1 /* ssl/s3_lib.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay (at) cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay (at) cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core (at) openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay (at) cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh (at) cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * 114 * Portions of the attached software ("Contribution") are developed by 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 116 * 117 * The Contribution is licensed pursuant to the OpenSSL open source 118 * license provided above. 119 * 120 * ECC cipher suite support in OpenSSL originally written by 121 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 122 * 123 */ 124 /* ==================================================================== 125 * Copyright 2005 Nokia. All rights reserved. 126 * 127 * The portions of the attached software ("Contribution") is developed by 128 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 129 * license. 130 * 131 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 132 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 133 * support (see RFC 4279) to OpenSSL. 134 * 135 * No patent licenses or other rights except those expressly stated in 136 * the OpenSSL open source license shall be deemed granted or received 137 * expressly, by implication, estoppel, or otherwise. 138 * 139 * No assurances are provided by Nokia that the Contribution does not 140 * infringe the patent or other intellectual property rights of any third 141 * party or that the license provides you with all the necessary rights 142 * to make use of the Contribution. 143 * 144 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 145 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 146 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 147 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 148 * OTHERWISE. 149 */ 150 151 #include <stdio.h> 152 #include <openssl/objects.h> 153 #include "ssl_locl.h" 154 #include "kssl_lcl.h" 155 #ifndef OPENSSL_NO_TLSEXT 156 #ifndef OPENSSL_NO_EC 157 #include "../crypto/ec/ec_lcl.h" 158 #endif /* OPENSSL_NO_EC */ 159 #endif /* OPENSSL_NO_TLSEXT */ 160 #include <openssl/md5.h> 161 #ifndef OPENSSL_NO_DH 162 #include <openssl/dh.h> 163 #endif 164 165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT; 166 167 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) 168 169 /* list of available SSLv3 ciphers (sorted by id) */ 170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 171 172 /* The RSA ciphers */ 173 /* Cipher 01 */ 174 { 175 1, 176 SSL3_TXT_RSA_NULL_MD5, 177 SSL3_CK_RSA_NULL_MD5, 178 SSL_kRSA, 179 SSL_aRSA, 180 SSL_eNULL, 181 SSL_MD5, 182 SSL_SSLV3, 183 SSL_NOT_EXP|SSL_STRONG_NONE, 184 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 185 0, 186 0, 187 }, 188 189 /* Cipher 02 */ 190 { 191 1, 192 SSL3_TXT_RSA_NULL_SHA, 193 SSL3_CK_RSA_NULL_SHA, 194 SSL_kRSA, 195 SSL_aRSA, 196 SSL_eNULL, 197 SSL_SHA1, 198 SSL_SSLV3, 199 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 200 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 201 0, 202 0, 203 }, 204 205 /* Cipher 03 */ 206 { 207 1, 208 SSL3_TXT_RSA_RC4_40_MD5, 209 SSL3_CK_RSA_RC4_40_MD5, 210 SSL_kRSA, 211 SSL_aRSA, 212 SSL_RC4, 213 SSL_MD5, 214 SSL_SSLV3, 215 SSL_EXPORT|SSL_EXP40, 216 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 217 40, 218 128, 219 }, 220 221 /* Cipher 04 */ 222 { 223 1, 224 SSL3_TXT_RSA_RC4_128_MD5, 225 SSL3_CK_RSA_RC4_128_MD5, 226 SSL_kRSA, 227 SSL_aRSA, 228 SSL_RC4, 229 SSL_MD5, 230 SSL_SSLV3, 231 SSL_NOT_EXP|SSL_MEDIUM, 232 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 233 128, 234 128, 235 }, 236 237 /* Cipher 05 */ 238 { 239 1, 240 SSL3_TXT_RSA_RC4_128_SHA, 241 SSL3_CK_RSA_RC4_128_SHA, 242 SSL_kRSA, 243 SSL_aRSA, 244 SSL_RC4, 245 SSL_SHA1, 246 SSL_SSLV3, 247 SSL_NOT_EXP|SSL_MEDIUM, 248 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 249 128, 250 128, 251 }, 252 253 /* Cipher 06 */ 254 { 255 1, 256 SSL3_TXT_RSA_RC2_40_MD5, 257 SSL3_CK_RSA_RC2_40_MD5, 258 SSL_kRSA, 259 SSL_aRSA, 260 SSL_RC2, 261 SSL_MD5, 262 SSL_SSLV3, 263 SSL_EXPORT|SSL_EXP40, 264 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 265 40, 266 128, 267 }, 268 269 /* Cipher 07 */ 270 #ifndef OPENSSL_NO_IDEA 271 { 272 1, 273 SSL3_TXT_RSA_IDEA_128_SHA, 274 SSL3_CK_RSA_IDEA_128_SHA, 275 SSL_kRSA, 276 SSL_aRSA, 277 SSL_IDEA, 278 SSL_SHA1, 279 SSL_SSLV3, 280 SSL_NOT_EXP|SSL_MEDIUM, 281 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 282 128, 283 128, 284 }, 285 #endif 286 287 /* Cipher 08 */ 288 { 289 1, 290 SSL3_TXT_RSA_DES_40_CBC_SHA, 291 SSL3_CK_RSA_DES_40_CBC_SHA, 292 SSL_kRSA, 293 SSL_aRSA, 294 SSL_DES, 295 SSL_SHA1, 296 SSL_SSLV3, 297 SSL_EXPORT|SSL_EXP40, 298 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 299 40, 300 56, 301 }, 302 303 /* Cipher 09 */ 304 { 305 1, 306 SSL3_TXT_RSA_DES_64_CBC_SHA, 307 SSL3_CK_RSA_DES_64_CBC_SHA, 308 SSL_kRSA, 309 SSL_aRSA, 310 SSL_DES, 311 SSL_SHA1, 312 SSL_SSLV3, 313 SSL_NOT_EXP|SSL_LOW, 314 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 315 56, 316 56, 317 }, 318 319 /* Cipher 0A */ 320 { 321 1, 322 SSL3_TXT_RSA_DES_192_CBC3_SHA, 323 SSL3_CK_RSA_DES_192_CBC3_SHA, 324 SSL_kRSA, 325 SSL_aRSA, 326 SSL_3DES, 327 SSL_SHA1, 328 SSL_SSLV3, 329 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 330 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 331 168, 332 168, 333 }, 334 335 /* The DH ciphers */ 336 /* Cipher 0B */ 337 { 338 0, 339 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 340 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 341 SSL_kDHd, 342 SSL_aDH, 343 SSL_DES, 344 SSL_SHA1, 345 SSL_SSLV3, 346 SSL_EXPORT|SSL_EXP40, 347 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 348 40, 349 56, 350 }, 351 352 /* Cipher 0C */ 353 { 354 0, /* not implemented (non-ephemeral DH) */ 355 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 356 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 357 SSL_kDHd, 358 SSL_aDH, 359 SSL_DES, 360 SSL_SHA1, 361 SSL_SSLV3, 362 SSL_NOT_EXP|SSL_LOW, 363 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 364 56, 365 56, 366 }, 367 368 /* Cipher 0D */ 369 { 370 0, /* not implemented (non-ephemeral DH) */ 371 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 372 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 373 SSL_kDHd, 374 SSL_aDH, 375 SSL_3DES, 376 SSL_SHA1, 377 SSL_SSLV3, 378 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 379 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 380 168, 381 168, 382 }, 383 384 /* Cipher 0E */ 385 { 386 0, /* not implemented (non-ephemeral DH) */ 387 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 388 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 389 SSL_kDHr, 390 SSL_aDH, 391 SSL_DES, 392 SSL_SHA1, 393 SSL_SSLV3, 394 SSL_EXPORT|SSL_EXP40, 395 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 396 40, 397 56, 398 }, 399 400 /* Cipher 0F */ 401 { 402 0, /* not implemented (non-ephemeral DH) */ 403 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 404 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 405 SSL_kDHr, 406 SSL_aDH, 407 SSL_DES, 408 SSL_SHA1, 409 SSL_SSLV3, 410 SSL_NOT_EXP|SSL_LOW, 411 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 412 56, 413 56, 414 }, 415 416 /* Cipher 10 */ 417 { 418 0, /* not implemented (non-ephemeral DH) */ 419 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 420 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 421 SSL_kDHr, 422 SSL_aDH, 423 SSL_3DES, 424 SSL_SHA1, 425 SSL_SSLV3, 426 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 427 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 428 168, 429 168, 430 }, 431 432 /* The Ephemeral DH ciphers */ 433 /* Cipher 11 */ 434 { 435 1, 436 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 437 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 438 SSL_kEDH, 439 SSL_aDSS, 440 SSL_DES, 441 SSL_SHA1, 442 SSL_SSLV3, 443 SSL_EXPORT|SSL_EXP40, 444 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 445 40, 446 56, 447 }, 448 449 /* Cipher 12 */ 450 { 451 1, 452 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 453 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 454 SSL_kEDH, 455 SSL_aDSS, 456 SSL_DES, 457 SSL_SHA1, 458 SSL_SSLV3, 459 SSL_NOT_EXP|SSL_LOW, 460 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 461 56, 462 56, 463 }, 464 465 /* Cipher 13 */ 466 { 467 1, 468 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 469 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 470 SSL_kEDH, 471 SSL_aDSS, 472 SSL_3DES, 473 SSL_SHA1, 474 SSL_SSLV3, 475 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 476 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 477 168, 478 168, 479 }, 480 481 /* Cipher 14 */ 482 { 483 1, 484 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 485 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 486 SSL_kEDH, 487 SSL_aRSA, 488 SSL_DES, 489 SSL_SHA1, 490 SSL_SSLV3, 491 SSL_EXPORT|SSL_EXP40, 492 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 493 40, 494 56, 495 }, 496 497 /* Cipher 15 */ 498 { 499 1, 500 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 501 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 502 SSL_kEDH, 503 SSL_aRSA, 504 SSL_DES, 505 SSL_SHA1, 506 SSL_SSLV3, 507 SSL_NOT_EXP|SSL_LOW, 508 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 509 56, 