciphersuites from RFC5289 */ 2750 2751 /* Cipher C02B */ 2752 { 2753 1, 2754 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2755 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2756 SSL_kEECDH, 2757 SSL_aECDSA, 2758 SSL_AES128GCM, 2759 SSL_AEAD, 2760 SSL_TLSV1_2, 2761 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2762 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2763 128, 2764 128, 2765 }, 2766 2767 /* Cipher C02C */ 2768 { 2769 1, 2770 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2771 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2772 SSL_kEECDH, 2773 SSL_aECDSA, 2774 SSL_AES256GCM, 2775 SSL_AEAD, 2776 SSL_TLSV1_2, 2777 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2778 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2779 256, 2780 256, 2781 }, 2782 2783 /* Cipher C02D */ 2784 { 2785 1, 2786 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2787 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2788 SSL_kECDHe, 2789 SSL_aECDH, 2790 SSL_AES128GCM, 2791 SSL_AEAD, 2792 SSL_TLSV1_2, 2793 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2794 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2795 128, 2796 128, 2797 }, 2798 2799 /* Cipher C02E */ 2800 { 2801 1, 2802 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2803 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2804 SSL_kECDHe, 2805 SSL_aECDH, 2806 SSL_AES256GCM, 2807 SSL_AEAD, 2808 SSL_TLSV1_2, 2809 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2810 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2811 256, 2812 256, 2813 }, 2814 2815 /* Cipher C02F */ 2816 { 2817 1, 2818 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2819 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2820 SSL_kEECDH, 2821 SSL_aRSA, 2822 SSL_AES128GCM, 2823 SSL_AEAD, 2824 SSL_TLSV1_2, 2825 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2826 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2827 128, 2828 128, 2829 }, 2830 2831 /* Cipher C030 */ 2832 { 2833 1, 2834 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2835 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2836 SSL_kEECDH, 2837 SSL_aRSA, 2838 SSL_AES256GCM, 2839 SSL_AEAD, 2840 SSL_TLSV1_2, 2841 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2842 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2843 256, 2844 256, 2845 }, 2846 2847 /* Cipher C031 */ 2848 { 2849 1, 2850 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2851 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2852 SSL_kECDHr, 2853 SSL_aECDH, 2854 SSL_AES128GCM, 2855 SSL_AEAD, 2856 SSL_TLSV1_2, 2857 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2858 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2859 128, 2860 128, 2861 }, 2862 2863 /* Cipher C032 */ 2864 { 2865 1, 2866 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2867 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2868 SSL_kECDHr, 2869 SSL_aECDH, 2870 SSL_AES256GCM, 2871 SSL_AEAD, 2872 SSL_TLSV1_2, 2873 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2874 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2875 256, 2876 256, 2877 }, 2878 2879#endif /* OPENSSL_NO_ECDH */ 2880 2881#ifdef TEMP_GOST_TLS 2882/* Cipher FF00 */ 2883 { 2884 1, 2885 "GOST-MD5", 2886 0x0300ff00, 2887 SSL_kRSA, 2888 SSL_aRSA, 2889 SSL_eGOST2814789CNT, 2890 SSL_MD5, 2891 SSL_TLSV1, 2892 SSL_NOT_EXP | SSL_HIGH, 2893 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2894 256, 2895 256, 2896 }, 2897 { 2898 1, 2899 "GOST-GOST94", 2900 0x0300ff01, 2901 SSL_kRSA, 2902 SSL_aRSA, 2903 SSL_eGOST2814789CNT, 2904 SSL_GOST94, 2905 SSL_TLSV1, 2906 SSL_NOT_EXP | SSL_HIGH, 2907 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2908 256, 2909 256}, 2910 { 2911 1, 2912 "GOST-GOST89MAC", 2913 0x0300ff02, 2914 SSL_kRSA, 2915 SSL_aRSA, 2916 SSL_eGOST2814789CNT, 2917 SSL_GOST89MAC, 2918 SSL_TLSV1, 2919 SSL_NOT_EXP | SSL_HIGH, 2920 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2921 256, 2922 256}, 2923 { 2924 1, 2925 "GOST-GOST89STREAM", 2926 0x0300ff03, 2927 SSL_kRSA, 2928 SSL_aRSA, 2929 SSL_eGOST2814789CNT, 2930 SSL_GOST89MAC, 2931 SSL_TLSV1, 2932 SSL_NOT_EXP | SSL_HIGH, 2933 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC, 2934 256, 2935 256}, 2936#endif 2937 2938/* end of list */ 2939}; 2940 2941SSL3_ENC_METHOD SSLv3_enc_data = { 2942 ssl3_enc, 2943 n_ssl3_mac, 2944 ssl3_setup_key_block, 2945 ssl3_generate_master_secret, 2946 ssl3_change_cipher_state, 2947 ssl3_final_finish_mac, 2948 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, 2949 ssl3_cert_verify_mac, 2950 SSL3_MD_CLIENT_FINISHED_CONST, 4, 2951 SSL3_MD_SERVER_FINISHED_CONST, 4, 2952 ssl3_alert_code, 2953 (int (*)(SSL *, unsigned char *, size_t, const char *, 2954 size_t, const unsigned char *, size_t, 2955 int use_context))ssl_undefined_function, 2956}; 2957 2958long ssl3_default_timeout(void) 2959{ 2960 /* 2961 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for 2962 * http, the cache would over fill 2963 */ 2964 return (60 * 60 * 2); 2965} 2966 2967int ssl3_num_ciphers(void) 2968{ 2969 return (SSL3_NUM_CIPHERS); 2970} 2971 2972const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 2973{ 2974 if (u < SSL3_NUM_CIPHERS) 2975 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u])); 2976 else 2977 return (NULL); 2978} 2979 2980int ssl3_pending(const SSL *s) 2981{ 2982 if (s->rstate == SSL_ST_READ_BODY) 2983 return 0; 2984 2985 return (s->s3->rrec.type == 2986 SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 2987} 2988 2989int ssl3_new(SSL *s) 2990{ 2991 SSL3_STATE *s3; 2992 2993 if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL) 2994 goto err; 2995 memset(s3, 0, sizeof *s3); 2996 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 2997 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); 2998 2999 s->s3 = s3; 3000 3001#ifndef OPENSSL_NO_SRP 3002 SSL_SRP_CTX_init(s); 3003#endif 3004 s->method->ssl_clear(s); 3005 return (1); 3006 err: 3007 return (0); 3008} 3009 3010void ssl3_free(SSL *s) 3011{ 3012 if (s == NULL || s->s3 == NULL) 3013 return; 3014 3015#ifdef TLSEXT_TYPE_opaque_prf_input 3016 if (s->s3->client_opaque_prf_input != NULL) 3017 OPENSSL_free(s->s3->client_opaque_prf_input); 3018 if (s->s3->server_opaque_prf_input != NULL) 3019 OPENSSL_free(s->s3->server_opaque_prf_input); 3020#endif 3021 3022 ssl3_cleanup_key_block(s); 3023 if (s->s3->rbuf.buf != NULL) 3024 ssl3_release_read_buffer(s); 3025 if (s->s3->wbuf.buf != NULL) 3026 ssl3_release_write_buffer(s); 3027 if (s->s3->rrec.comp != NULL) 3028 OPENSSL_free(s->s3->rrec.comp); 3029#ifndef OPENSSL_NO_DH 3030 if (s->s3->tmp.dh != NULL) 3031 DH_free(s->s3->tmp.dh); 3032#endif 3033#ifndef OPENSSL_NO_ECDH 3034 if (s->s3->tmp.ecdh != NULL) 3035 EC_KEY_free(s->s3->tmp.ecdh); 3036#endif 3037 3038 if (s->s3->tmp.ca_names != NULL) 3039 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3040 if (s->s3->handshake_buffer) { 3041 BIO_free(s->s3->handshake_buffer); 3042 } 3043 if (s->s3->handshake_dgst) 3044 ssl3_free_digest_list(s); 3045#ifndef OPENSSL_NO_SRP 3046 SSL_SRP_CTX_free(s); 3047#endif 3048 OPENSSL_cleanse(s->s3, sizeof *s->s3); 3049 OPENSSL_free(s->s3); 3050 s->s3 = NULL; 3051} 3052 3053void ssl3_clear(SSL *s) 3054{ 3055 unsigned char *rp, *wp; 3056 size_t rlen, wlen; 3057 int init_extra; 3058 3059#ifdef TLSEXT_TYPE_opaque_prf_input 3060 if (s->s3->client_opaque_prf_input != NULL) 3061 OPENSSL_free(s->s3->client_opaque_prf_input); 3062 s->s3->client_opaque_prf_input = NULL; 3063 if (s->s3->server_opaque_prf_input != NULL) 3064 OPENSSL_free(s->s3->server_opaque_prf_input); 3065 s->s3->server_opaque_prf_input = NULL; 3066#endif 3067 3068 ssl3_cleanup_key_block(s); 3069 if (s->s3->tmp.ca_names != NULL) 3070 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3071 3072 if (s->s3->rrec.comp != NULL) { 3073 OPENSSL_free(s->s3->rrec.comp); 3074 s->s3->rrec.comp = NULL; 3075 } 3076#ifndef OPENSSL_NO_DH 3077 if (s->s3->tmp.dh != NULL) { 3078 DH_free(s->s3->tmp.dh); 3079 s->s3->tmp.dh = NULL; 3080 } 3081#endif 3082#ifndef OPENSSL_NO_ECDH 3083 if (s->s3->tmp.ecdh != NULL) { 3084 EC_KEY_free(s->s3->tmp.ecdh); 3085 s->s3->tmp.ecdh = NULL; 3086 } 3087#endif 3088#ifndef OPENSSL_NO_TLSEXT 3089# ifndef OPENSSL_NO_EC 3090 s->s3->is_probably_safari = 0; 3091# endif /* !OPENSSL_NO_EC */ 3092#endif /* !OPENSSL_NO_TLSEXT */ 3093 3094 rp = s->s3->rbuf.buf; 3095 wp = s->s3->wbuf.buf; 3096 rlen = s->s3->rbuf.len; 3097 wlen = s->s3->wbuf.len; 3098 init_extra = s->s3->init_extra; 3099 if (s->s3->handshake_buffer) { 3100 BIO_free(s->s3->handshake_buffer); 3101 s->s3->handshake_buffer = NULL; 3102 } 3103 if (s->s3->handshake_dgst) { 3104 ssl3_free_digest_list(s); 3105 } 3106 memset(s->s3, 0, sizeof *s->s3); 3107 s->s3->rbuf.buf = rp; 3108 s->s3->wbuf.buf = wp; 3109 s->s3->rbuf.len = rlen; 3110 s->s3->wbuf.len = wlen; 3111 s->s3->init_extra = init_extra; 3112 3113 ssl_free_wbio_buffer(s); 3114 3115 s->packet_length = 0; 3116 s->s3->renegotiate = 0; 3117 s->s3->total_renegotiations = 0; 3118 s->s3->num_renegotiations = 0; 3119 s->s3->in_read_app_data = 0; 3120 s->version = SSL3_VERSION; 3121 3122#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 3123 if (s->next_proto_negotiated) { 3124 OPENSSL_free(s->next_proto_negotiated); 3125 s->next_proto_negotiated = NULL; 3126 s->next_proto_negotiated_len = 0; 3127 } 3128#endif 3129} 3130 3131#ifndef OPENSSL_NO_SRP 3132static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg) 3133{ 3134 return BUF_strdup(s->srp_ctx.info); 3135} 3136#endif 3137 3138long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 3139{ 3140 int ret = 0; 3141 3142#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3143 if ( 3144# ifndef OPENSSL_NO_RSA 3145 cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || 3146# endif 3147# ifndef OPENSSL_NO_DSA 3148 cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB || 3149# endif 3150 0) { 3151 if (!ssl_cert_inst(&s->cert)) { 3152 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 3153 return (0); 3154 } 3155 } 3156#endif 3157 3158 switch (cmd) { 3159 case SSL_CTRL_GET_SESSION_REUSED: 3160 ret = s->hit; 3161 break; 3162 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 3163 break; 3164 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 3165 ret = s->s3->num_renegotiations; 3166 break; 3167 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 3168 ret = s->s3->num_renegotiations; 3169 s->s3->num_renegotiations = 0; 3170 break; 3171 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 3172 ret = s->s3->total_renegotiations; 3173 break; 3174 case SSL_CTRL_GET_FLAGS: 3175 ret = (int)(s->s3->flags); 3176 break; 3177#ifndef OPENSSL_NO_RSA 3178 case SSL_CTRL_NEED_TMP_RSA: 3179 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 3180 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3181 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3182 (512 / 8)))) 3183 ret = 1; 3184 break; 3185 case