2
0

ssl_ciph.c 48 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746
  1. /* ssl/ssl_ciph.c */
  2. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  3. * All rights reserved.
  4. *
  5. * This package is an SSL implementation written
  6. * by Eric Young (eay@cryptsoft.com).
  7. * The implementation was written so as to conform with Netscapes SSL.
  8. *
  9. * This library is free for commercial and non-commercial use as long as
  10. * the following conditions are aheared to. The following conditions
  11. * apply to all code found in this distribution, be it the RC4, RSA,
  12. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  13. * included with this distribution is covered by the same copyright terms
  14. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15. *
  16. * Copyright remains Eric Young's, and as such any Copyright notices in
  17. * the code are not to be removed.
  18. * If this package is used in a product, Eric Young should be given attribution
  19. * as the author of the parts of the library used.
  20. * This can be in the form of a textual message at program startup or
  21. * in documentation (online or textual) provided with the package.
  22. *
  23. * Redistribution and use in source and binary forms, with or without
  24. * modification, are permitted provided that the following conditions
  25. * are met:
  26. * 1. Redistributions of source code must retain the copyright
  27. * notice, this list of conditions and the following disclaimer.
  28. * 2. Redistributions in binary form must reproduce the above copyright
  29. * notice, this list of conditions and the following disclaimer in the
  30. * documentation and/or other materials provided with the distribution.
  31. * 3. All advertising materials mentioning features or use of this software
  32. * must display the following acknowledgement:
  33. * "This product includes cryptographic software written by
  34. * Eric Young (eay@cryptsoft.com)"
  35. * The word 'cryptographic' can be left out if the rouines from the library
  36. * being used are not cryptographic related :-).
  37. * 4. If you include any Windows specific code (or a derivative thereof) from
  38. * the apps directory (application code) you must include an acknowledgement:
  39. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40. *
  41. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51. * SUCH DAMAGE.
  52. *
  53. * The licence and distribution terms for any publically available version or
  54. * derivative of this code cannot be changed. i.e. this code cannot simply be
  55. * copied and put under another distribution licence
  56. * [including the GNU Public Licence.]
  57. */
  58. /* ====================================================================
  59. * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
  60. *
  61. * Redistribution and use in source and binary forms, with or without
  62. * modification, are permitted provided that the following conditions
  63. * are met:
  64. *
  65. * 1. Redistributions of source code must retain the above copyright
  66. * notice, this list of conditions and the following disclaimer.
  67. *
  68. * 2. Redistributions in binary form must reproduce the above copyright
  69. * notice, this list of conditions and the following disclaimer in
  70. * the documentation and/or other materials provided with the
  71. * distribution.
  72. *
  73. * 3. All advertising materials mentioning features or use of this
  74. * software must display the following acknowledgment:
  75. * "This product includes software developed by the OpenSSL Project
  76. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  77. *
  78. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  79. * endorse or promote products derived from this software without
  80. * prior written permission. For written permission, please contact
  81. * openssl-core@openssl.org.
  82. *
  83. * 5. Products derived from this software may not be called "OpenSSL"
  84. * nor may "OpenSSL" appear in their names without prior written
  85. * permission of the OpenSSL Project.
  86. *
  87. * 6. Redistributions of any form whatsoever must retain the following
  88. * acknowledgment:
  89. * "This product includes software developed by the OpenSSL Project
  90. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  91. *
  92. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  93. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  94. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  95. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  96. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  97. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  98. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  99. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  100. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  101. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  102. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  103. * OF THE POSSIBILITY OF SUCH DAMAGE.
  104. * ====================================================================
  105. *
  106. * This product includes cryptographic software written by Eric Young
  107. * (eay@cryptsoft.com). This product includes software written by Tim
  108. * Hudson (tjh@cryptsoft.com).
  109. *
  110. */
  111. /* ====================================================================
  112. * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  113. * ECC cipher suite support in OpenSSL originally developed by
  114. * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
  115. */
  116. /* ====================================================================
  117. * Copyright 2005 Nokia. All rights reserved.
  118. *
  119. * The portions of the attached software ("Contribution") is developed by
  120. * Nokia Corporation and is licensed pursuant to the OpenSSL open source
  121. * license.
  122. *
  123. * The Contribution, originally written by Mika Kousa and Pasi Eronen of
  124. * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
  125. * support (see RFC 4279) to OpenSSL.
  126. *
  127. * No patent licenses or other rights except those expressly stated in
  128. * the OpenSSL open source license shall be deemed granted or received
  129. * expressly, by implication, estoppel, or otherwise.
  130. *
  131. * No assurances are provided by Nokia that the Contribution does not