510 56, 511 }, 512 513 /* Cipher 16 */ 514 { 515 1, 516 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 517 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 518 SSL_kEDH, 519 SSL_aRSA, 520 SSL_3DES, 521 SSL_SHA1, 522 SSL_SSLV3, 523 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 524 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 525 168, 526 168, 527 }, 528 529 /* Cipher 17 */ 530 { 531 1, 532 SSL3_TXT_ADH_RC4_40_MD5, 533 SSL3_CK_ADH_RC4_40_MD5, 534 SSL_kEDH, 535 SSL_aNULL, 536 SSL_RC4, 537 SSL_MD5, 538 SSL_SSLV3, 539 SSL_EXPORT|SSL_EXP40, 540 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 541 40, 542 128, 543 }, 544 545 /* Cipher 18 */ 546 { 547 1, 548 SSL3_TXT_ADH_RC4_128_MD5, 549 SSL3_CK_ADH_RC4_128_MD5, 550 SSL_kEDH, 551 SSL_aNULL, 552 SSL_RC4, 553 SSL_MD5, 554 SSL_SSLV3, 555 SSL_NOT_EXP|SSL_MEDIUM, 556 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 557 128, 558 128, 559 }, 560 561 /* Cipher 19 */ 562 { 563 1, 564 SSL3_TXT_ADH_DES_40_CBC_SHA, 565 SSL3_CK_ADH_DES_40_CBC_SHA, 566 SSL_kEDH, 567 SSL_aNULL, 568 SSL_DES, 569 SSL_SHA1, 570 SSL_SSLV3, 571 SSL_EXPORT|SSL_EXP40, 572 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 573 40, 574 128, 575 }, 576 577 /* Cipher 1A */ 578 { 579 1, 580 SSL3_TXT_ADH_DES_64_CBC_SHA, 581 SSL3_CK_ADH_DES_64_CBC_SHA, 582 SSL_kEDH, 583 SSL_aNULL, 584 SSL_DES, 585 SSL_SHA1, 586 SSL_SSLV3, 587 SSL_NOT_EXP|SSL_LOW, 588 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 589 56, 590 56, 591 }, 592 593 /* Cipher 1B */ 594 { 595 1, 596 SSL3_TXT_ADH_DES_192_CBC_SHA, 597 SSL3_CK_ADH_DES_192_CBC_SHA, 598 SSL_kEDH, 599 SSL_aNULL, 600 SSL_3DES, 601 SSL_SHA1, 602 SSL_SSLV3, 603 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 604 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 605 168, 606 168, 607 }, 608 609 /* Fortezza ciphersuite from SSL 3.0 spec */ 610 #if 0 611 /* Cipher 1C */ 612 { 613 0, 614 SSL3_TXT_FZA_DMS_NULL_SHA, 615 SSL3_CK_FZA_DMS_NULL_SHA, 616 SSL_kFZA, 617 SSL_aFZA, 618 SSL_eNULL, 619 SSL_SHA1, 620 SSL_SSLV3, 621 SSL_NOT_EXP|SSL_STRONG_NONE, 622 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 623 0, 624 0, 625 }, 626 627 /* Cipher 1D */ 628 { 629 0, 630 SSL3_TXT_FZA_DMS_FZA_SHA, 631 SSL3_CK_FZA_DMS_FZA_SHA, 632 SSL_kFZA, 633 SSL_aFZA, 634 SSL_eFZA, 635 SSL_SHA1, 636 SSL_SSLV3, 637 SSL_NOT_EXP|SSL_STRONG_NONE, 638 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 639 0, 640 0, 641 }, 642 643 /* Cipher 1E */ 644 { 645 0, 646 SSL3_TXT_FZA_DMS_RC4_SHA, 647 SSL3_CK_FZA_DMS_RC4_SHA, 648 SSL_kFZA, 649 SSL_aFZA, 650 SSL_RC4, 651 SSL_SHA1, 652 SSL_SSLV3, 653 SSL_NOT_EXP|SSL_MEDIUM, 654 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 655 128, 656 128, 657 }, 658 #endif 659 660 #ifndef OPENSSL_NO_KRB5 661 /* The Kerberos ciphers*/ 662 /* Cipher 1E */ 663 { 664 1, 665 SSL3_TXT_KRB5_DES_64_CBC_SHA, 666 SSL3_CK_KRB5_DES_64_CBC_SHA, 667 SSL_kKRB5, 668 SSL_aKRB5, 669 SSL_DES, 670 SSL_SHA1, 671 SSL_SSLV3, 672 SSL_NOT_EXP|SSL_LOW, 673 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 674 56, 675 56, 676 }, 677 678 /* Cipher 1F */ 679 { 680 1, 681 SSL3_TXT_KRB5_DES_192_CBC3_SHA, 682 SSL3_CK_KRB5_DES_192_CBC3_SHA, 683 SSL_kKRB5, 684 SSL_aKRB5, 685 SSL_3DES, 686 SSL_SHA1, 687 SSL_SSLV3, 688 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 689 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 690 168, 691 168, 692 }, 693 694 /* Cipher 20 */ 695 { 696 1, 697 SSL3_TXT_KRB5_RC4_128_SHA, 698 SSL3_CK_KRB5_RC4_128_SHA, 699 SSL_kKRB5, 700 SSL_aKRB5, 701 SSL_RC4, 702 SSL_SHA1, 703 SSL_SSLV3, 704 SSL_NOT_EXP|SSL_MEDIUM, 705 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 706 128, 707 128, 708 }, 709 710 /* Cipher 21 */ 711 { 712 1, 713 SSL3_TXT_KRB5_IDEA_128_CBC_SHA, 714 SSL3_CK_KRB5_IDEA_128_CBC_SHA, 715 SSL_kKRB5, 716 SSL_aKRB5, 717 SSL_IDEA, 718 SSL_SHA1, 719 SSL_SSLV3, 720 SSL_NOT_EXP|SSL_MEDIUM, 721 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 722 128, 723 128, 724 }, 725 726 /* Cipher 22 */ 727 { 728 1, 729 SSL3_TXT_KRB5_DES_64_CBC_MD5, 730 SSL3_CK_KRB5_DES_64_CBC_MD5, 731 SSL_kKRB5, 732 SSL_aKRB5, 733 SSL_DES, 734 SSL_MD5, 735 SSL_SSLV3, 736 SSL_NOT_EXP|SSL_LOW, 737 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 738 56, 739 56, 740 }, 741 742 /* Cipher 23 */ 743 { 744 1, 745 SSL3_TXT_KRB5_DES_192_CBC3_MD5, 746 SSL3_CK_KRB5_DES_192_CBC3_MD5, 747 SSL_kKRB5, 748 SSL_aKRB5, 749 SSL_3DES, 750 SSL_MD5, 751 SSL_SSLV3, 752 SSL_NOT_EXP|SSL_HIGH, 753 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 754 168, 755 168, 756 }, 757 758 /* Cipher 24 */ 759 { 760 1, 761 SSL3_TXT_KRB5_RC4_128_MD5, 762 SSL3_CK_KRB5_RC4_128_MD5, 763 SSL_kKRB5, 764 SSL_aKRB5, 765 SSL_RC4, 766 SSL_MD5, 767 SSL_SSLV3, 768 SSL_NOT_EXP|SSL_MEDIUM, 769 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 770 128, 771 128, 772 }, 773 774 /* Cipher 25 */ 775 { 776 1, 777 SSL3_TXT_KRB5_IDEA_128_CBC_MD5, 778 SSL3_CK_KRB5_IDEA_128_CBC_MD5, 779 SSL_kKRB5, 780 SSL_aKRB5, 781 SSL_IDEA, 782 SSL_MD5, 783 SSL_SSLV3, 784 SSL_NOT_EXP|SSL_MEDIUM, 785 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 786 128, 787 128, 788 }, 789 790 /* Cipher 26 */ 791 { 792 1, 793 SSL3_TXT_KRB5_DES_40_CBC_SHA, 794 SSL3_CK_KRB5_DES_40_CBC_SHA, 795 SSL_kKRB5, 796 SSL_aKRB5, 797 SSL_DES, 798 SSL_SHA1, 799 SSL_SSLV3, 800 SSL_EXPORT|SSL_EXP40, 801 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 802 40, 803 56, 804 }, 805 806 /* Cipher 27 */ 807 { 808 1, 809 SSL3_TXT_KRB5_RC2_40_CBC_SHA, 810 SSL3_CK_KRB5_RC2_40_CBC_SHA, 811 SSL_kKRB5, 812 SSL_aKRB5, 813 SSL_RC2, 814 SSL_SHA1, 815 SSL_SSLV3, 816 SSL_EXPORT|SSL_EXP40, 817 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 818 40, 819 128, 820 }, 821 822 /* Cipher 28 */ 823 { 824 1, 825 SSL3_TXT_KRB5_RC4_40_SHA, 826 SSL3_CK_KRB5_RC4_40_SHA, 827 SSL_kKRB5, 828 SSL_aKRB5, 829 SSL_RC4, 830 SSL_SHA1, 831 SSL_SSLV3, 832 SSL_EXPORT|SSL_EXP40, 833 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 834 40, 835 128, 836 }, 837 838 /* Cipher 29 */ 839 { 840 1, 841 SSL3_TXT_KRB5_DES_40_CBC_MD5, 842 SSL3_CK_KRB5_DES_40_CBC_MD5, 843 SSL_kKRB5, 844 SSL_aKRB5, 845 SSL_DES, 846 SSL_MD5, 847 SSL_SSLV3, 848 SSL_EXPORT|SSL_EXP40, 849 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 850 40, 851 56, 852 }, 853 854 /* Cipher 2A */ 855 { 856 1, 857 SSL3_TXT_KRB5_RC2_40_CBC_MD5, 858 SSL3_CK_KRB5_RC2_40_CBC_MD5, 859 SSL_kKRB5, 860 SSL_aKRB5, 861 SSL_RC2, 862 SSL_MD5, 863 SSL_SSLV3, 864 SSL_EXPORT|SSL_EXP40, 865 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 866 40, 867 128, 868 }, 869 870 /* Cipher 2B */ 871 { 872 1, 873 SSL3_TXT_KRB5_RC4_40_MD5, 874 SSL3_CK_KRB5_RC4_40_MD5, 875 SSL_kKRB5, 876 SSL_aKRB5, 877 SSL_RC4, 878 SSL_MD5, 879 SSL_SSLV3, 880 SSL_EXPORT|SSL_EXP40, 881 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 882 40, 883 128, 884 }, 885 #endif /* OPENSSL_NO_KRB5 */ 886 887 /* New AES ciphersuites */ 888 /* Cipher 2F */ 889 { 890 1, 891 TLS1_TXT_RSA_WITH_AES_128_SHA, 892 TLS1_CK_RSA_WITH_AES_128_SHA, 893 SSL_kRSA, 894 SSL_aRSA, 895 SSL_AES128, 896 SSL_SHA1, 897 SSL_TLSV1, 898 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 899 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 900 128, 901 128, 902 }, 903 /* Cipher 30 */ 904 { 905 0, 906 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 907 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 908 SSL_kDHd, 909 SSL_aDH, 910 SSL_AES128, 911 SSL_SHA1, 912 SSL_TLSV1, 913 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 914 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 915 128, 916 128, 917 }, 918 /* Cipher 31 */ 919 { 920 0, 921 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 922 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 923 SSL_kDHr, 924 SSL_aDH, 925 SSL_AES128, 926 SSL_SHA1, 927 SSL_TLSV1, 928 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 929 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 930 128, 931 128, 932 }, 933 /* Cipher 32 */ 934 { 935 1, 936 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 937 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 938 SSL_kEDH, 939 SSL_aDSS, 940 SSL_AES128, 941 SSL_SHA1, 942 SSL_TLSV1, 943 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 944 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 945 128, 946 128, 947 }, 948 /* Cipher 33 */ 949 { 950 1, 951 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 952 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 953 SSL_kEDH, 954 SSL_aRSA, 955 SSL_AES128, 956 SSL_SHA1, 957 SSL_TLSV1, 958 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 959 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 960 128, 961 128, 962 }, 963 /* Cipher 34 */ 964 { 965 1, 966 TLS1_TXT_ADH_WITH_AES_128_SHA, 967 TLS1_CK_ADH_WITH_AES_128_SHA, 968 SSL_kEDH, 969 SSL_aNULL, 970 SSL_AES128, 971 SSL_SHA1, 972 SSL_TLSV1, 973 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 974 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 975 128, 976 128, 977 }, 978 979 /* Cipher 35 */ 980 { 981 1, 982 TLS1_TXT_RSA_WITH_AES_256_SHA, 983 TLS1_CK_RSA_WITH_AES_256_SHA, 984 SSL_kRSA, 985 SSL_aRSA, 986 SSL_AES256, 987 SSL_SHA1, 988 SSL_TLSV1, 989 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 990 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 991 256, 992 256, 993 }, 994 /* Cipher 36 */ 995 { 996 0, 997 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 998 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 999 SSL_kDHd, 1000 SSL_aDH, 