SSL_CTRL_SET_TMP_RSA: 3186 { 3187 RSA *rsa = (RSA *)parg; 3188 if (rsa == NULL) { 3189 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3190 return (ret); 3191 } 3192 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) { 3193 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); 3194 return (ret); 3195 } 3196 if (s->cert->rsa_tmp != NULL) 3197 RSA_free(s->cert->rsa_tmp); 3198 s->cert->rsa_tmp = rsa; 3199 ret = 1; 3200 } 3201 break; 3202 case SSL_CTRL_SET_TMP_RSA_CB: 3203 { 3204 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3205 return (ret); 3206 } 3207 break; 3208#endif 3209#ifndef OPENSSL_NO_DH 3210 case SSL_CTRL_SET_TMP_DH: 3211 { 3212 DH *dh = (DH *)parg; 3213 if (dh == NULL) { 3214 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3215 return (ret); 3216 } 3217 if ((dh = DHparams_dup(dh)) == NULL) { 3218 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3219 return (ret); 3220 } 3221 if (s->cert->dh_tmp != NULL) 3222 DH_free(s->cert->dh_tmp); 3223 s->cert->dh_tmp = dh; 3224 ret = 1; 3225 } 3226 break; 3227 case SSL_CTRL_SET_TMP_DH_CB: 3228 { 3229 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3230 return (ret); 3231 } 3232 break; 3233#endif 3234#ifndef OPENSSL_NO_ECDH 3235 case SSL_CTRL_SET_TMP_ECDH: 3236 { 3237 EC_KEY *ecdh = NULL; 3238 3239 if (parg == NULL) { 3240 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3241 return (ret); 3242 } 3243 if (!EC_KEY_up_ref((EC_KEY *)parg)) { 3244 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3245 return (ret); 3246 } 3247 ecdh = (EC_KEY *)parg; 3248 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) { 3249 if (!EC_KEY_generate_key(ecdh)) { 3250 EC_KEY_free(ecdh); 3251 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3252 return (ret); 3253 } 3254 } 3255 if (s->cert->ecdh_tmp != NULL) 3256 EC_KEY_free(s->cert->ecdh_tmp); 3257 s->cert->ecdh_tmp = ecdh; 3258 ret = 1; 3259 } 3260 break; 3261 case SSL_CTRL_SET_TMP_ECDH_CB: 3262 { 3263 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3264 return (ret); 3265 } 3266 break; 3267#endif /* !OPENSSL_NO_ECDH */ 3268#ifndef OPENSSL_NO_TLSEXT 3269 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 3270 if (larg == TLSEXT_NAMETYPE_host_name) { 3271 size_t len; 3272 3273 if (s->tlsext_hostname != NULL) 3274 OPENSSL_free(s->tlsext_hostname); 3275 s->tlsext_hostname = NULL; 3276 3277 ret = 1; 3278 if (parg == NULL) 3279 break; 3280 len = strlen((char *)parg); 3281 if (len == 0 || len > TLSEXT_MAXLEN_host_name) { 3282 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 3283 return 0; 3284 } 3285 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) { 3286 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 3287 return 0; 3288 } 3289 } else { 3290 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 3291 return 0; 3292 } 3293 break; 3294 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 3295 s->tlsext_debug_arg = parg; 3296 ret = 1; 3297 break; 3298 3299# ifdef TLSEXT_TYPE_opaque_prf_input 3300 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3301 if (larg > 12288) { /* actual internal limit is 2^16 for the 3302 * complete hello message * (including the 3303 * cert chain and everything) */ 3304 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3305 break; 3306 } 3307 if (s->tlsext_opaque_prf_input != NULL) 3308 OPENSSL_free(s->tlsext_opaque_prf_input); 3309 if ((size_t)larg == 0) 3310 s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte 3311 * just to get 3312 * non-NULL */ 3313 else 3314 s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); 3315 if (s->tlsext_opaque_prf_input != NULL) { 3316 s->tlsext_opaque_prf_input_len = (size_t)larg; 3317 ret = 1; 3318 } else 3319 s->tlsext_opaque_prf_input_len = 0; 3320 break; 3321# endif 3322 3323 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3324 s->tlsext_status_type = larg; 3325 ret = 1; 3326 break; 3327 3328 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 3329 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; 3330 ret = 1; 3331 break; 3332 3333 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 3334 s->tlsext_ocsp_exts = parg; 3335 ret = 1; 3336 break; 3337 3338 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 3339 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; 3340 ret = 1; 3341 break; 3342 3343 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 3344 s->tlsext_ocsp_ids = parg; 3345 ret = 1; 3346 break; 3347 3348 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 3349 *(unsigned char **)parg = s->tlsext_ocsp_resp; 3350 return s->tlsext_ocsp_resplen; 3351 3352 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 3353 if (s->tlsext_ocsp_resp) 3354 OPENSSL_free(s->tlsext_ocsp_resp); 3355 s->tlsext_ocsp_resp = parg; 3356 s->tlsext_ocsp_resplen = larg; 3357 ret = 1; 3358 break; 3359 3360# ifndef OPENSSL_NO_HEARTBEATS 3361 case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT: 3362 if (SSL_version(s) == DTLS1_VERSION 3363 || SSL_version(s) == DTLS1_BAD_VER) 3364 ret = dtls1_heartbeat(s); 3365 else 3366 ret = tls1_heartbeat(s); 3367 break; 3368 3369 case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING: 3370 ret = s->tlsext_hb_pending; 3371 break; 3372 3373 case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS: 3374 if (larg) 3375 s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3376 else 3377 s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3378 ret = 1; 3379 break; 3380# endif 3381 3382#endif /* !OPENSSL_NO_TLSEXT */ 3383 3384 case SSL_CTRL_CHECK_PROTO_VERSION: 3385 /* 3386 * For library-internal use; checks that the current protocol is the 3387 * highest enabled version (according to s->ctx->method, as version 3388 * negotiation may have changed s->method). 