  132. * infringe the patent or other intellectual property rights of any third
  133. * party or that the license provides you with all the necessary rights
  134. * to make use of the Contribution.
  135. *
  136. * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
  137. * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
  138. * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
  139. * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
  140. * OTHERWISE.
  141. */
  142. #include <stdio.h>
  143. #include <openssl/objects.h>
  144. #ifndef OPENSSL_NO_COMP
  145. #include <openssl/comp.h>
  146. #endif
  147. #ifndef OPENSSL_NO_ENGINE
  148. #include <openssl/engine.h>
  149. #endif
  150. #include "ssl_locl.h"
  151. #define SSL_ENC_DES_IDX 0
  152. #define SSL_ENC_3DES_IDX 1
  153. #define SSL_ENC_RC4_IDX 2
  154. #define SSL_ENC_RC2_IDX 3
  155. #define SSL_ENC_IDEA_IDX 4
  156. #define SSL_ENC_NULL_IDX 5
  157. #define SSL_ENC_AES128_IDX 6
  158. #define SSL_ENC_AES256_IDX 7
  159. #define SSL_ENC_CAMELLIA128_IDX 8
  160. #define SSL_ENC_CAMELLIA256_IDX 9
  161. #define SSL_ENC_GOST89_IDX 10
  162. #define SSL_ENC_SEED_IDX 11
  163. #define SSL_ENC_NUM_IDX 12
  164. static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
  165. NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,
  166. };
  167. #define SSL_COMP_NULL_IDX 0
  168. #define SSL_COMP_ZLIB_IDX 1
  169. #define SSL_COMP_NUM_IDX 2
  170. static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
  171. #define SSL_MD_MD5_IDX 0
  172. #define SSL_MD_SHA1_IDX 1
  173. #define SSL_MD_GOST94_IDX 2
  174. #define SSL_MD_GOST89MAC_IDX 3
  175. /*Constant SSL_MAX_DIGEST equal to size of digests array should be
  176. * defined in the
  177. * ssl_locl.h */
  178. #define SSL_MD_NUM_IDX SSL_MAX_DIGEST
  179. static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
  180. NULL,NULL,NULL,NULL
  181. };
  182. /* PKEY_TYPE for GOST89MAC is known in advance, but, because
  183. * implementation is engine-provided, we'll fill it only if
  184. * corresponding EVP_PKEY_METHOD is found
  185. */
  186. static int ssl_mac_pkey_id[SSL_MD_NUM_IDX]={
  187. EVP_PKEY_HMAC,EVP_PKEY_HMAC,EVP_PKEY_HMAC,NID_undef
  188. };
  189. static int ssl_mac_secret_size[SSL_MD_NUM_IDX]={
  190. 0,0,0,0
  191. };
  192. static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX]={
  193. SSL_HANDSHAKE_MAC_MD5,SSL_HANDSHAKE_MAC_SHA,
  194. SSL_HANDSHAKE_MAC_GOST94,0
  195. };
  196. #define CIPHER_ADD 1
  197. #define CIPHER_KILL 2
  198. #define CIPHER_DEL 3
  199. #define CIPHER_ORD 4
  200. #define CIPHER_SPECIAL 5
  201. typedef struct cipher_order_st
  202. {
  203. const SSL_CIPHER *cipher;
  204. int active;
  205. int dead;
  206. struct cipher_order_st *next,*prev;
  207. } CIPHER_ORDER;
  208. static const SSL_CIPHER cipher_aliases[]={
  209. /* "ALL" doesn't include eNULL (must be specifically enabled) */
  210. {0,SSL_TXT_ALL,0, 0,0,~SSL_eNULL,0,0,0,0,0,0},
  211. /* "COMPLEMENTOFALL" */
  212. {0,SSL_TXT_CMPALL,0, 0,0,SSL_eNULL,0,0,0,0,0,0},
  213. /* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in ALL!) */
  214. {0,SSL_TXT_CMPDEF,0, SSL_kEDH|SSL_kEECDH,SSL_aNULL,~SSL_eNULL,0,0,0,0,0,0},
  215. /* key exchange aliases
  216. * (some of those using only a single bit here combine
  217. * multiple key exchange algs according to the RFCs,
  218. * e.g. kEDH combines DHE_DSS and DHE_RSA) */
  219. {0,SSL_TXT_kRSA,0, SSL_kRSA, 0,0,0,0,0,0,0,0},
  220. {0,SSL_TXT_kDHr,0, SSL_kDHr, 0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
  221. {0,SSL_TXT_kDHd,0, SSL_kDHd, 0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
  222. {0,SSL_TXT_kDH,0, SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
  223. {0,SSL_TXT_kEDH,0, SSL_kEDH, 0,0,0,0,0,0,0,0},
  224. {0,SSL_TXT_DH,0, SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
  225. {0,SSL_TXT_kKRB5,0, SSL_kKRB5, 0,0,0,0,0,0,0,0},
  226. {0,SSL_TXT_kECDHr,0, SSL_kECDHr,0,0,0,0,0,0,0,0},
  227. {0,SSL_TXT_kECDHe,0, SSL_kECDHe,0,0,0,0,0,0,0,0},
  228. {0,SSL_TXT_kECDH,0, SSL_kECDHr|SSL_kECDHe,0,0,0,0,0,0,0,0},
  229. {0,SSL_TXT_kEECDH,0, SSL_kEECDH,0,0,0,0,0,0,0,0},
  230. {0,SSL_TXT_ECDH,0, SSL_kECDHr|SSL_kECDHe|SSL_kEECDH,0,0,0,0,0,0,0,0},
  231. {0,SSL_TXT_kPSK,0, SSL_kPSK, 0,0,0,0,0,0,0,0},
  232. {0,SSL_TXT_kGOST,0, SSL_kGOST,0,0,0,0,0,0,0,0},
  233. /* server authentication aliases */
  234. {0,SSL_TXT_aRSA,0, 0,SSL_aRSA, 0,0,0,0,0,0,0},
  235. {0,SSL_TXT_aDSS,0, 0,SSL_aDSS, 0,0,0,0,0,0,0},
  236. {0,SSL_TXT_DSS,0, 0,SSL_aDSS, 0,0,0,0,0,0,0},
  237. {0,SSL_TXT_aKRB5,0, 0,SSL_aKRB5, 0,0,0,0,0,0,0},
  238. {0,SSL_TXT_aNULL,0, 0,SSL_aNULL, 0,0,0,0,0,0,0},
  239. {0,SSL_TXT_aDH,0, 0,SSL_aDH, 0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
  240. {0,SSL_TXT_aECDH,0, 0,SSL_aECDH, 0,0,0,0,0,0,0},
  241. {0,SSL_TXT_aECDSA,0, 0,SSL_aECDSA,0,0,0,0,0,0,0},
  242. {0,SSL_TXT_ECDSA,0, 0,SSL_aECDSA, 0,0,0,0,0,0,0},
  243. {0,SSL_TXT_aPSK,0, 0,SSL_aPSK, 0,0,0,0,0,0,0},
  244. {0,SSL_TXT_aGOST94,0,0,SSL_aGOST94,0,0,0,0,0,0,0},
  245. {0,SSL_TXT_aGOST01,0,0,SSL_aGOST01,0,0,0,0,0,0,0},
  246. {0,SSL_TXT_aGOST,0,0,SSL_aGOST94|SSL_aGOST01,0,0,0,0,0,0,0},
  247. /* aliases combining key exchange and server authentication */
  248. {0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0},
  249. {0,SSL_TXT_EECDH,0, SSL_kEECDH,~SSL_aNULL,0,0,0,0,0,0,0},
  250. {0,SSL_TXT_NULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0},
  251. {0,SSL_TXT_KRB5,0, SSL_kKRB5,SSL_aKRB5,0,0,0,0,0,0,0},
  252. {0,SSL_TXT_RSA,0, SSL_kRSA,SSL_aRSA,0,0,0,0,0,0,0},
  253. {0,SSL_TXT_ADH,0, SSL_kEDH,SSL_aNULL,0,0,0,0,0,0,0},
  254. {0,SSL_TXT_AECDH,0, SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0},
  255. {0,SSL_TXT_PSK,0, SSL_kPSK,SSL_aPSK,0,0,0,0,0,0,0},
  256. /* symmetric encryption aliases */
  257. {0,SSL_TXT_DES,0, 0,0,SSL_DES, 0,0,0,0,0,0},
  258. {0,SSL_TXT_3DES,0, 0,0,SSL_3DES, 0,0,0,0,0,0},
  259. {0,SSL_TXT_RC4,0, 0,0,SSL_RC4, 0,0,0,0,0,0},
  260. {0,SSL_TXT_RC2,0, 0,0,SSL_RC2, 0,0,0,0,0,0},
  261. {0,SSL_TXT_IDEA,0, 0,0,SSL_IDEA, 0,0,0,0,0,0},
  262. {0,SSL_TXT_SEED,0, 0,0,SSL_SEED, 0,0,0,0,0,0},
  263. {0,SSL_TXT_eNULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0},
  264. {0,SSL_TXT_AES128,0, 0,0,SSL_AES128,0,0,0,0,0,0},
  265. {0,SSL_TXT_AES256,0, 0,0,SSL_AES256,0,0,0,0,0,0},
  266. {0,SSL_TXT_AES,0, 0,0,SSL_AES128|SSL_AES256,0,0,0,0,0,0},
  267. {0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0},
  268. {0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0},