1001 SSL_AES256, 1002 SSL_SHA1, 1003 SSL_TLSV1, 1004 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1005 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1006 256, 1007 256, 1008 }, 1009 1010 /* Cipher 37 */ 1011 { 1012 0, /* not implemented (non-ephemeral DH) */ 1013 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 1014 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 1015 SSL_kDHr, 1016 SSL_aDH, 1017 SSL_AES256, 1018 SSL_SHA1, 1019 SSL_TLSV1, 1020 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1021 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1022 256, 1023 256, 1024 }, 1025 1026 /* Cipher 38 */ 1027 { 1028 1, 1029 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 1030 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 1031 SSL_kEDH, 1032 SSL_aDSS, 1033 SSL_AES256, 1034 SSL_SHA1, 1035 SSL_TLSV1, 1036 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1037 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1038 256, 1039 256, 1040 }, 1041 1042 /* Cipher 39 */ 1043 { 1044 1, 1045 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 1046 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 1047 SSL_kEDH, 1048 SSL_aRSA, 1049 SSL_AES256, 1050 SSL_SHA1, 1051 SSL_TLSV1, 1052 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1053 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1054 256, 1055 256, 1056 }, 1057 1058 /* Cipher 3A */ 1059 { 1060 1, 1061 TLS1_TXT_ADH_WITH_AES_256_SHA, 1062 TLS1_CK_ADH_WITH_AES_256_SHA, 1063 SSL_kEDH, 1064 SSL_aNULL, 1065 SSL_AES256, 1066 SSL_SHA1, 1067 SSL_TLSV1, 1068 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1069 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1070 256, 1071 256, 1072 }, 1073 1074 #ifndef OPENSSL_NO_CAMELLIA 1075 /* Camellia ciphersuites from RFC4132 (128-bit portion) */ 1076 1077 /* Cipher 41 */ 1078 { 1079 1, 1080 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 1081 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 1082 SSL_kRSA, 1083 SSL_aRSA, 1084 SSL_CAMELLIA128, 1085 SSL_SHA1, 1086 SSL_TLSV1, 1087 SSL_NOT_EXP|SSL_HIGH, 1088 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1089 128, 1090 128, 1091 }, 1092 1093 /* Cipher 42 */ 1094 { 1095 0, /* not implemented (non-ephemeral DH) */ 1096 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1097 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1098 SSL_kDHd, 1099 SSL_aDH, 1100 SSL_CAMELLIA128, 1101 SSL_SHA1, 1102 SSL_TLSV1, 1103 SSL_NOT_EXP|SSL_HIGH, 1104 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1105 128, 1106 128, 1107 }, 1108 1109 /* Cipher 43 */ 1110 { 1111 0, /* not implemented (non-ephemeral DH) */ 1112 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1113 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1114 SSL_kDHr, 1115 SSL_aDH, 1116 SSL_CAMELLIA128, 1117 SSL_SHA1, 1118 SSL_TLSV1, 1119 SSL_NOT_EXP|SSL_HIGH, 1120 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1121 128, 1122 128, 1123 }, 1124 1125 /* Cipher 44 */ 1126 { 1127 1, 1128 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1129 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1130 SSL_kEDH, 1131 SSL_aDSS, 1132 SSL_CAMELLIA128, 1133 SSL_SHA1, 1134 SSL_TLSV1, 1135 SSL_NOT_EXP|SSL_HIGH, 1136 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1137 128, 1138 128, 1139 }, 1140 1141 /* Cipher 45 */ 1142 { 1143 1, 1144 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1145 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1146 SSL_kEDH, 1147 SSL_aRSA, 1148 SSL_CAMELLIA128, 1149 SSL_SHA1, 1150 SSL_TLSV1, 1151 SSL_NOT_EXP|SSL_HIGH, 1152 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1153 128, 1154 128, 1155 }, 1156 1157 /* Cipher 46 */ 1158 { 1159 1, 1160 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 1161 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 1162 SSL_kEDH, 1163 SSL_aNULL, 1164 SSL_CAMELLIA128, 1165 SSL_SHA1, 1166 SSL_TLSV1, 1167 SSL_NOT_EXP|SSL_HIGH, 1168 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1169 128, 1170 128, 1171 }, 1172 #endif /* OPENSSL_NO_CAMELLIA */ 1173 1174 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1175 /* New TLS Export CipherSuites from expired ID */ 1176 #if 0 1177 /* Cipher 60 */ 1178 { 1179 1, 1180 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5, 1181 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5, 1182 SSL_kRSA, 1183 SSL_aRSA, 1184 SSL_RC4, 1185 SSL_MD5, 1186 SSL_TLSV1, 1187 SSL_EXPORT|SSL_EXP56, 1188 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1189 56, 1190 128, 1191 }, 1192 1193 /* Cipher 61 */ 1194 { 1195 1, 1196 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1197 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1198 SSL_kRSA, 1199 SSL_aRSA, 1200 SSL_RC2, 1201 SSL_MD5, 1202 SSL_TLSV1, 1203 SSL_EXPORT|SSL_EXP56, 1204 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1205 56, 1206 128, 1207 }, 1208 #endif 1209 1210 /* Cipher 62 */ 1211 { 1212 1, 1213 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1214 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1215 SSL_kRSA, 1216 SSL_aRSA, 1217 SSL_DES, 1218 SSL_SHA1, 1219 SSL_TLSV1, 1220 SSL_EXPORT|SSL_EXP56, 1221 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1222 56, 1223 56, 1224 }, 1225 1226 /* Cipher 63 */ 1227 { 1228 1, 1229 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1230 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1231 SSL_kEDH, 1232 SSL_aDSS, 1233 SSL_DES, 1234 SSL_SHA1, 1235 SSL_TLSV1, 1236 SSL_EXPORT|SSL_EXP56, 1237 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1238 56, 1239 56, 1240 }, 1241 1242 /* Cipher 64 */ 1243 { 1244 1, 1245 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, 1246 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA, 1247 SSL_kRSA, 1248 SSL_aRSA, 1249 SSL_RC4, 1250 SSL_SHA1, 1251 SSL_TLSV1, 1252 SSL_EXPORT|SSL_EXP56, 1253 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1254 56, 1255 128, 1256 }, 1257 1258 /* Cipher 65 */ 1259 { 1260 1, 1261 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1262 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1263 SSL_kEDH, 1264 SSL_aDSS, 1265 SSL_RC4, 1266 SSL_SHA1, 1267 SSL_TLSV1, 1268 SSL_EXPORT|SSL_EXP56, 1269 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1270 56, 1271 128, 1272 }, 1273 1274 /* Cipher 66 */ 1275 { 1276 1, 1277 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 1278 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 1279 SSL_kEDH, 1280 SSL_aDSS, 1281 SSL_RC4, 1282 SSL_SHA1, 1283 SSL_TLSV1, 1284 SSL_NOT_EXP|SSL_MEDIUM, 1285 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1286 128, 1287 128, 1288 }, 1289 #endif 1290 { 1291 1, 1292 "GOST94-GOST89-GOST89", 1293 0x3000080, 1294 SSL_kGOST, 1295 SSL_aGOST94, 1296 SSL_eGOST2814789CNT, 1297 SSL_GOST89MAC, 1298 SSL_TLSV1, 1299 SSL_NOT_EXP|SSL_HIGH, 1300 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1301 256, 1302 256 1303 }, 1304 { 1305 1, 1306 "GOST2001-GOST89-GOST89", 1307 0x3000081, 1308 SSL_kGOST, 1309 SSL_aGOST01, 1310 SSL_eGOST2814789CNT, 1311 SSL_GOST89MAC, 1312 SSL_TLSV1, 1313 SSL_NOT_EXP|SSL_HIGH, 1314 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1315 256, 1316 256 1317 }, 1318 { 1319 1, 1320 "GOST94-NULL-GOST94", 1321 0x3000082, 1322 SSL_kGOST, 1323 SSL_aGOST94, 1324 SSL_eNULL, 1325 SSL_GOST94, 1326 SSL_TLSV1, 1327 SSL_NOT_EXP|SSL_STRONG_NONE, 1328 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1329 0, 1330 0 1331 }, 1332 { 1333 1, 1334 "GOST2001-NULL-GOST94", 1335 0x3000083, 1336 SSL_kGOST, 1337 SSL_aGOST01, 1338 SSL_eNULL, 1339 SSL_GOST94, 1340 SSL_TLSV1, 1341 SSL_NOT_EXP|SSL_STRONG_NONE, 1342 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1343 0, 1344 0 1345 }, 1346 1347 #ifndef OPENSSL_NO_CAMELLIA 1348 /* Camellia ciphersuites from RFC4132 (256-bit portion) */ 1349 1350 /* Cipher 84 */ 1351 { 1352 1, 1353 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1354 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1355 SSL_kRSA, 1356 SSL_aRSA, 1357 SSL_CAMELLIA256, 1358 SSL_SHA1, 1359 SSL_TLSV1, 1360 SSL_NOT_EXP|SSL_HIGH, 1361 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1362 256, 1363 256, 1364 }, 1365 /* Cipher 85 */ 1366 { 1367 0, /* not implemented (non-ephemeral DH) */ 1368 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1369 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1370 SSL_kDHd, 1371 SSL_aDH, 1372 SSL_CAMELLIA256, 1373 SSL_SHA1, 1374 SSL_TLSV1, 1375 SSL_NOT_EXP|SSL_HIGH, 1376 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1377 256, 1378 256, 1379 }, 1380 1381 /* Cipher 86 */ 1382 { 1383 0, /* not implemented (non-ephemeral DH) */ 1384 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1385 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1386 SSL_kDHr, 1387 SSL_aDH, 1388 SSL_CAMELLIA256, 1389 SSL_SHA1, 1390 SSL_TLSV1, 1391 SSL_NOT_EXP|SSL_HIGH, 1392 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1393 256, 1394 256, 1395 }, 1396 1397 /* Cipher 87 */ 1398 { 1399 1, 1400 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1401 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1402 SSL_kEDH, 1403 SSL_aDSS, 1404 SSL_CAMELLIA256, 1405 SSL_SHA1, 1406 SSL_TLSV1, 1407 SSL_NOT_EXP|SSL_HIGH, 1408 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1409 256, 1410 256, 1411 }, 1412 1413 /* Cipher 88 */ 1414 { 1415 1, 1416 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1417 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1418 