3389 */ 3390 if (s->version == s->ctx->method->version) 3391 return 1; 3392 /* 3393 * Apparently we're using a version-flexible SSL_METHOD (not at its 3394 * highest protocol version). 3395 */ 3396 if (s->ctx->method->version == SSLv23_method()->version) { 3397#if TLS_MAX_VERSION != TLS1_2_VERSION 3398# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. 3399#endif 3400 if (!(s->options & SSL_OP_NO_TLSv1_2)) 3401 return s->version == TLS1_2_VERSION; 3402 if (!(s->options & SSL_OP_NO_TLSv1_1)) 3403 return s->version == TLS1_1_VERSION; 3404 if (!(s->options & SSL_OP_NO_TLSv1)) 3405 return s->version == TLS1_VERSION; 3406 if (!(s->options & SSL_OP_NO_SSLv3)) 3407 return s->version == SSL3_VERSION; 3408 if (!(s->options & SSL_OP_NO_SSLv2)) 3409 return s->version == SSL2_VERSION; 3410 } 3411 return 0; /* Unexpected state; fail closed. */ 3412 3413 default: 3414 break; 3415 } 3416 return (ret); 3417} 3418 3419long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 3420{ 3421 int ret = 0; 3422 3423#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3424 if ( 3425# ifndef OPENSSL_NO_RSA 3426 cmd == SSL_CTRL_SET_TMP_RSA_CB || 3427# endif 3428# ifndef OPENSSL_NO_DSA 3429 cmd == SSL_CTRL_SET_TMP_DH_CB || 3430# endif 3431 0) { 3432 if (!ssl_cert_inst(&s->cert)) { 3433 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); 3434 return (0); 3435 } 3436 } 3437#endif 3438 3439 switch (cmd) { 3440#ifndef OPENSSL_NO_RSA 3441 case SSL_CTRL_SET_TMP_RSA_CB: 3442 { 3443 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3444 } 3445 break; 3446#endif 3447#ifndef OPENSSL_NO_DH 3448 case SSL_CTRL_SET_TMP_DH_CB: 3449 { 3450 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3451 } 3452 break; 3453#endif 3454#ifndef OPENSSL_NO_ECDH 3455 case SSL_CTRL_SET_TMP_ECDH_CB: 3456 { 3457 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3458 } 3459 break; 3460#endif 3461#ifndef OPENSSL_NO_TLSEXT 3462 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3463 s->tlsext_debug_cb = (void (*)(SSL *, int, int, 3464 unsigned char *, int, void *))fp; 3465 break; 3466#endif 3467 default: 3468 break; 3469 } 3470 return (ret); 3471} 3472 3473long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3474{ 3475 CERT *cert; 3476 3477 cert = ctx->cert; 3478 3479 switch (cmd) { 3480#ifndef OPENSSL_NO_RSA 3481 case SSL_CTRL_NEED_TMP_RSA: 3482 if ((cert->rsa_tmp == NULL) && 3483 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3484 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3485 (512 / 8))) 3486 ) 3487 return (1); 3488 else 3489 return (0); 3490 /* break; */ 3491 case SSL_CTRL_SET_TMP_RSA: 3492 { 3493 RSA *rsa; 3494 int i; 3495 3496 rsa = (RSA *)parg; 3497 i = 1; 3498 if (rsa == NULL) 3499 i = 0; 3500 else { 3501 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) 3502 i = 0; 3503 } 3504 if (!i) { 3505 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB); 3506 return (0); 3507 } else { 3508 if (cert->rsa_tmp != NULL) 3509 RSA_free(cert->rsa_tmp); 3510 cert->rsa_tmp = rsa; 3511 return (1); 3512 } 3513 } 3514 /* break; */ 3515 case SSL_CTRL_SET_TMP_RSA_CB: 3516 { 3517 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3518 return (0); 3519 } 3520 break; 3521#endif 3522#ifndef OPENSSL_NO_DH 3523 case SSL_CTRL_SET_TMP_DH: 3524 { 3525 DH *new = NULL, *dh; 3526 3527 dh = (DH *)parg; 3528 if ((new = DHparams_dup(dh)) == NULL) { 3529 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); 3530 return 0; 3531 } 3532 if (cert->dh_tmp != NULL) 3533 DH_free(cert->dh_tmp); 3534 cert->dh_tmp = new; 3535 return 1; 3536 } 3537 /* 3538 * break; 3539 */ 3540 case SSL_CTRL_SET_TMP_DH_CB: 3541 { 3542 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3543 return (0); 3544 } 3545 break; 3546#endif 3547#ifndef OPENSSL_NO_ECDH 3548 case SSL_CTRL_SET_TMP_ECDH: 3549 { 3550 EC_KEY *ecdh = NULL; 3551 3552 if (parg == NULL) { 3553 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3554 return 0; 3555 } 3556 ecdh = EC_KEY_dup((EC_KEY *)parg); 3557 if (ecdh == NULL) { 3558 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB); 3559 return 0; 3560 } 3561 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) { 3562 if (!EC_KEY_generate_key(ecdh)) { 3563 EC_KEY_free(ecdh); 3564 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3565 return 0; 3566 } 3567 } 3568 3569 if (cert->ecdh_tmp != NULL) { 3570 EC_KEY_free(cert->ecdh_tmp); 3571 } 3572 cert->ecdh_tmp = ecdh; 3573 return 1; 3574 } 3575 /* break; */ 3576 case SSL_CTRL_SET_TMP_ECDH_CB: 3577 { 3578 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3579 return (0); 3580 } 3581 break; 3582#endif /* !OPENSSL_NO_ECDH */ 3583#ifndef OPENSSL_NO_TLSEXT 3584 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 3585 ctx->tlsext_servername_arg = parg; 3586 break; 3587 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 3588 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 3589 { 3590 unsigned char *keys = parg; 3591 if (!keys) 3592 return 48; 3593 if (larg != 48) { 3594 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3595 return 0; 3596 } 3597 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 3598 memcpy(ctx->tlsext_tick_key_name, keys, 16); 3599 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 