s3_lib.c revision 369303
1/* ssl/s3_lib.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * 114 * Portions of the attached software ("Contribution") are developed by 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 116 * 117 * The Contribution is licensed pursuant to the OpenSSL open source 118 * license provided above. 119 * 120 * ECC cipher suite support in OpenSSL originally written by 121 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 122 * 123 */ 124/* ==================================================================== 125 * Copyright 2005 Nokia. All rights reserved. 126 * 127 * The portions of the attached software ("Contribution") is developed by 128 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 129 * license. 130 * 131 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 132 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 133 * support (see RFC 4279) to OpenSSL. 134 * 135 * No patent licenses or other rights except those expressly stated in 136 * the OpenSSL open source license shall be deemed granted or received 137 * expressly, by implication, estoppel, or otherwise. 138 * 139 * No assurances are provided by Nokia that the Contribution does not 140 * infringe the patent or other intellectual property rights of any third 141 * party or that the license provides you with all the necessary rights 142 * to make use of the Contribution. 143 * 144 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 145 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 146 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 147 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 148 * OTHERWISE. 149 */ 150 151#include <stdio.h> 152#include <openssl/objects.h> 153#include "ssl_locl.h" 154#include "kssl_lcl.h" 155#include <openssl/md5.h> 156#ifndef OPENSSL_NO_DH 157# include <openssl/dh.h> 158#endif 159 160const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT; 161 162#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) 163 164/* list of available SSLv3 ciphers (sorted by id) */ 165OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = { 166 167/* The RSA ciphers */ 168/* Cipher 01 */ 169 { 170 1, 171 SSL3_TXT_RSA_NULL_MD5, 172 SSL3_CK_RSA_NULL_MD5, 173 SSL_kRSA, 174 SSL_aRSA, 175 SSL_eNULL, 176 SSL_MD5, 177 SSL_SSLV3, 178 SSL_NOT_EXP | SSL_STRONG_NONE, 179 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 180 0, 181 0, 182 }, 183 184/* Cipher 02 */ 185 { 186 1, 187 SSL3_TXT_RSA_NULL_SHA, 188 SSL3_CK_RSA_NULL_SHA, 189 SSL_kRSA, 190 SSL_aRSA, 191 SSL_eNULL, 192 SSL_SHA1, 193 SSL_SSLV3, 194 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 195 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 196 0, 197 0, 198 }, 199 200/* Cipher 03 */ 201#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 202 { 203 1, 204 SSL3_TXT_RSA_RC4_40_MD5, 205 SSL3_CK_RSA_RC4_40_MD5, 206 SSL_kRSA, 207 SSL_aRSA, 208 SSL_RC4, 209 SSL_MD5, 210 SSL_SSLV3, 211 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 212 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 213 40, 214 128, 215 }, 216#endif 217 218/* Cipher 04 */ 219 { 220 1, 221 SSL3_TXT_RSA_RC4_128_MD5, 222 SSL3_CK_RSA_RC4_128_MD5, 223 SSL_kRSA, 224 SSL_aRSA, 225 SSL_RC4, 226 SSL_MD5, 227 SSL_SSLV3, 228 SSL_NOT_EXP | SSL_MEDIUM, 229 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 230 128, 231 128, 232 }, 233 234/* Cipher 05 */ 235 { 236 1, 237 SSL3_TXT_RSA_RC4_128_SHA, 238 SSL3_CK_RSA_RC4_128_SHA, 239 SSL_kRSA, 240 SSL_aRSA, 241 SSL_RC4, 242 SSL_SHA1, 243 SSL_SSLV3, 244 SSL_NOT_EXP | SSL_MEDIUM, 245 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 246 128, 247 128, 248 }, 249 250/* Cipher 06 */ 251#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 252 { 253 1, 254 SSL3_TXT_RSA_RC2_40_MD5, 255 SSL3_CK_RSA_RC2_40_MD5, 256 SSL_kRSA, 257 SSL_aRSA, 258 SSL_RC2, 259 SSL_MD5, 260 SSL_SSLV3, 261 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 262 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 263 40, 264 128, 265 }, 266#endif 267 268/* Cipher 07 */ 269#ifndef OPENSSL_NO_IDEA 270 { 271 1, 272 SSL3_TXT_RSA_IDEA_128_SHA, 273 SSL3_CK_RSA_IDEA_128_SHA, 274 SSL_kRSA, 275 SSL_aRSA, 276 SSL_IDEA, 277 SSL_SHA1, 278 SSL_SSLV3, 279 SSL_NOT_EXP | SSL_MEDIUM, 280 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 281 128, 282 128, 283 }, 284#endif 285 286/* Cipher 08 */ 287#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 288 { 289 1, 290 SSL3_TXT_RSA_DES_40_CBC_SHA, 291 SSL3_CK_RSA_DES_40_CBC_SHA, 292 SSL_kRSA, 293 SSL_aRSA, 294 SSL_DES, 295 SSL_SHA1, 296 SSL_SSLV3, 297 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 298 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 299 40, 300 56, 301 }, 302#endif 303 304/* Cipher 09 */ 305#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 306 { 307 1, 308 SSL3_TXT_RSA_DES_64_CBC_SHA, 309 SSL3_CK_RSA_DES_64_CBC_SHA, 310 SSL_kRSA, 311 SSL_aRSA, 312 SSL_DES, 313 SSL_SHA1, 314 SSL_SSLV3, 315 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 316 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 317 56, 318 56, 319 }, 320#endif 321 322/* Cipher 0A */ 323 { 324 1, 325 SSL3_TXT_RSA_DES_192_CBC3_SHA, 326 SSL3_CK_RSA_DES_192_CBC3_SHA, 327 SSL_kRSA, 328 SSL_aRSA, 329 SSL_3DES, 330 SSL_SHA1, 331 SSL_SSLV3, 332 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 333 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 334 112, 335 168, 336 }, 337 338/* The DH ciphers */ 339/* Cipher 0B */ 340#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 341 { 342 0, 343 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 344 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 345 SSL_kDHd, 346 SSL_aDH, 347 SSL_DES, 348 SSL_SHA1, 349 SSL_SSLV3, 350 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 351 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 352 40, 353 56, 354 }, 355#endif 356 357/* Cipher 0C */ 358#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 359 { 360 1, 361 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 362 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 363 SSL_kDHd, 364 SSL_aDH, 365 SSL_DES, 366 SSL_SHA1, 367 SSL_SSLV3, 368 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 369 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 370 56, 371 56, 372 }, 373#endif 374 375/* Cipher 0D */ 376 { 377 1, 378 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 379 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 380 SSL_kDHd, 381 SSL_aDH, 382 SSL_3DES, 383 SSL_SHA1, 384 SSL_SSLV3, 385 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 386 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 387 112, 388 168, 389 }, 390 391/* Cipher 0E */ 392#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 393 { 394 0, 395 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 396 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 397 SSL_kDHr, 398 SSL_aDH, 399 SSL_DES, 400 SSL_SHA1, 401 SSL_SSLV3, 402 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 403 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 404 40, 405 56, 406 }, 407#endif 408 409/* Cipher 0F */ 410#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 411 { 412 1, 413 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 414 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 415 SSL_kDHr, 416 SSL_aDH, 417 SSL_DES, 418 SSL_SHA1, 419 SSL_SSLV3, 420 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 421 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 422 56, 423 56, 424 }, 425#endif 426 427/* Cipher 10 */ 428 { 429 1, 430 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 431 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 432 SSL_kDHr, 433 SSL_aDH, 434 SSL_3DES, 435 SSL_SHA1, 436 SSL_SSLV3, 437 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 438 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 439 112, 440 168, 441 }, 442 443/* The Ephemeral DH ciphers */ 444/* Cipher 11 */ 445#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 446 { 447 1, 448 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 449 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 450 SSL_kEDH, 451 SSL_aDSS, 452 SSL_DES, 453 SSL_SHA1, 454 SSL_SSLV3, 455 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 456 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 457 40, 458 56, 459 }, 460#endif 461 462/* Cipher 12 */ 463#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 464 { 465 1, 466 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 467 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 468 SSL_kEDH, 469 SSL_aDSS, 470 SSL_DES, 471 SSL_SHA1, 472 SSL_SSLV3, 473 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 474 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 475 56, 476 56, 477 }, 478#endif 479 480/* Cipher 13 */ 481 { 482 1, 483 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 484 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 485 SSL_kEDH, 486 SSL_aDSS, 487 SSL_3DES, 488 SSL_SHA1, 489 SSL_SSLV3, 490 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 491 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 492 112, 493 168, 494 }, 495 496/* Cipher 14 */ 497#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 498 { 499 1, 500 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 501 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 502 SSL_kEDH, 503 SSL_aRSA, 504 SSL_DES, 505 SSL_SHA1, 506 SSL_SSLV3, 507 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 508 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 509 40, 510 56, 511 }, 512#endif 513 514/* Cipher 15 */ 515#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 516 { 517 1, 518 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 519 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 520 SSL_kEDH, 521 SSL_aRSA, 522 SSL_DES, 523 SSL_SHA1, 524 SSL_SSLV3, 525 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 526 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 527 56, 528 56, 529 }, 530#endif 531 532/* Cipher 16 */ 533 { 534 1, 535 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 536 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 537 SSL_kEDH, 538 SSL_aRSA, 539 SSL_3DES, 540 SSL_SHA1, 541 SSL_SSLV3, 542 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 543 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 544 112, 545 168, 546 }, 547 548/* Cipher 17 */ 549#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 550 { 551 1, 552 SSL3_TXT_ADH_RC4_40_MD5, 553 SSL3_CK_ADH_RC4_40_MD5, 554 SSL_kEDH, 555 SSL_aNULL, 556 SSL_RC4, 557 SSL_MD5, 558 SSL_SSLV3, 559 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 560 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 561 40, 562 128, 563 }, 564#endif 565 566/* Cipher 18 */ 567 { 568 1, 569 SSL3_TXT_ADH_RC4_128_MD5, 570 SSL3_CK_ADH_RC4_128_MD5, 571 SSL_kEDH, 572 SSL_aNULL, 573 SSL_RC4, 574 SSL_MD5, 575 SSL_SSLV3, 576 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 577 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 578 128, 579 128, 580 }, 581 582/* Cipher 19 */ 583#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 584 { 585 1, 586 SSL3_TXT_ADH_DES_40_CBC_SHA, 587 SSL3_CK_ADH_DES_40_CBC_SHA, 588 SSL_kEDH, 589 SSL_aNULL, 590 SSL_DES, 591 SSL_SHA1, 592 SSL_SSLV3, 593 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 594 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 595 40, 596 128, 597 }, 598#endif 599 600/* Cipher 1A */ 601#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 602 { 603 1, 604 SSL3_TXT_ADH_DES_64_CBC_SHA, 605 SSL3_CK_ADH_DES_64_CBC_SHA, 606 SSL_kEDH, 607 SSL_aNULL, 608 SSL_DES, 609 SSL_SHA1, 610 SSL_SSLV3, 611 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 612 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 613 56, 614 56, 615 }, 616#endif 617 618/* Cipher 1B */ 619 { 620 1, 621 SSL3_TXT_ADH_DES_192_CBC_SHA, 622 SSL3_CK_ADH_DES_192_CBC_SHA, 623 SSL_kEDH, 624 SSL_aNULL, 625 SSL_3DES, 626 SSL_SHA1, 627 SSL_SSLV3, 628 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 629 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 630 112, 631 168, 632 }, 633 634/* Fortezza ciphersuite from SSL 3.0 spec */ 635#if 0 636/* Cipher 1C */ 637 { 638 0, 639 SSL3_TXT_FZA_DMS_NULL_SHA, 640 SSL3_CK_FZA_DMS_NULL_SHA, 641 SSL_kFZA, 642 SSL_aFZA, 643 SSL_eNULL, 644 SSL_SHA1, 645 SSL_SSLV3, 646 SSL_NOT_EXP | SSL_STRONG_NONE, 647 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 648 0, 649 0, 650 }, 651 652/* Cipher 1D */ 653 { 654 0, 655 SSL3_TXT_FZA_DMS_FZA_SHA, 656 SSL3_CK_FZA_DMS_FZA_SHA, 657 SSL_kFZA, 658 SSL_aFZA, 659 SSL_eFZA, 660 SSL_SHA1, 661 SSL_SSLV3, 662 SSL_NOT_EXP | SSL_STRONG_NONE, 663 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 664 0, 665 0, 666 }, 667 668/* Cipher 1E */ 669 { 670 0, 671 SSL3_TXT_FZA_DMS_RC4_SHA, 672 SSL3_CK_FZA_DMS_RC4_SHA, 673 SSL_kFZA, 674 SSL_aFZA, 675 SSL_RC4, 676 SSL_SHA1, 677 SSL_SSLV3, 678 SSL_NOT_EXP | SSL_MEDIUM, 679 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 680 128, 681 128, 682 }, 683#endif 684 685#ifndef OPENSSL_NO_KRB5 686/* The Kerberos ciphers*/ 687/* Cipher 1E */ 688# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 689 { 690 1, 691 SSL3_TXT_KRB5_DES_64_CBC_SHA, 692 SSL3_CK_KRB5_DES_64_CBC_SHA, 693 SSL_kKRB5, 694 SSL_aKRB5, 695 SSL_DES, 696 SSL_SHA1, 697 SSL_SSLV3, 698 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 699 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 700 56, 701 56, 702 }, 703# endif 704 705/* Cipher 1F */ 706 { 707 1, 708 SSL3_TXT_KRB5_DES_192_CBC3_SHA, 709 SSL3_CK_KRB5_DES_192_CBC3_SHA, 710 SSL_kKRB5, 711 SSL_aKRB5, 712 SSL_3DES, 713 SSL_SHA1, 714 SSL_SSLV3, 715 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 716 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 