  269. {0,SSL_TXT_CAMELLIA ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0},
  270. /* MAC aliases */
  271. {0,SSL_TXT_MD5,0, 0,0,0,SSL_MD5, 0,0,0,0,0},
  272. {0,SSL_TXT_SHA1,0, 0,0,0,SSL_SHA1, 0,0,0,0,0},
  273. {0,SSL_TXT_SHA,0, 0,0,0,SSL_SHA1, 0,0,0,0,0},
  274. {0,SSL_TXT_GOST94,0, 0,0,0,SSL_GOST94, 0,0,0,0,0},
  275. {0,SSL_TXT_GOST89MAC,0, 0,0,0,SSL_GOST89MAC, 0,0,0,0,0},
  276. /* protocol version aliases */
  277. {0,SSL_TXT_SSLV2,0, 0,0,0,0,SSL_SSLV2, 0,0,0,0},
  278. {0,SSL_TXT_SSLV3,0, 0,0,0,0,SSL_SSLV3, 0,0,0,0},
  279. {0,SSL_TXT_TLSV1,0, 0,0,0,0,SSL_TLSV1, 0,0,0,0},
  280. /* export flag */
  281. {0,SSL_TXT_EXP,0, 0,0,0,0,0,SSL_EXPORT,0,0,0},
  282. {0,SSL_TXT_EXPORT,0, 0,0,0,0,0,SSL_EXPORT,0,0,0},
  283. /* strength classes */
  284. {0,SSL_TXT_EXP40,0, 0,0,0,0,0,SSL_EXP40, 0,0,0},
  285. {0,SSL_TXT_EXP56,0, 0,0,0,0,0,SSL_EXP56, 0,0,0},
  286. {0,SSL_TXT_LOW,0, 0,0,0,0,0,SSL_LOW, 0,0,0},
  287. {0,SSL_TXT_MEDIUM,0, 0,0,0,0,0,SSL_MEDIUM,0,0,0},
  288. {0,SSL_TXT_HIGH,0, 0,0,0,0,0,SSL_HIGH, 0,0,0},
  289. /* FIPS 140-2 approved ciphersuite */
  290. {0,SSL_TXT_FIPS,0, 0,0,~SSL_eNULL,0,0,SSL_FIPS, 0,0,0},
  291. };
  292. /* Search for public key algorithm with given name and
  293. * return its pkey_id if it is available. Otherwise return 0
  294. */
  295. #ifdef OPENSSL_NO_ENGINE
  296. static int get_optional_pkey_id(const char *pkey_name)
  297. {
  298. const EVP_PKEY_ASN1_METHOD *ameth;
  299. int pkey_id=0;
  300. ameth = EVP_PKEY_asn1_find_str(NULL,pkey_name,-1);
  301. if (ameth)
  302. {
  303. EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth);
  304. }
  305. return pkey_id;
  306. }
  307. #else
  308. static int get_optional_pkey_id(const char *pkey_name)
  309. {
  310. const EVP_PKEY_ASN1_METHOD *ameth;
  311. ENGINE *tmpeng = NULL;
  312. int pkey_id=0;
  313. ameth = EVP_PKEY_asn1_find_str(&tmpeng,pkey_name,-1);
  314. if (ameth)
  315. {
  316. EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth);
  317. }
  318. if (tmpeng) ENGINE_finish(tmpeng);
  319. return pkey_id;
  320. }
  321. #endif
  322. void ssl_load_ciphers(void)
  323. {
  324. ssl_cipher_methods[SSL_ENC_DES_IDX]=
  325. EVP_get_cipherbyname(SN_des_cbc);
  326. ssl_cipher_methods[SSL_ENC_3DES_IDX]=
  327. EVP_get_cipherbyname(SN_des_ede3_cbc);
  328. ssl_cipher_methods[SSL_ENC_RC4_IDX]=
  329. EVP_get_cipherbyname(SN_rc4);
  330. ssl_cipher_methods[SSL_ENC_RC2_IDX]=
  331. EVP_get_cipherbyname(SN_rc2_cbc);
  332. #ifndef OPENSSL_NO_IDEA
  333. ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
  334. EVP_get_cipherbyname(SN_idea_cbc);
  335. #else
  336. ssl_cipher_methods[SSL_ENC_IDEA_IDX]= NULL;
  337. #endif
  338. ssl_cipher_methods[SSL_ENC_AES128_IDX]=
  339. EVP_get_cipherbyname(SN_aes_128_cbc);
  340. ssl_cipher_methods[SSL_ENC_AES256_IDX]=
  341. EVP_get_cipherbyname(SN_aes_256_cbc);
  342. ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX]=
  343. EVP_get_cipherbyname(SN_camellia_128_cbc);
  344. ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX]=
  345. EVP_get_cipherbyname(SN_camellia_256_cbc);
  346. ssl_cipher_methods[SSL_ENC_GOST89_IDX]=
  347. EVP_get_cipherbyname(SN_gost89_cnt);
  348. ssl_cipher_methods[SSL_ENC_SEED_IDX]=
  349. EVP_get_cipherbyname(SN_seed_cbc);
  350. ssl_digest_methods[SSL_MD_MD5_IDX]=
  351. EVP_get_digestbyname(SN_md5);
  352. ssl_mac_secret_size[SSL_MD_MD5_IDX]=
  353. EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
  354. OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
  355. ssl_digest_methods[SSL_MD_SHA1_IDX]=
  356. EVP_get_digestbyname(SN_sha1);
  357. ssl_mac_secret_size[SSL_MD_SHA1_IDX]=
  358. EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
  359. OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
  360. ssl_digest_methods[SSL_MD_GOST94_IDX]=
  361. EVP_get_digestbyname(SN_id_GostR3411_94);
  362. if (ssl_digest_methods[SSL_MD_GOST94_IDX])
  363. {
  364. ssl_mac_secret_size[SSL_MD_GOST94_IDX]=
  365. EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
  366. OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
  367. }
  368. ssl_digest_methods[SSL_MD_GOST89MAC_IDX]=
  369. EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
  370. ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac");
  371. if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
  372. ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX]=32;
  373. }
  374. }
  375. #ifndef OPENSSL_NO_COMP
  376. static int sk_comp_cmp(const SSL_COMP * const *a,
  377. const SSL_COMP * const *b)
  378. {
  379. return((*a)->id-(*b)->id);
  380. }
  381. static void load_builtin_compressions(void)
  382. {
  383. int got_write_lock = 0;
  384. CRYPTO_r_lock(CRYPTO_LOCK_SSL);
  385. if (ssl_comp_methods == NULL)
  386. {
  387. CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
  388. CRYPTO_w_lock(CRYPTO_LOCK_SSL);
  389. got_write_lock = 1;
  390. if (ssl_comp_methods == NULL)
  391. {
  392. SSL_COMP *comp = NULL;
  393. MemCheck_off();
  394. ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
  395. if (ssl_comp_methods != NULL)
  396. {
  397. comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
  398. if (comp != NULL)
  399. {
  400. comp->method=COMP_zlib();
  401. if (comp->method
  402. && comp->method->type == NID_undef)
  403. OPENSSL_free(comp);
  404. else
  405. {
  406. comp->id=SSL_COMP_ZLIB_IDX;
  407. comp->name=comp->method->name;
  408. sk_SSL_COMP_push(ssl_comp_methods,comp);
  409. }
  410. }
  411. }
  412. MemCheck_on();
  413. }
  414. }
  415. if (got_write_lock)
  416. CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
  417. else
  418. CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
  419. }
  420. #endif
  421. int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
  422. const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COMP **comp)
  423. {
  424. int i;
  425. const SSL_CIPHER *c;
  426. c=s->cipher;
  427. if (c == NULL) return(0);
  428. if (comp != NULL)
  429. {
  430. SSL_COMP ctmp;
  431. #ifndef OPENSSL_NO_COMP
  432. load_builtin_compressions();
  433. #endif
  434. *comp=NULL;
  435. ctmp.id=s->compress_meth;
  436. if (ssl_comp_methods != NULL)
  437. {
  438. i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
  439. if (i >= 0)
  440. *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
  441. else
  442. *comp=NULL;
  443. }
  444. }
  445. if ((enc == NULL) || (md == NULL)) return(0);