3600 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 3601 } else { 3602 memcpy(keys, ctx->tlsext_tick_key_name, 16); 3603 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 3604 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 3605 } 3606 return 1; 3607 } 3608 3609# ifdef TLSEXT_TYPE_opaque_prf_input 3610 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG: 3611 ctx->tlsext_opaque_prf_input_callback_arg = parg; 3612 return 1; 3613# endif 3614 3615 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 3616 ctx->tlsext_status_arg = parg; 3617 return 1; 3618 break; 3619 3620# ifndef OPENSSL_NO_SRP 3621 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: 3622 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3623 if (ctx->srp_ctx.login != NULL) 3624 OPENSSL_free(ctx->srp_ctx.login); 3625 ctx->srp_ctx.login = NULL; 3626 if (parg == NULL) 3627 break; 3628 if (strlen((const char *)parg) > 255 3629 || strlen((const char *)parg) < 1) { 3630 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3631 return 0; 3632 } 3633 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) { 3634 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3635 return 0; 3636 } 3637 break; 3638 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3639 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3640 srp_password_from_info_cb; 3641 ctx->srp_ctx.info = parg; 3642 break; 3643 case SSL_CTRL_SET_SRP_ARG: 3644 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3645 ctx->srp_ctx.SRP_cb_arg = parg; 3646 break; 3647 3648 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH: 3649 ctx->srp_ctx.strength = larg; 3650 break; 3651# endif 3652#endif /* !OPENSSL_NO_TLSEXT */ 3653 3654 /* A Thawte special :-) */ 3655 case SSL_CTRL_EXTRA_CHAIN_CERT: 3656 if (ctx->extra_certs == NULL) { 3657 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) 3658 return (0); 3659 } 3660 sk_X509_push(ctx->extra_certs, (X509 *)parg); 3661 break; 3662 3663 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 3664 *(STACK_OF(X509) **)parg = ctx->extra_certs; 3665 break; 3666 3667 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 3668 if (ctx->extra_certs) { 3669 sk_X509_pop_free(ctx->extra_certs, X509_free); 3670 ctx->extra_certs = NULL; 3671 } 3672 break; 3673 3674 default: 3675 return (0); 3676 } 3677 return (1); 3678} 3679 3680long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 3681{ 3682 CERT *cert; 3683 3684 cert = ctx->cert; 3685 3686 switch (cmd) { 3687#ifndef OPENSSL_NO_RSA 3688 case SSL_CTRL_SET_TMP_RSA_CB: 3689 { 3690 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3691 } 3692 break; 3693#endif 3694#ifndef OPENSSL_NO_DH 3695 case SSL_CTRL_SET_TMP_DH_CB: 3696 { 3697 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3698 } 3699 break; 3700#endif 3701#ifndef OPENSSL_NO_ECDH 3702 case SSL_CTRL_SET_TMP_ECDH_CB: 3703 { 3704 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3705 } 3706 break; 3707#endif 3708#ifndef OPENSSL_NO_TLSEXT 3709 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 3710 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp; 3711 break; 3712 3713# ifdef TLSEXT_TYPE_opaque_prf_input 3714 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB: 3715 ctx->tlsext_opaque_prf_input_callback = 3716 (int (*)(SSL *, void *, size_t, void *))fp; 3717 break; 3718# endif 3719 3720 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 3721 ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp; 3722 break; 3723 3724 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 3725 ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *, 3726 unsigned char *, 3727 EVP_CIPHER_CTX *, 3728 HMAC_CTX *, int))fp; 3729 break; 3730 3731# ifndef OPENSSL_NO_SRP 3732 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: 3733 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3734 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp; 3735 break; 3736 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB: 3737 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3738 ctx->srp_ctx.TLS_ext_srp_username_callback = 3739 (int (*)(SSL *, int *, void *))fp; 3740 break; 3741 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB: 3742 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3743 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3744 (char *(*)(SSL *, void *))fp; 3745 break; 3746# endif 3747#endif 3748 3749 default: 3750 return (0); 3751 } 3752 return (1); 3753} 3754 3755/* 3756 * This function needs to check if the ciphers required are actually 3757 * available 3758 */ 3759const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 3760{ 3761 SSL_CIPHER c; 3762 const SSL_CIPHER *cp; 3763 unsigned long id; 3764 3765 id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1]; 3766 c.id = id; 3767 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 3768#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES 3769 if (cp == NULL) 3770 fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]); 3771#endif 3772 if (cp == NULL || cp->valid == 0) 3773 return NULL; 3774 else 3775 return cp; 3776} 3777 3778int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 3779{ 3780 long l; 3781 3782 if (p != NULL) { 3783 l = c->id; 3784 if ((l & 0xff000000) != 0x03000000) 3785 return (0); 3786 p[0] = ((unsigned char)(l >> 8L)) & 0xFF; 3787 p[1] = ((unsigned char)(l)) & 0xFF; 3788 } 3789 return (2); 3790} 3791 3792SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 3793 STACK_OF(SSL_CIPHER) *srvr) 3794{ 3795 SSL_CIPHER *c, *ret = NULL; 3796 STACK_OF(SSL_CIPHER) *prio, *allow; 3797 int i, ii, ok; 3798#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC) 3799 unsigned int j; 3800 int ec_ok, ec_nid; 3801 unsigned char ec_search1 = 0, ec_search2 = 0; 3802#endif 3803 CERT *cert; 3804 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a; 3805 3806 /* Let's see which ciphers we can support */ 3807 cert = s->cert; 3808 3809#if 0 3810 /* 3811 * Do not set the compare functions, because this may lead to a 3812 * reordering by "id". We want to keep the original ordering. We may pay 3813 * a price in performance during sk_SSL_CIPHER_find(), but would have to 3814 * pay with the price of sk_SSL_CIPHER_dup(). 