717 112, 718 168, 719 }, 720 721/* Cipher 20 */ 722 { 723 1, 724 SSL3_TXT_KRB5_RC4_128_SHA, 725 SSL3_CK_KRB5_RC4_128_SHA, 726 SSL_kKRB5, 727 SSL_aKRB5, 728 SSL_RC4, 729 SSL_SHA1, 730 SSL_SSLV3, 731 SSL_NOT_EXP | SSL_MEDIUM, 732 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 733 128, 734 128, 735 }, 736 737/* Cipher 21 */ 738 { 739 1, 740 SSL3_TXT_KRB5_IDEA_128_CBC_SHA, 741 SSL3_CK_KRB5_IDEA_128_CBC_SHA, 742 SSL_kKRB5, 743 SSL_aKRB5, 744 SSL_IDEA, 745 SSL_SHA1, 746 SSL_SSLV3, 747 SSL_NOT_EXP | SSL_MEDIUM, 748 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 749 128, 750 128, 751 }, 752 753/* Cipher 22 */ 754# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 755 { 756 1, 757 SSL3_TXT_KRB5_DES_64_CBC_MD5, 758 SSL3_CK_KRB5_DES_64_CBC_MD5, 759 SSL_kKRB5, 760 SSL_aKRB5, 761 SSL_DES, 762 SSL_MD5, 763 SSL_SSLV3, 764 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW, 765 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 766 56, 767 56, 768 }, 769# endif 770 771/* Cipher 23 */ 772 { 773 1, 774 SSL3_TXT_KRB5_DES_192_CBC3_MD5, 775 SSL3_CK_KRB5_DES_192_CBC3_MD5, 776 SSL_kKRB5, 777 SSL_aKRB5, 778 SSL_3DES, 779 SSL_MD5, 780 SSL_SSLV3, 781 SSL_NOT_EXP | SSL_MEDIUM, 782 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 783 112, 784 168, 785 }, 786 787/* Cipher 24 */ 788 { 789 1, 790 SSL3_TXT_KRB5_RC4_128_MD5, 791 SSL3_CK_KRB5_RC4_128_MD5, 792 SSL_kKRB5, 793 SSL_aKRB5, 794 SSL_RC4, 795 SSL_MD5, 796 SSL_SSLV3, 797 SSL_NOT_EXP | SSL_MEDIUM, 798 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 799 128, 800 128, 801 }, 802 803/* Cipher 25 */ 804 { 805 1, 806 SSL3_TXT_KRB5_IDEA_128_CBC_MD5, 807 SSL3_CK_KRB5_IDEA_128_CBC_MD5, 808 SSL_kKRB5, 809 SSL_aKRB5, 810 SSL_IDEA, 811 SSL_MD5, 812 SSL_SSLV3, 813 SSL_NOT_EXP | SSL_MEDIUM, 814 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 815 128, 816 128, 817 }, 818 819/* Cipher 26 */ 820# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 821 { 822 1, 823 SSL3_TXT_KRB5_DES_40_CBC_SHA, 824 SSL3_CK_KRB5_DES_40_CBC_SHA, 825 SSL_kKRB5, 826 SSL_aKRB5, 827 SSL_DES, 828 SSL_SHA1, 829 SSL_SSLV3, 830 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 831 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 832 40, 833 56, 834 }, 835# endif 836 837/* Cipher 27 */ 838# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 839 { 840 1, 841 SSL3_TXT_KRB5_RC2_40_CBC_SHA, 842 SSL3_CK_KRB5_RC2_40_CBC_SHA, 843 SSL_kKRB5, 844 SSL_aKRB5, 845 SSL_RC2, 846 SSL_SHA1, 847 SSL_SSLV3, 848 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 849 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 850 40, 851 128, 852 }, 853# endif 854 855/* Cipher 28 */ 856# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 857 { 858 1, 859 SSL3_TXT_KRB5_RC4_40_SHA, 860 SSL3_CK_KRB5_RC4_40_SHA, 861 SSL_kKRB5, 862 SSL_aKRB5, 863 SSL_RC4, 864 SSL_SHA1, 865 SSL_SSLV3, 866 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 867 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 868 40, 869 128, 870 }, 871# endif 872 873/* Cipher 29 */ 874# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 875 { 876 1, 877 SSL3_TXT_KRB5_DES_40_CBC_MD5, 878 SSL3_CK_KRB5_DES_40_CBC_MD5, 879 SSL_kKRB5, 880 SSL_aKRB5, 881 SSL_DES, 882 SSL_MD5, 883 SSL_SSLV3, 884 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 885 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 886 40, 887 56, 888 }, 889# endif 890 891/* Cipher 2A */ 892# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 893 { 894 1, 895 SSL3_TXT_KRB5_RC2_40_CBC_MD5, 896 SSL3_CK_KRB5_RC2_40_CBC_MD5, 897 SSL_kKRB5, 898 SSL_aKRB5, 899 SSL_RC2, 900 SSL_MD5, 901 SSL_SSLV3, 902 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 903 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 904 40, 905 128, 906 }, 907# endif 908 909/* Cipher 2B */ 910# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 911 { 912 1, 913 SSL3_TXT_KRB5_RC4_40_MD5, 914 SSL3_CK_KRB5_RC4_40_MD5, 915 SSL_kKRB5, 916 SSL_aKRB5, 917 SSL_RC4, 918 SSL_MD5, 919 SSL_SSLV3, 920 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40, 921 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 922 40, 923 128, 924 }, 925# endif 926#endif /* OPENSSL_NO_KRB5 */ 927 928/* New AES ciphersuites */ 929/* Cipher 2F */ 930 { 931 1, 932 TLS1_TXT_RSA_WITH_AES_128_SHA, 933 TLS1_CK_RSA_WITH_AES_128_SHA, 934 SSL_kRSA, 935 SSL_aRSA, 936 SSL_AES128, 937 SSL_SHA1, 938 SSL_TLSV1, 939 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 940 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 941 128, 942 128, 943 }, 944/* Cipher 30 */ 945#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 946 { 947 1, 948 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 949 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 950 SSL_kDHd, 951 SSL_aDH, 952 SSL_AES128, 953 SSL_SHA1, 954 SSL_TLSV1, 955 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 956 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 957 128, 958 128, 959 }, 960#endif 961/* Cipher 31 */ 962#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 963 { 964 1, 965 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 966 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 967 SSL_kDHr, 968 SSL_aDH, 969 SSL_AES128, 970 SSL_SHA1, 971 SSL_TLSV1, 972 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 973 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 974 128, 975 128, 976 }, 977#endif 978/* Cipher 32 */ 979 { 980 1, 981 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 982 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 983 SSL_kEDH, 984 SSL_aDSS, 985 SSL_AES128, 986 SSL_SHA1, 987 SSL_TLSV1, 988 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 989 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 990 128, 991 128, 992 }, 993/* Cipher 33 */ 994 { 995 1, 996 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 997 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 998 SSL_kEDH, 999 SSL_aRSA, 1000 SSL_AES128, 1001 SSL_SHA1, 1002 SSL_TLSV1, 1003 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1004 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1005 128, 1006 128, 1007 }, 1008/* Cipher 34 */ 1009 { 1010 1, 1011 TLS1_TXT_ADH_WITH_AES_128_SHA, 1012 TLS1_CK_ADH_WITH_AES_128_SHA, 1013 SSL_kEDH, 1014 SSL_aNULL, 1015 SSL_AES128, 1016 SSL_SHA1, 1017 SSL_TLSV1, 1018 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1019 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1020 128, 1021 128, 1022 }, 1023 1024/* Cipher 35 */ 1025 { 1026 1, 1027 TLS1_TXT_RSA_WITH_AES_256_SHA, 1028 TLS1_CK_RSA_WITH_AES_256_SHA, 1029 SSL_kRSA, 1030 SSL_aRSA, 1031 SSL_AES256, 1032 SSL_SHA1, 1033 SSL_TLSV1, 1034 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1035 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1036 256, 1037 256, 1038 }, 1039/* Cipher 36 */ 1040#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1041 { 1042 1, 1043 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 1044 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 1045 SSL_kDHd, 1046 SSL_aDH, 1047 SSL_AES256, 1048 SSL_SHA1, 1049 SSL_TLSV1, 1050 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1051 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1052 256, 1053 256, 1054 }, 1055#endif 1056 1057/* Cipher 37 */ 1058#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1059 { 1060 1, 1061 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 1062 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 1063 SSL_kDHr, 1064 SSL_aDH, 1065 SSL_AES256, 1066 SSL_SHA1, 1067 SSL_TLSV1, 1068 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1069 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1070 256, 1071 256, 1072 }, 1073#endif 1074 1075/* Cipher 38 */ 1076 { 1077 1, 1078 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 1079 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 1080 SSL_kEDH, 1081 SSL_aDSS, 1082 SSL_AES256, 1083 SSL_SHA1, 1084 SSL_TLSV1, 1085 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1086 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1087 256, 1088 256, 1089 }, 1090 1091/* Cipher 39 */ 1092 { 1093 1, 1094 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 1095 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 1096 SSL_kEDH, 1097 SSL_aRSA, 1098 SSL_AES256, 1099 SSL_SHA1, 1100 SSL_TLSV1, 1101 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1102 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1103 256, 1104 256, 1105 }, 1106 1107 /* Cipher 3A */ 1108 { 1109 1, 1110 TLS1_TXT_ADH_WITH_AES_256_SHA, 1111 TLS1_CK_ADH_WITH_AES_256_SHA, 1112 SSL_kEDH, 1113 SSL_aNULL, 1114 SSL_AES256, 1115 SSL_SHA1, 1116 SSL_TLSV1, 1117 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1118 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1119 256, 1120 256, 1121 }, 1122 1123 /* TLS v1.2 ciphersuites */ 1124 /* Cipher 3B */ 1125 { 1126 1, 1127 TLS1_TXT_RSA_WITH_NULL_SHA256, 1128 TLS1_CK_RSA_WITH_NULL_SHA256, 1129 SSL_kRSA, 1130 SSL_aRSA, 1131 SSL_eNULL, 1132 SSL_SHA256, 1133 SSL_TLSV1_2, 1134 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 1135 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1136 0, 1137 0, 1138 }, 1139 1140 /* Cipher 3C */ 1141 { 1142 1, 1143 TLS1_TXT_RSA_WITH_AES_128_SHA256, 1144 TLS1_CK_RSA_WITH_AES_128_SHA256, 1145 SSL_kRSA, 1146 SSL_aRSA, 1147 SSL_AES128, 1148 SSL_SHA256, 1149 SSL_TLSV1_2, 1150 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1151 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1152 128, 1153 128, 1154 }, 1155 1156 /* Cipher 3D */ 1157 { 1158 1, 1159 TLS1_TXT_RSA_WITH_AES_256_SHA256, 1160 TLS1_CK_RSA_WITH_AES_256_SHA256, 1161 SSL_kRSA, 1162 SSL_aRSA, 1163 SSL_AES256, 1164 SSL_SHA256, 1165 SSL_TLSV1_2, 1166 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1167 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1168 256, 1169 256, 1170 }, 1171 1172 /* Cipher 3E */ 1173#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1174 { 1175 1, 1176 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, 1177 TLS1_CK_DH_DSS_WITH_AES_128_SHA256, 1178 SSL_kDHd, 1179 SSL_aDH, 1180 SSL_AES128, 1181 SSL_SHA256, 1182 SSL_TLSV1_2, 1183 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1184 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1185 128, 1186 128, 1187 }, 1188#endif 1189 1190 /* Cipher 3F */ 1191#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1192 { 1193 1, 1194 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, 1195 TLS1_CK_DH_RSA_WITH_AES_128_SHA256, 1196 SSL_kDHr, 1197 SSL_aDH, 1198 SSL_AES128, 1199 SSL_SHA256, 1200 SSL_TLSV1_2, 1201 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1202 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1203 128, 1204 128, 1205 }, 1206#endif 1207 1208 /* Cipher 40 */ 1209 { 1210 1, 1211 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 1212 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 1213 SSL_kEDH, 1214 SSL_aDSS, 1215 SSL_AES128, 1216 SSL_SHA256, 1217 SSL_TLSV1_2, 1218 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1219 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1220 128, 1221 128, 1222 }, 1223 1224#ifndef OPENSSL_NO_CAMELLIA 1225 /* Camellia ciphersuites from RFC4132 (128-bit portion) */ 1226 1227 /* Cipher 41 */ 1228 { 1229 1, 1230 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 1231 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 1232 SSL_kRSA, 1233 SSL_aRSA, 1234 SSL_CAMELLIA128, 1235 SSL_SHA1, 1236 SSL_TLSV1, 1237 SSL_NOT_EXP | SSL_HIGH, 1238 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1239 128, 1240 128, 1241 }, 1242 1243 /* Cipher 42 */ 1244#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1245 { 1246 1, 1247 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1248 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1249 SSL_kDHd, 1250 SSL_aDH, 1251 SSL_CAMELLIA128, 1252 SSL_SHA1, 1253 SSL_TLSV1, 1254 SSL_NOT_EXP | SSL_HIGH, 1255 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1256 128, 1257 128, 1258 }, 1259#endif 1260 1261 /* Cipher 43 */ 1262#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1263 { 1264 1, 1265 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1266 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1267 SSL_kDHr, 1268 SSL_aDH, 1269 SSL_CAMELLIA128, 1270 SSL_SHA1, 1271 SSL_TLSV1, 1272 SSL_NOT_EXP | SSL_HIGH, 1273 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1274 128, 1275 128, 1276 }, 1277#endif 1278 1279 /* Cipher 44 */ 1280 { 1281 1, 1282 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1283 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1284 SSL_kEDH, 1285 SSL_aDSS, 1286 SSL_CAMELLIA128, 1287 SSL_SHA1, 1288 SSL_TLSV1, 1289 SSL_NOT_EXP | SSL_HIGH, 1290 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1291 128, 1292 128, 1293 }, 1294 1295 /* Cipher 45 */ 1296 { 1297 1, 1298 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1299 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1300 SSL_kEDH, 1301 SSL_aRSA, 1302 SSL_CAMELLIA128, 1303 SSL_SHA1, 1304 SSL_TLSV1, 1305 SSL_NOT_EXP | SSL_HIGH, 1306 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1307 128, 1308 128, 1309 }, 1310 1311 /* Cipher 46 */ 1312 { 1313 1, 1314 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 1315 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 1316 SSL_kEDH, 1317 SSL_aNULL, 1318 SSL_CAMELLIA128, 1319 SSL_SHA1, 1320 SSL_TLSV1, 1321 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH, 1322 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1323 128, 1324 128, 1325 }, 1326#endif /* OPENSSL_NO_CAMELLIA */ 1327 1328#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1329 /* New TLS Export CipherSuites from expired ID */ 1330# if 0 1331 /* Cipher 60 */ 1332 { 1333 1, 1334 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5, 