  446. switch (c->algorithm_enc)
  447. {
  448. case SSL_DES:
  449. i=SSL_ENC_DES_IDX;
  450. break;
  451. case SSL_3DES:
  452. i=SSL_ENC_3DES_IDX;
  453. break;
  454. case SSL_RC4:
  455. i=SSL_ENC_RC4_IDX;
  456. break;
  457. case SSL_RC2:
  458. i=SSL_ENC_RC2_IDX;
  459. break;
  460. case SSL_IDEA:
  461. i=SSL_ENC_IDEA_IDX;
  462. break;
  463. case SSL_eNULL:
  464. i=SSL_ENC_NULL_IDX;
  465. break;
  466. case SSL_AES128:
  467. i=SSL_ENC_AES128_IDX;
  468. break;
  469. case SSL_AES256:
  470. i=SSL_ENC_AES256_IDX;
  471. break;
  472. case SSL_CAMELLIA128:
  473. i=SSL_ENC_CAMELLIA128_IDX;
  474. break;
  475. case SSL_CAMELLIA256:
  476. i=SSL_ENC_CAMELLIA256_IDX;
  477. break;
  478. case SSL_eGOST2814789CNT:
  479. i=SSL_ENC_GOST89_IDX;
  480. break;
  481. case SSL_SEED:
  482. i=SSL_ENC_SEED_IDX;
  483. break;
  484. default:
  485. i= -1;
  486. break;
  487. }
  488. if ((i < 0) || (i > SSL_ENC_NUM_IDX))
  489. *enc=NULL;
  490. else
  491. {
  492. if (i == SSL_ENC_NULL_IDX)
  493. *enc=EVP_enc_null();
  494. else
  495. *enc=ssl_cipher_methods[i];
  496. }
  497. switch (c->algorithm_mac)
  498. {
  499. case SSL_MD5:
  500. i=SSL_MD_MD5_IDX;
  501. break;
  502. case SSL_SHA1:
  503. i=SSL_MD_SHA1_IDX;
  504. break;
  505. case SSL_GOST94:
  506. i = SSL_MD_GOST94_IDX;
  507. break;
  508. case SSL_GOST89MAC:
  509. i = SSL_MD_GOST89MAC_IDX;
  510. break;
  511. default:
  512. i= -1;
  513. break;
  514. }
  515. if ((i < 0) || (i > SSL_MD_NUM_IDX))
  516. {
  517. *md=NULL;
  518. if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;
  519. if (mac_secret_size!=NULL) *mac_secret_size = 0;
  520. }
  521. else
  522. {
  523. *md=ssl_digest_methods[i];
  524. if (mac_pkey_type!=NULL) *mac_pkey_type = ssl_mac_pkey_id[i];
  525. if (mac_secret_size!=NULL) *mac_secret_size = ssl_mac_secret_size[i];
  526. }
  527. if ((*enc != NULL) && (*md != NULL) && (!mac_pkey_type||*mac_pkey_type != NID_undef))
  528. return(1);
  529. else
  530. return(0);
  531. }
  532. int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
  533. {
  534. if (idx <0||idx>=SSL_MD_NUM_IDX)
  535. {
  536. return 0;
  537. }
  538. if (ssl_handshake_digest_flag[idx]==0) return 0;
  539. *mask = ssl_handshake_digest_flag[idx];
  540. *md = ssl_digest_methods[idx];
  541. return 1;
  542. }
  543. #define ITEM_SEP(a) \
  544. (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
  545. static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
  546. CIPHER_ORDER **tail)
  547. {
  548. if (curr == *tail) return;
  549. if (curr == *head)
  550. *head=curr->next;
  551. if (curr->prev != NULL)
  552. curr->prev->next=curr->next;
  553. if (curr->next != NULL)
  554. curr->next->prev=curr->prev;
  555. (*tail)->next=curr;
  556. curr->prev= *tail;
  557. curr->next=NULL;
  558. *tail=curr;
  559. }
  560. static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
  561. CIPHER_ORDER **tail)
  562. {
  563. if (curr == *head) return;
  564. if (curr == *tail)
  565. *tail=curr->prev;
  566. if (curr->next != NULL)
  567. curr->next->prev=curr->prev;
  568. if (curr->prev != NULL)
  569. curr->prev->next=curr->next;
  570. (*head)->prev=curr;
  571. curr->next= *head;
  572. curr->prev=NULL;
  573. *head=curr;
  574. }
  575. static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, unsigned long *enc, unsigned long *mac, unsigned long *ssl)
  576. {
  577. *mkey = 0;
  578. *auth = 0;
  579. *enc = 0;
  580. *mac = 0;
  581. *ssl = 0;
  582. #ifdef OPENSSL_NO_RSA
  583. *mkey |= SSL_kRSA;
  584. *auth |= SSL_aRSA;
  585. #endif
  586. #ifdef OPENSSL_NO_DSA
  587. *auth |= SSL_aDSS;
  588. #endif
  589. *mkey |= SSL_kDHr|SSL_kDHd; /* no such ciphersuites supported! */
  590. *auth |= SSL_aDH;
  591. #ifdef OPENSSL_NO_DH
  592. *mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
  593. *auth |= SSL_aDH;
  594. #endif
  595. #ifdef OPENSSL_NO_KRB5
  596. *mkey |= SSL_kKRB5;
  597. *auth |= SSL_aKRB5;
  598. #endif
  599. #ifdef OPENSSL_NO_ECDSA
  600. *auth |= SSL_aECDSA;
  601. #endif
  602. #ifdef OPENSSL_NO_ECDH
  603. *mkey |= SSL_kECDHe|SSL_kECDHr;
  604. *auth |= SSL_aECDH;
  605. #endif
  606. #ifdef OPENSSL_NO_PSK
  607. *mkey |= SSL_kPSK;
  608. *auth |= SSL_aPSK;
  609. #endif
  610. /* Check for presence of GOST 34.10 algorithms, and if they
  611. * do not present, disable appropriate auth and key exchange */
  612. if (!get_optional_pkey_id("gost94")) {
  613. *auth |= SSL_aGOST94;
  614. }
  615. if (!get_optional_pkey_id("gost2001")) {
  616. *auth |= SSL_aGOST01;
  617. }
  618. /* Disable GOST key exchange if no GOST signature algs are available * */
  619. if ((*auth & (SSL_aGOST94|SSL_aGOST01)) == (SSL_aGOST94|SSL_aGOST01)) {
  620. *mkey |= SSL_kGOST;
  621. }
  622. #ifdef SSL_FORBID_ENULL
  623. *enc |= SSL_eNULL;
  624. #endif
  625. *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
  626. *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
  627. *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
  628. *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
  629. *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
  630. *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128:0;
  631. *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256:0;
  632. *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128:0;
  633. *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256:0;
  634. *enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT:0;
  635. *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED:0;
  636. *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
  637. *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
  638. *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94:0;
  639. *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]==NID_undef)? SSL_GOST89MAC:0;
  640. }
  641. static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
  642. int num_of_ciphers,
  643. unsigned long disabled_mkey, unsigned long disabled_auth,
  644. unsigned long disabled_enc, unsigned long disabled_mac,
  645. unsigned long disabled_ssl,
  646. CIPHER_ORDER *co_list,
  647. CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
  648. {
  649. int i, co_list_num;
  650. const SSL_CIPHER *c;
  651. /*
  652. * We have num_of_ciphers descriptions compiled in, depending on the
  653. * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
  654. * These will later be sorted in a linked list with at most num
  655. * entries.