3815 */ 3816 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp); 3817 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp); 3818#endif 3819 3820#ifdef CIPHER_DEBUG 3821 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), 3822 (void *)srvr); 3823 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { 3824 c = sk_SSL_CIPHER_value(srvr, i); 3825 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 3826 } 3827 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), 3828 (void *)clnt); 3829 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { 3830 c = sk_SSL_CIPHER_value(clnt, i); 3831 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 3832 } 3833#endif 3834 3835 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) { 3836 prio = srvr; 3837 allow = clnt; 3838 } else { 3839 prio = clnt; 3840 allow = srvr; 3841 } 3842 3843 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) { 3844 c = sk_SSL_CIPHER_value(prio, i); 3845 3846 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */ 3847 if ((c->algorithm_ssl & SSL_TLSV1_2) && 3848 (TLS1_get_version(s) < TLS1_2_VERSION)) 3849 continue; 3850 3851 ssl_set_cert_masks(cert, c); 3852 mask_k = cert->mask_k; 3853 mask_a = cert->mask_a; 3854 emask_k = cert->export_mask_k; 3855 emask_a = cert->export_mask_a; 3856#ifndef OPENSSL_NO_SRP 3857 if (s->srp_ctx.srp_Mask & SSL_kSRP) { 3858 mask_k |= SSL_kSRP; 3859 emask_k |= SSL_kSRP; 3860 mask_a |= SSL_aSRP; 3861 emask_a |= SSL_aSRP; 3862 } 3863#endif 3864 3865#ifdef KSSL_DEBUG 3866 /* 3867 * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n", 3868 * i,c->algorithms); 3869 */ 3870#endif /* KSSL_DEBUG */ 3871 3872 alg_k = c->algorithm_mkey; 3873 alg_a = c->algorithm_auth; 3874 3875#ifndef OPENSSL_NO_KRB5 3876 if (alg_k & SSL_kKRB5) { 3877 if (!kssl_keytab_is_available(s->kssl_ctx)) 3878 continue; 3879 } 3880#endif /* OPENSSL_NO_KRB5 */ 3881#ifndef OPENSSL_NO_PSK 3882 /* with PSK there must be server callback set */ 3883 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL) 3884 continue; 3885#endif /* OPENSSL_NO_PSK */ 3886 3887 if (SSL_C_IS_EXPORT(c)) { 3888 ok = (alg_k & emask_k) && (alg_a & emask_a); 3889#ifdef CIPHER_DEBUG 3890 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n", 3891 ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name); 3892#endif 3893 } else { 3894 ok = (alg_k & mask_k) && (alg_a & mask_a); 3895#ifdef CIPHER_DEBUG 3896 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, 3897 alg_a, mask_k, mask_a, (void *)c, c->name); 3898#endif 3899 } 3900 3901#ifndef OPENSSL_NO_TLSEXT 3902# ifndef OPENSSL_NO_EC 3903 if ( 3904 /* 3905 * if we are considering an ECC cipher suite that uses our 3906 * certificate 3907 */ 3908 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 3909 /* and we have an ECC certificate */ 3910 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 3911 /* 3912 * and the client specified a Supported Point Formats 3913 * extension 3914 */ 3915 && ((s->session->tlsext_ecpointformatlist_length > 0) 3916 && (s->session->tlsext_ecpointformatlist != NULL)) 3917 /* and our certificate's point is compressed */ 3918 && ((s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL) 3919 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != 3920 NULL) 3921 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info-> 3922 key->public_key != NULL) 3923 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info-> 3924 key->public_key->data != NULL) 3925 && 3926 ((* 3927 (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info-> 3928 key->public_key->data) == POINT_CONVERSION_COMPRESSED) 3929 || 3930 (* 3931 (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info-> 3932 key->public_key->data) == 3933 POINT_CONVERSION_COMPRESSED + 1) 3934 ) 3935 ) 3936 ) { 3937 ec_ok = 0; 3938 /* 3939 * if our certificate's curve is over a field type that the 3940 * client does not support then do not allow this cipher suite to 3941 * be negotiated 3942 */ 3943 if ((s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) 3944 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != 3945 NULL) 3946 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec-> 3947 group->meth != NULL) 3948 && 3949 (EC_METHOD_get_field_type 3950 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec-> 3951 group->meth) == NID_X9_62_prime_field) 3952 ) { 3953 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; 3954 j++) { 3955 if (s->session->tlsext_ecpointformatlist[j] == 3956 TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime) { 3957 ec_ok = 1; 3958 break; 3959 } 3960 } 3961 } else 3962 if (EC_METHOD_get_field_type 3963 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec-> 3964 group->meth) == NID_X9_62_characteristic_two_field) { 3965 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; 3966 j++) { 3967 if (s->session->tlsext_ecpointformatlist[j] == 3968 TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2) { 3969 ec_ok = 1; 3970 break; 3971 } 3972 } 3973 } 3974 ok = ok && ec_ok; 3975 } 3976 if ( 3977 /* 3978 * if we are considering an ECC cipher suite that uses our 3979 * certificate 3980 */ 3981 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 3982 /* and we have an ECC certificate */ 3983 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 3984 /* 3985 * and the client specified an EllipticCurves extension 3986 */ 3987 && ((s->session->tlsext_ellipticcurvelist_length > 0) 3988 && (s->session->tlsext_ellipticcurvelist != NULL)) 3989 ) { 3990 ec_ok = 0; 3991 if ((s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) 3992 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != 3993 NULL) 3994 ) { 3995 ec_nid = 3996 EC_GROUP_get_curve_name(s->cert-> 3997 pkeys[SSL_PKEY_ECC].privatekey-> 3998 pkey.ec->group); 3999 if ((ec_nid == 0) 4000 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey. 4001 ec->group->meth != NULL) 4002 ) { 4003 if (EC_METHOD_get_field_type 4004 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey. 4005 ec->group->meth) == NID_X9_62_prime_field) { 4006 ec_search1 = 0xFF; 4007 ec_search2 = 0x01; 4008 } else 4009 if (EC_METHOD_get_field_type 4010 (s->cert->pkeys[SSL_PKEY_ECC].privatekey-> 4011 pkey.ec->group->meth) == 4012 NID_X9_62_characteristic_two_field) { 4013 ec_search1 = 0xFF; 4014 ec_search2 = 0x02; 4015 } 4016 } else { 4017 ec_search1 = 0x00; 4018 ec_search2 = tls1_ec_nid2curve_id(ec_nid); 4019 } 4020 if ((ec_search1 != 0) || (ec_search2 != 0)) { 4021 for (j = 0; 4022 j < s->session->tlsext_ellipticcurvelist_length / 2; 4023 j++) { 4024 if ((s->session->tlsext_ellipticcurvelist[2 * j] == 4025 ec_search1) 4026 && (s->session->tlsext_ellipticcurvelist[2 * j + 4027 1] == 4028 ec_search2)) { 4029 ec_ok = 1; 4030 break; 4031 } 4032 } 4033 } 4034 } 4035 ok = ok && ec_ok; 4036 } 4037# ifndef OPENSSL_NO_ECDH 4038 if ( 4039 /* 4040 * if we are considering an ECC cipher suite that uses an 4041 * ephemeral EC key 4042 */ 4043 (alg_k & SSL_kEECDH) 4044 /* and we have an ephemeral EC key */ 4045 && (s->cert->ecdh_tmp != NULL) 4046 /* 4047 * and the client specified an EllipticCurves extension 4048 */ 4049 && ((s->session->tlsext_ellipticcurvelist_length > 0) 4050 && (s->session->tlsext_ellipticcurvelist != NULL)) 4051 ) { 4052 ec_ok = 0; 4053 if (s->cert->ecdh_tmp->group != NULL) { 4054 ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group); 4055 if ((ec_nid == 0) 4056 && (s->cert->ecdh_tmp->group->meth != NULL) 4057 ) { 4058 if (EC_METHOD_get_field_type 4059 (s->cert->ecdh_tmp->group->meth) == 4060 NID_X9_62_prime_field) { 4061 ec_search1 = 0xFF; 4062 ec_search2 = 0x01; 4063 } else 4064 if (EC_METHOD_get_field_type 4065 (s->cert->ecdh_tmp->group->meth) == 4066 NID_X9_62_characteristic_two_field) { 4067 ec_search1 = 0xFF; 4068 ec_search2 = 0x02; 4069 } 4070 } else { 4071 ec_search1 = 0x00; 4072 ec_search2 = tls1_ec_nid2curve_id(ec_nid); 4073 } 4074 if ((ec_search1 != 0) || (ec_search2 != 0)) { 4075 for (j = 0; 4076 j < s->session->tlsext_ellipticcurvelist_length / 2; 4077 j++) { 4078 if ((s->session->tlsext_ellipticcurvelist[2 * j] == 4079 ec_search1) 4080 && (s->session->tlsext_ellipticcurvelist[2 * j + 4081 1] == 4082 ec_search2)) { 4083 ec_ok = 1; 4084 break; 4085 } 4086 } 4087 } 4088 } 4089 ok = ok && ec_ok; 4090 } 4091# endif /* OPENSSL_NO_ECDH */ 4092# endif /* OPENSSL_NO_EC */ 4093#endif /* OPENSSL_NO_TLSEXT */ 4094 4095 if (!ok) 4096 continue; 4097 ii = sk_SSL_CIPHER_find(allow, c); 4098 if (ii >= 0) { 4099#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) 4100 if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) 4101 && s->s3->is_probably_safari) { 4102 if (!ret) 4103 ret = sk_SSL_CIPHER_value(allow, ii); 4104 continue; 4105 } 4106#endif 4107 ret = sk_SSL_CIPHER_value(allow, ii); 4108 break; 4109 } 4110 } 4111 return (ret); 4112} 4113 4114int ssl3_get_req_cert_type(SSL *s, unsigned char *p) 4115{ 4116 int ret = 0; 4117 unsigned long alg_k; 4118 4119 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 4120 4121#ifndef OPENSSL_NO_GOST 4122 if (s->version >= TLS1_VERSION) { 4123 if (alg_k & SSL_kGOST) { 4124 p[ret++] = TLS_CT_GOST94_SIGN; 4125 p[ret++] = TLS_CT_GOST01_SIGN; 4126 return (ret); 4127 } 4128 } 4129#endif 4130 4131#ifndef OPENSSL_NO_DH 4132 if (alg_k & (SSL_kDHr | SSL_kEDH)) { 4133# ifndef OPENSSL_NO_RSA 4134 p[ret++] = SSL3_CT_RSA_FIXED_DH; 4135# endif 4136# ifndef OPENSSL_NO_DSA 4137 p[ret++] = SSL3_CT_DSS_FIXED_DH; 4138# endif 4139 } 4140 if ((s->version == SSL3_VERSION) && 4141 (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) { 4142# ifndef OPENSSL_NO_RSA 4143 p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; 4144# endif 4145# ifndef OPENSSL_NO_DSA 4146 p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; 4147# endif 4148 } 4149#endif /* !OPENSSL_NO_DH */ 4150#ifndef OPENSSL_NO_RSA 4151 p[ret++] = SSL3_CT_RSA_SIGN; 4152#endif 4153#ifndef OPENSSL_NO_DSA 4154 p[ret++] = SSL3_CT_DSS_SIGN; 4155#endif 4156#ifndef OPENSSL_NO_ECDH 4157 if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { 4158 p[ret++] = TLS_CT_RSA_FIXED_ECDH; 4159 p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; 4160 } 4161#endif 4162 4163#ifndef OPENSSL_NO_ECDSA 4164 /* 4165 * ECDSA certs can be used with