2
0

s2_lib.c 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570
  1. /* ssl/s2_lib.c */
  2. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  3. * All rights reserved.
  4. *
  5. * This package is an SSL implementation written
  6. * by Eric Young (eay@cryptsoft.com).
  7. * The implementation was written so as to conform with Netscapes SSL.
  8. *
  9. * This library is free for commercial and non-commercial use as long as
  10. * the following conditions are aheared to. The following conditions
  11. * apply to all code found in this distribution, be it the RC4, RSA,
  12. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  13. * included with this distribution is covered by the same copyright terms
  14. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15. *
  16. * Copyright remains Eric Young's, and as such any Copyright notices in
  17. * the code are not to be removed.
  18. * If this package is used in a product, Eric Young should be given attribution
  19. * as the author of the parts of the library used.
  20. * This can be in the form of a textual message at program startup or
  21. * in documentation (online or textual) provided with the package.
  22. *
  23. * Redistribution and use in source and binary forms, with or without
  24. * modification, are permitted provided that the following conditions
  25. * are met:
  26. * 1. Redistributions of source code must retain the copyright
  27. * notice, this list of conditions and the following disclaimer.
  28. * 2. Redistributions in binary form must reproduce the above copyright
  29. * notice, this list of conditions and the following disclaimer in the
  30. * documentation and/or other materials provided with the distribution.
  31. * 3. All advertising materials mentioning features or use of this software
  32. * must display the following acknowledgement:
  33. * "This product includes cryptographic software written by
  34. * Eric Young (eay@cryptsoft.com)"
  35. * The word 'cryptographic' can be left out if the rouines from the library
  36. * being used are not cryptographic related :-).
  37. * 4. If you include any Windows specific code (or a derivative thereof) from
  38. * the apps directory (application code) you must include an acknowledgement:
  39. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40. *
  41. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51. * SUCH DAMAGE.
  52. *
  53. * The licence and distribution terms for any publically available version or
  54. * derivative of this code cannot be changed. i.e. this code cannot simply be
  55. * copied and put under another distribution licence
  56. * [including the GNU Public Licence.]
  57. */
  58. /* ====================================================================
  59. * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
  60. *
  61. * Redistribution and use in source and binary forms, with or without
  62. * modification, are permitted provided that the following conditions
  63. * are met:
  64. *
  65. * 1. Redistributions of source code must retain the above copyright
  66. * notice, this list of conditions and the following disclaimer.
  67. *
  68. * 2. Redistributions in binary form must reproduce the above copyright
  69. * notice, this list of conditions and the following disclaimer in
  70. * the documentation and/or other materials provided with the
  71. * distribution.
  72. *
  73. * 3. All advertising materials mentioning features or use of this
  74. * software must display the following acknowledgment:
  75. * "This product includes software developed by the OpenSSL Project
  76. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  77. *
  78. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  79. * endorse or promote products derived from this software without
  80. * prior written permission. For written permission, please contact
  81. * openssl-core@openssl.org.
  82. *
  83. * 5. Products derived from this software may not be called "OpenSSL"
  84. * nor may "OpenSSL" appear in their names without prior written
  85. * permission of the OpenSSL Project.
  86. *
  87. * 6. Redistributions of any form whatsoever must retain the following
  88. * acknowledgment:
  89. * "This product includes software developed by the OpenSSL Project
  90. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  91. *
  92. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  93. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  94. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  95. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  96. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  97. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  98. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  99. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  100. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  101. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  102. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  103. * OF THE POSSIBILITY OF SUCH DAMAGE.
  104. * ====================================================================
  105. *
  106. * This product includes cryptographic software written by Eric Young
  107. * (eay@cryptsoft.com). This product includes software written by Tim
  108. * Hudson (tjh@cryptsoft.com).