  656. */
  657. /* Get the initial list of ciphers */
  658. co_list_num = 0; /* actual count of ciphers */
  659. for (i = 0; i < num_of_ciphers; i++)
  660. {
  661. c = ssl_method->get_cipher(i);
  662. /* drop those that use any of that is not available */
  663. if ((c != NULL) && c->valid &&
  664. !(c->algorithm_mkey & disabled_mkey) &&
  665. !(c->algorithm_auth & disabled_auth) &&
  666. !(c->algorithm_enc & disabled_enc) &&
  667. !(c->algorithm_mac & disabled_mac) &&
  668. !(c->algorithm_ssl & disabled_ssl))
  669. {
  670. co_list[co_list_num].cipher = c;
  671. co_list[co_list_num].next = NULL;
  672. co_list[co_list_num].prev = NULL;
  673. co_list[co_list_num].active = 0;
  674. co_list_num++;
  675. #ifdef KSSL_DEBUG
  676. printf("\t%d: %s %lx %lx %lx\n",i,c->name,c->id,c->algorithm_mkey,c->algorithm_auth);
  677. #endif /* KSSL_DEBUG */
  678. /*
  679. if (!sk_push(ca_list,(char *)c)) goto err;
  680. */
  681. }
  682. }
  683. /*
  684. * Prepare linked list from list entries
  685. */
  686. if (co_list_num > 0)
  687. {
  688. co_list[0].prev = NULL;
  689. if (co_list_num > 1)
  690. {
  691. co_list[0].next = &co_list[1];
  692. for (i = 1; i < co_list_num - 1; i++)
  693. {
  694. co_list[i].prev = &co_list[i - 1];
  695. co_list[i].next = &co_list[i + 1];
  696. }
  697. co_list[co_list_num - 1].prev = &co_list[co_list_num - 2];
  698. }
  699. co_list[co_list_num - 1].next = NULL;
  700. *head_p = &co_list[0];
  701. *tail_p = &co_list[co_list_num - 1];
  702. }
  703. }
  704. static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
  705. int num_of_group_aliases,
  706. unsigned long disabled_mkey, unsigned long disabled_auth,
  707. unsigned long disabled_enc, unsigned long disabled_mac,
  708. unsigned long disabled_ssl,
  709. CIPHER_ORDER *head)
  710. {
  711. CIPHER_ORDER *ciph_curr;
  712. const SSL_CIPHER **ca_curr;
  713. int i;
  714. unsigned long mask_mkey = ~disabled_mkey;
  715. unsigned long mask_auth = ~disabled_auth;
  716. unsigned long mask_enc = ~disabled_enc;
  717. unsigned long mask_mac = ~disabled_mac;
  718. unsigned long mask_ssl = ~disabled_ssl;
  719. /*
  720. * First, add the real ciphers as already collected
  721. */
  722. ciph_curr = head;
  723. ca_curr = ca_list;
  724. while (ciph_curr != NULL)
  725. {
  726. *ca_curr = ciph_curr->cipher;
  727. ca_curr++;
  728. ciph_curr = ciph_curr->next;
  729. }
  730. /*
  731. * Now we add the available ones from the cipher_aliases[] table.
  732. * They represent either one or more algorithms, some of which
  733. * in any affected category must be supported (set in enabled_mask),
  734. * or represent a cipher strength value (will be added in any case because algorithms=0).
  735. */
  736. for (i = 0; i < num_of_group_aliases; i++)
  737. {
  738. unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
  739. unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
  740. unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
  741. unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
  742. unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
  743. if (algorithm_mkey)
  744. if ((algorithm_mkey & mask_mkey) == 0)
  745. continue;
  746. if (algorithm_auth)
  747. if ((algorithm_auth & mask_auth) == 0)
  748. continue;
  749. if (algorithm_enc)
  750. if ((algorithm_enc & mask_enc) == 0)
  751. continue;
  752. if (algorithm_mac)
  753. if ((algorithm_mac & mask_mac) == 0)
  754. continue;
  755. if (algorithm_ssl)
  756. if ((algorithm_ssl & mask_ssl) == 0)
  757. continue;
  758. *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
  759. ca_curr++;
  760. }
  761. *ca_curr = NULL; /* end of list */
  762. }
  763. static void ssl_cipher_apply_rule(unsigned long cipher_id,
  764. unsigned long alg_mkey, unsigned long alg_auth,
  765. unsigned long alg_enc, unsigned long alg_mac,
  766. unsigned long alg_ssl,
  767. unsigned long algo_strength,
  768. int rule, int strength_bits,
  769. CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
  770. {
  771. CIPHER_ORDER *head, *tail, *curr, *curr2, *last;
  772. const SSL_CIPHER *cp;
  773. int reverse = 0;
  774. #ifdef CIPHER_DEBUG
  775. printf("Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n",
  776. rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength, strength_bits);
  777. #endif
  778. if (rule == CIPHER_DEL)
  779. reverse = 1; /* needed to maintain sorting between currently deleted ciphers */
  780. head = *head_p;
  781. tail = *tail_p;
  782. if (reverse)
  783. {
  784. curr = tail;
  785. last = head;
  786. }
  787. else
  788. {
  789. curr = head;
  790. last = tail;
  791. }
  792. curr2 = curr;
  793. for (;;)
  794. {
  795. if ((curr == NULL) || (curr == last)) break;
  796. curr = curr2;
  797. curr2 = reverse ? curr->prev : curr->next;
  798. cp = curr->cipher;
  799. /*
  800. * Selection criteria is either the value of strength_bits
  801. * or the algorithms used.
  802. */
  803. if (strength_bits >= 0)
  804. {
  805. if (strength_bits != cp->strength_bits)
  806. continue;
  807. }
  808. else
  809. {
  810. #ifdef CIPHER_DEBUG
  811. printf("\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n", cp->name, cp->algorithm_mkey, cp->algorithm_auth, cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl, cp->algo_strength);
  812. #endif
  813. if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
  814. continue;
  815. if (alg_auth && !(alg_auth & cp->algorithm_auth))
  816. continue;
  817. if (alg_enc && !(alg_enc & cp->algorithm_enc))
  818. continue;
  819. if (alg_mac && !(alg_mac & cp->algorithm_mac))
  820. continue;
  821. if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
  822. continue;
  823. if ((algo_strength & SSL_EXP_MASK) && !(algo_strength & SSL_EXP_MASK & cp->algo_strength))
  824. continue;
  825. if ((algo_strength & SSL_STRONG_MASK) && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
  826. continue;
  827. }
  828. #ifdef CIPHER_DEBUG
  829. printf("Action = %d\n", rule);
  830. #endif
  831. /* add the cipher if it has not been added yet. */
  832. if (rule == CIPHER_ADD)
  833. {
  834. /* reverse == 0 */
  835. if (!curr->active)
  836. {
  837. ll_append_tail(&head, curr, &tail);
  838. curr->active = 1;
  839. }
  840. }
  841. /* Move the added cipher to this location */
  842. else if (rule == CIPHER_ORD)
  843. {
  844. /* reverse == 0 */
  845. if (curr->active)
  846. {
  847. ll_append_tail(&head, curr, &tail);
  848. }
  849. }
  850. else if (rule == CIPHER_DEL)
  851. {
  852. /* reverse == 1 */
  853. if (curr->active)
  854. {
  855. /* most recently deleted ciphersuites get best positions
  856. * for any future CIPHER_ADD (note that the CIPHER_DEL loop
  857. * works in reverse to maintain the order) */
  858. ll_append_head(&head, curr, &tail);
  859. curr->active = 0;
  860. }
  861. }
  862. else if (rule == CIPHER_KILL)
  863. {
  864. /* reverse == 0 */
  865. if (head == curr)
  866. head = curr->next;
  867. else
  868. curr->prev->next = curr->next;
  869. if (tail == curr)
  870. tail = curr->prev;
  871. curr->active = 0;
  872. if (curr->next != NULL)
  873. curr->next->prev = curr->prev;
  874. if (curr->prev != NULL)
  875. curr->prev->next = curr->next;
  876. curr->next = NULL;
  877. curr->prev = NULL;
  878. }
  879. }
  880. *head_p = head;
  881. *tail_p = tail;
  882. }
  883. static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
  884. CIPHER_ORDER **tail_p)
  885. {
  886. int max_strength_bits, i, *number_uses;
  887. CIPHER_ORDER *curr;
  888. /*
  889. * This routine sorts the ciphers with descending strength. The sorting
  890. * must keep the pre-sorted sequence, so we apply the normal sorting
  891. * routine as '+' movement to the end of the list.