SSL_kEDH, 1419 SSL_aRSA, 1420 SSL_CAMELLIA256, 1421 SSL_SHA1, 1422 SSL_TLSV1, 1423 SSL_NOT_EXP|SSL_HIGH, 1424 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1425 256, 1426 256, 1427 }, 1428 1429 /* Cipher 89 */ 1430 { 1431 1, 1432 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1433 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1434 SSL_kEDH, 1435 SSL_aNULL, 1436 SSL_CAMELLIA256, 1437 SSL_SHA1, 1438 SSL_TLSV1, 1439 SSL_NOT_EXP|SSL_HIGH, 1440 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1441 256, 1442 256, 1443 }, 1444 #endif /* OPENSSL_NO_CAMELLIA */ 1445 1446 #ifndef OPENSSL_NO_PSK 1447 /* Cipher 8A */ 1448 { 1449 1, 1450 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1451 TLS1_CK_PSK_WITH_RC4_128_SHA, 1452 SSL_kPSK, 1453 SSL_aPSK, 1454 SSL_RC4, 1455 SSL_SHA1, 1456 SSL_TLSV1, 1457 SSL_NOT_EXP|SSL_MEDIUM, 1458 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1459 128, 1460 128, 1461 }, 1462 1463 /* Cipher 8B */ 1464 { 1465 1, 1466 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1467 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1468 SSL_kPSK, 1469 SSL_aPSK, 1470 SSL_3DES, 1471 SSL_SHA1, 1472 SSL_TLSV1, 1473 SSL_NOT_EXP|SSL_HIGH, 1474 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1475 168, 1476 168, 1477 }, 1478 1479 /* Cipher 8C */ 1480 { 1481 1, 1482 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1483 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1484 SSL_kPSK, 1485 SSL_aPSK, 1486 SSL_AES128, 1487 SSL_SHA1, 1488 SSL_TLSV1, 1489 SSL_NOT_EXP|SSL_HIGH, 1490 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1491 128, 1492 128, 1493 }, 1494 1495 /* Cipher 8D */ 1496 { 1497 1, 1498 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1499 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1500 SSL_kPSK, 1501 SSL_aPSK, 1502 SSL_AES256, 1503 SSL_SHA1, 1504 SSL_TLSV1, 1505 SSL_NOT_EXP|SSL_HIGH, 1506 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1507 256, 1508 256, 1509 }, 1510 #endif /* OPENSSL_NO_PSK */ 1511 1512 #ifndef OPENSSL_NO_SEED 1513 /* SEED ciphersuites from RFC4162 */ 1514 1515 /* Cipher 96 */ 1516 { 1517 1, 1518 TLS1_TXT_RSA_WITH_SEED_SHA, 1519 TLS1_CK_RSA_WITH_SEED_SHA, 1520 SSL_kRSA, 1521 SSL_aRSA, 1522 SSL_SEED, 1523 SSL_SHA1, 1524 SSL_TLSV1, 1525 SSL_NOT_EXP|SSL_MEDIUM, 1526 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1527 128, 1528 128, 1529 }, 1530 1531 /* Cipher 97 */ 1532 { 1533 0, /* not implemented (non-ephemeral DH) */ 1534 TLS1_TXT_DH_DSS_WITH_SEED_SHA, 1535 TLS1_CK_DH_DSS_WITH_SEED_SHA, 1536 SSL_kDHd, 1537 SSL_aDH, 1538 SSL_SEED, 1539 SSL_SHA1, 1540 SSL_TLSV1, 1541 SSL_NOT_EXP|SSL_MEDIUM, 1542 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1543 128, 1544 128, 1545 }, 1546 1547 /* Cipher 98 */ 1548 { 1549 0, /* not implemented (non-ephemeral DH) */ 1550 TLS1_TXT_DH_RSA_WITH_SEED_SHA, 1551 TLS1_CK_DH_RSA_WITH_SEED_SHA, 1552 SSL_kDHr, 1553 SSL_aDH, 1554 SSL_SEED, 1555 SSL_SHA1, 1556 SSL_TLSV1, 1557 SSL_NOT_EXP|SSL_MEDIUM, 1558 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1559 128, 1560 128, 1561 }, 1562 1563 /* Cipher 99 */ 1564 { 1565 1, 1566 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 1567 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 1568 SSL_kEDH, 1569 SSL_aDSS, 1570 SSL_SEED, 1571 SSL_SHA1, 1572 SSL_TLSV1, 1573 SSL_NOT_EXP|SSL_MEDIUM, 1574 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1575 128, 1576 128, 1577 }, 1578 1579 /* Cipher 9A */ 1580 { 1581 1, 1582 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 1583 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 1584 SSL_kEDH, 1585 SSL_aRSA, 1586 SSL_SEED, 1587 SSL_SHA1, 1588 SSL_TLSV1, 1589 SSL_NOT_EXP|SSL_MEDIUM, 1590 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1591 128, 1592 128, 1593 }, 1594 1595 /* Cipher 9B */ 1596 { 1597 1, 1598 TLS1_TXT_ADH_WITH_SEED_SHA, 1599 TLS1_CK_ADH_WITH_SEED_SHA, 1600 SSL_kEDH, 1601 SSL_aNULL, 1602 SSL_SEED, 1603 SSL_SHA1, 1604 SSL_TLSV1, 1605 SSL_NOT_EXP|SSL_MEDIUM, 1606 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1607 128, 1608 128, 1609 }, 1610 1611 #endif /* OPENSSL_NO_SEED */ 1612 1613 #ifndef OPENSSL_NO_ECDH 1614 /* Cipher C001 */ 1615 { 1616 1, 1617 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 1618 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 1619 SSL_kECDHe, 1620 SSL_aECDH, 1621 SSL_eNULL, 1622 SSL_SHA1, 1623 SSL_TLSV1, 1624 SSL_NOT_EXP|SSL_STRONG_NONE, 1625 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1626 0, 1627 0, 1628 }, 1629 1630 /* Cipher C002 */ 1631 { 1632 1, 1633 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 1634 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 1635 SSL_kECDHe, 1636 SSL_aECDH, 1637 SSL_RC4, 1638 SSL_SHA1, 1639 SSL_TLSV1, 1640 SSL_NOT_EXP|SSL_MEDIUM, 1641 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1642 128, 1643 128, 1644 }, 1645 1646 /* Cipher C003 */ 1647 { 1648 1, 1649 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 1650 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 1651 SSL_kECDHe, 1652 SSL_aECDH, 1653 SSL_3DES, 1654 SSL_SHA1, 1655 SSL_TLSV1, 1656 SSL_NOT_EXP|SSL_HIGH, 1657 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1658 168, 1659 168, 1660 }, 1661 1662 /* Cipher C004 */ 1663 { 1664 1, 1665 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 1666 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 1667 SSL_kECDHe, 1668 SSL_aECDH, 1669 SSL_AES128, 1670 SSL_SHA1, 1671 SSL_TLSV1, 1672 SSL_NOT_EXP|SSL_HIGH, 1673 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1674 128, 1675 128, 1676 }, 1677 1678 /* Cipher C005 */ 1679 { 1680 1, 1681 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 1682 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 1683 SSL_kECDHe, 1684 SSL_aECDH, 1685 SSL_AES256, 1686 SSL_SHA1, 1687 SSL_TLSV1, 1688 SSL_NOT_EXP|SSL_HIGH, 1689 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1690 256, 1691 256, 1692 }, 1693 1694 /* Cipher C006 */ 1695 { 1696 1, 1697 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 1698 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 1699 SSL_kEECDH, 1700 SSL_aECDSA, 1701 SSL_eNULL, 1702 SSL_SHA1, 1703 SSL_TLSV1, 1704 SSL_NOT_EXP|SSL_STRONG_NONE, 1705 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1706 0, 1707 0, 1708 }, 1709 1710 /* Cipher C007 */ 1711 { 1712 1, 1713 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 1714 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 1715 SSL_kEECDH, 1716 SSL_aECDSA, 1717 SSL_RC4, 1718 SSL_SHA1, 1719 SSL_TLSV1, 1720 SSL_NOT_EXP|SSL_MEDIUM, 1721 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1722 128, 1723 128, 1724 }, 1725 1726 /* Cipher C008 */ 1727 { 1728 1, 1729 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 1730 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 1731 SSL_kEECDH, 1732 SSL_aECDSA, 1733 SSL_3DES, 1734 SSL_SHA1, 1735 SSL_TLSV1, 1736 SSL_NOT_EXP|SSL_HIGH, 1737 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1738 168, 1739 168, 1740 }, 1741 1742 /* Cipher C009 */ 1743 { 1744 1, 1745 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 1746 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 1747 SSL_kEECDH, 1748 SSL_aECDSA, 1749 SSL_AES128, 1750 SSL_SHA1, 1751 SSL_TLSV1, 1752 SSL_NOT_EXP|SSL_HIGH, 1753 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1754 128, 1755 128, 1756 }, 1757 1758 /* Cipher C00A */ 1759 { 1760 1, 1761 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 1762 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 1763 SSL_kEECDH, 1764 SSL_aECDSA, 1765 SSL_AES256, 1766 SSL_SHA1, 1767 SSL_TLSV1, 1768 SSL_NOT_EXP|SSL_HIGH, 1769 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1770 256, 1771 256, 1772 }, 1773 1774 /* Cipher C00B */ 1775 { 1776 1, 1777 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 1778 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 1779 SSL_kECDHr, 1780 SSL_aECDH, 1781 SSL_eNULL, 1782 SSL_SHA1, 1783 SSL_TLSV1, 1784 SSL_NOT_EXP|SSL_STRONG_NONE, 1785 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1786 0, 1787 0, 1788 }, 1789 1790 /* Cipher C00C */ 1791 { 1792 1, 1793 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 1794 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 1795 SSL_kECDHr, 1796 SSL_aECDH, 1797 SSL_RC4, 1798 SSL_SHA1, 1799 SSL_TLSV1, 1800 SSL_NOT_EXP|SSL_MEDIUM, 1801 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1802 128, 1803 128, 1804 }, 1805 1806 /* Cipher C00D */ 1807 { 1808 1, 1809 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 1810 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 1811 SSL_kECDHr, 1812 SSL_aECDH, 1813 SSL_3DES, 1814 SSL_SHA1, 1815 SSL_TLSV1, 1816 SSL_NOT_EXP|SSL_HIGH, 1817 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1818 168, 1819 168, 1820 }, 1821 1822 /* Cipher C00E */ 1823 { 1824 1, 1825 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 1826 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 1827 SSL_kECDHr, 1828 SSL_aECDH, 1829 SSL_AES128, 1830 SSL_SHA1, 1831 SSL_TLSV1, 1832 SSL_NOT_EXP|SSL_HIGH, 1833 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1834 128, 1835 128, 1836 }, 1837 1838 /* Cipher C00F */ 1839 { 1840 1, 1841 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 1842 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 1843 SSL_kECDHr, 1844 SSL_aECDH, 1845 SSL_AES256, 1846 SSL_SHA1, 1847 SSL_TLSV1, 1848 SSL_NOT_EXP|SSL_HIGH, 1849 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1850 