1 /* ssl/s3_lib.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay (at) cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay (at) cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core (at) openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay (at) cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh (at) cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * 114 * Portions of the attached software ("Contribution") are developed by 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 116 * 117 * The Contribution is licensed pursuant to the OpenSSL open source 118 * license provided above. 119 * 120 * ECC cipher suite support in OpenSSL originally written by 121 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 122 * 123 */ 124 /* ==================================================================== 125 * Copyright 2005 Nokia. All rights reserved. 126 * 127 * The portions of the attached software ("Contribution") is developed by 128 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 129 * license. 130 * 131 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 132 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 133 * support (see RFC 4279) to OpenSSL. 134 * 135 * No patent licenses or other rights except those expressly stated in 136 * the OpenSSL open source license shall be deemed granted or received 137 * expressly, by implication, estoppel, or otherwise. 138 * 139 * No assurances are provided by Nokia that the Contribution does not 140 * infringe the patent or other intellectual property rights of any third 141 * party or that the license provides you with all the necessary rights 142 * to make use of the Contribution. 143 * 144 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 145 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 146 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 147 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 148 * OTHERWISE. 149 */ 150 151 #include <stdio.h> 152 #include <openssl/objects.h> 153 #include "ssl_locl.h" 154 #include "kssl_lcl.h" 155 #ifndef OPENSSL_NO_TLSEXT 156 #ifndef OPENSSL_NO_EC 157 #include "../crypto/ec/ec_lcl.h" 158 #endif /* OPENSSL_NO_EC */ 159 #endif /* OPENSSL_NO_TLSEXT */ 160 #include <openssl/md5.h> 161 #ifndef OPENSSL_NO_DH 162 #include <openssl/dh.h> 163 #endif 164 165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT; 166 167 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) 168 169 /* FIXED_NONCE_LEN is a macro that results in the correct value to set the 170 * fixed nonce length in SSL_CIPHER.algorithms2. It's the inverse of 171 * SSL_CIPHER_AEAD_FIXED_NONCE_LEN. */ 172 #define FIXED_NONCE_LEN(x) ((x/2)<<24) 173 174 /* list of available SSLv3 ciphers (sorted by id) */ 175 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 176 177 /* The RSA ciphers */ 178 /* Cipher 01 */ 179 { 180 1, 181 SSL3_TXT_RSA_NULL_MD5, 182 SSL3_CK_RSA_NULL_MD5, 183 SSL_kRSA, 184 SSL_aRSA, 185 SSL_eNULL, 186 SSL_MD5, 187 SSL_SSLV3, 188 SSL_NOT_EXP|SSL_STRONG_NONE, 189 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 190 0, 191 0, 192 }, 193 194 /* Cipher 02 */ 195 { 196 1, 197 SSL3_TXT_RSA_NULL_SHA, 198 SSL3_CK_RSA_NULL_SHA, 199 SSL_kRSA, 