1335 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5, 1336 SSL_kRSA, 1337 SSL_aRSA, 1338 SSL_RC4, 1339 SSL_MD5, 1340 SSL_TLSV1, 1341 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1342 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1343 56, 1344 128, 1345 }, 1346 1347 /* Cipher 61 */ 1348 { 1349 1, 1350 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1351 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1352 SSL_kRSA, 1353 SSL_aRSA, 1354 SSL_RC2, 1355 SSL_MD5, 1356 SSL_TLSV1, 1357 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1358 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1359 56, 1360 128, 1361 }, 1362# endif 1363 1364 /* Cipher 62 */ 1365# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1366 { 1367 1, 1368 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1369 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1370 SSL_kRSA, 1371 SSL_aRSA, 1372 SSL_DES, 1373 SSL_SHA1, 1374 SSL_TLSV1, 1375 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1376 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1377 56, 1378 56, 1379 }, 1380# endif 1381 1382 /* Cipher 63 */ 1383# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1384 { 1385 1, 1386 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1387 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1388 SSL_kEDH, 1389 SSL_aDSS, 1390 SSL_DES, 1391 SSL_SHA1, 1392 SSL_TLSV1, 1393 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1394 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1395 56, 1396 56, 1397 }, 1398# endif 1399 1400 /* Cipher 64 */ 1401# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1402 { 1403 1, 1404 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, 1405 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA, 1406 SSL_kRSA, 1407 SSL_aRSA, 1408 SSL_RC4, 1409 SSL_SHA1, 1410 SSL_TLSV1, 1411 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1412 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1413 56, 1414 128, 1415 }, 1416# endif 1417 1418 /* Cipher 65 */ 1419# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1420 { 1421 1, 1422 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1423 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1424 SSL_kEDH, 1425 SSL_aDSS, 1426 SSL_RC4, 1427 SSL_SHA1, 1428 SSL_TLSV1, 1429 SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56, 1430 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1431 56, 1432 128, 1433 }, 1434# endif 1435 1436 /* Cipher 66 */ 1437 { 1438 1, 1439 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 1440 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 1441 SSL_kEDH, 1442 SSL_aDSS, 1443 SSL_RC4, 1444 SSL_SHA1, 1445 SSL_TLSV1, 1446 SSL_NOT_EXP | SSL_MEDIUM, 1447 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1448 128, 1449 128, 1450 }, 1451#endif 1452 1453 /* TLS v1.2 ciphersuites */ 1454 /* Cipher 67 */ 1455 { 1456 1, 1457 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 1458 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 1459 SSL_kEDH, 1460 SSL_aRSA, 1461 SSL_AES128, 1462 SSL_SHA256, 1463 SSL_TLSV1_2, 1464 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1465 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1466 128, 1467 128, 1468 }, 1469 1470 /* Cipher 68 */ 1471#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1472 { 1473 1, 1474 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, 1475 TLS1_CK_DH_DSS_WITH_AES_256_SHA256, 1476 SSL_kDHd, 1477 SSL_aDH, 1478 SSL_AES256, 1479 SSL_SHA256, 1480 SSL_TLSV1_2, 1481 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1482 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1483 256, 1484 256, 1485 }, 1486#endif 1487 1488 /* Cipher 69 */ 1489#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1490 { 1491 1, 1492 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, 1493 TLS1_CK_DH_RSA_WITH_AES_256_SHA256, 1494 SSL_kDHr, 1495 SSL_aDH, 1496 SSL_AES256, 1497 SSL_SHA256, 1498 SSL_TLSV1_2, 1499 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1500 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1501 256, 1502 256, 1503 }, 1504#endif 1505 1506 /* Cipher 6A */ 1507 { 1508 1, 1509 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 1510 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 1511 SSL_kEDH, 1512 SSL_aDSS, 1513 SSL_AES256, 1514 SSL_SHA256, 1515 SSL_TLSV1_2, 1516 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1517 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1518 256, 1519 256, 1520 }, 1521 1522 /* Cipher 6B */ 1523 { 1524 1, 1525 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 1526 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 1527 SSL_kEDH, 1528 SSL_aRSA, 1529 SSL_AES256, 1530 SSL_SHA256, 1531 SSL_TLSV1_2, 1532 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1533 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1534 256, 1535 256, 1536 }, 1537 1538 /* Cipher 6C */ 1539 { 1540 1, 1541 TLS1_TXT_ADH_WITH_AES_128_SHA256, 1542 TLS1_CK_ADH_WITH_AES_128_SHA256, 1543 SSL_kEDH, 1544 SSL_aNULL, 1545 SSL_AES128, 1546 SSL_SHA256, 1547 SSL_TLSV1_2, 1548 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1549 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1550 128, 1551 128, 1552 }, 1553 1554 /* Cipher 6D */ 1555 { 1556 1, 1557 TLS1_TXT_ADH_WITH_AES_256_SHA256, 1558 TLS1_CK_ADH_WITH_AES_256_SHA256, 1559 SSL_kEDH, 1560 SSL_aNULL, 1561 SSL_AES256, 1562 SSL_SHA256, 1563 SSL_TLSV1_2, 1564 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1565 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1566 256, 1567 256, 1568 }, 1569 1570 /* GOST Ciphersuites */ 1571 1572 { 1573 1, 1574 "GOST94-GOST89-GOST89", 1575 0x3000080, 1576 SSL_kGOST, 1577 SSL_aGOST94, 1578 SSL_eGOST2814789CNT, 1579 SSL_GOST89MAC, 1580 SSL_TLSV1, 1581 SSL_NOT_EXP | SSL_HIGH, 1582 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1583 256, 1584 256}, 1585 { 1586 1, 1587 "GOST2001-GOST89-GOST89", 1588 0x3000081, 1589 SSL_kGOST, 1590 SSL_aGOST01, 1591 SSL_eGOST2814789CNT, 1592 SSL_GOST89MAC, 1593 SSL_TLSV1, 1594 SSL_NOT_EXP | SSL_HIGH, 1595 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 1596 256, 1597 256}, 1598 { 1599 1, 1600 "GOST94-NULL-GOST94", 1601 0x3000082, 1602 SSL_kGOST, 1603 SSL_aGOST94, 1604 SSL_eNULL, 1605 SSL_GOST94, 1606 SSL_TLSV1, 1607 SSL_NOT_EXP | SSL_STRONG_NONE, 1608 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1609 0, 1610 0}, 1611 { 1612 1, 1613 "GOST2001-NULL-GOST94", 1614 0x3000083, 1615 SSL_kGOST, 1616 SSL_aGOST01, 1617 SSL_eNULL, 1618 SSL_GOST94, 1619 SSL_TLSV1, 1620 SSL_NOT_EXP | SSL_STRONG_NONE, 1621 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 1622 0, 1623 0}, 1624 1625#ifndef OPENSSL_NO_CAMELLIA 1626 /* Camellia ciphersuites from RFC4132 (256-bit portion) */ 1627 1628 /* Cipher 84 */ 1629 { 1630 1, 1631 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1632 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1633 SSL_kRSA, 1634 SSL_aRSA, 1635 SSL_CAMELLIA256, 1636 SSL_SHA1, 1637 SSL_TLSV1, 1638 SSL_NOT_EXP | SSL_HIGH, 1639 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1640 256, 1641 256, 1642 }, 1643 /* Cipher 85 */ 1644#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1645 { 1646 1, 1647 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1648 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1649 SSL_kDHd, 1650 SSL_aDH, 1651 SSL_CAMELLIA256, 1652 SSL_SHA1, 1653 SSL_TLSV1, 1654 SSL_NOT_EXP | SSL_HIGH, 1655 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1656 256, 1657 256, 1658 }, 1659#endif 1660 1661 /* Cipher 86 */ 1662#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1663 { 1664 1, 1665 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1666 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1667 SSL_kDHr, 1668 SSL_aDH, 1669 SSL_CAMELLIA256, 1670 SSL_SHA1, 1671 SSL_TLSV1, 1672 SSL_NOT_EXP | SSL_HIGH, 1673 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1674 256, 1675 256, 1676 }, 1677#endif 1678 1679 /* Cipher 87 */ 1680 { 1681 1, 1682 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1683 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1684 SSL_kEDH, 1685 SSL_aDSS, 1686 SSL_CAMELLIA256, 1687 SSL_SHA1, 1688 SSL_TLSV1, 1689 SSL_NOT_EXP | SSL_HIGH, 1690 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1691 256, 1692 256, 1693 }, 1694 1695 /* Cipher 88 */ 1696 { 1697 1, 1698 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1699 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1700 SSL_kEDH, 1701 SSL_aRSA, 1702 SSL_CAMELLIA256, 1703 SSL_SHA1, 1704 SSL_TLSV1, 1705 SSL_NOT_EXP | SSL_HIGH, 1706 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1707 256, 1708 256, 1709 }, 1710 1711 /* Cipher 89 */ 1712 { 1713 1, 1714 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1715 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1716 SSL_kEDH, 1717 SSL_aNULL, 1718 SSL_CAMELLIA256, 1719 SSL_SHA1, 1720 SSL_TLSV1, 1721 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH, 1722 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1723 256, 1724 256, 1725 }, 1726#endif /* OPENSSL_NO_CAMELLIA */ 1727 1728#ifndef OPENSSL_NO_PSK 1729 /* Cipher 8A */ 1730 { 1731 1, 1732 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1733 TLS1_CK_PSK_WITH_RC4_128_SHA, 1734 SSL_kPSK, 1735 SSL_aPSK, 1736 SSL_RC4, 1737 SSL_SHA1, 1738 SSL_TLSV1, 1739 SSL_NOT_EXP | SSL_MEDIUM, 1740 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1741 128, 1742 128, 1743 }, 1744 1745 /* Cipher 8B */ 1746 { 1747 1, 1748 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1749 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1750 SSL_kPSK, 1751 SSL_aPSK, 1752 SSL_3DES, 1753 SSL_SHA1, 1754 SSL_TLSV1, 1755 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 1756 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1757 112, 1758 168, 1759 }, 1760 1761 /* Cipher 8C */ 1762 { 1763 1, 1764 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1765 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1766 SSL_kPSK, 1767 SSL_aPSK, 1768 SSL_AES128, 1769 SSL_SHA1, 1770 SSL_TLSV1, 1771 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1772 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1773 128, 1774 128, 1775 }, 1776 1777 /* Cipher 8D */ 1778 { 1779 1, 1780 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1781 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1782 SSL_kPSK, 1783 SSL_aPSK, 1784 SSL_AES256, 1785 SSL_SHA1, 1786 SSL_TLSV1, 1787 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1788 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1789 256, 1790 256, 1791 }, 1792#endif /* OPENSSL_NO_PSK */ 1793 1794#ifndef OPENSSL_NO_SEED 1795 /* SEED ciphersuites from RFC4162 */ 1796 1797 /* Cipher 96 */ 1798 { 1799 1, 1800 TLS1_TXT_RSA_WITH_SEED_SHA, 1801 TLS1_CK_RSA_WITH_SEED_SHA, 1802 SSL_kRSA, 1803 SSL_aRSA, 1804 SSL_SEED, 1805 SSL_SHA1, 1806 SSL_TLSV1, 1807 SSL_NOT_EXP | SSL_MEDIUM, 1808 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1809 128, 1810 128, 1811 }, 1812 1813 /* Cipher 97 */ 1814#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1815 { 1816 1, 1817 TLS1_TXT_DH_DSS_WITH_SEED_SHA, 1818 TLS1_CK_DH_DSS_WITH_SEED_SHA, 1819 SSL_kDHd, 1820 SSL_aDH, 1821 SSL_SEED, 1822 SSL_SHA1, 1823 SSL_TLSV1, 1824 SSL_NOT_EXP | SSL_MEDIUM, 1825 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1826 128, 1827 128, 1828 }, 1829#endif 1830 1831 /* Cipher 98 */ 1832#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1833 { 1834 1, 1835 TLS1_TXT_DH_RSA_WITH_SEED_SHA, 1836 TLS1_CK_DH_RSA_WITH_SEED_SHA, 1837 SSL_kDHr, 1838 SSL_aDH, 1839 SSL_SEED, 1840 SSL_SHA1, 1841 SSL_TLSV1, 1842 SSL_NOT_EXP | SSL_MEDIUM, 1843 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1844 128, 1845 128, 1846 }, 1847#endif 1848 1849 /* Cipher 99 */ 1850 { 1851 1, 1852 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 1853 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 1854 SSL_kEDH, 1855 SSL_aDSS, 1856 SSL_SEED, 1857 SSL_SHA1, 1858 SSL_TLSV1, 1859 SSL_NOT_EXP | SSL_MEDIUM, 1860 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1861 128, 1862 128, 1863 }, 1864 1865 /* Cipher 9A */ 1866 { 1867 1, 1868 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 1869 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 1870 SSL_kEDH, 1871 SSL_aRSA, 1872 SSL_SEED, 1873 SSL_SHA1, 1874 SSL_TLSV1, 1875 SSL_NOT_EXP | SSL_MEDIUM, 1876 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1877 128, 1878 128, 1879 }, 1880 1881 /* Cipher 9B */ 1882 { 1883 1, 1884 TLS1_TXT_ADH_WITH_SEED_SHA, 1885 TLS1_CK_ADH_WITH_SEED_SHA, 1886 SSL_kEDH, 1887 SSL_aNULL, 1888 SSL_SEED, 1889 SSL_SHA1, 1890 SSL_TLSV1, 1891 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 1892 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1893 128, 1894 128, 1895 }, 1896 1897#endif /* OPENSSL_NO_SEED */ 1898 1899 /* GCM ciphersuites from RFC5288 */ 1900 1901 /* Cipher 9C */ 1902 { 1903 1, 1904 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1905 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1906 SSL_kRSA, 1907 SSL_aRSA, 1908 SSL_AES128GCM, 1909 SSL_AEAD, 1910 SSL_TLSV1_2, 1911 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1912 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1913 128, 1914 128, 1915 }, 1916 1917 /* Cipher 9D */ 1918 { 1919 1, 1920 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1921 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1922 SSL_kRSA, 1923 SSL_aRSA, 1924 SSL_AES256GCM, 1925 SSL_AEAD, 1926 SSL_TLSV1_2, 1927 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1928 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1929 256, 1930 256, 1931 }, 1932 1933 /* Cipher 9E */ 1934 { 1935 1, 1936 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1937 