256, 1851 256, 1852 }, 1853 1854 /* Cipher C010 */ 1855 { 1856 1, 1857 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 1858 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 1859 SSL_kEECDH, 1860 SSL_aRSA, 1861 SSL_eNULL, 1862 SSL_SHA1, 1863 SSL_TLSV1, 1864 SSL_NOT_EXP|SSL_STRONG_NONE, 1865 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1866 0, 1867 0, 1868 }, 1869 1870 /* Cipher C011 */ 1871 { 1872 1, 1873 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 1874 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 1875 SSL_kEECDH, 1876 SSL_aRSA, 1877 SSL_RC4, 1878 SSL_SHA1, 1879 SSL_TLSV1, 1880 SSL_NOT_EXP|SSL_MEDIUM, 1881 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1882 128, 1883 128, 1884 }, 1885 1886 /* Cipher C012 */ 1887 { 1888 1, 1889 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 1890 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 1891 SSL_kEECDH, 1892 SSL_aRSA, 1893 SSL_3DES, 1894 SSL_SHA1, 1895 SSL_TLSV1, 1896 SSL_NOT_EXP|SSL_HIGH, 1897 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1898 168, 1899 168, 1900 }, 1901 1902 /* Cipher C013 */ 1903 { 1904 1, 1905 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 1906 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 1907 SSL_kEECDH, 1908 SSL_aRSA, 1909 SSL_AES128, 1910 SSL_SHA1, 1911 SSL_TLSV1, 1912 SSL_NOT_EXP|SSL_HIGH, 1913 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1914 128, 1915 128, 1916 }, 1917 1918 /* Cipher C014 */ 1919 { 1920 1, 1921 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 1922 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 1923 SSL_kEECDH, 1924 SSL_aRSA, 1925 SSL_AES256, 1926 SSL_SHA1, 1927 SSL_TLSV1, 1928 SSL_NOT_EXP|SSL_HIGH, 1929 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1930 256, 1931 256, 1932 }, 1933 1934 /* Cipher C015 */ 1935 { 1936 1, 1937 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 1938 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 1939 SSL_kEECDH, 1940 SSL_aNULL, 1941 SSL_eNULL, 1942 SSL_SHA1, 1943 SSL_TLSV1, 1944 SSL_NOT_EXP|SSL_STRONG_NONE, 1945 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1946 0, 1947 0, 1948 }, 1949 1950 /* Cipher C016 */ 1951 { 1952 1, 1953 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 1954 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 1955 SSL_kEECDH, 1956 SSL_aNULL, 1957 SSL_RC4, 1958 SSL_SHA1, 1959 SSL_TLSV1, 1960 SSL_NOT_EXP|SSL_MEDIUM, 1961 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1962 128, 1963 128, 1964 }, 1965 1966 /* Cipher C017 */ 1967 { 1968 1, 1969 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 1970 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 1971 SSL_kEECDH, 1972 SSL_aNULL, 1973 SSL_3DES, 1974 SSL_SHA1, 1975 SSL_TLSV1, 1976 SSL_NOT_EXP|SSL_HIGH, 1977 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1978 168, 1979 168, 1980 }, 1981 1982 /* Cipher C018 */ 1983 { 1984 1, 1985 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 1986 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 1987 SSL_kEECDH, 1988 SSL_aNULL, 1989 SSL_AES128, 1990 SSL_SHA1, 1991 SSL_TLSV1, 1992 SSL_NOT_EXP|SSL_HIGH, 1993 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1994 128, 1995 128, 1996 }, 1997 1998 /* Cipher C019 */ 1999 { 2000 1, 2001 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 2002 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 2003 SSL_kEECDH, 2004 SSL_aNULL, 2005 SSL_AES256, 2006 SSL_SHA1, 2007 SSL_TLSV1, 2008 SSL_NOT_EXP|SSL_HIGH, 2009 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2010 256, 2011 256, 2012 }, 2013 #endif /* OPENSSL_NO_ECDH */ 2014 2015 #ifdef TEMP_GOST_TLS 2016 /* Cipher FF00 */ 2017 { 2018 1, 2019 "GOST-MD5", 2020 0x0300ff00, 2021 SSL_kRSA, 2022 SSL_aRSA, 2023 SSL_eGOST2814789CNT, 2024 SSL_MD5, 2025 SSL_TLSV1, 2026 SSL_NOT_EXP|SSL_HIGH, 2027 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2028 256, 2029 256, 2030 }, 2031 { 2032 1, 2033 "GOST-GOST94", 2034 0x0300ff01, 2035 SSL_kRSA, 2036 SSL_aRSA, 2037 SSL_eGOST2814789CNT, 2038 SSL_GOST94, 2039 SSL_TLSV1, 2040 SSL_NOT_EXP|SSL_HIGH, 2041 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2042 256, 2043 256 2044 }, 2045 { 2046 1, 2047 "GOST-GOST89MAC", 2048 0x0300ff02, 2049 SSL_kRSA, 2050 SSL_aRSA, 2051 SSL_eGOST2814789CNT, 2052 SSL_GOST89MAC, 2053 SSL_TLSV1, 2054 SSL_NOT_EXP|SSL_HIGH, 2055 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2056 256, 2057 256 2058 }, 2059 { 2060 1, 2061 "GOST-GOST89STREAM", 2062 0x0300ff03, 2063 SSL_kRSA, 2064 SSL_aRSA, 2065 SSL_eGOST2814789CNT, 2066 SSL_GOST89MAC, 2067 SSL_TLSV1, 2068 SSL_NOT_EXP|SSL_HIGH, 2069 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC, 2070 256, 2071 256 2072 }, 2073 #endif 2074 2075 /* end of list */ 2076 }; 2077 2078 SSL3_ENC_METHOD SSLv3_enc_data={ 2079 ssl3_enc, 2080 n_ssl3_mac, 2081 ssl3_setup_key_block, 2082 ssl3_generate_master_secret, 2083 ssl3_change_cipher_state, 2084 ssl3_final_finish_mac, 2085 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, 2086 ssl3_cert_verify_mac, 2087 SSL3_MD_CLIENT_FINISHED_CONST,4, 2088 SSL3_MD_SERVER_FINISHED_CONST,4, 2089 ssl3_alert_code, 2090 }; 2091 2092 long ssl3_default_timeout(void) 2093 { 2094 /* 2 hours, the 24 hours mentioned in the SSLv3 spec 2095 * is way too long for http, the cache would over fill */ 2096 return(60*60*2); 2097 } 2098 2099 int ssl3_num_ciphers(void) 2100 { 2101 return(SSL3_NUM_CIPHERS); 2102 } 2103 2104 const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 2105 { 2106 if (u < SSL3_NUM_CIPHERS) 2107 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u])); 2108 else 2109 return(NULL); 2110 } 2111 2112 int ssl3_pending(const SSL *s) 2113 { 2114 if (s->rstate == SSL_ST_READ_BODY) 2115 return 0; 2116 2117 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 2118 } 2119 2120 int ssl3_new(SSL *s) 2121 { 2122 SSL3_STATE *s3; 2123 2124 if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err; 2125 memset(s3,0,sizeof *s3); 2126 memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num)); 2127 memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num)); 2128 2129 s->s3=s3; 2130 2131 s->method->ssl_clear(s); 2132 return(1); 2133 err: 2134 return(0); 2135 } 2136 2137 void ssl3_free(SSL *s) 2138 { 2139 if(s == NULL) 2140 return; 2141 2142 #ifdef TLSEXT_TYPE_opaque_prf_input 2143 if (s->s3->client_opaque_prf_input != NULL) 2144 OPENSSL_free(s->s3->client_opaque_prf_input); 2145 if (s->s3->server_opaque_prf_input != NULL) 2146 OPENSSL_free(s->s3->server_opaque_prf_input); 2147 #endif 2148 2149 ssl3_cleanup_key_block(s); 2150 if (s->s3->rbuf.buf != NULL) 2151 ssl3_release_read_buffer(s); 2152 if (s->s3->wbuf.buf != NULL) 2153 ssl3_release_write_buffer(s); 2154 if (s->s3->rrec.comp != NULL) 2155 OPENSSL_free(s->s3->rrec.comp); 2156 #ifndef OPENSSL_NO_DH 2157 if (s->s3->tmp.dh != NULL) 2158 DH_free(s->s3->tmp.dh); 2159 #endif 2160 #ifndef OPENSSL_NO_ECDH 2161 if (s->s3->tmp.ecdh != NULL) 2162 EC_KEY_free(s->s3->tmp.ecdh); 2163 #endif 2164 2165 if (s->s3->tmp.ca_names != NULL) 2166 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); 2167 if (s->s3->handshake_buffer) { 2168 BIO_free(s->s3->handshake_buffer); 2169 } 2170 if (s->s3->handshake_dgst) ssl3_free_digest_list(s); 2171 OPENSSL_cleanse(s->s3,sizeof *s->s3); 2172 OPENSSL_free(s->s3); 2173 s->s3=NULL; 2174 } 2175 2176 void ssl3_clear(SSL *s) 2177 { 2178 unsigned char *rp,*wp; 2179 size_t rlen, wlen; 2180 2181 #ifdef TLSEXT_TYPE_opaque_prf_input 2182 if (s->s3->client_opaque_prf_input != NULL) 2183 OPENSSL_free(s->s3->client_opaque_prf_input); 2184 s->s3->client_opaque_prf_input = NULL; 2185 if (s->s3->server_opaque_prf_input != NULL) 2186 OPENSSL_free(s->s3->server_opaque_prf_input); 2187 s->s3->server_opaque_prf_input = NULL; 2188 #endif 2189 2190 ssl3_cleanup_key_block(s); 2191 if (s->s3->tmp.ca_names != NULL) 2192 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); 2193 2194 if (s->s3->rrec.comp != NULL) 2195 { 2196 OPENSSL_free(s->s3->rrec.comp); 2197 s->s3->rrec.comp=NULL; 2198 } 2199 #ifndef OPENSSL_NO_DH 2200 if (s->s3->tmp.dh != NULL) 2201 { 2202 DH_free(s->s3->tmp.dh); 2203 s->s3->tmp.dh = NULL; 2204 } 2205 #endif 2206 #ifndef OPENSSL_NO_ECDH 2207 if (s->s3->tmp.ecdh != NULL) 2208 { 2209 EC_KEY_free(s->s3->tmp.ecdh); 2210 s->s3->tmp.ecdh = NULL; 2211 } 2212 #endif 2213 2214 rp = s->s3->rbuf.buf; 2215 wp = s->s3->wbuf.buf; 2216 rlen = s->s3->rbuf.len; 2217 wlen = s->s3->wbuf.len; 2218 if (s->s3->handshake_buffer) { 2219 BIO_free(s->s3->handshake_buffer); 2220 s->s3->handshake_buffer = NULL; 2221 } 2222 if (s->s3->handshake_dgst) { 2223 ssl3_free_digest_list(s); 2224 } 2225 memset(s->s3,0,sizeof *s->s3); 2226 s->s3->rbuf.buf = rp; 2227 s->s3->wbuf.buf = wp; 2228 s->s3->rbuf.len = rlen; 2229 s->s3->wbuf.len = wlen; 2230 2231 ssl_free_wbio_buffer(s); 2232 2233 s->packet_length=0; 2234 s->s3->renegotiate=0; 2235 s->s3->total_renegotiations=0; 2236 s->s3->num_renegotiations=0; 2237 s->s3->in_read_app_data=0; 2238 s->version=SSL3_VERSION; 2239 2240 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2241 if (s->next_proto_negotiated) 2242 { 2243 OPENSSL_free(s->next_proto_negotiated); 2244 s->next_proto_negotiated = NULL; 2245 s->next_proto_negotiated_len = 0; 2246 } 2247 #endif 2248 } 2249 2250 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 2251 { 2252 int ret=0; 2253 2254 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 2255 if ( 2256 #ifndef