200 SSL_aRSA, 201 SSL_eNULL, 202 SSL_SHA1, 203 SSL_SSLV3, 204 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 205 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 206 0, 207 0, 208 }, 209 210 /* Cipher 03 */ 211 { 212 1, 213 SSL3_TXT_RSA_RC4_40_MD5, 214 SSL3_CK_RSA_RC4_40_MD5, 215 SSL_kRSA, 216 SSL_aRSA, 217 SSL_RC4, 218 SSL_MD5, 219 SSL_SSLV3, 220 SSL_EXPORT|SSL_EXP40, 221 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 222 40, 223 128, 224 }, 225 226 /* Cipher 04 */ 227 { 228 1, 229 SSL3_TXT_RSA_RC4_128_MD5, 230 SSL3_CK_RSA_RC4_128_MD5, 231 SSL_kRSA, 232 SSL_aRSA, 233 SSL_RC4, 234 SSL_MD5, 235 SSL_SSLV3, 236 SSL_NOT_EXP|SSL_MEDIUM, 237 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 238 128, 239 128, 240 }, 241 242 /* Cipher 05 */ 243 { 244 1, 245 SSL3_TXT_RSA_RC4_128_SHA, 246 SSL3_CK_RSA_RC4_128_SHA, 247 SSL_kRSA, 248 SSL_aRSA, 249 SSL_RC4, 250 SSL_SHA1, 251 SSL_SSLV3, 252 SSL_NOT_EXP|SSL_MEDIUM, 253 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 254 128, 255 128, 256 }, 257 258 /* Cipher 06 */ 259 { 260 1, 261 SSL3_TXT_RSA_RC2_40_MD5, 262 SSL3_CK_RSA_RC2_40_MD5, 263 SSL_kRSA, 264 SSL_aRSA, 265 SSL_RC2, 266 SSL_MD5, 267 SSL_SSLV3, 268 SSL_EXPORT|SSL_EXP40, 269 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 270 40, 271 128, 272 }, 273 274 /* Cipher 07 */ 275 #ifndef OPENSSL_NO_IDEA 276 { 277 1, 278 SSL3_TXT_RSA_IDEA_128_SHA, 279 SSL3_CK_RSA_IDEA_128_SHA, 280 SSL_kRSA, 281 SSL_aRSA, 282 SSL_IDEA, 283 SSL_SHA1, 284 SSL_SSLV3, 285 SSL_NOT_EXP|SSL_MEDIUM, 286 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 287 128, 288 128, 289 }, 290 #endif 291 292 /* Cipher 08 */ 293 { 294 1, 295 SSL3_TXT_RSA_DES_40_CBC_SHA, 296 SSL3_CK_RSA_DES_40_CBC_SHA, 297 SSL_kRSA, 298 SSL_aRSA, 299 SSL_DES, 300 SSL_SHA1, 301 SSL_SSLV3, 302 SSL_EXPORT|SSL_EXP40, 303 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 304 40, 305 56, 306 }, 307 308 /* Cipher 09 */ 309 { 310 1, 311 SSL3_TXT_RSA_DES_64_CBC_SHA, 312 SSL3_CK_RSA_DES_64_CBC_SHA, 313 SSL_kRSA, 314 SSL_aRSA, 315 SSL_DES, 316 SSL_SHA1, 317 SSL_SSLV3, 318 SSL_NOT_EXP|SSL_LOW, 319 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 320 56, 321 56, 322 }, 323 324 /* Cipher 0A */ 325 { 326 1, 327 SSL3_TXT_RSA_DES_192_CBC3_SHA, 328 SSL3_CK_RSA_DES_192_CBC3_SHA, 329 SSL_kRSA, 330 SSL_aRSA, 331 SSL_3DES, 332 SSL_SHA1, 333 SSL_SSLV3, 334 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 335 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 336 168, 337 168, 338 }, 339 340 /* The DH ciphers */ 341 /* Cipher 0B */ 342 { 343 0, 344 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 345 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 346 SSL_kDHd, 347 SSL_aDH, 348 SSL_DES, 349 SSL_SHA1, 350 SSL_SSLV3, 351 SSL_EXPORT|SSL_EXP40, 352 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 353 40, 354 56, 355 }, 356 357 /* Cipher 0C */ 358 { 359 0, /* not implemented (non-ephemeral DH) */ 360 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 361 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 362 SSL_kDHd, 363 SSL_aDH, 364 SSL_DES, 365 SSL_SHA1, 366 SSL_SSLV3, 367 SSL_NOT_EXP|SSL_LOW, 368 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 369 56, 370 56, 371 }, 372 373 /* Cipher 0D */ 374 { 375 0, /* not implemented (non-ephemeral DH) */ 376 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 377 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 378 SSL_kDHd, 379 SSL_aDH, 380 SSL_3DES, 381 SSL_SHA1, 382 SSL_SSLV3, 383 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 384 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 385 168, 386 168, 387 }, 388 389 /* Cipher 0E */ 390 { 391 0, /* not implemented (non-ephemeral DH) */ 392 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 393 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 394 SSL_kDHr, 395 SSL_aDH, 396 SSL_DES, 397 SSL_SHA1, 398 SSL_SSLV3, 399 SSL_EXPORT|SSL_EXP40, 400 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 401 40, 402 56, 403 }, 404 405 /* Cipher 0F */ 406 { 407 0, /* not implemented (non-ephemeral DH) */ 408 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 409 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 410 SSL_kDHr, 411 SSL_aDH, 412 SSL_DES, 413 SSL_SHA1, 414 SSL_SSLV3, 415 SSL_NOT_EXP|SSL_LOW, 416 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 417 56, 418 56, 419 }, 420 421 /* Cipher 10 */ 422 { 423 0, /* not implemented (non-ephemeral DH) */ 424 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 425 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 426 SSL_kDHr, 427 SSL_aDH, 428 SSL_3DES, 429 SSL_SHA1, 430 SSL_SSLV3, 431 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 432 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 433 168, 434 168, 435 }, 436 437 /* The Ephemeral DH ciphers */ 438 /* Cipher 11 */ 439 { 440 1, 441 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 442 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 443 SSL_kEDH, 444 SSL_aDSS, 445 SSL_DES, 446 SSL_SHA1, 447 SSL_SSLV3, 448 SSL_EXPORT|SSL_EXP40, 449 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 450 40, 451 56, 452 }, 453 454 /* Cipher 12 */ 455 { 456 1, 457 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 458 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 459 SSL_kEDH, 460 SSL_aDSS, 461 SSL_DES, 462 SSL_SHA1, 463 SSL_SSLV3, 464 SSL_NOT_EXP|SSL_LOW, 465 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 466 56, 467 56, 468 }, 469 470 /* Cipher 13 */ 471 { 472 1, 473 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 474 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 475 SSL_kEDH, 476 SSL_aDSS, 477 SSL_3DES, 478 SSL_SHA1, 479 SSL_SSLV3, 480 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 481 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 482 168, 483 168, 484 }, 485 486 /* Cipher 14 */ 487 { 488 1, 489 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 490 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 491 SSL_kEDH, 492 SSL_aRSA, 493 SSL_DES, 494 SSL_SHA1, 495 SSL_SSLV3, 496 SSL_EXPORT|SSL_EXP40, 497 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 498 40, 499 56, 500 }, 501 502 /* Cipher 15 */ 503 { 504 1, 505 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 506 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 507 SSL_kEDH, 508 SSL_aRSA, 509 SSL_DES, 510 SSL_SHA1, 511 SSL_SSLV3, 512 SSL_NOT_EXP|SSL_LOW, 513 