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1938 SSL_kEDH, 1939 SSL_aRSA, 1940 SSL_AES128GCM, 1941 SSL_AEAD, 1942 SSL_TLSV1_2, 1943 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1944 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1945 128, 1946 128, 1947 }, 1948 1949 /* Cipher 9F */ 1950 { 1951 1, 1952 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1953 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1954 SSL_kEDH, 1955 SSL_aRSA, 1956 SSL_AES256GCM, 1957 SSL_AEAD, 1958 SSL_TLSV1_2, 1959 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1960 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1961 256, 1962 256, 1963 }, 1964 1965 /* Cipher A0 */ 1966#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1967 { 1968 1, 1969 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1970 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1971 SSL_kDHr, 1972 SSL_aDH, 1973 SSL_AES128GCM, 1974 SSL_AEAD, 1975 SSL_TLSV1_2, 1976 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1977 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1978 128, 1979 128, 1980 }, 1981#endif 1982 1983 /* Cipher A1 */ 1984#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1985 { 1986 1, 1987 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1988 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1989 SSL_kDHr, 1990 SSL_aDH, 1991 SSL_AES256GCM, 1992 SSL_AEAD, 1993 SSL_TLSV1_2, 1994 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 1995 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1996 256, 1997 256, 1998 }, 1999#endif 2000 2001 /* Cipher A2 */ 2002 { 2003 1, 2004 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 2005 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 2006 SSL_kEDH, 2007 SSL_aDSS, 2008 SSL_AES128GCM, 2009 SSL_AEAD, 2010 SSL_TLSV1_2, 2011 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2012 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2013 128, 2014 128, 2015 }, 2016 2017 /* Cipher A3 */ 2018 { 2019 1, 2020 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 2021 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 2022 SSL_kEDH, 2023 SSL_aDSS, 2024 SSL_AES256GCM, 2025 SSL_AEAD, 2026 SSL_TLSV1_2, 2027 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2028 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2029 256, 2030 256, 2031 }, 2032 2033 /* Cipher A4 */ 2034#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 2035 { 2036 1, 2037 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 2038 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 2039 SSL_kDHd, 2040 SSL_aDH, 2041 SSL_AES128GCM, 2042 SSL_AEAD, 2043 SSL_TLSV1_2, 2044 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2045 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2046 128, 2047 128, 2048 }, 2049#endif 2050 2051 /* Cipher A5 */ 2052#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 2053 { 2054 1, 2055 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 2056 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 2057 SSL_kDHd, 2058 SSL_aDH, 2059 SSL_AES256GCM, 2060 SSL_AEAD, 2061 SSL_TLSV1_2, 2062 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2063 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2064 256, 2065 256, 2066 }, 2067#endif 2068 2069 /* Cipher A6 */ 2070 { 2071 1, 2072 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 2073 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 2074 SSL_kEDH, 2075 SSL_aNULL, 2076 SSL_AES128GCM, 2077 SSL_AEAD, 2078 SSL_TLSV1_2, 2079 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2080 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2081 128, 2082 128, 2083 }, 2084 2085 /* Cipher A7 */ 2086 { 2087 1, 2088 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 2089 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 2090 SSL_kEDH, 2091 SSL_aNULL, 2092 SSL_AES256GCM, 2093 SSL_AEAD, 2094 SSL_TLSV1_2, 2095 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2096 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2097 256, 2098 256, 2099 }, 2100#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL 2101 { 2102 1, 2103 "SCSV", 2104 SSL3_CK_SCSV, 2105 0, 2106 0, 2107 0, 2108 0, 2109 0, 2110 0, 2111 0, 2112 0, 2113 0}, 2114#endif 2115 2116#ifndef OPENSSL_NO_ECDH 2117 /* Cipher C001 */ 2118 { 2119 1, 2120 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 2121 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 2122 SSL_kECDHe, 2123 SSL_aECDH, 2124 SSL_eNULL, 2125 SSL_SHA1, 2126 SSL_TLSV1, 2127 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2128 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2129 0, 2130 0, 2131 }, 2132 2133 /* Cipher C002 */ 2134 { 2135 1, 2136 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 2137 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 2138 SSL_kECDHe, 2139 SSL_aECDH, 2140 SSL_RC4, 2141 SSL_SHA1, 2142 SSL_TLSV1, 2143 SSL_NOT_EXP | SSL_MEDIUM, 2144 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2145 128, 2146 128, 2147 }, 2148 2149 /* Cipher C003 */ 2150 { 2151 1, 2152 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2153 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2154 SSL_kECDHe, 2155 SSL_aECDH, 2156 SSL_3DES, 2157 SSL_SHA1, 2158 SSL_TLSV1, 2159 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2160 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2161 112, 2162 168, 2163 }, 2164 2165 /* Cipher C004 */ 2166 { 2167 1, 2168 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2169 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2170 SSL_kECDHe, 2171 SSL_aECDH, 2172 SSL_AES128, 2173 SSL_SHA1, 2174 SSL_TLSV1, 2175 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2176 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2177 128, 2178 128, 2179 }, 2180 2181 /* Cipher C005 */ 2182 { 2183 1, 2184 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2185 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2186 SSL_kECDHe, 2187 SSL_aECDH, 2188 SSL_AES256, 2189 SSL_SHA1, 2190 SSL_TLSV1, 2191 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2192 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2193 256, 2194 256, 2195 }, 2196 2197 /* Cipher C006 */ 2198 { 2199 1, 2200 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 2201 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 2202 SSL_kEECDH, 2203 SSL_aECDSA, 2204 SSL_eNULL, 2205 SSL_SHA1, 2206 SSL_TLSV1, 2207 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2208 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2209 0, 2210 0, 2211 }, 2212 2213 /* Cipher C007 */ 2214 { 2215 1, 2216 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 2217 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 2218 SSL_kEECDH, 2219 SSL_aECDSA, 2220 SSL_RC4, 2221 SSL_SHA1, 2222 SSL_TLSV1, 2223 SSL_NOT_EXP | SSL_MEDIUM, 2224 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2225 128, 2226 128, 2227 }, 2228 2229 /* Cipher C008 */ 2230 { 2231 1, 2232 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2233 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2234 SSL_kEECDH, 2235 SSL_aECDSA, 2236 SSL_3DES, 2237 SSL_SHA1, 2238 SSL_TLSV1, 2239 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2240 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2241 112, 2242 168, 2243 }, 2244 2245 /* Cipher C009 */ 2246 { 2247 1, 2248 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2249 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2250 SSL_kEECDH, 2251 SSL_aECDSA, 2252 SSL_AES128, 2253 SSL_SHA1, 2254 SSL_TLSV1, 2255 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2256 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2257 128, 2258 128, 2259 }, 2260 2261 /* Cipher C00A */ 2262 { 2263 1, 2264 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2265 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2266 SSL_kEECDH, 2267 SSL_aECDSA, 2268 SSL_AES256, 2269 SSL_SHA1, 2270 SSL_TLSV1, 2271 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2272 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2273 256, 2274 256, 2275 }, 2276 2277 /* Cipher C00B */ 2278 { 2279 1, 2280 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 2281 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 2282 SSL_kECDHr, 2283 SSL_aECDH, 2284 SSL_eNULL, 2285 SSL_SHA1, 2286 SSL_TLSV1, 2287 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2288 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2289 0, 2290 0, 2291 }, 2292 2293 /* Cipher C00C */ 2294 { 2295 1, 2296 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 2297 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 2298 SSL_kECDHr, 2299 SSL_aECDH, 2300 SSL_RC4, 2301 SSL_SHA1, 2302 SSL_TLSV1, 2303 SSL_NOT_EXP | SSL_MEDIUM, 2304 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2305 128, 2306 128, 2307 }, 2308 2309 /* Cipher C00D */ 2310 { 2311 1, 2312 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2313 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2314 SSL_kECDHr, 2315 SSL_aECDH, 2316 SSL_3DES, 2317 SSL_SHA1, 2318 SSL_TLSV1, 2319 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2320 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2321 112, 2322 168, 2323 }, 2324 2325 /* Cipher C00E */ 2326 { 2327 1, 2328 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 2329 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 2330 SSL_kECDHr, 2331 SSL_aECDH, 2332 SSL_AES128, 2333 SSL_SHA1, 2334 SSL_TLSV1, 2335 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2336 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2337 128, 2338 128, 2339 }, 2340 2341 /* Cipher C00F */ 2342 { 2343 1, 2344 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 2345 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 2346 SSL_kECDHr, 2347 SSL_aECDH, 2348 SSL_AES256, 2349 SSL_SHA1, 2350 SSL_TLSV1, 2351 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2352 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2353 256, 2354 256, 2355 }, 2356 2357 /* Cipher C010 */ 2358 { 2359 1, 2360 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 2361 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 2362 SSL_kEECDH, 2363 SSL_aRSA, 2364 SSL_eNULL, 2365 SSL_SHA1, 2366 SSL_TLSV1, 2367 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2368 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2369 0, 2370 0, 2371 }, 2372 2373 /* Cipher C011 */ 2374 { 2375 1, 2376 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 2377 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 2378 SSL_kEECDH, 2379 SSL_aRSA, 2380 SSL_RC4, 2381 SSL_SHA1, 2382 SSL_TLSV1, 2383 SSL_NOT_EXP | SSL_MEDIUM, 2384 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2385 128, 2386 128, 2387 }, 2388 2389 /* Cipher C012 */ 2390 { 2391 1, 2392 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2393 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2394 SSL_kEECDH, 2395 SSL_aRSA, 2396 SSL_3DES, 2397 SSL_SHA1, 2398 SSL_TLSV1, 2399 SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2400 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2401 112, 2402 168, 2403 }, 2404 2405 /* Cipher C013 */ 2406 { 2407 1, 2408 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2409 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2410 SSL_kEECDH, 2411 SSL_aRSA, 2412 SSL_AES128, 2413 SSL_SHA1, 2414 SSL_TLSV1, 2415 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2416 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2417 128, 2418 128, 2419 }, 2420 2421 /* Cipher C014 */ 2422 { 2423 1, 2424 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2425 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2426 SSL_kEECDH, 2427 SSL_aRSA, 2428 SSL_AES256, 2429 SSL_SHA1, 2430 SSL_TLSV1, 2431 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2432 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2433 256, 2434 256, 2435 }, 2436 2437 /* Cipher C015 */ 2438 { 2439 1, 2440 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 2441 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 2442 SSL_kEECDH, 2443 SSL_aNULL, 2444 SSL_eNULL, 2445 SSL_SHA1, 2446 SSL_TLSV1, 2447 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS, 2448 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2449 0, 2450 0, 2451 }, 2452 2453 /* Cipher C016 */ 2454 { 2455 1, 2456 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 2457 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 2458 SSL_kEECDH, 2459 SSL_aNULL, 2460 SSL_RC4, 2461 SSL_SHA1, 2462 SSL_TLSV1, 2463 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM, 2464 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2465 128, 2466 128, 2467 }, 2468 2469 /* Cipher C017 */ 2470 { 2471 1, 2472 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 2473 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 2474 SSL_kEECDH, 2475 SSL_aNULL, 2476 SSL_3DES, 2477 SSL_SHA1, 2478 SSL_TLSV1, 2479 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS, 2480 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2481 112, 2482 168, 2483 }, 2484 2485 /* Cipher C018 */ 2486 { 2487 1, 2488 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 2489 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 2490 SSL_kEECDH, 2491 SSL_aNULL, 2492 SSL_AES128, 2493 SSL_SHA1, 2494 SSL_TLSV1, 2495 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2496 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2497 128, 2498 128, 2499 }, 2500 2501 /* Cipher C019 */ 2502 { 2503 1, 2504 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 2505 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 2506 SSL_kEECDH, 2507 SSL_aNULL, 2508 SSL_AES256, 2509 SSL_SHA1, 2510 SSL_TLSV1, 2511 SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2512 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2513 256, 2514 256, 2515 }, 