OPENSSL_NO_RSA 2257 cmd == SSL_CTRL_SET_TMP_RSA || 2258 cmd == SSL_CTRL_SET_TMP_RSA_CB || 2259 #endif 2260 #ifndef OPENSSL_NO_DSA 2261 cmd == SSL_CTRL_SET_TMP_DH || 2262 cmd == SSL_CTRL_SET_TMP_DH_CB || 2263 #endif 2264 0) 2265 { 2266 if (!ssl_cert_inst(&s->cert)) 2267 { 2268 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 2269 return(0); 2270 } 2271 } 2272 #endif 2273 2274 switch (cmd) 2275 { 2276 case SSL_CTRL_GET_SESSION_REUSED: 2277 ret=s->hit; 2278 break; 2279 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 2280 break; 2281 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 2282 ret=s->s3->num_renegotiations; 2283 break; 2284 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 2285 ret=s->s3->num_renegotiations; 2286 s->s3->num_renegotiations=0; 2287 break; 2288 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 2289 ret=s->s3->total_renegotiations; 2290 break; 2291 case SSL_CTRL_GET_FLAGS: 2292 ret=(int)(s->s3->flags); 2293 break; 2294 #ifndef OPENSSL_NO_RSA 2295 case SSL_CTRL_NEED_TMP_RSA: 2296 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 2297 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 2298 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))) 2299 ret = 1; 2300 break; 2301 case SSL_CTRL_SET_TMP_RSA: 2302 { 2303 RSA *rsa = (RSA *)parg; 2304 if (rsa == NULL) 2305 { 2306 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 2307 return(ret); 2308 } 2309 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) 2310 { 2311 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); 2312 return(ret); 2313 } 2314 if (s->cert->rsa_tmp != NULL) 2315 RSA_free(s->cert->rsa_tmp); 2316 s->cert->rsa_tmp = rsa; 2317 ret = 1; 2318 } 2319 break; 2320 case SSL_CTRL_SET_TMP_RSA_CB: 2321 { 2322 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2323 return(ret); 2324 } 2325 break; 2326 #endif 2327 #ifndef OPENSSL_NO_DH 2328 case SSL_CTRL_SET_TMP_DH: 2329 { 2330 DH *dh = (DH *)parg; 2331 if (dh == NULL) 2332 { 2333 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 2334 return(ret); 2335 } 2336 if ((dh = DHparams_dup(dh)) == NULL) 2337 { 2338 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 2339 return(ret); 2340 } 2341 if (!(s->options & SSL_OP_SINGLE_DH_USE)) 2342 { 2343 if (!DH_generate_key(dh)) 2344 { 2345 DH_free(dh); 2346 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 2347 return(ret); 2348 } 2349 } 2350 if (s->cert->dh_tmp != NULL) 2351 DH_free(s->cert->dh_tmp); 2352 s->cert->dh_tmp = dh; 2353 ret = 1; 2354 } 2355 break; 2356 case SSL_CTRL_SET_TMP_DH_CB: 2357 { 2358 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2359 return(ret); 2360 } 2361 break; 2362 #endif 2363 #ifndef OPENSSL_NO_ECDH 2364 case SSL_CTRL_SET_TMP_ECDH: 2365 { 2366 EC_KEY *ecdh = NULL; 2367 2368 if (parg == NULL) 2369 { 2370 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 2371 return(ret); 2372 } 2373 if (!EC_KEY_up_ref((EC_KEY *)parg)) 2374 { 2375 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB); 2376 return(ret); 2377 } 2378 ecdh = (EC_KEY *)parg; 2379 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) 2380 { 2381 if (!EC_KEY_generate_key(ecdh)) 2382 { 2383 EC_KEY_free(ecdh); 2384 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB); 2385 return(ret); 2386 } 2387 } 2388 if (s->cert->ecdh_tmp != NULL) 2389 EC_KEY_free(s->cert->ecdh_tmp); 2390 s->cert->ecdh_tmp = ecdh; 2391 ret = 1; 2392 } 2393 break; 2394 case SSL_CTRL_SET_TMP_ECDH_CB: 2395 { 2396 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2397 return(ret); 2398 } 2399 break; 2400 #endif /* !OPENSSL_NO_ECDH */ 2401 #ifndef OPENSSL_NO_TLSEXT 2402 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 2403 if (larg == TLSEXT_NAMETYPE_host_name) 2404 { 2405 if (s->tlsext_hostname != NULL) 2406 OPENSSL_free(s->tlsext_hostname); 2407 s->tlsext_hostname = NULL; 2408 2409 ret = 1; 2410 if (parg == NULL) 2411 break; 2412 if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) 2413 { 2414 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 2415 return 0; 2416 } 2417 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) 2418 { 2419 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 2420 return 0; 2421 } 2422 } 2423 else 2424 { 2425 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 2426 return 0; 2427 } 2428 break; 2429 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 2430 s->tlsext_debug_arg=parg; 2431 ret = 1; 2432 break; 2433 2434 #ifdef TLSEXT_TYPE_opaque_prf_input 2435 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 2436 if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message 2437 * (including the cert chain and everything) */ 2438 { 2439 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 2440 break; 2441 } 2442 if (s->tlsext_opaque_prf_input != NULL) 2443 OPENSSL_free(s->tlsext_opaque_prf_input); 2444 if ((size_t)larg == 0) 2445 s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ 2446 else 2447 s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); 2448 if (s->tlsext_opaque_prf_input != NULL) 2449 { 2450 s->tlsext_opaque_prf_input_len = (size_t)larg; 2451 ret = 1; 2452 } 2453 else 2454 s->tlsext_opaque_prf_input_len = 0; 2455 break; 2456 #endif 2457 2458 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 2459 s->tlsext_status_type=larg; 2460 ret = 1; 2461 break; 2462 2463 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 2464 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; 2465 ret = 1; 2466 break; 2467 2468 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 2469 s->tlsext_ocsp_exts = parg; 2470 ret = 1; 2471 break; 2472 2473 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 2474 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; 2475 ret = 1; 2476 break; 2477 2478 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 2479 s->tlsext_ocsp_ids = parg; 2480 ret = 1; 2481 break; 2482 2483 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 2484 *(unsigned char **)parg = s->tlsext_ocsp_resp; 2485 return s->tlsext_ocsp_resplen; 2486 2487 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 2488 if (s->tlsext_ocsp_resp) 2489 OPENSSL_free(s->tlsext_ocsp_resp); 2490 s->tlsext_ocsp_resp = parg; 2491 s->tlsext_ocsp_resplen = larg; 2492 ret = 1; 2493 break; 2494 2495 #endif /* !OPENSSL_NO_TLSEXT */ 2496 default: 2497 break; 2498 } 2499 return(ret); 2500 } 2501 2502 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) 2503 { 2504 int ret=0; 2505 2506 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 2507 if ( 2508 #ifndef OPENSSL_NO_RSA 2509 cmd == SSL_CTRL_SET_TMP_RSA_CB || 2510 #endif 2511 #ifndef OPENSSL_NO_DSA 2512 cmd == SSL_CTRL_SET_TMP_DH_CB || 2513 #endif 2514 0) 2515 { 2516 if (!ssl_cert_inst(&s->cert)) 2517 { 2518 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); 2519 return(0); 2520 } 2521 } 2522 #endif 2523 2524 switch (cmd) 2525 { 2526 #ifndef OPENSSL_NO_RSA 2527 case SSL_CTRL_SET_TMP_RSA_CB: 2528 { 2529 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 2530 } 2531 break; 2532 #endif 2533 #ifndef OPENSSL_NO_DH 2534 case SSL_CTRL_SET_TMP_DH_CB: 2535 { 2536 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 2537 } 2538 break; 2539 #endif 2540 #ifndef OPENSSL_NO_ECDH 2541 case SSL_CTRL_SET_TMP_ECDH_CB: 2542 { 2543 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 2544 } 2545 break; 2546 #endif 2547 #ifndef OPENSSL_NO_TLSEXT 2548 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 2549 s->tlsext_debug_cb=(void (*)(SSL *,int ,int, 2550 unsigned char *, int, void *))fp; 2551 break; 2552 #endif 2553 default: 2554 break; 2555 } 2556 return(ret); 2557 } 2558 2559 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 2560 { 2561 CERT *cert; 2562 2563 cert=ctx->cert; 2564 2565 switch (cmd) 2566 { 2567 #ifndef OPENSSL_NO_RSA 2568 case SSL_CTRL_NEED_TMP_RSA: 2569 if ( (cert->rsa_tmp == NULL) && 2570 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 2571 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))) 2572 ) 2573 return(1); 2574 else 2575 return(0); 2576 /* break; */ 2577 case SSL_CTRL_SET_TMP_RSA: 2578 { 2579 RSA *rsa; 2580 int i; 2581 2582 rsa=(RSA *)parg; 2583 i=1; 2584 if (rsa == NULL) 2585 i=0; 2586 else 2587 { 2588 if ((rsa=RSAPrivateKey_dup(rsa)) == NULL) 2589 i=0; 2590 } 2591 if (!i) 2592 { 2593 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB); 2594 return(0); 2595 } 2596 else 2597 { 2598 if (cert->rsa_tmp != NULL) 2599 RSA_free(cert->rsa_tmp); 2600 cert->rsa_tmp=rsa; 2601 return(1); 2602 } 2603 } 2604 /* break; */ 2605 case SSL_CTRL_SET_TMP_RSA_CB: 2606 { 2607 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2608 return(0); 2609 } 2610 break; 2611 #endif 2612 #ifndef OPENSSL_NO_DH 2613 case SSL_CTRL_SET_TMP_DH: 2614 { 2615 DH *new=NULL,*dh; 2616 2617 dh=(DH *)parg; 2618 if ((new=DHparams_dup(dh)) == NULL) 2619 { 2620 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); 2621 return 0; 2622 } 2623 if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) 2624 { 2625 if (!DH_generate_key(new)) 2626 { 2627 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); 2628 DH_free(new); 2629 return 0; 2630 } 2631 } 2632 if (cert->dh_tmp != NULL) 2633 DH_free(cert->dh_tmp); 2634 cert->dh_tmp=new; 2635 return 1; 2636 } 2637 /*break; */ 2638 case SSL_CTRL_SET_TMP_DH_CB: 2639 { 2640 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2641 return(0); 2642 } 2643 break; 2644 #endif 2645 #ifndef OPENSSL_NO_ECDH 2646 case SSL_CTRL_SET_TMP_ECDH: 2647 { 2648 