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 514 56, 515 56, 516 }, 517 518 /* Cipher 16 */ 519 { 520 1, 521 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 522 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 523 SSL_kEDH, 524 SSL_aRSA, 525 SSL_3DES, 526 SSL_SHA1, 527 SSL_SSLV3, 528 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 529 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 530 168, 531 168, 532 }, 533 534 /* Cipher 17 */ 535 { 536 1, 537 SSL3_TXT_ADH_RC4_40_MD5, 538 SSL3_CK_ADH_RC4_40_MD5, 539 SSL_kEDH, 540 SSL_aNULL, 541 SSL_RC4, 542 SSL_MD5, 543 SSL_SSLV3, 544 SSL_EXPORT|SSL_EXP40, 545 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 546 40, 547 128, 548 }, 549 550 /* Cipher 18 */ 551 { 552 1, 553 SSL3_TXT_ADH_RC4_128_MD5, 554 SSL3_CK_ADH_RC4_128_MD5, 555 SSL_kEDH, 556 SSL_aNULL, 557 SSL_RC4, 558 SSL_MD5, 559 SSL_SSLV3, 560 SSL_NOT_EXP|SSL_MEDIUM, 561 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 562 128, 563 128, 564 }, 565 566 /* Cipher 19 */ 567 { 568 1, 569 SSL3_TXT_ADH_DES_40_CBC_SHA, 570 SSL3_CK_ADH_DES_40_CBC_SHA, 571 SSL_kEDH, 572 SSL_aNULL, 573 SSL_DES, 574 SSL_SHA1, 575 SSL_SSLV3, 576 SSL_EXPORT|SSL_EXP40, 577 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 578 40, 579 128, 580 }, 581 582 /* Cipher 1A */ 583 { 584 1, 585 SSL3_TXT_ADH_DES_64_CBC_SHA, 586 SSL3_CK_ADH_DES_64_CBC_SHA, 587 SSL_kEDH, 588 SSL_aNULL, 589 SSL_DES, 590 SSL_SHA1, 591 SSL_SSLV3, 592 SSL_NOT_EXP|SSL_LOW, 593 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 594 56, 595 56, 596 }, 597 598 /* Cipher 1B */ 599 { 600 1, 601 SSL3_TXT_ADH_DES_192_CBC_SHA, 602 SSL3_CK_ADH_DES_192_CBC_SHA, 603 SSL_kEDH, 604 SSL_aNULL, 605 SSL_3DES, 606 SSL_SHA1, 607 SSL_SSLV3, 608 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 609 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 610 168, 611 168, 612 }, 613 614 /* Fortezza ciphersuite from SSL 3.0 spec */ 615 #if 0 616 /* Cipher 1C */ 617 { 618 0, 619 SSL3_TXT_FZA_DMS_NULL_SHA, 620 SSL3_CK_FZA_DMS_NULL_SHA, 621 SSL_kFZA, 622 SSL_aFZA, 623 SSL_eNULL, 624 SSL_SHA1, 625 SSL_SSLV3, 626 SSL_NOT_EXP|SSL_STRONG_NONE, 627 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 628 0, 629 0, 630 }, 631 632 /* Cipher 1D */ 633 { 634 0, 635 SSL3_TXT_FZA_DMS_FZA_SHA, 636 SSL3_CK_FZA_DMS_FZA_SHA, 637 SSL_kFZA, 638 SSL_aFZA, 639 SSL_eFZA, 640 SSL_SHA1, 641 SSL_SSLV3, 642 SSL_NOT_EXP|SSL_STRONG_NONE, 643 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 644 0, 645 0, 646 }, 647 648 /* Cipher 1E */ 649 { 650 0, 651 SSL3_TXT_FZA_DMS_RC4_SHA, 652 SSL3_CK_FZA_DMS_RC4_SHA, 653 SSL_kFZA, 654 SSL_aFZA, 655 SSL_RC4, 656 SSL_SHA1, 657 SSL_SSLV3, 658 SSL_NOT_EXP|SSL_MEDIUM, 659 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 660 128, 661 128, 662 }, 663 #endif 664 665 #ifndef OPENSSL_NO_KRB5 666 /* The Kerberos ciphers*/ 667 /* Cipher 1E */ 668 { 669 1, 670 SSL3_TXT_KRB5_DES_64_CBC_SHA, 671 SSL3_CK_KRB5_DES_64_CBC_SHA, 672 SSL_kKRB5, 673 SSL_aKRB5, 674 SSL_DES, 675 SSL_SHA1, 676 SSL_SSLV3, 677 SSL_NOT_EXP|SSL_LOW, 678 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 679 56, 680 56, 681 }, 682 683 /* Cipher 1F */ 684 { 685 1, 686 SSL3_TXT_KRB5_DES_192_CBC3_SHA, 687 SSL3_CK_KRB5_DES_192_CBC3_SHA, 