  109. *
  110. */
  111. #include "ssl_locl.h"
  112. #ifndef OPENSSL_NO_SSL2
  113. # include <stdio.h>
  114. # include <openssl/objects.h>
  115. # include <openssl/evp.h>
  116. # include <openssl/md5.h>
  117. const char ssl2_version_str[] = "SSLv2" OPENSSL_VERSION_PTEXT;
  118. # define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
  119. /* list of available SSLv2 ciphers (sorted by id) */
  120. OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
  121. # if 0
  122. /* NULL_WITH_MD5 v3 */
  123. {
  124. 1,
  125. SSL2_TXT_NULL_WITH_MD5,
  126. SSL2_CK_NULL_WITH_MD5,
  127. SSL_kRSA,
  128. SSL_aRSA,
  129. SSL_eNULL,
  130. SSL_MD5,
  131. SSL_SSLV2,
  132. SSL_EXPORT | SSL_EXP40 | SSL_STRONG_NONE,
  133. 0,
  134. 0,
  135. 0,
  136. },
  137. # endif
  138. /* RC4_128_WITH_MD5 */
  139. {
  140. 1,
  141. SSL2_TXT_RC4_128_WITH_MD5,
  142. SSL2_CK_RC4_128_WITH_MD5,
  143. SSL_kRSA,
  144. SSL_aRSA,
  145. SSL_RC4,
  146. SSL_MD5,
  147. SSL_SSLV2,
  148. SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  149. 0,
  150. 128,
  151. 128,
  152. },
  153. # if 0
  154. /* RC4_128_EXPORT40_WITH_MD5 */
  155. {
  156. 1,
  157. SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
  158. SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
  159. SSL_kRSA,
  160. SSL_aRSA,
  161. SSL_RC4,
  162. SSL_MD5,
  163. SSL_SSLV2,
  164. SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  165. SSL2_CF_5_BYTE_ENC,
  166. 40,
  167. 128,
  168. },
  169. # endif
  170. /* RC2_128_CBC_WITH_MD5 */
  171. {
  172. 1,
  173. SSL2_TXT_RC2_128_CBC_WITH_MD5,
  174. SSL2_CK_RC2_128_CBC_WITH_MD5,
  175. SSL_kRSA,
  176. SSL_aRSA,
  177. SSL_RC2,
  178. SSL_MD5,
  179. SSL_SSLV2,
  180. SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  181. 0,
  182. 128,
  183. 128,
  184. },
  185. # if 0
  186. /* RC2_128_CBC_EXPORT40_WITH_MD5 */
  187. {
  188. 1,
  189. SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
  190. SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
  191. SSL_kRSA,
  192. SSL_aRSA,
  193. SSL_RC2,
  194. SSL_MD5,
  195. SSL_SSLV2,
  196. SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
  197. SSL2_CF_5_BYTE_ENC,
  198. 40,
  199. 128,
  200. },
  201. # endif
  202. # ifndef OPENSSL_NO_IDEA
  203. /* IDEA_128_CBC_WITH_MD5 */
  204. {
  205. 1,
  206. SSL2_TXT_IDEA_128_CBC_WITH_MD5,
  207. SSL2_CK_IDEA_128_CBC_WITH_MD5,
  208. SSL_kRSA,
  209. SSL_aRSA,
  210. SSL_IDEA,
  211. SSL_MD5,
  212. SSL_SSLV2,
  213. SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  214. 0,
  215. 128,
  216. 128,
  217. },
  218. # endif
  219. # if 0
  220. /* DES_64_CBC_WITH_MD5 */
  221. {
  222. 1,
  223. SSL2_TXT_DES_64_CBC_WITH_MD5,
  224. SSL2_CK_DES_64_CBC_WITH_MD5,
  225. SSL_kRSA,
  226. SSL_aRSA,
  227. SSL_DES,
  228. SSL_MD5,
  229. SSL_SSLV2,
  230. SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
  231. 0,
  232. 56,
  233. 56,
  234. },
  235. # endif
  236. /* DES_192_EDE3_CBC_WITH_MD5 */
  237. {
  238. 1,
  239. SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
  240. SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
  241. SSL_kRSA,
  242. SSL_aRSA,
  243. SSL_3DES,
  244. SSL_MD5,
  245. SSL_SSLV2,
  246. SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
  247. 0,
  248. 112,
  249. 168,
  250. },
  251. # if 0
  252. /* RC4_64_WITH_MD5 */
  253. {
  254. 1,
  255. SSL2_TXT_RC4_64_WITH_MD5,
  256. SSL2_CK_RC4_64_WITH_MD5,
  257. SSL_kRSA,
  258. SSL_aRSA,