  892. */
  893. max_strength_bits = 0;
  894. curr = *head_p;
  895. while (curr != NULL)
  896. {
  897. if (curr->active &&
  898. (curr->cipher->strength_bits > max_strength_bits))
  899. max_strength_bits = curr->cipher->strength_bits;
  900. curr = curr->next;
  901. }
  902. number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
  903. if (!number_uses)
  904. {
  905. SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE);
  906. return(0);
  907. }
  908. memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
  909. /*
  910. * Now find the strength_bits values actually used
  911. */
  912. curr = *head_p;
  913. while (curr != NULL)
  914. {
  915. if (curr->active)
  916. number_uses[curr->cipher->strength_bits]++;
  917. curr = curr->next;
  918. }
  919. /*
  920. * Go through the list of used strength_bits values in descending
  921. * order.
  922. */
  923. for (i = max_strength_bits; i >= 0; i--)
  924. if (number_uses[i] > 0)
  925. ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p, tail_p);
  926. OPENSSL_free(number_uses);
  927. return(1);
  928. }
  929. static int ssl_cipher_process_rulestr(const char *rule_str,
  930. CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p,
  931. const SSL_CIPHER **ca_list)
  932. {
  933. unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength;
  934. const char *l, *buf;
  935. int j, multi, found, rule, retval, ok, buflen;
  936. unsigned long cipher_id = 0;
  937. char ch;
  938. retval = 1;
  939. l = rule_str;
  940. for (;;)
  941. {
  942. ch = *l;
  943. if (ch == '\0')
  944. break; /* done */
  945. if (ch == '-')
  946. { rule = CIPHER_DEL; l++; }
  947. else if (ch == '+')
  948. { rule = CIPHER_ORD; l++; }
  949. else if (ch == '!')
  950. { rule = CIPHER_KILL; l++; }
  951. else if (ch == '@')
  952. { rule = CIPHER_SPECIAL; l++; }
  953. else
  954. { rule = CIPHER_ADD; }
  955. if (ITEM_SEP(ch))
  956. {
  957. l++;
  958. continue;
  959. }
  960. alg_mkey = 0;
  961. alg_auth = 0;
  962. alg_enc = 0;
  963. alg_mac = 0;
  964. alg_ssl = 0;
  965. algo_strength = 0;
  966. for (;;)
  967. {
  968. ch = *l;
  969. buf = l;
  970. buflen = 0;
  971. #ifndef CHARSET_EBCDIC
  972. while ( ((ch >= 'A') && (ch <= 'Z')) ||
  973. ((ch >= '0') && (ch <= '9')) ||
  974. ((ch >= 'a') && (ch <= 'z')) ||
  975. (ch == '-'))
  976. #else
  977. while ( isalnum(ch) || (ch == '-'))
  978. #endif
  979. {
  980. ch = *(++l);
  981. buflen++;
  982. }
  983. if (buflen == 0)
  984. {
  985. /*
  986. * We hit something we cannot deal with,
  987. * it is no command or separator nor
  988. * alphanumeric, so we call this an error.
  989. */
  990. SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
  991. SSL_R_INVALID_COMMAND);
  992. retval = found = 0;
  993. l++;
  994. break;
  995. }
  996. if (rule == CIPHER_SPECIAL)
  997. {
  998. found = 0; /* unused -- avoid compiler warning */
  999. break; /* special treatment */
  1000. }
  1001. /* check for multi-part specification */
  1002. if (ch == '+')
  1003. {
  1004. multi=1;
  1005. l++;
  1006. }
  1007. else
  1008. multi=0;
  1009. /*
  1010. * Now search for the cipher alias in the ca_list. Be careful
  1011. * with the strncmp, because the "buflen" limitation
  1012. * will make the rule "ADH:SOME" and the cipher
  1013. * "ADH-MY-CIPHER" look like a match for buflen=3.
  1014. * So additionally check whether the cipher name found
  1015. * has the correct length. We can save a strlen() call:
  1016. * just checking for the '\0' at the right place is
  1017. * sufficient, we have to strncmp() anyway. (We cannot
  1018. * use strcmp(), because buf is not '\0' terminated.)
  1019. */
  1020. j = found = 0;
  1021. cipher_id = 0;
  1022. while (ca_list[j])
  1023. {
  1024. if (!strncmp(buf, ca_list[j]->name, buflen) &&
  1025. (ca_list[j]->name[buflen] == '\0'))
  1026. {
  1027. found = 1;
  1028. break;
  1029. }
  1030. else
  1031. j++;
  1032. }
  1033. if (!found)
  1034. break; /* ignore this entry */
  1035. if (ca_list[j]->algorithm_mkey)
  1036. {
  1037. if (alg_mkey)
  1038. {
  1039. alg_mkey &= ca_list[j]->algorithm_mkey;
  1040. if (!alg_mkey) { found = 0; break; }
  1041. }
  1042. else
  1043. alg_mkey = ca_list[j]->algorithm_mkey;
  1044. }
  1045. if (ca_list[j]->algorithm_auth)
  1046. {
  1047. if (alg_auth)
  1048. {
  1049. alg_auth &= ca_list[j]->algorithm_auth;
  1050. if (!alg_auth) { found = 0; break; }
  1051. }
  1052. else
  1053. alg_auth = ca_list[j]->algorithm_auth;
  1054. }
  1055. if (ca_list[j]->algorithm_enc)
  1056. {
  1057. if (alg_enc)
  1058. {
  1059. alg_enc &= ca_list[j]->algorithm_enc;
  1060. if (!alg_enc) { found = 0; break; }
  1061. }
  1062. else
  1063. alg_enc = ca_list[j]->algorithm_enc;
  1064. }
  1065. if (ca_list[j]->algorithm_mac)
  1066. {
  1067. if (alg_mac)
  1068. {
  1069. alg_mac &= ca_list[j]->algorithm_mac;
  1070. if (!alg_mac) { found = 0; break; }
  1071. }
  1072. else
  1073. alg_mac = ca_list[j]->algorithm_mac;
  1074. }
  1075. if (ca_list[j]->algo_strength & SSL_EXP_MASK)
  1076. {
  1077. if (algo_strength & SSL_EXP_MASK)
  1078. {
  1079. algo_strength &= (ca_list[j]->algo_strength & SSL_EXP_MASK) | ~SSL_EXP_MASK;
  1080. if (!(algo_strength & SSL_EXP_MASK)) { found = 0; break; }
  1081. }
  1082. else
  1083. algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK;
  1084. }
  1085. if (ca_list[j]->algo_strength & SSL_STRONG_MASK)
  1086. {
  1087. if (algo_strength & SSL_STRONG_MASK)
  1088. {
  1089. algo_strength &= (ca_list[j]->algo_strength & SSL_STRONG_MASK) | ~SSL_STRONG_MASK;
  1090. if (!(algo_strength & SSL_STRONG_MASK)) { found = 0; break; }
  1091. }
  1092. else
  1093. algo_strength |= ca_list[j]->algo_strength & SSL_STRONG_MASK;
  1094. }
  1095. if (ca_list[j]->valid)
  1096. {
  1097. /* explicit ciphersuite found; its protocol version
  1098. * does not become part of the search pattern!*/
  1099. cipher_id = ca_list[j]->id;
  1100. }
  1101. else
  1102. {
  1103. /* not an explicit ciphersuite; only in this case, the
  1104. * protocol version is considered part of the search pattern */
  1105. if (ca_list[j]->algorithm_ssl)
  1106. {
  1107. if (alg_ssl)
  1108. {
  1109. alg_ssl &= ca_list[j]->algorithm_ssl;
  1110. if (!alg_ssl) { found = 0; break; }
  1111. }
  1112. else
  1113. alg_ssl = ca_list[j]->algorithm_ssl;
  1114. }
  1115. }
  1116. if (!multi) break;
  1117. }
  1118. /*
  1119. * Ok, we have the rule, now apply it
  1120. */
  1121. if (rule == CIPHER_SPECIAL)
  1122. { /* special command */
  1123. ok = 0;
  1124. if ((buflen == 8) &&
  1125. !strncmp(buf, "STRENGTH", 8))
  1126. ok = ssl_cipher_strength_sort(head_p, tail_p);
  1127. else
  1128. SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
  1129. SSL_R_INVALID_COMMAND);
  1130. if (ok == 0)
  1131. retval = 0;
  1132. /*
  1133. * We do not support any "multi" options
  1134. * together with "@", so throw away the
  1135. * rest of the command, if any left, until
  1136. * end or ':' is found.