2516#endif /* OPENSSL_NO_ECDH */ 2517 2518#ifndef OPENSSL_NO_SRP 2519 /* Cipher C01A */ 2520 { 2521 1, 2522 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2523 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2524 SSL_kSRP, 2525 SSL_aSRP, 2526 SSL_3DES, 2527 SSL_SHA1, 2528 SSL_TLSV1, 2529 SSL_NOT_EXP | SSL_MEDIUM, 2530 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2531 112, 2532 168, 2533 }, 2534 2535 /* Cipher C01B */ 2536 { 2537 1, 2538 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2539 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2540 SSL_kSRP, 2541 SSL_aRSA, 2542 SSL_3DES, 2543 SSL_SHA1, 2544 SSL_TLSV1, 2545 SSL_NOT_EXP | SSL_MEDIUM, 2546 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2547 112, 2548 168, 2549 }, 2550 2551 /* Cipher C01C */ 2552 { 2553 1, 2554 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2555 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2556 SSL_kSRP, 2557 SSL_aDSS, 2558 SSL_3DES, 2559 SSL_SHA1, 2560 SSL_TLSV1, 2561 SSL_NOT_EXP | SSL_MEDIUM, 2562 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2563 112, 2564 168, 2565 }, 2566 2567 /* Cipher C01D */ 2568 { 2569 1, 2570 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, 2571 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, 2572 SSL_kSRP, 2573 SSL_aSRP, 2574 SSL_AES128, 2575 SSL_SHA1, 2576 SSL_TLSV1, 2577 SSL_NOT_EXP | SSL_HIGH, 2578 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2579 128, 2580 128, 2581 }, 2582 2583 /* Cipher C01E */ 2584 { 2585 1, 2586 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2587 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2588 SSL_kSRP, 2589 SSL_aRSA, 2590 SSL_AES128, 2591 SSL_SHA1, 2592 SSL_TLSV1, 2593 SSL_NOT_EXP | SSL_HIGH, 2594 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2595 128, 2596 128, 2597 }, 2598 2599 /* Cipher C01F */ 2600 { 2601 1, 2602 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2603 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2604 SSL_kSRP, 2605 SSL_aDSS, 2606 SSL_AES128, 2607 SSL_SHA1, 2608 SSL_TLSV1, 2609 SSL_NOT_EXP | SSL_HIGH, 2610 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2611 128, 2612 128, 2613 }, 2614 2615 /* Cipher C020 */ 2616 { 2617 1, 2618 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, 2619 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, 2620 SSL_kSRP, 2621 SSL_aSRP, 2622 SSL_AES256, 2623 SSL_SHA1, 2624 SSL_TLSV1, 2625 SSL_NOT_EXP | SSL_HIGH, 2626 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2627 256, 2628 256, 2629 }, 2630 2631 /* Cipher C021 */ 2632 { 2633 1, 2634 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2635 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2636 SSL_kSRP, 2637 SSL_aRSA, 2638 SSL_AES256, 2639 SSL_SHA1, 2640 SSL_TLSV1, 2641 SSL_NOT_EXP | SSL_HIGH, 2642 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2643 256, 2644 256, 2645 }, 2646 2647 /* Cipher C022 */ 2648 { 2649 1, 2650 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2651 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2652 SSL_kSRP, 2653 SSL_aDSS, 2654 SSL_AES256, 2655 SSL_SHA1, 2656 SSL_TLSV1, 2657 SSL_NOT_EXP | SSL_HIGH, 2658 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2659 256, 2660 256, 2661 }, 2662#endif /* OPENSSL_NO_SRP */ 2663#ifndef OPENSSL_NO_ECDH 2664 2665 /* HMAC based TLS v1.2 ciphersuites from RFC5289 */ 2666 2667 /* Cipher C023 */ 2668 { 2669 1, 2670 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 2671 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 2672 SSL_kEECDH, 2673 SSL_aECDSA, 2674 SSL_AES128, 2675 SSL_SHA256, 2676 SSL_TLSV1_2, 2677 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2678 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2679 128, 2680 128, 2681 }, 2682 2683 /* Cipher C024 */ 2684 { 2685 1, 2686 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 2687 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 2688 SSL_kEECDH, 2689 SSL_aECDSA, 2690 SSL_AES256, 2691 SSL_SHA384, 2692 SSL_TLSV1_2, 2693 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2694 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2695 256, 2696 256, 2697 }, 2698 2699 /* Cipher C025 */ 2700 { 2701 1, 2702 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256, 2703 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256, 2704 SSL_kECDHe, 2705 SSL_aECDH, 2706 SSL_AES128, 2707 SSL_SHA256, 2708 SSL_TLSV1_2, 2709 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2710 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2711 128, 2712 128, 2713 }, 2714 2715 /* Cipher C026 */ 2716 { 2717 1, 2718 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384, 2719 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384, 2720 SSL_kECDHe, 2721 SSL_aECDH, 2722 SSL_AES256, 2723 SSL_SHA384, 2724 SSL_TLSV1_2, 2725 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2726 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2727 256, 2728 256, 2729 }, 2730 2731 /* Cipher C027 */ 2732 { 2733 1, 2734 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 2735 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 2736 SSL_kEECDH, 2737 SSL_aRSA, 2738 SSL_AES128, 2739 SSL_SHA256, 2740 SSL_TLSV1_2, 2741 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2742 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2743 128, 2744 128, 2745 }, 2746 2747 /* Cipher C028 */ 2748 { 2749 1, 2750 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 2751 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 2752 SSL_kEECDH, 2753 SSL_aRSA, 2754 SSL_AES256, 2755 SSL_SHA384, 2756 SSL_TLSV1_2, 2757 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2758 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2759 256, 2760 256, 2761 }, 2762 2763 /* Cipher C029 */ 2764 { 2765 1, 2766 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, 2767 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, 2768 SSL_kECDHr, 2769 SSL_aECDH, 2770 SSL_AES128, 2771 SSL_SHA256, 2772 SSL_TLSV1_2, 2773 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2774 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2775 128, 2776 128, 2777 }, 2778 2779 /* Cipher C02A */ 2780 { 2781 1, 2782 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, 2783 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, 2784 SSL_kECDHr, 2785 SSL_aECDH, 2786 SSL_AES256, 2787 SSL_SHA384, 2788 SSL_TLSV1_2, 2789 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2790 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2791 256, 2792 256, 2793 }, 2794 2795 /* GCM based TLS v1.2 ciphersuites from RFC5289 */ 2796 2797 /* Cipher C02B */ 2798 { 2799 1, 2800 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2801 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2802 SSL_kEECDH, 2803 SSL_aECDSA, 2804 SSL_AES128GCM, 2805 SSL_AEAD, 2806 SSL_TLSV1_2, 2807 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2808 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2809 128, 2810 128, 2811 }, 2812 2813 /* Cipher C02C */ 2814 { 2815 1, 2816 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2817 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2818 SSL_kEECDH, 2819 SSL_aECDSA, 2820 SSL_AES256GCM, 2821 SSL_AEAD, 2822 SSL_TLSV1_2, 2823 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2824 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2825 256, 2826 256, 2827 }, 2828 2829 /* Cipher C02D */ 2830 { 2831 1, 2832 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2833 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2834 SSL_kECDHe, 2835 SSL_aECDH, 2836 SSL_AES128GCM, 2837 SSL_AEAD, 2838 SSL_TLSV1_2, 2839 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2840 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2841 128, 2842 128, 2843 }, 2844 2845 /* Cipher C02E */ 2846 { 2847 1, 2848 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2849 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2850 SSL_kECDHe, 2851 SSL_aECDH, 2852 SSL_AES256GCM, 2853 SSL_AEAD, 2854 SSL_TLSV1_2, 2855 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2856 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2857 256, 2858 256, 2859 }, 2860 2861 /* Cipher C02F */ 2862 { 2863 1, 2864 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2865 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2866 SSL_kEECDH, 2867 SSL_aRSA, 2868 SSL_AES128GCM, 2869 SSL_AEAD, 2870 SSL_TLSV1_2, 2871 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2872 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2873 128, 2874 128, 2875 }, 2876 2877 /* Cipher C030 */ 2878 { 2879 1, 2880 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2881 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2882 SSL_kEECDH, 2883 SSL_aRSA, 2884 SSL_AES256GCM, 2885 SSL_AEAD, 2886 SSL_TLSV1_2, 2887 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2888 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2889 256, 2890 256, 2891 }, 2892 2893 /* Cipher C031 */ 2894 { 2895 1, 2896 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2897 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2898 SSL_kECDHr, 2899 SSL_aECDH, 2900 SSL_AES128GCM, 2901 SSL_AEAD, 2902 SSL_TLSV1_2, 2903 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2904 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2905 128, 2906 128, 2907 }, 2908 2909 /* Cipher C032 */ 2910 { 2911 1, 2912 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2913 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2914 SSL_kECDHr, 2915 SSL_aECDH, 2916 SSL_AES256GCM, 2917 SSL_AEAD, 2918 SSL_TLSV1_2, 2919 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 2920 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2921 256, 2922 256, 2923 }, 2924 2925#endif /* OPENSSL_NO_ECDH */ 2926 2927#ifdef TEMP_GOST_TLS 2928/* Cipher FF00 */ 2929 { 2930 1, 2931 "GOST-MD5", 2932 0x0300ff00, 2933 SSL_kRSA, 2934 SSL_aRSA, 2935 SSL_eGOST2814789CNT, 2936 SSL_MD5, 2937 SSL_TLSV1, 2938 SSL_NOT_EXP | SSL_HIGH, 2939 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2940 256, 2941 256, 2942 }, 2943 { 2944 1, 2945 "GOST-GOST94", 2946 0x0300ff01, 2947 SSL_kRSA, 2948 SSL_aRSA, 2949 SSL_eGOST2814789CNT, 2950 SSL_GOST94, 2951 SSL_TLSV1, 2952 SSL_NOT_EXP | SSL_HIGH, 2953 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2954 256, 2955 256}, 2956 { 2957 1, 2958 "GOST-GOST89MAC", 2959 0x0300ff02, 2960 SSL_kRSA, 2961 SSL_aRSA, 2962 SSL_eGOST2814789CNT, 2963 SSL_GOST89MAC, 2964 SSL_TLSV1, 2965 SSL_NOT_EXP | SSL_HIGH, 2966 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2967 256, 2968 256}, 2969 { 2970 1, 2971 "GOST-GOST89STREAM", 2972 0x0300ff03, 2973 SSL_kRSA, 2974 SSL_aRSA, 2975 SSL_eGOST2814789CNT, 2976 SSL_GOST89MAC, 2977 SSL_TLSV1, 2978 SSL_NOT_EXP | SSL_HIGH, 2979 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC, 2980 256, 2981 256}, 2982#endif 2983 2984/* end of list */ 2985}; 2986 2987SSL3_ENC_METHOD SSLv3_enc_data = { 2988 ssl3_enc, 2989 n_ssl3_mac, 2990 ssl3_setup_key_block, 2991 ssl3_generate_master_secret, 2992 ssl3_change_cipher_state, 2993 ssl3_final_finish_mac, 2994 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, 2995 ssl3_cert_verify_mac, 2996 SSL3_MD_CLIENT_FINISHED_CONST, 4, 2997 SSL3_MD_SERVER_FINISHED_CONST, 4, 2998 ssl3_alert_code, 2999 (int (*)(SSL *, unsigned char *, size_t, const char *, 3000 size_t, const unsigned char *, size_t, 3001 int use_context))ssl_undefined_function, 3002 0, 3003 SSL3_HM_HEADER_LENGTH, 3004 ssl3_set_handshake_header, 3005 ssl3_handshake_write 3006}; 3007 3008long ssl3_default_timeout(void) 3009{ 3010 /* 3011 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for 3012 * http, the cache would over fill 3013 */ 3014 return (60 * 60 * 2); 3015} 3016 3017int ssl3_num_ciphers(void) 3018{ 3019 return (SSL3_NUM_CIPHERS); 3020} 3021 3022const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 3023{ 3024 if (u < SSL3_NUM_CIPHERS) 3025 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u])); 3026 else 3027 return (NULL); 3028} 3029 3030int ssl3_pending(const SSL *s) 3031{ 3032 if (s->rstate == SSL_ST_READ_BODY) 3033 return 0; 3034 3035 return (s->s3->rrec.type == 3036 SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 3037} 3038 3039void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) 3040{ 3041 unsigned char *p = (unsigned char *)s->init_buf->data; 3042 *(p++) = htype; 3043 l2n3(len, p); 3044 s->init_num = (int)len + SSL3_HM_HEADER_LENGTH; 3045 s->init_off = 0; 3046} 3047 3048int ssl3_handshake_write(SSL *s) 3049{ 3050 return ssl3_do_write(s, SSL3_RT_HANDSHAKE); 3051} 3052 3053int ssl3_new(SSL *s) 3054{ 3055 SSL3_STATE *s3; 3056 3057 if ((s3 = OPENSSL_malloc(sizeof(*s3))) == NULL) 3058 goto err; 3059 memset(s3, 0, sizeof(*s3)); 3060 memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 3061 memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); 3062 3063 s->s3 = s3; 3064 3065#ifndef OPENSSL_NO_SRP 3066 SSL_SRP_CTX_init(s); 3067#endif 3068 s->method->ssl_clear(s); 3069 return (1); 3070 err: 3071 return (0); 3072} 3073 3074void ssl3_free(SSL *s) 3075{ 3076 if (s == NULL || s->s3 == NULL) 3077 return; 3078 3079#ifdef TLSEXT_TYPE_opaque_prf_input 3080 if (s->s3->client_opaque_prf_input != NULL) 3081 OPENSSL_free(s->s3->client_opaque_prf_input); 3082 if (s->s3->server_opaque_prf_input != NULL) 3083 OPENSSL_free(s->s3->server_opaque_prf_input); 3084#endif 3085 3086 ssl3_cleanup_key_block(s); 3087 if (s->s3->rbuf.buf != NULL) 3088 ssl3_release_read_buffer(s); 3089 if (s->s3->wbuf.buf != NULL) 3090 ssl3_release_write_buffer(s); 3091 if (s->s3->rrec.comp != NULL) 3092 OPENSSL_free(s->s3->rrec.comp); 3093#ifndef OPENSSL_NO_DH 3094 if (s->s3->tmp.dh != NULL) 3095 DH_free(s->s3->tmp.dh); 3096#endif 3097#ifndef OPENSSL_NO_ECDH 3098 if (s->s3->tmp.ecdh != NULL) 3099 