688 SSL_kKRB5, 689 SSL_aKRB5, 690 SSL_3DES, 691 SSL_SHA1, 692 SSL_SSLV3, 693 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 694 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 695 168, 696 168, 697 }, 698 699 /* Cipher 20 */ 700 { 701 1, 702 SSL3_TXT_KRB5_RC4_128_SHA, 703 SSL3_CK_KRB5_RC4_128_SHA, 704 SSL_kKRB5, 705 SSL_aKRB5, 706 SSL_RC4, 707 SSL_SHA1, 708 SSL_SSLV3, 709 SSL_NOT_EXP|SSL_MEDIUM, 710 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 711 128, 712 128, 713 }, 714 715 /* Cipher 21 */ 716 { 717 1, 718 SSL3_TXT_KRB5_IDEA_128_CBC_SHA, 719 SSL3_CK_KRB5_IDEA_128_CBC_SHA, 720 SSL_kKRB5, 721 SSL_aKRB5, 722 SSL_IDEA, 723 SSL_SHA1, 724 SSL_SSLV3, 725 SSL_NOT_EXP|SSL_MEDIUM, 726 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 727 128, 728 128, 729 }, 730 731 /* Cipher 22 */ 732 { 733 1, 734 SSL3_TXT_KRB5_DES_64_CBC_MD5, 735 SSL3_CK_KRB5_DES_64_CBC_MD5, 736 SSL_kKRB5, 737 SSL_aKRB5, 738 SSL_DES, 739 SSL_MD5, 740 SSL_SSLV3, 741 SSL_NOT_EXP|SSL_LOW, 742 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 743 56, 744 56, 745 }, 746 747 /* Cipher 23 */ 748 { 749 1, 750 SSL3_TXT_KRB5_DES_192_CBC3_MD5, 751 SSL3_CK_KRB5_DES_192_CBC3_MD5, 752 SSL_kKRB5, 753 SSL_aKRB5, 754 SSL_3DES, 755 SSL_MD5, 756 SSL_SSLV3, 757 SSL_NOT_EXP|SSL_HIGH, 758 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 759 168, 760 168, 761 }, 762 763 /* Cipher 24 */ 764 { 765 1, 766 SSL3_TXT_KRB5_RC4_128_MD5, 767 SSL3_CK_KRB5_RC4_128_MD5, 768 SSL_kKRB5, 769 SSL_aKRB5, 770 SSL_RC4, 771 SSL_MD5, 772 SSL_SSLV3, 773 SSL_NOT_EXP|SSL_MEDIUM, 774 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 775 128, 776 128, 777 }, 778 779 /* Cipher 25 */ 780 { 781 1, 782 SSL3_TXT_KRB5_IDEA_128_CBC_MD5, 783 SSL3_CK_KRB5_IDEA_128_CBC_MD5, 784 SSL_kKRB5, 785 SSL_aKRB5, 786 SSL_IDEA, 787 SSL_MD5, 788 SSL_SSLV3, 789 SSL_NOT_EXP|SSL_MEDIUM, 790 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 791 128, 792 128, 793 }, 794 795 /* Cipher 26 */ 796 { 797 1, 798 SSL3_TXT_KRB5_DES_40_CBC_SHA, 799 SSL3_CK_KRB5_DES_40_CBC_SHA, 800 SSL_kKRB5, 801 SSL_aKRB5, 802 SSL_DES, 803 SSL_SHA1, 804 SSL_SSLV3, 805 SSL_EXPORT|SSL_EXP40, 806 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 807 40, 808 56, 809 }, 810 811 /* Cipher 27 */ 812 { 813 1, 814 SSL3_TXT_KRB5_RC2_40_CBC_SHA, 815 SSL3_CK_KRB5_RC2_40_CBC_SHA, 816 SSL_kKRB5, 817 SSL_aKRB5, 818 SSL_RC2, 819 SSL_SHA1, 820 SSL_SSLV3, 821 SSL_EXPORT|SSL_EXP40, 822 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 823 40, 824 128, 825 }, 826 827 /* Cipher 28 */ 828 { 829 1, 830 SSL3_TXT_KRB5_RC4_40_SHA, 831 SSL3_CK_KRB5_RC4_40_SHA, 832 SSL_kKRB5, 833 SSL_aKRB5, 834 SSL_RC4, 835 SSL_SHA1, 836 SSL_SSLV3, 837 SSL_EXPORT|SSL_EXP40, 838 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 839 40, 840 128, 841 }, 842 843 /* Cipher 29 */ 844 { 845 1, 846 SSL3_TXT_KRB5_DES_40_CBC_MD5, 847 SSL3_CK_KRB5_DES_40_CBC_MD5, 848 SSL_kKRB5, 849 SSL_aKRB5, 850 SSL_DES, 851 SSL_MD5, 852 SSL_SSLV3, 853 SSL_EXPORT|SSL_EXP40, 854 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 855 40, 856 56, 857 }, 858 859 /* Cipher 2A */ 860 { 861 1, 862 SSL3_TXT_KRB5_RC2_40_CBC_MD5, 863 SSL3_CK_KRB5_RC2_40_CBC_MD5, 864 SSL_kKRB5, 865 SSL_aKRB5, 866 