  1137. */
  1138. while ((*l != '\0') && !ITEM_SEP(*l))
  1139. l++;
  1140. }
  1141. else if (found)
  1142. {
  1143. ssl_cipher_apply_rule(cipher_id,
  1144. alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength,
  1145. rule, -1, head_p, tail_p);
  1146. }
  1147. else
  1148. {
  1149. while ((*l != '\0') && !ITEM_SEP(*l))
  1150. l++;
  1151. }
  1152. if (*l == '\0') break; /* done */
  1153. }
  1154. return(retval);
  1155. }
  1156. STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
  1157. STACK_OF(SSL_CIPHER) **cipher_list,
  1158. STACK_OF(SSL_CIPHER) **cipher_list_by_id,
  1159. const char *rule_str)
  1160. {
  1161. int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
  1162. unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl;
  1163. STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
  1164. const char *rule_p;
  1165. CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
  1166. const SSL_CIPHER **ca_list = NULL;
  1167. /*
  1168. * Return with error if nothing to do.
  1169. */
  1170. if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
  1171. return NULL;
  1172. /*
  1173. * To reduce the work to do we only want to process the compiled
  1174. * in algorithms, so we first get the mask of disabled ciphers.
  1175. */
  1176. ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, &disabled_mac, &disabled_ssl);
  1177. /*
  1178. * Now we have to collect the available ciphers from the compiled
  1179. * in ciphers. We cannot get more than the number compiled in, so
  1180. * it is used for allocation.
  1181. */
  1182. num_of_ciphers = ssl_method->num_ciphers();
  1183. #ifdef KSSL_DEBUG
  1184. printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers);
  1185. #endif /* KSSL_DEBUG */
  1186. co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
  1187. if (co_list == NULL)
  1188. {
  1189. SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
  1190. return(NULL); /* Failure */
  1191. }
  1192. ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
  1193. disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl,
  1194. co_list, &head, &tail);
  1195. /* Now arrange all ciphers by preference: */
  1196. /* Everything else being equal, prefer ephemeral ECDH over other key exchange mechanisms */
  1197. ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
  1198. ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
  1199. /* AES is our preferred symmetric cipher */
  1200. ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
  1201. /* Temporarily enable everything else for sorting */
  1202. ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
  1203. /* Low priority for MD5 */
  1204. ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head, &tail);
  1205. /* Move anonymous ciphers to the end. Usually, these will remain disabled.
  1206. * (For applications that allow them, they aren't too bad, but we prefer
  1207. * authenticated ciphers.) */
  1208. ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
  1209. /* Move ciphers without forward secrecy to the end */
  1210. ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
  1211. /* ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail); */
  1212. ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
  1213. ssl_cipher_apply_rule(0, SSL_kPSK, 0,0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
  1214. ssl_cipher_apply_rule(0, SSL_kKRB5, 0,0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
  1215. /* RC4 is sort-of broken -- move the the end */
  1216. ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
  1217. /* Now sort by symmetric encryption strength. The above ordering remains
  1218. * in force within each class */
  1219. if (!ssl_cipher_strength_sort(&head, &tail))
  1220. {
  1221. OPENSSL_free(co_list);
  1222. return NULL;
  1223. }
  1224. /* Now disable everything (maintaining the ordering!) */
  1225. ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
  1226. /*
  1227. * We also need cipher aliases for selecting based on the rule_str.
  1228. * There might be two types of entries in the rule_str: 1) names
  1229. * of ciphers themselves 2) aliases for groups of ciphers.
  1230. * For 1) we need the available ciphers and for 2) the cipher
  1231. * groups of cipher_aliases added together in one list (otherwise
  1232. * we would be happy with just the cipher_aliases table).
  1233. */
  1234. num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
  1235. num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
  1236. ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
  1237. if (ca_list == NULL)
  1238. {
  1239. OPENSSL_free(co_list);
  1240. SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
  1241. return(NULL); /* Failure */
  1242. }
  1243. ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
  1244. disabled_mkey, disabled_auth, disabled_enc,
  1245. disabled_mac, disabled_ssl, head);
  1246. /*
  1247. * If the rule_string begins with DEFAULT, apply the default rule
  1248. * before using the (possibly available) additional rules.
  1249. */
  1250. ok = 1;
  1251. rule_p = rule_str;
  1252. if (strncmp(rule_str,"DEFAULT",7) == 0)
  1253. {
  1254. ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
  1255. &head, &tail, ca_list);
  1256. rule_p += 7;
  1257. if (*rule_p == ':')
  1258. rule_p++;
  1259. }
  1260. if (ok && (strlen(rule_p) > 0))
  1261. ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
  1262. OPENSSL_free((void *)ca_list); /* Not needed anymore */
  1263. if (!ok)
  1264. { /* Rule processing failure */
  1265. OPENSSL_free(co_list);
  1266. return(NULL);
  1267. }
  1268. /*
  1269. * Allocate new "cipherstack" for the result, return with error
  1270. * if we cannot get one.
  1271. */
  1272. if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL)
  1273. {
  1274. OPENSSL_free(co_list);
  1275. return(NULL);
  1276. }
  1277. /*
  1278. * The cipher selection for the list is done. The ciphers are added
  1279. * to the resulting precedence to the STACK_OF(SSL_CIPHER).