  259. SSL_RC4,
  260. SSL_MD5,
  261. SSL_SSLV2,
  262. SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
  263. SSL2_CF_8_BYTE_ENC,
  264. 64,
  265. 64,
  266. },
  267. # endif
  268. # if 0
  269. /* NULL SSLeay (testing) */
  270. {
  271. 0,
  272. SSL2_TXT_NULL,
  273. SSL2_CK_NULL,
  274. 0,
  275. 0,
  276. 0,
  277. 0,
  278. SSL_SSLV2,
  279. SSL_STRONG_NONE,
  280. 0,
  281. 0,
  282. 0,
  283. },
  284. # endif
  285. /* end of list :-) */
  286. };
  287. long ssl2_default_timeout(void)
  288. {
  289. return (300);
  290. }
  291. int ssl2_num_ciphers(void)
  292. {
  293. return (SSL2_NUM_CIPHERS);
  294. }
  295. const SSL_CIPHER *ssl2_get_cipher(unsigned int u)
  296. {
  297. if (u < SSL2_NUM_CIPHERS)
  298. return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
  299. else
  300. return (NULL);
  301. }
  302. int ssl2_pending(const SSL *s)
  303. {
  304. return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
  305. }
  306. int ssl2_new(SSL *s)
  307. {
  308. SSL2_STATE *s2;
  309. if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
  310. goto err;
  311. memset(s2, 0, sizeof *s2);
  312. # if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
  313. # error "assertion failed"
  314. # endif
  315. if ((s2->rbuf =
  316. OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL)
  317. goto err;
  318. /*
  319. * wbuf needs one byte more because when using two-byte headers, we leave
  320. * the first byte unused in do_ssl_write (s2_pkt.c)
  321. */
  322. if ((s2->wbuf =
  323. OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL)
  324. goto err;
  325. s->s2 = s2;
  326. ssl2_clear(s);
  327. return (1);
  328. err:
  329. if (s2 != NULL) {
  330. if (s2->wbuf != NULL)
  331. OPENSSL_free(s2->wbuf);
  332. if (s2->rbuf != NULL)
  333. OPENSSL_free(s2->rbuf);
  334. OPENSSL_free(s2);
  335. }
  336. return (0);
  337. }
  338. void ssl2_free(SSL *s)
  339. {
  340. SSL2_STATE *s2;
  341. if (s == NULL)
  342. return;
  343. s2 = s->s2;
  344. if (s2->rbuf != NULL)
  345. OPENSSL_free(s2->rbuf);
  346. if (s2->wbuf != NULL)
  347. OPENSSL_free(s2->wbuf);
  348. OPENSSL_cleanse(s2, sizeof *s2);
  349. OPENSSL_free(s2);
  350. s->s2 = NULL;
  351. }
  352. void ssl2_clear(SSL *s)
  353. {
  354. SSL2_STATE *s2;
  355. unsigned char *rbuf, *wbuf;
  356. s2 = s->s2;
  357. rbuf = s2->rbuf;
  358. wbuf = s2->wbuf;
  359. memset(s2, 0, sizeof *s2);
  360. s2->rbuf = rbuf;
  361. s2->wbuf = wbuf;
  362. s2->clear_text = 1;
  363. s->packet = s2->rbuf;
  364. s->version = SSL2_VERSION;
  365. s->packet_length = 0;
  366. }
  367. long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
  368. {
  369. int ret = 0;
  370. switch (cmd) {
  371. case SSL_CTRL_GET_SESSION_REUSED:
  372. ret = s->hit;
  373. break;
  374. case SSL_CTRL_CHECK_PROTO_VERSION:
  375. return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg);
  376. default:
  377. break;
  378. }
  379. return (ret);
  380. }
  381. long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
  382. {
  383. return (0);
  384. }
  385. long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
  386. {
  387. return (0);
  388. }
  389. long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
  390. {
  391. return (0);
  392. }
  393. /*
  394. * This function needs to check if the ciphers required are actually
  395. * available
  396. */
  397. const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
  398. {
  399. SSL_CIPHER c;