SSL_RC2, 867 SSL_MD5, 868 SSL_SSLV3, 869 SSL_EXPORT|SSL_EXP40, 870 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 871 40, 872 128, 873 }, 874 875 /* Cipher 2B */ 876 { 877 1, 878 SSL3_TXT_KRB5_RC4_40_MD5, 879 SSL3_CK_KRB5_RC4_40_MD5, 880 SSL_kKRB5, 881 SSL_aKRB5, 882 SSL_RC4, 883 SSL_MD5, 884 SSL_SSLV3, 885 SSL_EXPORT|SSL_EXP40, 886 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 887 40, 888 128, 889 }, 890 #endif /* OPENSSL_NO_KRB5 */ 891 892 /* New AES ciphersuites */ 893 /* Cipher 2F */ 894 { 895 1, 896 TLS1_TXT_RSA_WITH_AES_128_SHA, 897 TLS1_CK_RSA_WITH_AES_128_SHA, 898 SSL_kRSA, 899 SSL_aRSA, 900 SSL_AES128, 901 SSL_SHA1, 902 SSL_TLSV1, 903 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 904 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 905 128, 906 128, 907 }, 908 /* Cipher 30 */ 909 { 910 0, 911 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 912 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 913 SSL_kDHd, 914 SSL_aDH, 915 SSL_AES128, 916 SSL_SHA1, 917 SSL_TLSV1, 918 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 919 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 920 128, 921 128, 922 }, 923 /* Cipher 31 */ 924 { 925 0, 926 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 927 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 928 SSL_kDHr, 929 SSL_aDH, 930 SSL_AES128, 931 SSL_SHA1, 932 SSL_TLSV1, 933 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 934 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 935 128, 936 128, 937 }, 938 /* Cipher 32 */ 939 { 940 1, 941 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 942 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 943 SSL_kEDH, 944 SSL_aDSS, 945 SSL_AES128, 946 SSL_SHA1, 947 SSL_TLSV1, 948 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 949 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 950 128, 951 128, 952 }, 953 /* Cipher 33 */ 954 { 955 1, 956 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 957 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 958 SSL_kEDH, 959 SSL_aRSA, 960 SSL_AES128, 961 SSL_SHA1, 962 SSL_TLSV1, 963 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 964 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 965 128, 966 128, 967 }, 968 /* Cipher 34 */ 969 { 970 1, 971 TLS1_TXT_ADH_WITH_AES_128_SHA, 972 TLS1_CK_ADH_WITH_AES_128_SHA, 973 SSL_kEDH, 974 SSL_aNULL, 975 SSL_AES128, 976 SSL_SHA1, 977 SSL_TLSV1, 978 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 979 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 980 128, 981 128, 982 }, 983 984 /* Cipher 35 */ 985 { 986 1, 987 TLS1_TXT_RSA_WITH_AES_256_SHA, 988 TLS1_CK_RSA_WITH_AES_256_SHA, 989 SSL_kRSA, 990 SSL_aRSA, 991 SSL_AES256, 992 SSL_SHA1, 993 SSL_TLSV1, 994 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 995 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 996 256, 997 256, 998 }, 999 /* Cipher 36 */ 1000 { 1001 0, 1002 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 1003 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 1004 SSL_kDHd, 1005 SSL_aDH, 1006 SSL_AES256, 1007 SSL_SHA1, 1008 SSL_TLSV1, 1009 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1010 