EC_KEY *ecdh = NULL; 2649 2650 if (parg == NULL) 2651 { 2652 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB); 2653 return 0; 2654 } 2655 ecdh = EC_KEY_dup((EC_KEY *)parg); 2656 if (ecdh == NULL) 2657 { 2658 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB); 2659 return 0; 2660 } 2661 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) 2662 { 2663 if (!EC_KEY_generate_key(ecdh)) 2664 { 2665 EC_KEY_free(ecdh); 2666 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB); 2667 return 0; 2668 } 2669 } 2670 2671 if (cert->ecdh_tmp != NULL) 2672 { 2673 EC_KEY_free(cert->ecdh_tmp); 2674 } 2675 cert->ecdh_tmp = ecdh; 2676 return 1; 2677 } 2678 /* break; */ 2679 case SSL_CTRL_SET_TMP_ECDH_CB: 2680 { 2681 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2682 return(0); 2683 } 2684 break; 2685 #endif /* !OPENSSL_NO_ECDH */ 2686 #ifndef OPENSSL_NO_TLSEXT 2687 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 2688 ctx->tlsext_servername_arg=parg; 2689 break; 2690 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 2691 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 2692 { 2693 unsigned char *keys = parg; 2694 if (!keys) 2695 return 48; 2696 if (larg != 48) 2697 { 2698 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 2699 return 0; 2700 } 2701 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) 2702 { 2703 memcpy(ctx->tlsext_tick_key_name, keys, 16); 2704 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 2705 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 2706 } 2707 else 2708 { 2709 memcpy(keys, ctx->tlsext_tick_key_name, 16); 2710 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 2711 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 2712 } 2713 return 1; 2714 } 2715 2716 #ifdef TLSEXT_TYPE_opaque_prf_input 2717 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG: 2718 ctx->tlsext_opaque_prf_input_callback_arg = parg; 2719 return 1; 2720 #endif 2721 2722 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 2723 ctx->tlsext_status_arg=parg; 2724 return 1; 2725 break; 2726 2727 #endif /* !OPENSSL_NO_TLSEXT */ 2728 2729 /* A Thawte special :-) */ 2730 case SSL_CTRL_EXTRA_CHAIN_CERT: 2731 if (ctx->extra_certs == NULL) 2732 { 2733 if ((ctx->extra_certs=sk_X509_new_null()) == NULL) 2734 return(0); 2735 } 2736 sk_X509_push(ctx->extra_certs,(X509 *)parg); 2737 break; 2738 2739 default: 2740 return(0); 2741 } 2742 return(1); 2743 } 2744 2745 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) 2746 { 2747 CERT *cert; 2748 2749 cert=ctx->cert; 2750 2751 switch (cmd) 2752 { 2753 #ifndef OPENSSL_NO_RSA 2754 case SSL_CTRL_SET_TMP_RSA_CB: 2755 { 2756 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 2757 } 2758 break; 2759 #endif 2760 #ifndef OPENSSL_NO_DH 2761 case SSL_CTRL_SET_TMP_DH_CB: 2762 { 2763 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 2764 } 2765 break; 2766 #endif 2767 #ifndef OPENSSL_NO_ECDH 2768 case SSL_CTRL_SET_TMP_ECDH_CB: 2769 { 2770 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 2771 } 2772 break; 2773 #endif 2774 #ifndef OPENSSL_NO_TLSEXT 2775 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 2776 ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp; 2777 break; 2778 2779 #ifdef TLSEXT_TYPE_opaque_prf_input 2780 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB: 2781 ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp; 2782 break; 2783 #endif 2784 2785 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 2786 ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp; 2787 break; 2788 2789 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 2790 ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char *, 2791 unsigned char *, 2792 EVP_CIPHER_CTX *, 2793 HMAC_CTX *, int))fp; 2794 break; 2795 2796 #endif 2797 default: 2798 return(0); 2799 } 2800 return(1); 2801 } 2802 2803 /* This function needs to check if the ciphers required are actually 2804 * available */ 2805 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 2806 { 2807 SSL_CIPHER c; 2808 const SSL_CIPHER *cp; 2809 unsigned long id; 2810 2811 id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1]; 2812 c.id=id; 2813 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 2814 if (cp == NULL || cp->valid == 0) 2815 return NULL; 2816 else 2817 return cp; 2818 } 2819 2820 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 2821 { 2822 long l; 2823 2824 if (p != NULL) 2825 { 2826 l=c->id; 2827 if ((l & 0xff000000) != 0x03000000) return(0); 2828 p[0]=((unsigned char)(l>> 8L))&0xFF; 2829 p[1]=((unsigned char)(l ))&0xFF; 2830 } 2831 return(2); 2832 } 2833 2834 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 2835 STACK_OF(SSL_CIPHER) *srvr) 2836 { 2837 SSL_CIPHER *c,*ret=NULL; 2838 STACK_OF(SSL_CIPHER) *prio, *allow; 2839 int i,ii,ok; 2840 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC) 2841 unsigned int j; 2842 int ec_ok, ec_nid; 2843 unsigned char ec_search1 = 0, ec_search2 = 0; 2844 #endif 2845 CERT *cert; 2846 unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a; 2847 2848 /* Let's see which ciphers we can support */ 2849 cert=s->cert; 2850 2851 #if 0 2852 /* Do not set the compare functions, because this may lead to a 2853 * reordering by "id". We want to keep the original ordering. 2854 * We may pay a price in performance during sk_SSL_CIPHER_find(), 2855 * but would have to pay with the price of sk_SSL_CIPHER_dup(). 2856 */ 2857 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp); 2858 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp); 2859 #endif 2860 2861 #ifdef CIPHER_DEBUG 2862 printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr); 2863 for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i) 2864 { 2865 c=sk_SSL_CIPHER_value(srvr,i); 2866 printf("%p:%s\n",(void *)c,c->name); 2867 } 2868 printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt); 2869 for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i) 2870 { 2871 c=sk_SSL_CIPHER_value(clnt,i); 2872 printf("%p:%s\n",(void *)c,c->name); 2873 } 2874 #endif 2875 2876 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) 2877 { 2878 prio = srvr; 2879 allow = clnt; 2880 } 2881 else 2882 { 2883 prio = clnt; 2884 allow = srvr; 2885 } 2886 2887 for (i=0; i<sk_SSL_CIPHER_num(prio); i++) 2888 { 2889 c=sk_SSL_CIPHER_value(prio,i); 2890 2891 ssl_set_cert_masks(cert,c); 2892 mask_k = cert->mask_k; 2893 mask_a = cert->mask_a; 2894 emask_k = cert->export_mask_k; 2895 emask_a = cert->export_mask_a; 2896 2897 #ifdef KSSL_DEBUG 2898 /* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/ 2899 #endif /* KSSL_DEBUG */ 2900 2901 alg_k=c->algorithm_mkey; 2902 alg_a=c->algorithm_auth; 2903 2904 #ifndef OPENSSL_NO_KRB5 2905 if (alg_k & SSL_kKRB5) 2906 { 2907 if ( !kssl_keytab_is_available(s->kssl_ctx) ) 2908 continue; 2909 } 2910 #endif /* OPENSSL_NO_KRB5 */ 2911 #ifndef OPENSSL_NO_PSK 2912 /* with PSK there must be server callback set */ 2913 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL) 2914 continue; 2915 #endif /* OPENSSL_NO_PSK */ 2916 2917 if (SSL_C_IS_EXPORT(c)) 2918 { 2919 ok = (alg_k & emask_k) && (alg_a & emask_a); 2920 #ifdef CIPHER_DEBUG 2921 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a, 2922 (void *)c,c->name); 2923 #endif 2924 } 2925 else 2926 { 2927 ok = (alg_k & mask_k) && (alg_a & mask_a); 2928 #ifdef CIPHER_DEBUG 2929 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c, 2930 c->name); 2931 #endif 2932 } 2933 2934 #ifndef OPENSSL_NO_TLSEXT 2935 #ifndef OPENSSL_NO_EC 2936 if ( 2937 /* if we are considering an ECC cipher suite that uses our certificate */ 2938 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 2939 /* and we have an ECC certificate */ 2940 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 2941 /* and the client specified a Supported Point Formats extension */ 2942 && ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL)) 2943 /* and our certificate's point is compressed */ 2944 && ( 2945 (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL) 2946 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL) 2947 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL) 2948 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL) 2949 && ( 2950 (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED) 2951 || (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1) 2952 ) 2953 ) 2954 ) 2955 { 2956 ec_ok = 0; 2957 /* if our certificate's curve is over a field type that the client does not support 2958 * then do not allow this cipher suite to be negotiated */ 2959 if ( 2960 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) 2961 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL) 2962 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL) 2963 && (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field) 2964 ) 2965 { 2966 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) 2967 { 2968 if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime) 2969 { 2970 ec_ok = 1; 2971 break; 2972 } 2973 } 2974 } 2975 else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) 2976 { 2977 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) 2978 { 2979 if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2) 2980 { 2981 ec_ok = 1; 2982 break; 2983 } 2984 } 2985 } 2986 ok = ok && ec_ok; 2987 } 2988 if ( 2989 /* if we are considering an ECC cipher suite that uses our certificate */ 2990 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 2991 /* and we have