  400. const SSL_CIPHER *cp;
  401. unsigned long id;
  402. id = 0x02000000L | ((unsigned long)p[0] << 16L) |
  403. ((unsigned long)p[1] << 8L) | (unsigned long)p[2];
  404. c.id = id;
  405. cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
  406. return cp;
  407. }
  408. int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
  409. {
  410. long l;
  411. if (p != NULL) {
  412. l = c->id;
  413. if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV)
  414. return (0);
  415. p[0] = ((unsigned char)(l >> 16L)) & 0xFF;
  416. p[1] = ((unsigned char)(l >> 8L)) & 0xFF;
  417. p[2] = ((unsigned char)(l)) & 0xFF;
  418. }
  419. return (3);
  420. }
  421. int ssl2_generate_key_material(SSL *s)
  422. {
  423. unsigned int i;
  424. EVP_MD_CTX ctx;
  425. unsigned char *km;
  426. unsigned char c = '0';
  427. const EVP_MD *md5;
  428. int md_size;
  429. md5 = EVP_md5();
  430. # ifdef CHARSET_EBCDIC
  431. c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', see
  432. * SSLv2 docu */
  433. # endif
  434. EVP_MD_CTX_init(&ctx);
  435. km = s->s2->key_material;
  436. if (s->session->master_key_length < 0 ||
  437. s->session->master_key_length > (int)sizeof(s->session->master_key)) {
  438. SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
  439. return 0;
  440. }
  441. md_size = EVP_MD_size(md5);
  442. if (md_size < 0)
  443. return 0;
  444. for (i = 0; i < s->s2->key_material_length; i += md_size) {
  445. if (((km - s->s2->key_material) + md_size) >
  446. (int)sizeof(s->s2->key_material)) {
  447. /*
  448. * EVP_DigestFinal_ex() below would write beyond buffer
  449. */
  450. SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
  451. return 0;
  452. }
  453. EVP_DigestInit_ex(&ctx, md5, NULL);
  454. OPENSSL_assert(s->session->master_key_length >= 0
  455. && s->session->master_key_length
  456. <= (int)sizeof(s->session->master_key));
  457. EVP_DigestUpdate(&ctx, s->session->master_key,
  458. s->session->master_key_length);
  459. EVP_DigestUpdate(&ctx, &c, 1);
  460. c++;
  461. EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
  462. EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
  463. EVP_DigestFinal_ex(&ctx, km, NULL);
  464. km += md_size;
  465. }
  466. EVP_MD_CTX_cleanup(&ctx);
  467. return 1;
  468. }
  469. void ssl2_return_error(SSL *s, int err)
  470. {
  471. if (!s->error) {
  472. s->error = 3;
  473. s->error_code = err;
  474. ssl2_write_error(s);
  475. }
  476. }
  477. void ssl2_write_error(SSL *s)
  478. {
  479. unsigned char buf[3];
  480. int i, error;
  481. buf[0] = SSL2_MT_ERROR;
  482. buf[1] = (s->error_code >> 8) & 0xff;
  483. buf[2] = (s->error_code) & 0xff;
  484. /* state=s->rwstate;*/
  485. error = s->error; /* number of bytes left to write */
  486. s->error = 0;
  487. OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
  488. i = ssl2_write(s, &(buf[3 - error]), error);
  489. /* if (i == error) s->rwstate=state; */
  490. if (i < 0)
  491. s->error = error;
  492. else {
  493. s->error = error - i;
  494. if (s->error == 0)
  495. if (s->msg_callback) {
  496. /* ERROR */
  497. s->msg_callback(1, s->version, 0, buf, 3, s,
  498. s->msg_callback_arg);
  499. }
  500. }
  501. }
  502. int ssl2_shutdown(SSL *s)
  503. {
  504. s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
  505. return (1);
  506. }
  507. #else /* !OPENSSL_NO_SSL2 */
  508. # if PEDANTIC
  509. static void *dummy = &dummy;
  510. # endif
  511. #endif