RSA cipher suites as well so we don't 4166 * need to check for SSL_kECDH or SSL_kEECDH 4167 */ 4168 if (s->version >= TLS1_VERSION) { 4169 p[ret++] = TLS_CT_ECDSA_SIGN; 4170 } 4171#endif 4172 return (ret); 4173} 4174 4175int ssl3_shutdown(SSL *s) 4176{ 4177 int ret; 4178 4179 /* 4180 * Don't do anything much if we have not done the handshake or we don't 4181 * want to send messages :-) 4182 */ 4183 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) { 4184 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 4185 return (1); 4186 } 4187 4188 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { 4189 s->shutdown |= SSL_SENT_SHUTDOWN; 4190#if 1 4191 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); 4192#endif 4193 /* 4194 * our shutdown alert has been sent now, and if it still needs to be 4195 * written, s->s3->alert_dispatch will be true 4196 */ 4197 if (s->s3->alert_dispatch) 4198 return (-1); /* return WANT_WRITE */ 4199 } else if (s->s3->alert_dispatch) { 4200 /* resend it if not sent */ 4201#if 1 4202 ret = s->method->ssl_dispatch_alert(s); 4203 if (ret == -1) { 4204 /* 4205 * we only get to return -1 here the 2nd/Nth invocation, we must 4206 * have already signalled return 0 upon a previous invoation, 4207 * return WANT_WRITE 4208 */ 4209 return (ret); 4210 } 4211#endif 4212 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4213 /* 4214 * If we are waiting for a close from our peer, we are closed 4215 */ 4216 s->method->ssl_read_bytes(s, 0, NULL, 0, 0); 4217 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4218 return (-1); /* return WANT_READ */ 4219 } 4220 } 4221 4222 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) && 4223 !s->s3->alert_dispatch) 4224 return (1); 4225 else 4226 return (0); 4227} 4228 4229int ssl3_write(SSL *s, const void *buf, int len) 4230{ 4231 int ret, n; 4232 4233#if 0 4234 if (s->shutdown & SSL_SEND_SHUTDOWN) { 4235 s->rwstate = SSL_NOTHING; 4236 return (0); 4237 } 4238#endif 4239 clear_sys_error(); 4240 if (s->s3->renegotiate) 4241 ssl3_renegotiate_check(s); 4242 4243 /* 4244 * This is an experimental flag that sends the last handshake message in 4245 * the same packet as the first use data - used to see if it helps the 4246 * TCP protocol during session-id reuse 4247 */ 4248 /* The second test is because the buffer may have been removed */ 4249 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) { 4250 /* First time through, we write into the buffer */ 4251 if (s->s3->delay_buf_pop_ret == 0) { 4252 ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len); 4253 if (ret <= 0) 4254 return (ret); 4255 4256 s->s3->delay_buf_pop_ret = ret; 4257 } 4258 4259 s->rwstate = SSL_WRITING; 4260 n = BIO_flush(s->wbio); 4261 if (n <= 0) 4262 return (n); 4263 s->rwstate = SSL_NOTHING; 4264 4265 /* We have flushed the buffer, so remove it */ 4266 ssl_free_wbio_buffer(s); 4267 s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER; 4268 4269 ret = s->s3->delay_buf_pop_ret; 4270 s->s3->delay_buf_pop_ret = 0; 4271 } else { 4272 ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, 4273 buf, len); 4274 if (ret <= 0) 4275 return (ret); 4276 } 4277 4278 return (ret); 4279} 4280 4281static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 4282{ 4283 int ret; 4284 4285 clear_sys_error(); 4286 if (s->s3->renegotiate) 4287 ssl3_renegotiate_check(s); 4288 s->s3->in_read_app_data = 1; 4289 ret = 4290 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4291 peek); 4292 if ((ret == -1) && (s->s3->in_read_app_data == 2)) { 4293 /* 4294 * ssl3_read_bytes decided to call s->handshake_func, which called 4295 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes 4296 * actually found application data and thinks that application data 4297 * makes sense here; so disable handshake processing and try to read 4298 * application data again. 4299 */ 4300 s->in_handshake++; 4301 ret = 4302 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4303 peek); 4304 s->in_handshake--; 4305 } else 4306 s->s3->in_read_app_data = 0; 4307 4308 return (ret); 4309} 4310 4311int ssl3_read(SSL *s, void *buf, int len) 4312{ 4313 return ssl3_read_internal(s, buf, len, 0); 4314} 4315 4316int ssl3_peek(SSL *s, void *buf, int len) 4317{ 4318 return ssl3_read_internal(s, buf, len, 1); 4319} 4320 4321int ssl3_renegotiate(SSL *s) 4322{ 4323 if (s->handshake_func == NULL) 4324 return (1); 4325 4326 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 4327 return (0); 4328 4329 s->s3->renegotiate = 1; 4330 return (1); 4331} 4332 4333int ssl3_renegotiate_check(SSL *s) 4334{ 4335 int ret = 0; 4336 4337 if (s->s3->renegotiate) { 4338 if ((s->s3->rbuf.left == 0) && 4339 (s->s3->wbuf.left == 0) && !SSL_in_init(s)) { 4340 /* 4341 * if we are the server, and we have sent a 'RENEGOTIATE' 4342 * message, we need to go to SSL_ST_ACCEPT. 4343 */ 4344 /* SSL_ST_ACCEPT */ 4345 s->state = SSL_ST_RENEGOTIATE; 4346 s->s3->renegotiate = 0; 4347 s->s3->num_renegotiations++; 4348 s->s3->total_renegotiations++; 4349 ret = 1; 4350 } 4351 } 4352 return (ret); 4353} 4354 4355/* 4356 * If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch 4357 * to new SHA256 PRF and handshake macs 4358 */ 4359long ssl_get_algorithm2(SSL *s) 4360{ 4361 long alg2 = s->s3->tmp.new_cipher->algorithm2; 4362 if (s->method->version == TLS1_2_VERSION && 4363 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF)) 4364 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 4365 return alg2; 4366} 4367