EC_KEY_free(s->s3->tmp.ecdh); 3100#endif 3101 3102 if (s->s3->tmp.ca_names != NULL) 3103 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3104 if (s->s3->handshake_buffer) { 3105 BIO_free(s->s3->handshake_buffer); 3106 } 3107 if (s->s3->handshake_dgst) 3108 ssl3_free_digest_list(s); 3109#ifndef OPENSSL_NO_TLSEXT 3110 if (s->s3->alpn_selected) 3111 OPENSSL_free(s->s3->alpn_selected); 3112#endif 3113 3114#ifndef OPENSSL_NO_SRP 3115 SSL_SRP_CTX_free(s); 3116#endif 3117 OPENSSL_cleanse(s->s3, sizeof(*s->s3)); 3118 OPENSSL_free(s->s3); 3119 s->s3 = NULL; 3120} 3121 3122void ssl3_clear(SSL *s) 3123{ 3124 unsigned char *rp, *wp; 3125 size_t rlen, wlen; 3126 int init_extra; 3127 3128#ifdef TLSEXT_TYPE_opaque_prf_input 3129 if (s->s3->client_opaque_prf_input != NULL) 3130 OPENSSL_free(s->s3->client_opaque_prf_input); 3131 s->s3->client_opaque_prf_input = NULL; 3132 if (s->s3->server_opaque_prf_input != NULL) 3133 OPENSSL_free(s->s3->server_opaque_prf_input); 3134 s->s3->server_opaque_prf_input = NULL; 3135#endif 3136 3137 ssl3_cleanup_key_block(s); 3138 if (s->s3->tmp.ca_names != NULL) 3139 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 3140 3141 if (s->s3->rrec.comp != NULL) { 3142 OPENSSL_free(s->s3->rrec.comp); 3143 s->s3->rrec.comp = NULL; 3144 } 3145#ifndef OPENSSL_NO_DH 3146 if (s->s3->tmp.dh != NULL) { 3147 DH_free(s->s3->tmp.dh); 3148 s->s3->tmp.dh = NULL; 3149 } 3150#endif 3151#ifndef OPENSSL_NO_ECDH 3152 if (s->s3->tmp.ecdh != NULL) { 3153 EC_KEY_free(s->s3->tmp.ecdh); 3154 s->s3->tmp.ecdh = NULL; 3155 } 3156#endif 3157#ifndef OPENSSL_NO_TLSEXT 3158# ifndef OPENSSL_NO_EC 3159 s->s3->is_probably_safari = 0; 3160# endif /* !OPENSSL_NO_EC */ 3161#endif /* !OPENSSL_NO_TLSEXT */ 3162 3163 rp = s->s3->rbuf.buf; 3164 wp = s->s3->wbuf.buf; 3165 rlen = s->s3->rbuf.len; 3166 wlen = s->s3->wbuf.len; 3167 init_extra = s->s3->init_extra; 3168 if (s->s3->handshake_buffer) { 3169 BIO_free(s->s3->handshake_buffer); 3170 s->s3->handshake_buffer = NULL; 3171 } 3172 if (s->s3->handshake_dgst) { 3173 ssl3_free_digest_list(s); 3174 } 3175#if !defined(OPENSSL_NO_TLSEXT) 3176 if (s->s3->alpn_selected) { 3177 OPENSSL_free(s->s3->alpn_selected); 3178 s->s3->alpn_selected = NULL; 3179 } 3180#endif 3181 memset(s->s3, 0, sizeof(*s->s3)); 3182 s->s3->rbuf.buf = rp; 3183 s->s3->wbuf.buf = wp; 3184 s->s3->rbuf.len = rlen; 3185 s->s3->wbuf.len = wlen; 3186 s->s3->init_extra = init_extra; 3187 3188 ssl_free_wbio_buffer(s); 3189 3190 s->packet_length = 0; 3191 s->s3->renegotiate = 0; 3192 s->s3->total_renegotiations = 0; 3193 s->s3->num_renegotiations = 0; 3194 s->s3->in_read_app_data = 0; 3195 s->version = SSL3_VERSION; 3196 3197#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 3198 if (s->next_proto_negotiated) { 3199 OPENSSL_free(s->next_proto_negotiated); 3200 s->next_proto_negotiated = NULL; 3201 s->next_proto_negotiated_len = 0; 3202 } 3203#endif 3204} 3205 3206#ifndef OPENSSL_NO_SRP 3207static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg) 3208{ 3209 return BUF_strdup(s->srp_ctx.info); 3210} 3211#endif 3212 3213static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, 3214 size_t len); 3215 3216long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 3217{ 3218 int ret = 0; 3219 3220#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3221 if ( 3222# ifndef OPENSSL_NO_RSA 3223 cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB || 3224# endif 3225# ifndef OPENSSL_NO_DSA 3226 cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB || 3227# endif 3228 0) { 3229 if (!ssl_cert_inst(&s->cert)) { 3230 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 3231 return (0); 3232 } 3233 } 3234#endif 3235 3236 switch (cmd) { 3237 case SSL_CTRL_GET_SESSION_REUSED: 3238 ret = s->hit; 3239 break; 3240 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 3241 break; 3242 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 3243 ret = s->s3->num_renegotiations; 3244 break; 3245 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 3246 ret = s->s3->num_renegotiations; 3247 s->s3->num_renegotiations = 0; 3248 break; 3249 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 3250 ret = s->s3->total_renegotiations; 3251 break; 3252 case SSL_CTRL_GET_FLAGS: 3253 ret = (int)(s->s3->flags); 3254 break; 3255#ifndef OPENSSL_NO_RSA 3256 case SSL_CTRL_NEED_TMP_RSA: 3257 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 3258 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3259 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3260 (512 / 8)))) 3261 ret = 1; 3262 break; 3263 case SSL_CTRL_SET_TMP_RSA: 3264 { 3265 RSA *rsa = (RSA *)parg; 3266 if (rsa == NULL) { 3267 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3268 return (ret); 3269 } 3270 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) { 3271 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); 3272 return (ret); 3273 } 3274 if (s->cert->rsa_tmp != NULL) 3275 RSA_free(s->cert->rsa_tmp); 3276 s->cert->rsa_tmp = rsa; 3277 ret = 1; 3278 } 3279 break; 3280 case SSL_CTRL_SET_TMP_RSA_CB: 3281 { 3282 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3283 return (ret); 3284 } 3285 break; 3286#endif 3287#ifndef OPENSSL_NO_DH 3288 case SSL_CTRL_SET_TMP_DH: 3289 { 3290 DH *dh = (DH *)parg; 3291 if (dh == NULL) { 3292 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3293 return (ret); 3294 } 3295 if ((dh = DHparams_dup(dh)) == NULL) { 3296 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3297 return (ret); 3298 } 3299 if (s->cert->dh_tmp != NULL) 3300 DH_free(s->cert->dh_tmp); 3301 s->cert->dh_tmp = dh; 3302 ret = 1; 3303 } 3304 break; 3305 case SSL_CTRL_SET_TMP_DH_CB: 3306 { 3307 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3308 return (ret); 3309 } 3310 break; 3311#endif 3312#ifndef OPENSSL_NO_ECDH 3313 case SSL_CTRL_SET_TMP_ECDH: 3314 { 3315 EC_KEY *ecdh = NULL; 3316 3317 if (parg == NULL) { 3318 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3319 return (ret); 3320 } 3321 if (!EC_KEY_up_ref((EC_KEY *)parg)) { 3322 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3323 return (ret); 3324 } 3325 ecdh = (EC_KEY *)parg; 3326 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) { 3327 if (!EC_KEY_generate_key(ecdh)) { 3328 EC_KEY_free(ecdh); 3329 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB); 3330 return (ret); 3331 } 3332 } 3333 if (s->cert->ecdh_tmp != NULL) 3334 EC_KEY_free(s->cert->ecdh_tmp); 3335 s->cert->ecdh_tmp = ecdh; 3336 ret = 1; 3337 } 3338 break; 3339 case SSL_CTRL_SET_TMP_ECDH_CB: 3340 { 3341 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3342 return (ret); 3343 } 3344 break; 3345#endif /* !OPENSSL_NO_ECDH */ 3346#ifndef OPENSSL_NO_TLSEXT 3347 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 3348 if (larg == TLSEXT_NAMETYPE_host_name) { 3349 size_t len; 3350 3351 if (s->tlsext_hostname != NULL) 3352 OPENSSL_free(s->tlsext_hostname); 3353 s->tlsext_hostname = NULL; 3354 3355 ret = 1; 3356 if (parg == NULL) 3357 break; 3358 len = strlen((char *)parg); 3359 if (len == 0 || len > TLSEXT_MAXLEN_host_name) { 3360 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 3361 return 0; 3362 } 3363 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) { 3364 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 3365 return 0; 3366 } 3367 } else { 3368 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 3369 return 0; 3370 } 3371 break; 3372 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 3373 s->tlsext_debug_arg = parg; 3374 ret = 1; 3375 break; 3376 3377# ifdef TLSEXT_TYPE_opaque_prf_input 3378 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3379 if (larg > 12288) { /* actual internal limit is 2^16 for the 3380 * complete hello message * (including the 3381 * cert chain and everything) */ 3382 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3383 break; 3384 } 3385 if (s->tlsext_opaque_prf_input != NULL) 3386 OPENSSL_free(s->tlsext_opaque_prf_input); 3387 if ((size_t)larg == 0) 3388 s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte 3389 * just to get 3390 * non-NULL */ 3391 else 3392 s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); 3393 if (s->tlsext_opaque_prf_input != NULL) { 3394 s->tlsext_opaque_prf_input_len = (size_t)larg; 3395 ret = 1; 3396 } else 3397 s->tlsext_opaque_prf_input_len = 0; 3398 break; 3399# endif 3400 3401 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3402 s->tlsext_status_type = larg; 3403 ret = 1; 3404 break; 3405 3406 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 3407 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; 3408 ret = 1; 3409 break; 3410 3411 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 3412 s->tlsext_ocsp_exts = parg; 3413 ret = 1; 3414 break; 3415 3416 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 3417 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; 3418 ret = 1; 3419 break; 3420 3421 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 3422 s->tlsext_ocsp_ids = parg; 3423 ret = 1; 3424 break; 3425 3426 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 3427 *(unsigned char **)parg = s->tlsext_ocsp_resp; 3428 return s->tlsext_ocsp_resplen; 3429 3430 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 3431 if (s->tlsext_ocsp_resp) 3432 OPENSSL_free(s->tlsext_ocsp_resp); 3433 s->tlsext_ocsp_resp = parg; 3434 s->tlsext_ocsp_resplen = larg; 3435 ret = 1; 3436 break; 3437 3438# ifndef OPENSSL_NO_HEARTBEATS 3439 case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT: 3440 if (SSL_IS_DTLS(s)) 3441 ret = dtls1_heartbeat(s); 3442 else 3443 ret = tls1_heartbeat(s); 3444 break; 3445 3446 case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING: 3447 ret = s->tlsext_hb_pending; 3448 break; 3449 3450 case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS: 3451 if (larg) 3452 s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3453 else 3454 s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3455 ret = 1; 3456 break; 3457# endif 3458 3459#endif /* !OPENSSL_NO_TLSEXT */ 3460 3461 case SSL_CTRL_CHAIN: 3462 if (larg) 3463 return ssl_cert_set1_chain(s->cert, (STACK_OF(X509) *)parg); 3464 else 3465 return ssl_cert_set0_chain(s->cert, (STACK_OF(X509) *)parg); 3466 3467 case SSL_CTRL_CHAIN_CERT: 3468 if (larg) 3469 return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg); 3470 else 3471 return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg); 3472 3473 case SSL_CTRL_GET_CHAIN_CERTS: 3474 *(STACK_OF(X509) **)parg = s->cert->key->chain; 3475 break; 3476 3477 case SSL_CTRL_SELECT_CURRENT_CERT: 3478 return ssl_cert_select_current(s->cert, (X509 *)parg); 3479 3480 case SSL_CTRL_SET_CURRENT_CERT: 3481 if (larg == SSL_CERT_SET_SERVER) { 3482 CERT_PKEY *cpk; 3483 const SSL_CIPHER *cipher; 3484 if (!s->server) 3485 return 0; 3486 cipher = s->s3->tmp.new_cipher; 3487 if (!cipher) 3488 return 0; 3489 /* 3490 * No certificate for unauthenticated ciphersuites or using SRP 3491 * authentication 3492 */ 3493 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP)) 3494 return 2; 3495 cpk = ssl_get_server_send_pkey(s); 3496 if (!cpk) 3497 return 0; 3498 s->cert->key = cpk; 3499 return 1; 3500 } 3501 return ssl_cert_set_current(s->cert, larg); 3502 3503#ifndef OPENSSL_NO_EC 3504 case SSL_CTRL_GET_CURVES: 3505 { 3506 unsigned char *clist; 3507 size_t clistlen; 3508 if (!s->session) 3509 return 0; 3510 clist = s->session->tlsext_ellipticcurvelist; 3511 clistlen = s->session->tlsext_ellipticcurvelist_length / 2; 3512 if (parg) { 3513 size_t i; 3514 int *cptr = parg; 3515 unsigned int cid, nid; 3516 for (i = 0; i < clistlen; i++) { 3517 n2s(clist, cid); 3518 nid = tls1_ec_curve_id2nid(cid); 3519 if (nid != 0) 3520 cptr[i] = nid; 3521 else 3522 cptr[i] = TLSEXT_nid_unknown | cid; 3523 } 3524 } 3525 return (int)clistlen; 3526 } 3527 3528 case SSL_CTRL_SET_CURVES: 3529 return tls1_set_curves(&s->tlsext_ellipticcurvelist, 3530 &s->tlsext_ellipticcurvelist_length, 3531 parg, larg); 3532 3533 case SSL_CTRL_SET_CURVES_LIST: 3534 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist, 3535 &s->tlsext_ellipticcurvelist_length, 3536 parg); 3537 3538 case SSL_CTRL_GET_SHARED_CURVE: 3539 return tls1_shared_curve(s, larg); 3540 3541# ifndef OPENSSL_NO_ECDH 3542 case SSL_CTRL_SET_ECDH_AUTO: 3543 s->cert->ecdh_tmp_auto = larg; 3544 return 1; 3545# endif 3546#endif 3547 case SSL_CTRL_SET_SIGALGS: 3548 return tls1_set_sigalgs(s->cert, parg, larg, 0); 3549 3550 case SSL_CTRL_SET_SIGALGS_LIST: 3551 return tls1_set_sigalgs_list(s->cert, parg, 0); 3552 3553 case SSL_CTRL_SET_CLIENT_SIGALGS: 3554 return tls1_set_sigalgs(s->cert, parg, larg, 1); 3555 3556 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3557 return tls1_set_sigalgs_list(s->cert, parg, 1); 3558 3559 case SSL_CTRL_GET_CLIENT_CERT_TYPES: 3560 { 3561 const unsigned char **pctype = parg; 3562 if (s->server || !s->s3->tmp.cert_req) 3563 return 0; 3564 if (s->cert->ctypes) { 3565 if (pctype) 3566 *pctype = s->cert->ctypes; 3567 return (int)s->cert->ctype_num; 3568 } 3569 if (pctype) 3570 *pctype = (unsigned char *)s->s3->tmp.ctype; 3571 return s->s3->tmp.ctype_num; 3572 } 3573 3574 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3575 if (!s->server) 3576 return 0; 3577 return ssl3_set_req_cert_type(s->cert, parg, larg); 3578 3579 case SSL_CTRL_BUILD_CERT_CHAIN: 3580 return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg); 3581 3582 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3583 return ssl_cert_set_cert_store(s->cert, parg, 0, larg); 3584 3585 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3586 return ssl_cert_set_cert_store(s->cert, parg, 1, larg); 3587 3588 case SSL_CTRL_GET_PEER_SIGNATURE_NID: 3589 if (SSL_USE_SIGALGS(s)) { 3590 if (s->session && s->session->sess_cert) { 3591 const EVP_MD *sig; 3592 sig = s->session->sess_cert->peer_key->digest; 3593 if (sig) { 3594 *(int *)parg = EVP_MD_type(sig); 3595 return 1; 3596 } 3597 } 3598 return 0; 3599 } 3600 /* Might want to do something here for other versions */ 3601 else 3602 return 0; 3603 3604 case SSL_CTRL_GET_SERVER_TMP_KEY: 3605 if (s->server || !s->session || !s->session->sess_cert) 3606 return 0; 3607 else { 3608 SESS_CERT *sc; 3609 EVP_PKEY *ptmp; 3610 int rv = 0; 3611 sc = s->session->sess_cert; 3612#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_ECDH) 3613 if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp) 3614 return 0; 3615#endif 3616 ptmp = EVP_PKEY_new(); 3617 if (!ptmp) 3618 return 0; 3619 if (0) ; 3620#ifndef OPENSSL_NO_RSA 3621 else if (sc->peer_rsa_tmp) 3622 rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp); 3623#endif 3624#ifndef OPENSSL_NO_DH 3625 else if (sc->peer_dh_tmp) 3626 rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp); 3627#endif 3628#ifndef OPENSSL_NO_ECDH 3629 else if (sc->peer_ecdh_tmp) 3630 rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp); 3631#endif 3632 if (rv) { 3633 *(EVP_PKEY **)parg = ptmp; 3634 return 1; 3635 } 3636 EVP_PKEY_free(ptmp); 3637 return 0; 3638 } 3639#ifndef OPENSSL_NO_EC 3640 case SSL_CTRL_GET_EC_POINT_FORMATS: 3641 { 3642 SSL_SESSION *sess = s->session; 3643 const unsigned char **pformat = parg; 3644 if (!sess || !sess->tlsext_ecpointformatlist) 3645 return 0; 3646 *pformat = sess->tlsext_ecpointformatlist; 3647 return (int)sess->tlsext_ecpointformatlist_length; 3648 } 3649#endif 3650 3651 case SSL_CTRL_CHECK_PROTO_VERSION: 3652 /* 3653 * For library-internal use; checks that the current protocol is the 3654 * highest enabled version (according to s->ctx->method, as version 3655 * negotiation may have changed s->method). 