  1280. */
  1281. for (curr = head; curr != NULL; curr = curr->next)
  1282. {
  1283. if (curr->active)
  1284. {
  1285. sk_SSL_CIPHER_push(cipherstack, curr->cipher);
  1286. #ifdef CIPHER_DEBUG
  1287. printf("<%s>\n",curr->cipher->name);
  1288. #endif
  1289. }
  1290. }
  1291. OPENSSL_free(co_list); /* Not needed any longer */
  1292. tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
  1293. if (tmp_cipher_list == NULL)
  1294. {
  1295. sk_SSL_CIPHER_free(cipherstack);
  1296. return NULL;
  1297. }
  1298. if (*cipher_list != NULL)
  1299. sk_SSL_CIPHER_free(*cipher_list);
  1300. *cipher_list = cipherstack;
  1301. if (*cipher_list_by_id != NULL)
  1302. sk_SSL_CIPHER_free(*cipher_list_by_id);
  1303. *cipher_list_by_id = tmp_cipher_list;
  1304. (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
  1305. sk_SSL_CIPHER_sort(*cipher_list_by_id);
  1306. return(cipherstack);
  1307. }
  1308. char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
  1309. {
  1310. int is_export,pkl,kl;
  1311. const char *ver,*exp_str;
  1312. const char *kx,*au,*enc,*mac;
  1313. unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2;
  1314. #ifdef KSSL_DEBUG
  1315. static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
  1316. #else
  1317. static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
  1318. #endif /* KSSL_DEBUG */
  1319. alg_mkey = cipher->algorithm_mkey;
  1320. alg_auth = cipher->algorithm_auth;
  1321. alg_enc = cipher->algorithm_enc;
  1322. alg_mac = cipher->algorithm_mac;
  1323. alg_ssl = cipher->algorithm_ssl;
  1324. alg2=cipher->algorithm2;
  1325. is_export=SSL_C_IS_EXPORT(cipher);
  1326. pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
  1327. kl=SSL_C_EXPORT_KEYLENGTH(cipher);
  1328. exp_str=is_export?" export":"";
  1329. if (alg_ssl & SSL_SSLV2)
  1330. ver="SSLv2";
  1331. else if (alg_ssl & SSL_SSLV3)
  1332. ver="SSLv3";
  1333. else
  1334. ver="unknown";
  1335. switch (alg_mkey)
  1336. {
  1337. case SSL_kRSA:
  1338. kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";
  1339. break;
  1340. case SSL_kDHr:
  1341. kx="DH/RSA";
  1342. break;
  1343. case SSL_kDHd:
  1344. kx="DH/DSS";
  1345. break;
  1346. case SSL_kKRB5:
  1347. kx="KRB5";
  1348. break;
  1349. case SSL_kEDH:
  1350. kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
  1351. break;
  1352. case SSL_kECDHr:
  1353. kx="ECDH/RSA";
  1354. break;
  1355. case SSL_kECDHe:
  1356. kx="ECDH/ECDSA";
  1357. break;
  1358. case SSL_kEECDH:
  1359. kx="ECDH";
  1360. break;
  1361. case SSL_kPSK:
  1362. kx="PSK";
  1363. break;
  1364. default:
  1365. kx="unknown";
  1366. }
  1367. switch (alg_auth)
  1368. {
  1369. case SSL_aRSA:
  1370. au="RSA";
  1371. break;
  1372. case SSL_aDSS:
  1373. au="DSS";
  1374. break;
  1375. case SSL_aDH:
  1376. au="DH";
  1377. break;
  1378. case SSL_aKRB5:
  1379. au="KRB5";
  1380. break;
  1381. case SSL_aECDH:
  1382. au="ECDH";
  1383. break;
  1384. case SSL_aNULL:
  1385. au="None";
  1386. break;
  1387. case SSL_aECDSA:
  1388. au="ECDSA";
  1389. break;
  1390. case SSL_aPSK:
  1391. au="PSK";
  1392. break;
  1393. default:
  1394. au="unknown";
  1395. break;
  1396. }
  1397. switch (alg_enc)
  1398. {
  1399. case SSL_DES:
  1400. enc=(is_export && kl == 5)?"DES(40)":"DES(56)";
  1401. break;
  1402. case SSL_3DES:
  1403. enc="3DES(168)";
  1404. break;
  1405. case SSL_RC4:
  1406. enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)")
  1407. :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
  1408. break;
  1409. case SSL_RC2:
  1410. enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)";
  1411. break;
  1412. case SSL_IDEA:
  1413. enc="IDEA(128)";
  1414. break;
  1415. case SSL_eNULL:
  1416. enc="None";
  1417. break;
  1418. case SSL_AES128:
  1419. enc="AES(128)";
  1420. break;
  1421. case SSL_AES256:
  1422. enc="AES(256)";
  1423. break;
  1424. case SSL_CAMELLIA128:
  1425. enc="Camellia(128)";
  1426. break;
  1427. case SSL_CAMELLIA256:
  1428. enc="Camellia(256)";
  1429. break;
  1430. case SSL_SEED:
  1431. enc="SEED(128)";
  1432. break;
  1433. default:
  1434. enc="unknown";
  1435. break;
  1436. }
  1437. switch (alg_mac)
  1438. {
  1439. case SSL_MD5:
  1440. mac="MD5";
  1441. break;
  1442. case SSL_SHA1:
  1443. mac="SHA1";
  1444. break;
  1445. default:
  1446. mac="unknown";
  1447. break;
  1448. }
  1449. if (buf == NULL)
  1450. {
  1451. len=128;
  1452. buf=OPENSSL_malloc(len);
  1453. if (buf == NULL) return("OPENSSL_malloc Error");
  1454. }
  1455. else if (len < 128)
  1456. return("Buffer too small");
  1457. #ifdef KSSL_DEBUG
  1458. BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str,alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl);
  1459. #else
  1460. BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str);
  1461. #endif /* KSSL_DEBUG */
  1462. return(buf);
  1463. }
  1464. char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
  1465. {
  1466. int i;
  1467. if (c == NULL) return("(NONE)");
  1468. i=(int)(c->id>>24L);
  1469. if (i == 3)
  1470. return("TLSv1/SSLv3");
  1471. else if (i == 2)
  1472. return("SSLv2");
  1473. else
  1474. return("unknown");
  1475. }
  1476. /* return the actual cipher being used */
  1477. const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
  1478. {
  1479. if (c != NULL)
  1480. return(c->name);
  1481. return("(NONE)");
  1482. }
  1483. /* number of bits for symmetric cipher */
  1484. int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
  1485. {
  1486. int ret=0;
  1487. if (c != NULL)
  1488. {
  1489. if (alg_bits != NULL) *alg_bits = c->alg_bits;
  1490. ret = c->strength_bits;
  1491. }
  1492. return(ret);
  1493. }
  1494. SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
  1495. {
  1496. SSL_COMP *ctmp;
  1497. int i,nn;
  1498. if ((n == 0) || (sk == NULL)) return(NULL);
  1499. nn=sk_SSL_COMP_num(sk);
  1500. for (i=0; i<nn; i++)
  1501. {
  1502. ctmp=sk_SSL_COMP_value(sk,i);
  1503. if (ctmp->id == n)
  1504. return(ctmp);
  1505. }
  1506. return(NULL);
  1507. }
  1508. #ifdef OPENSSL_NO_COMP
  1509. void *SSL_COMP_get_compression_methods(void)
  1510. {
  1511. return NULL;
  1512. }
  1513. int SSL_COMP_add_compression_method(int id, void *cm)
  1514. {
  1515. return 1;
  1516. }
  1517. const char *SSL_COMP_get_name(const void *comp)
  1518. {
  1519. return NULL;
  1520. }
  1521. #else
  1522. STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
  1523. {
  1524. load_builtin_compressions();
  1525. return(ssl_comp_methods);
  1526. }
  1527. int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
  1528. {
  1529. SSL_COMP *comp;
  1530. if (cm == NULL || cm->type == NID_undef)
  1531. return 1;
  1532. /* According to draft-ietf-tls-compression-04.txt, the
  1533. compression number ranges should be the following:
  1534. 0 to 63: methods defined by the IETF
  1535. 64 to 192: external party methods assigned by IANA
  1536. 193 to 255: reserved for private use */
  1537. if (id < 193 || id > 255)
  1538. {
  1539. SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
  1540. return 0;
  1541. }
  1542. MemCheck_off();
  1543. comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
  1544. comp->id=id;
  1545. comp->method=cm;
  1546. load_builtin_compressions();
  1547. if (ssl_comp_methods
  1548. && sk_SSL_COMP_find(ssl_comp_methods,comp) >= 0)
  1549. {
  1550. OPENSSL_free(comp);
  1551. MemCheck_on();
  1552. SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,SSL_R_DUPLICATE_COMPRESSION_ID);
  1553. return(1);
  1554. }
  1555. else if ((ssl_comp_methods == NULL)
  1556. || !sk_SSL_COMP_push(ssl_comp_methods,comp))
  1557. {
  1558. OPENSSL_free(comp);
  1559. MemCheck_on();
  1560. SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
  1561. return(1);
  1562. }
  1563. else
  1564. {
  1565. MemCheck_on();
  1566. return(0);
  1567. }
  1568. }
  1569. const char *SSL_COMP_get_name(const COMP_METHOD *comp)
  1570. {
  1571. if (comp)
  1572. return comp->name;
  1573. return NULL;
  1574. }
  1575. #endif