an ECC certificate */ 2992 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 2993 /* and the client specified an EllipticCurves extension */ 2994 && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL)) 2995 ) 2996 { 2997 ec_ok = 0; 2998 if ( 2999 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) 3000 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL) 3001 ) 3002 { 3003 ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group); 3004 if ((ec_nid == 0) 3005 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL) 3006 ) 3007 { 3008 if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field) 3009 { 3010 ec_search1 = 0xFF; 3011 ec_search2 = 0x01; 3012 } 3013 else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) 3014 { 3015 ec_search1 = 0xFF; 3016 ec_search2 = 0x02; 3017 } 3018 } 3019 else 3020 { 3021 ec_search1 = 0x00; 3022 ec_search2 = tls1_ec_nid2curve_id(ec_nid); 3023 } 3024 if ((ec_search1 != 0) || (ec_search2 != 0)) 3025 { 3026 for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) 3027 { 3028 if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2)) 3029 { 3030 ec_ok = 1; 3031 break; 3032 } 3033 } 3034 } 3035 } 3036 ok = ok && ec_ok; 3037 } 3038 if ( 3039 /* if we are considering an ECC cipher suite that uses an ephemeral EC key */ 3040 (alg_k & SSL_kEECDH) 3041 /* and we have an ephemeral EC key */ 3042 && (s->cert->ecdh_tmp != NULL) 3043 /* and the client specified an EllipticCurves extension */ 3044 && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL)) 3045 ) 3046 { 3047 ec_ok = 0; 3048 if (s->cert->ecdh_tmp->group != NULL) 3049 { 3050 ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group); 3051 if ((ec_nid == 0) 3052 && (s->cert->ecdh_tmp->group->meth != NULL) 3053 ) 3054 { 3055 if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field) 3056 { 3057 ec_search1 = 0xFF; 3058 ec_search2 = 0x01; 3059 } 3060 else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field) 3061 { 3062 ec_search1 = 0xFF; 3063 ec_search2 = 0x02; 3064 } 3065 } 3066 else 3067 { 3068 ec_search1 = 0x00; 3069 ec_search2 = tls1_ec_nid2curve_id(ec_nid); 3070 } 3071 if ((ec_search1 != 0) || (ec_search2 != 0)) 3072 { 3073 for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) 3074 { 3075 if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2)) 3076 { 3077 ec_ok = 1; 3078 break; 3079 } 3080 } 3081 } 3082 } 3083 ok = ok && ec_ok; 3084 } 3085 #endif /* OPENSSL_NO_EC */ 3086 #endif /* OPENSSL_NO_TLSEXT */ 3087 3088 if (!ok) continue; 3089 ii=sk_SSL_CIPHER_find(allow,c); 3090 if (ii >= 0) 3091 { 3092 ret=sk_SSL_CIPHER_value(allow,ii); 3093 break; 3094 } 3095 } 3096 return(ret); 3097 } 3098 3099 int ssl3_get_req_cert_type(SSL *s, unsigned char *p) 3100 { 3101 int ret=0; 3102 unsigned long alg_k; 3103 3104 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 3105 3106 #ifndef OPENSSL_NO_GOST 3107 if (s->version >= TLS1_VERSION) 3108 { 3109 if (alg_k & SSL_kGOST) 3110 { 3111 p[ret++]=TLS_CT_GOST94_SIGN; 3112 p[ret++]=TLS_CT_GOST01_SIGN; 3113 return(ret); 3114 } 3115 } 3116 #endif 3117 3118 #ifndef OPENSSL_NO_DH 3119 if (alg_k & (SSL_kDHr|SSL_kEDH)) 3120 { 3121 # ifndef OPENSSL_NO_RSA 3122 p[ret++]=SSL3_CT_RSA_FIXED_DH; 3123 # endif 3124 # ifndef OPENSSL_NO_DSA 3125 p[ret++]=SSL3_CT_DSS_FIXED_DH; 3126 # endif 3127 } 3128 if ((s->version == SSL3_VERSION) && 3129 (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) 3130 { 3131 # ifndef OPENSSL_NO_RSA 3132 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH; 3133 # endif 3134 # ifndef OPENSSL_NO_DSA 3135 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH; 3136 # endif 3137 } 3138 #endif /* !OPENSSL_NO_DH */ 3139 #ifndef OPENSSL_NO_RSA 3140 p[ret++]=SSL3_CT_RSA_SIGN; 3141 #endif 3142 #ifndef OPENSSL_NO_DSA 3143 p[ret++]=SSL3_CT_DSS_SIGN; 3144 #endif 3145 #ifndef OPENSSL_NO_ECDH 3146 if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) 3147 { 3148 p[ret++]=TLS_CT_RSA_FIXED_ECDH; 3149 p[ret++]=TLS_CT_ECDSA_FIXED_ECDH; 3150 } 3151 #endif 3152 3153 #ifndef OPENSSL_NO_ECDSA 3154 /* ECDSA certs can be used with RSA cipher suites as well 3155 * so we don't need to check for SSL_kECDH or SSL_kEECDH 3156 */ 3157 if (s->version >= TLS1_VERSION) 3158 { 3159 p[ret++]=TLS_CT_ECDSA_SIGN; 3160 } 3161 #endif 3162 return(ret); 3163 } 3164 3165 int ssl3_shutdown(SSL *s) 3166 { 3167 int ret; 3168 3169 /* Don't do anything much if we have not done the handshake or 3170 * we don't want to send messages :-) */ 3171 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) 3172 { 3173 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 3174 return(1); 3175 } 3176 3177 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) 3178 { 3179 s->shutdown|=SSL_SENT_SHUTDOWN; 3180 #if 1 3181 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY); 3182 #endif 3183 /* our shutdown alert has been sent now, and if it still needs 3184 * to be written, s->s3->alert_dispatch will be true */ 3185 if (s->s3->alert_dispatch) 3186 return(-1); /* return WANT_WRITE */ 3187 } 3188 else if (s->s3->alert_dispatch) 3189 { 3190 /* resend it if not sent */ 3191 #if 1 3192 ret=s->method->ssl_dispatch_alert(s); 3193 if(ret == -1) 3194 { 3195 /* we only get to return -1 here the 2nd/Nth 3196 * invocation, we must have already signalled 3197 * return 0 upon a previous invoation, 3198 * return WANT_WRITE */ 3199 return(ret); 3200 } 3201 #endif 3202 } 3203 else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) 3204 { 3205 /* If we are waiting for a close from our peer, we are closed */ 3206 s->method->ssl_read_bytes(s,0,NULL,0,0); 3207 if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) 3208 { 3209 return(-1); /* return WANT_READ */ 3210 } 3211 } 3212 3213 if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && 3214 !s->s3->alert_dispatch) 3215 return(1); 3216 else 3217 return(0); 3218 } 3219 3220 int ssl3_write(SSL *s, const void *buf, int len) 3221 { 3222 int ret,n; 3223 3224 #if 0 3225 if (s->shutdown & SSL_SEND_SHUTDOWN) 3226 { 3227 s->rwstate=SSL_NOTHING; 3228 return(0); 3229 } 3230 #endif 3231 clear_sys_error(); 3232 if (s->s3->renegotiate) ssl3_renegotiate_check(s); 3233 3234 /* This is an experimental flag that sends the 3235 * last handshake message in the same packet as the first 3236 * use data - used to see if it helps the TCP protocol during 3237 * session-id reuse */ 3238 /* The second test is because the buffer may have been removed */ 3239 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) 3240 { 3241 /* First time through, we write into the buffer */ 3242 if (s->s3->delay_buf_pop_ret == 0) 3243 { 3244 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA, 3245 buf,len); 3246 if (ret <= 0) return(ret); 3247 3248 s->s3->delay_buf_pop_ret=ret; 3249 } 3250 3251 s->rwstate=SSL_WRITING; 3252 n=BIO_flush(s->wbio); 3253 if (n <= 0) return(n); 3254 s->rwstate=SSL_NOTHING; 3255 3256 /* We have flushed the buffer, so remove it */ 3257 ssl_free_wbio_buffer(s); 3258 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; 3259 3260 ret=s->s3->delay_buf_pop_ret; 3261 s->s3->delay_buf_pop_ret=0; 3262 } 3263 else 3264 { 3265 ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA, 3266 buf,len); 3267 if (ret <= 0) return(ret); 3268 } 3269 3270 return(ret); 3271 } 3272 3273 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 3274 { 3275 int n,ret; 3276 3277 clear_sys_error(); 3278 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) 3279 { 3280 /* Deal with an application that calls SSL_read() when handshake data 3281 * is yet to be written. 3282 */ 3283 if (BIO_wpending(s->wbio) > 0) 3284 { 3285 s->rwstate=SSL_WRITING; 3286 n=BIO_flush(s->wbio); 3287 if (n <= 0) return(n); 3288 s->rwstate=SSL_NOTHING; 3289 } 3290 } 3291 if (s->s3->renegotiate) ssl3_renegotiate_check(s); 3292 s->s3->in_read_app_data=1; 3293 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); 3294 if ((ret == -1) && (s->s3->in_read_app_data == 2)) 3295 { 3296 /* ssl3_read_bytes decided to call s->handshake_func, which 3297 * called ssl3_read_bytes to read handshake data. 3298 * However, ssl3_read_bytes actually found application data 3299 * and thinks that application data makes sense here; so disable 3300 * handshake processing and try to read application data again. */ 3301 s->in_handshake++; 3302 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); 3303 s->in_handshake--; 3304 } 3305 else 3306 s->s3->in_read_app_data=0; 3307 3308 return(ret); 3309 } 3310 3311 int ssl3_read(SSL *s, void *buf, int len) 3312 { 3313 return ssl3_read_internal(s, buf, len, 0); 3314 } 3315 3316 int ssl3_peek(SSL *s, void *buf, int len) 3317 { 3318 return ssl3_read_internal(s, buf, len, 1); 3319 } 3320 3321 int ssl3_renegotiate(SSL *s) 3322 { 3323 if (s->handshake_func == NULL) 3324 return(1); 3325 3326 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 3327 return(0); 3328 3329 s->s3->renegotiate=1; 3330 return(1); 3331 } 3332 3333 int ssl3_renegotiate_check(SSL *s) 3334 { 3335 int ret=0; 3336 3337 if (s->s3->renegotiate) 3338 { 3339 if ( (s->s3->rbuf.left == 0) && 3340 (s->s3->wbuf.left == 0) && 3341 !SSL_in_init(s)) 3342 { 3343 /* 3344 if we are the server, and we have sent a 'RENEGOTIATE' message, we 3345 need to go to SSL_ST_ACCEPT. 3346 */ 3347 /* SSL_ST_ACCEPT */ 3348 s->state=SSL_ST_RENEGOTIATE; 3349 s->s3->renegotiate=0; 3350 s->s3->num_renegotiations++; 3351 s->s3->total_renegotiations++; 3352 ret=1; 3353 } 3354 } 3355 return(ret); 3356 } 3357 3358