3656 */ 3657 if (s->version == s->ctx->method->version) 3658 return 1; 3659 /* 3660 * Apparently we're using a version-flexible SSL_METHOD (not at its 3661 * highest protocol version). 3662 */ 3663 if (s->ctx->method->version == SSLv23_method()->version) { 3664#if TLS_MAX_VERSION != TLS1_2_VERSION 3665# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. 3666#endif 3667 if (!(s->options & SSL_OP_NO_TLSv1_2)) 3668 return s->version == TLS1_2_VERSION; 3669 if (!(s->options & SSL_OP_NO_TLSv1_1)) 3670 return s->version == TLS1_1_VERSION; 3671 if (!(s->options & SSL_OP_NO_TLSv1)) 3672 return s->version == TLS1_VERSION; 3673 if (!(s->options & SSL_OP_NO_SSLv3)) 3674 return s->version == SSL3_VERSION; 3675 if (!(s->options & SSL_OP_NO_SSLv2)) 3676 return s->version == SSL2_VERSION; 3677 } 3678 return 0; /* Unexpected state; fail closed. */ 3679 3680 default: 3681 break; 3682 } 3683 return (ret); 3684} 3685 3686long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 3687{ 3688 int ret = 0; 3689 3690#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3691 if ( 3692# ifndef OPENSSL_NO_RSA 3693 cmd == SSL_CTRL_SET_TMP_RSA_CB || 3694# endif 3695# ifndef OPENSSL_NO_DSA 3696 cmd == SSL_CTRL_SET_TMP_DH_CB || 3697# endif 3698 0) { 3699 if (!ssl_cert_inst(&s->cert)) { 3700 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); 3701 return (0); 3702 } 3703 } 3704#endif 3705 3706 switch (cmd) { 3707#ifndef OPENSSL_NO_RSA 3708 case SSL_CTRL_SET_TMP_RSA_CB: 3709 { 3710 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3711 } 3712 break; 3713#endif 3714#ifndef OPENSSL_NO_DH 3715 case SSL_CTRL_SET_TMP_DH_CB: 3716 { 3717 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3718 } 3719 break; 3720#endif 3721#ifndef OPENSSL_NO_ECDH 3722 case SSL_CTRL_SET_TMP_ECDH_CB: 3723 { 3724 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3725 } 3726 break; 3727#endif 3728#ifndef OPENSSL_NO_TLSEXT 3729 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3730 s->tlsext_debug_cb = (void (*)(SSL *, int, int, 3731 unsigned char *, int, void *))fp; 3732 break; 3733#endif 3734 default: 3735 break; 3736 } 3737 return (ret); 3738} 3739 3740long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3741{ 3742 CERT *cert; 3743 3744 cert = ctx->cert; 3745 3746 switch (cmd) { 3747#ifndef OPENSSL_NO_RSA 3748 case SSL_CTRL_NEED_TMP_RSA: 3749 if ((cert->rsa_tmp == NULL) && 3750 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3751 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > 3752 (512 / 8))) 3753 ) 3754 return (1); 3755 else 3756 return (0); 3757 /* break; */ 3758 case SSL_CTRL_SET_TMP_RSA: 3759 { 3760 RSA *rsa; 3761 int i; 3762 3763 rsa = (RSA *)parg; 3764 i = 1; 3765 if (rsa == NULL) 3766 i = 0; 3767 else { 3768 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) 3769 i = 0; 3770 } 3771 if (!i) { 3772 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB); 3773 return (0); 3774 } else { 3775 if (cert->rsa_tmp != NULL) 3776 RSA_free(cert->rsa_tmp); 3777 cert->rsa_tmp = rsa; 3778 return (1); 3779 } 3780 } 3781 /* break; */ 3782 case SSL_CTRL_SET_TMP_RSA_CB: 3783 { 3784 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3785 return (0); 3786 } 3787 break; 3788#endif 3789#ifndef OPENSSL_NO_DH 3790 case SSL_CTRL_SET_TMP_DH: 3791 { 3792 DH *new = NULL, *dh; 3793 3794 dh = (DH *)parg; 3795 if ((new = DHparams_dup(dh)) == NULL) { 3796 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); 3797 return 0; 3798 } 3799 if (cert->dh_tmp != NULL) 3800 DH_free(cert->dh_tmp); 3801 cert->dh_tmp = new; 3802 return 1; 3803 } 3804 /* 3805 * break; 3806 */ 3807 case SSL_CTRL_SET_TMP_DH_CB: 3808 { 3809 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3810 return (0); 3811 } 3812 break; 3813#endif 3814#ifndef OPENSSL_NO_ECDH 3815 case SSL_CTRL_SET_TMP_ECDH: 3816 { 3817 EC_KEY *ecdh = NULL; 3818 3819 if (parg == NULL) { 3820 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3821 return 0; 3822 } 3823 ecdh = EC_KEY_dup((EC_KEY *)parg); 3824 if (ecdh == NULL) { 3825 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB); 3826 return 0; 3827 } 3828 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) { 3829 if (!EC_KEY_generate_key(ecdh)) { 3830 EC_KEY_free(ecdh); 3831 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB); 3832 return 0; 3833 } 3834 } 3835 3836 if (cert->ecdh_tmp != NULL) { 3837 EC_KEY_free(cert->ecdh_tmp); 3838 } 3839 cert->ecdh_tmp = ecdh; 3840 return 1; 3841 } 3842 /* break; */ 3843 case SSL_CTRL_SET_TMP_ECDH_CB: 3844 { 3845 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3846 return (0); 3847 } 3848 break; 3849#endif /* !OPENSSL_NO_ECDH */ 3850#ifndef OPENSSL_NO_TLSEXT 3851 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 3852 ctx->tlsext_servername_arg = parg; 3853 break; 3854 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 3855 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 3856 { 3857 unsigned char *keys = parg; 3858 if (!keys) 3859 return 48; 3860 if (larg != 48) { 3861 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3862 return 0; 3863 } 3864 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 3865 memcpy(ctx->tlsext_tick_key_name, keys, 16); 3866 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 3867 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 3868 } else { 3869 memcpy(keys, ctx->tlsext_tick_key_name, 16); 3870 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 3871 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 3872 } 3873 return 1; 3874 } 3875 3876# ifdef TLSEXT_TYPE_opaque_prf_input 3877 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG: 3878 ctx->tlsext_opaque_prf_input_callback_arg = parg; 3879 return 1; 3880# endif 3881 3882 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 3883 ctx->tlsext_status_arg = parg; 3884 return 1; 3885 break; 3886 3887# ifndef OPENSSL_NO_SRP 3888 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: 3889 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3890 if (ctx->srp_ctx.login != NULL) 3891 OPENSSL_free(ctx->srp_ctx.login); 3892 ctx->srp_ctx.login = NULL; 3893 if (parg == NULL) 3894 break; 3895 if (strlen((const char *)parg) > 255 3896 || strlen((const char *)parg) < 1) { 3897 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3898 return 0; 3899 } 3900 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) { 3901 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3902 return 0; 3903 } 3904 break; 3905 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3906 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3907 srp_password_from_info_cb; 3908 ctx->srp_ctx.info = parg; 3909 break; 3910 case SSL_CTRL_SET_SRP_ARG: 3911 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3912 ctx->srp_ctx.SRP_cb_arg = parg; 3913 break; 3914 3915 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH: 3916 ctx->srp_ctx.strength = larg; 3917 break; 3918# endif 3919 3920# ifndef OPENSSL_NO_EC 3921 case SSL_CTRL_SET_CURVES: 3922 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, 3923 &ctx->tlsext_ellipticcurvelist_length, 3924 parg, larg); 3925 3926 case SSL_CTRL_SET_CURVES_LIST: 3927 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist, 3928 &ctx->tlsext_ellipticcurvelist_length, 3929 parg); 3930# ifndef OPENSSL_NO_ECDH 3931 case SSL_CTRL_SET_ECDH_AUTO: 3932 ctx->cert->ecdh_tmp_auto = larg; 3933 return 1; 3934# endif 3935# endif 3936 case SSL_CTRL_SET_SIGALGS: 3937 return tls1_set_sigalgs(ctx->cert, parg, larg, 0); 3938 3939 case SSL_CTRL_SET_SIGALGS_LIST: 3940 return tls1_set_sigalgs_list(ctx->cert, parg, 0); 3941 3942 case SSL_CTRL_SET_CLIENT_SIGALGS: 3943 return tls1_set_sigalgs(ctx->cert, parg, larg, 1); 3944 3945 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3946 return tls1_set_sigalgs_list(ctx->cert, parg, 1); 3947 3948 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3949 return ssl3_set_req_cert_type(ctx->cert, parg, larg); 3950 3951 case SSL_CTRL_BUILD_CERT_CHAIN: 3952 return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg); 3953 3954 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3955 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg); 3956 3957 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3958 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg); 3959 3960#endif /* !OPENSSL_NO_TLSEXT */ 3961 3962 /* A Thawte special :-) */ 3963 case SSL_CTRL_EXTRA_CHAIN_CERT: 3964 if (ctx->extra_certs == NULL) { 3965 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) 3966 return (0); 3967 } 3968 sk_X509_push(ctx->extra_certs, (X509 *)parg); 3969 break; 3970 3971 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 3972 if (ctx->extra_certs == NULL && larg == 0) 3973 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3974 else 3975 *(STACK_OF(X509) **)parg = ctx->extra_certs; 3976 break; 3977 3978 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 3979 if (ctx->extra_certs) { 3980 sk_X509_pop_free(ctx->extra_certs, X509_free); 3981 ctx->extra_certs = NULL; 3982 } 3983 break; 3984 3985 case SSL_CTRL_CHAIN: 3986 if (larg) 3987 return ssl_cert_set1_chain(ctx->cert, (STACK_OF(X509) *)parg); 3988 else 3989 return ssl_cert_set0_chain(ctx->cert, (STACK_OF(X509) *)parg); 3990 3991 case SSL_CTRL_CHAIN_CERT: 3992 if (larg) 3993 return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg); 3994 else 3995 return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg); 3996 3997 case SSL_CTRL_GET_CHAIN_CERTS: 3998 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3999 break; 4000 4001 case SSL_CTRL_SELECT_CURRENT_CERT: 4002 return ssl_cert_select_current(ctx->cert, (X509 *)parg); 4003 4004 case SSL_CTRL_SET_CURRENT_CERT: 4005 return ssl_cert_set_current(ctx->cert, larg); 4006 4007 default: 4008 return (0); 4009 } 4010 return (1); 4011} 4012 4013long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 4014{ 4015 CERT *cert; 4016 4017 cert = ctx->cert; 4018 4019 switch (cmd) { 4020#ifndef OPENSSL_NO_RSA 4021 case SSL_CTRL_SET_TMP_RSA_CB: 4022 { 4023 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 4024 } 4025 break; 4026#endif 4027#ifndef OPENSSL_NO_DH 4028 case SSL_CTRL_SET_TMP_DH_CB: 4029 { 4030 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 4031 } 4032 break; 4033#endif 4034#ifndef OPENSSL_NO_ECDH 4035 case SSL_CTRL_SET_TMP_ECDH_CB: 4036 { 4037 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 4038 } 4039 break; 4040#endif 4041#ifndef OPENSSL_NO_TLSEXT 4042 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 4043 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp; 4044 break; 4045 4046# ifdef TLSEXT_TYPE_opaque_prf_input 4047 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB: 4048 ctx->tlsext_opaque_prf_input_callback = 4049 (int (*)(SSL *, void *, size_t, void *))fp; 4050 break; 4051# endif 4052 4053 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 4054 ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp; 4055 break; 4056 4057 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 4058 ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *, 4059 unsigned char *, 4060 EVP_CIPHER_CTX *, 4061 HMAC_CTX *, int))fp; 4062 break; 4063 4064# ifndef OPENSSL_NO_SRP 4065 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: 4066 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 4067 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp; 4068 break; 4069 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB: 4070 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 4071 ctx->srp_ctx.TLS_ext_srp_username_callback = 4072 (int (*)(SSL *, int *, void *))fp; 4073 break; 4074 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB: 4075 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 4076 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 4077 (char *(*)(SSL *, void *))fp; 4078 break; 4079# endif 4080#endif 4081 default: 4082 return (0); 4083 } 4084 return (1); 4085} 4086 4087/* 4088 * This function needs to check if the ciphers required are actually 4089 * available 4090 */ 4091const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 4092{ 4093 SSL_CIPHER c; 4094 const SSL_CIPHER *cp; 4095 unsigned long id; 4096 4097 id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1]; 4098 c.id = id; 4099 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 4100#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES 4101 if (cp == NULL) 4102 fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]); 4103#endif 4104 return cp; 4105} 4106 4107int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 4108{ 4109 long l; 4110 4111 if (p != NULL) { 4112 l = c->id; 4113 if ((l & 0xff000000) != 0x03000000) 4114 return (0); 4115 p[0] = ((unsigned char)(l >> 8L)) & 0xFF; 4116 p[1] = ((unsigned char)(l)) & 0xFF; 4117 } 4118 return (2); 4119} 4120 4121SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 4122 STACK_OF(SSL_CIPHER) *srvr) 4123{ 4124 SSL_CIPHER *c, *ret = NULL; 4125 STACK_OF(SSL_CIPHER) *prio, *allow; 4126 int i, ii, ok; 4127 CERT *cert; 4128 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a; 4129 4130 /* Let's see which ciphers we can support */ 4131 cert = s->cert; 4132 4133#if 0 4134 /* 4135 * Do not set the compare functions, because this may lead to a 4136 * reordering by "id". We want to keep the original ordering. We may pay 4137 * a price in performance during sk_SSL_CIPHER_find(), but would have to 4138 * pay with the price of sk_SSL_CIPHER_dup(). 4139 */ 4140 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp); 4141 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp); 4142#endif 4143 4144#ifdef CIPHER_DEBUG 4145 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), 4146 (void *)srvr); 4147 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { 4148 c = sk_SSL_CIPHER_value(srvr, i); 4149 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4150 } 4151 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), 4152 (void *)clnt); 4153 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { 4154 c = sk_SSL_CIPHER_value(clnt, i); 4155 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4156 } 4157#endif 4158 4159 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) { 4160 prio = srvr; 4161 allow = clnt; 4162 } else { 4163 prio = clnt; 4164 allow = srvr; 4165 } 4166 4167 tls1_set_cert_validity(s); 4168 4169 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) { 4170 c = sk_SSL_CIPHER_value(prio, i); 4171 4172 /* Skip TLS v1.2 only ciphersuites if not supported */ 4173 if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s)) 4174 continue; 4175 4176 ssl_set_cert_masks(cert, c); 4177 mask_k = cert->mask_k; 4178 mask_a = cert->mask_a; 4179 emask_k = cert->export_mask_k; 4180 emask_a = cert->export_mask_a; 4181#ifndef OPENSSL_NO_SRP 4182 if (s->srp_ctx.srp_Mask & SSL_kSRP) { 4183 mask_k |= SSL_kSRP; 4184 emask_k |= SSL_kSRP; 4185 mask_a |= SSL_aSRP; 4186 emask_a |= SSL_aSRP; 4187 } 4188#endif 4189 4190#ifdef KSSL_DEBUG 4191 /* 4192 * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n", 4193 * i,c->algorithms); 4194 */ 4195#endif /* KSSL_DEBUG */ 4196 4197 alg_k = c->algorithm_mkey; 4198 alg_a = c->algorithm_auth; 4199 4200#ifndef OPENSSL_NO_KRB5 4201 if (alg_k & SSL_kKRB5) { 4202 if (!kssl_keytab_is_available(s->kssl_ctx)) 4203 continue; 4204 } 4205#endif /* OPENSSL_NO_KRB5 */ 4206#ifndef OPENSSL_NO_PSK 4207 /* with PSK there must be server callback set */ 4208 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL) 4209 continue; 4210#endif /* OPENSSL_NO_PSK */ 4211 4212 if (SSL_C_IS_EXPORT(c)) { 4213 ok = (alg_k & emask_k) && (alg_a & emask_a); 4214#ifdef CIPHER_DEBUG 4215 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n", 4216 ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name); 4217#endif 4218 } else { 4219 ok = (alg_k & mask_k) && (alg_a & mask_a); 4220#ifdef CIPHER_DEBUG 4221 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, 4222 alg_a, mask_k, mask_a, (void *)c, c->name); 4223#endif 4224 } 4225 4226#ifndef OPENSSL_NO_TLSEXT 4227# ifndef OPENSSL_NO_EC 4228# ifndef OPENSSL_NO_ECDH 4229 /* 4230 * if we are considering an ECC cipher suite that uses an ephemeral 4231 * EC key check it 4232 */ 4233 if (alg_k & SSL_kEECDH) 4234 ok = ok && tls1_check_ec_tmp_key(s, c->id); 4235# endif /* OPENSSL_NO_ECDH */ 4236# endif /* OPENSSL_NO_EC */ 4237#endif /* OPENSSL_NO_TLSEXT */ 4238 4239 if (!ok) 4240 continue; 4241 ii = sk_SSL_CIPHER_find(allow, c); 4242 if (ii >= 0) { 4243#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) 4244 if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) 4245 && s->s3->is_probably_safari) { 4246 if (!ret) 4247 ret = sk_SSL_CIPHER_value(allow, ii); 4248 continue; 4249 } 4250#endif 4251 ret = sk_SSL_CIPHER_value(allow, ii); 4252 break; 4253 } 4254 } 4255 return (ret); 4256} 4257 4258int ssl3_get_req_cert_type(SSL *s, unsigned char *p) 4259{ 4260 int ret = 0; 4261 const unsigned char *sig; 4262 size_t i, siglen; 4263 int have_rsa_sign = 0, have_dsa_sign = 0; 4264#ifndef OPENSSL_NO_ECDSA 4265 int have_ecdsa_sign = 0; 4266#endif 4267#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH) 4268 int nostrict = 1; 4269#endif 4270#if !defined(OPENSSL_NO_GOST) || !defined(OPENSSL_NO_DH) || \ 4271 !defined(OPENSSL_NO_ECDH) 4272 unsigned long alg_k; 4273#endif 4274 4275 /* If we have custom certificate types set, use them */ 4276 if (s->cert->ctypes) { 4277 memcpy(p, s->cert->ctypes, s->cert->ctype_num); 4278 return (int)s->cert->ctype_num; 4279 } 4280 /* get configured sigalgs */ 4281 siglen = tls12_get_psigalgs(s, 1, &sig); 4282#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH) 4283 if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT) 4284 nostrict = 0; 4285#endif 4286 for (i = 0; i < siglen; i += 2, sig += 2) { 4287 switch (sig[1]) { 4288 case TLSEXT_signature_rsa: 4289 have_rsa_sign = 1; 4290 break; 4291 4292 case TLSEXT_signature_dsa: 4293 have_dsa_sign = 1; 4294 break; 4295#ifndef OPENSSL_NO_ECDSA 4296 case TLSEXT_signature_ecdsa: 4297 have_ecdsa_sign = 1; 4298 break; 4299#endif 4300 } 4301 } 4302 4303#if !defined(OPENSSL_NO_GOST) || !defined(OPENSSL_NO_DH) || \ 4304 !defined(OPENSSL_NO_ECDH) 4305 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 4306#endif 4307 4308#ifndef OPENSSL_NO_GOST 4309 if (s->version >= TLS1_VERSION) { 4310 if (alg_k & SSL_kGOST) { 4311 p[ret++] = TLS_CT_GOST94_SIGN; 4312 p[ret++] = TLS_CT_GOST01_SIGN; 4313 return (ret); 4314 } 4315 } 4316#endif 4317 4318#ifndef OPENSSL_NO_DH 4319 if (alg_k & (SSL_kDHr | SSL_kEDH)) { 4320# ifndef OPENSSL_NO_RSA 4321 /* 4322 * Since this refers to a certificate signed with an RSA algorithm, 4323 * only check for rsa signing in strict mode. 4324 */ 4325 if (nostrict || have_rsa_sign) 4326 p[ret++] = SSL3_CT_RSA_FIXED_DH; 4327# endif 4328# ifndef OPENSSL_NO_DSA 4329 if (nostrict || have_dsa_sign) 4330 p[ret++] = SSL3_CT_DSS_FIXED_DH; 4331# endif 4332 } 4333 if ((s->version == SSL3_VERSION) && 4334 (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) { 4335# ifndef OPENSSL_NO_RSA 4336 p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; 4337# endif 4338# ifndef OPENSSL_NO_DSA 4339 p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; 4340# endif 4341 } 4342#endif /* !OPENSSL_NO_DH */ 4343#ifndef OPENSSL_NO_RSA 4344 if (have_rsa_sign) 4345 p[ret++] = SSL3_CT_RSA_SIGN; 4346#endif 4347#ifndef OPENSSL_NO_DSA 4348 if (have_dsa_sign) 4349 p[ret++] = SSL3_CT_DSS_SIGN; 4350#endif 4351#ifndef OPENSSL_NO_ECDH 4352 if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) { 4353 if (nostrict || have_rsa_sign) 4354 p[ret++] = TLS_CT_RSA_FIXED_ECDH; 4355 if (nostrict || have_ecdsa_sign) 4356 p[ret++] = TLS_CT_ECDSA_FIXED_ECDH; 4357 } 4358#endif 4359 4360#ifndef OPENSSL_NO_ECDSA 4361 /* 4362 * ECDSA certs can be used with RSA cipher suites as well so we don't 4363 * need to check for SSL_kECDH or SSL_kEECDH 4364 */ 4365 if (s->version >= TLS1_VERSION) { 4366 if (have_ecdsa_sign) 4367 p[ret++] = TLS_CT_ECDSA_SIGN; 4368 } 4369#endif 4370 return (ret); 4371} 4372 4373static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len) 4374{ 4375 if (c->ctypes) { 4376 OPENSSL_free(c->ctypes); 4377 c->ctypes = NULL; 4378 } 4379 if (!p || !len) 4380 return 1; 4381 if (len > 0xff) 4382 return 0; 4383 c->ctypes = OPENSSL_malloc(len); 4384 if (!c->ctypes) 4385 return 0; 4386 memcpy(c->ctypes, p, len); 4387 c->ctype_num = len; 4388 return 1; 4389} 4390 4391int ssl3_shutdown(SSL *s) 4392{ 4393 int ret; 4394 4395 /* 4396 * Don't do anything much if we have not done the handshake or we don't 4397 * want to send messages :-) 4398 */ 4399 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) { 4400 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 4401 return (1); 4402 } 4403 4404 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { 4405 s->shutdown |= SSL_SENT_SHUTDOWN; 4406#if 1 4407 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); 4408#endif 4409 /* 4410 * our shutdown alert has been sent now, and if it still needs to be 4411 * written, s->s3->alert_dispatch will be true 4412 */ 4413 if (s->s3->alert_dispatch) 4414 return (-1); /* return WANT_WRITE */ 4415 } else if (s->s3->alert_dispatch) { 4416 /* resend it if not sent */ 4417#if 1 4418 ret = s->method->ssl_dispatch_alert(s); 4419 if (ret == -1) { 4420 /* 4421 * we only get to return -1 here the 2nd/Nth invocation, we must 4422 * have already signalled return 0 upon a previous invoation, 4423 * return WANT_WRITE 4424 */ 4425 return (ret); 4426 } 4427#endif 4428 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4429 /* 4430 * If we are waiting for a close from our peer, we are closed 4431 */ 4432 s->method->ssl_read_bytes(s, 0, NULL, 0, 0); 4433 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4434 return (-1); /* return WANT_READ */ 4435 } 4436 } 4437 4438 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) && 4439 !s->s3->alert_dispatch) 4440 return (1); 4441 else 4442 return (0); 4443} 4444 4445int ssl3_write(SSL *s, const void *buf, int len) 4446{ 4447 int ret, n; 4448 4449#if 0 4450 if (s->shutdown & SSL_SEND_SHUTDOWN) { 4451 s->rwstate = SSL_NOTHING; 4452 return (0); 4453 } 4454#endif 4455 clear_sys_error(); 4456 if (s->s3->renegotiate) 4457 ssl3_renegotiate_check(s); 4458 4459 /* 4460 * This is an experimental flag that sends the last handshake message in 4461 * the same packet as the first use data - used to see if it helps the 4462 * TCP protocol during session-id reuse 4463 */ 4464 /* The second test is because the buffer may have been removed */ 4465 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) { 4466 /* First time through, we write into the buffer */ 4467 if (s->s3->delay_buf_pop_ret == 0) { 4468 ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len); 4469 if (ret <= 0) 4470 return (ret); 4471 4472 s->s3->delay_buf_pop_ret = ret; 4473 } 4474 4475 s->rwstate = SSL_WRITING; 4476 n = BIO_flush(s->wbio); 4477 if (n <= 0) 4478 return (n); 4479 s->rwstate = SSL_NOTHING; 4480 4481 /* We have flushed the buffer, so remove it */ 4482 ssl_free_wbio_buffer(s); 4483 s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER; 4484 4485 ret = s->s3->delay_buf_pop_ret; 4486 s->s3->delay_buf_pop_ret = 0; 4487 } else { 4488 ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, 4489 buf, len); 4490 if (ret <= 0) 4491 return (ret); 4492 } 4493 4494 return (ret); 4495} 4496 4497static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 4498{ 4499 int ret; 4500 4501 clear_sys_error(); 4502 if (s->s3->renegotiate) 4503 ssl3_renegotiate_check(s); 4504 s->s3->in_read_app_data = 1; 4505 ret = 4506 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4507 peek); 4508 if ((ret == -1) && (s->s3->in_read_app_data == 2)) { 4509 /* 4510 * ssl3_read_bytes decided to call s->handshake_func, which called 4511 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes 4512 * actually found application data and thinks that application data 4513 * makes sense here; so disable handshake processing and try to read 4514 * application data again. 4515 */ 4516 s->in_handshake++; 4517 ret = 4518 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4519 peek); 4520 s->in_handshake--; 4521 } else 4522 s->s3->in_read_app_data = 0; 4523 4524 return (ret); 4525} 4526 4527int ssl3_read(SSL *s, void *buf, int len) 4528{ 4529 return ssl3_read_internal(s, buf, len, 0); 4530} 4531 4532int ssl3_peek(SSL *s, void *buf, int len) 4533{ 4534 return ssl3_read_internal(s, buf, len, 1); 4535} 4536 4537int ssl3_renegotiate(SSL *s) 4538{ 4539 if (s->handshake_func == NULL) 4540 return (1); 4541 4542 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 4543 return (0); 4544 4545 s->s3->renegotiate = 1; 4546 return (1); 4547} 4548 4549int ssl3_renegotiate_check(SSL *s) 4550{ 4551 int ret = 0; 4552 4553 if (s->s3->renegotiate) { 4554 if ((s->s3->rbuf.left == 0) && 4555 (s->s3->wbuf.left == 0) && !SSL_in_init(s)) { 4556 /* 4557 * if we are the server, and we have sent a 'RENEGOTIATE' 4558 * message, we need to go to SSL_ST_ACCEPT. 4559 */ 4560 /* SSL_ST_ACCEPT */ 4561 s->state = SSL_ST_RENEGOTIATE; 4562 s->s3->renegotiate = 0; 4563 s->s3->num_renegotiations++; 4564 s->s3->total_renegotiations++; 4565 ret = 1; 4566 } 4567 } 4568 return (ret); 4569} 4570 4571/* 4572 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and 4573 * handshake macs if required. 4574 */ 4575long ssl_get_algorithm2(SSL *s) 4576{ 4577 long alg2; 4578 if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL) 4579 return -1; 4580 alg2 = s->s3->tmp.new_cipher->algorithm2; 4581 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF 4582 && alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF)) 4583 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 4584 return alg2; 4585} 4586