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1011 256, 1012 256, 1013 }, 1014 1015 /* Cipher 37 */ 1016 { 1017 0, /* not implemented (non-ephemeral DH) */ 1018 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 1019 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 1020 SSL_kDHr, 1021 SSL_aDH, 1022 SSL_AES256, 1023 SSL_SHA1, 1024 SSL_TLSV1, 1025 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1026 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1027 256, 1028 256, 1029 }, 1030 1031 /* Cipher 38 */ 1032 { 1033 1, 1034 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 1035 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 1036 SSL_kEDH, 1037 SSL_aDSS, 1038 SSL_AES256, 1039 SSL_SHA1, 1040 SSL_TLSV1, 1041 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1042 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1043 256, 1044 256, 1045 }, 1046 1047 /* Cipher 39 */ 1048 { 1049 1, 1050 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 1051 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 1052 SSL_kEDH, 1053 SSL_aRSA, 1054 SSL_AES256, 1055 SSL_SHA1, 1056 SSL_TLSV1, 1057 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1058 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1059 256, 1060 256, 1061 }, 1062 1063 /* Cipher 3A */ 1064 { 1065 1, 1066 TLS1_TXT_ADH_WITH_AES_256_SHA, 1067 TLS1_CK_ADH_WITH_AES_256_SHA, 1068 SSL_kEDH, 1069 SSL_aNULL, 1070 SSL_AES256, 1071 SSL_SHA1, 1072 SSL_TLSV1, 1073 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1074 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1075 256, 1076 256, 1077 }, 1078 1079 /* TLS v1.2 ciphersuites */ 1080 /* Cipher 3B */ 1081 { 1082 1, 1083 TLS1_TXT_RSA_WITH_NULL_SHA256, 1084 TLS1_CK_RSA_WITH_NULL_SHA256, 1085 SSL_kRSA, 1086 SSL_aRSA, 1087 SSL_eNULL, 1088 SSL_SHA256, 1089 SSL_TLSV1_2, 1090 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1091 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1092 0, 1093 0, 1094 }, 1095 1096 /* Cipher 3C */ 1097 { 1098 1, 1099 TLS1_TXT_RSA_WITH_AES_128_SHA256, 1100 TLS1_CK_RSA_WITH_AES_128_SHA256, 1101 SSL_kRSA, 1102 SSL_aRSA, 1103 SSL_AES128, 1104 SSL_SHA256, 1105 SSL_TLSV1_2, 1106 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1107 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1108 128, 1109 128, 1110 }, 1111 1112 /* Cipher 3D */ 1113 { 1114 1, 1115 TLS1_TXT_RSA_WITH_AES_256_SHA256, 1116 TLS1_CK_RSA_WITH_AES_256_SHA256, 1117 SSL_kRSA, 1118 SSL_aRSA, 1119 SSL_AES256, 1120 SSL_SHA256, 1121 SSL_TLSV1_2, 1122 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1123 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1124 256, 1125 256, 1126 }, 1127 1128 /* Cipher 3E */ 1129 { 1130 0, /* not implemented (non-ephemeral DH) */ 1131 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, 1132 TLS1_CK_DH_DSS_WITH_AES_128_SHA256, 1133 SSL_kDHd, 1134 SSL_aDH, 1135 SSL_AES128, 1136 SSL_SHA256, 1137 SSL_TLSV1_2, 1138 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1139 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1140 128, 1141 128, 1142 }, 1143 1144 /* Cipher 3F */ 1145 { 1146 0, /* not implemented (non-ephemeral DH) */ 1147 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, 1148 TLS1_CK_DH_RSA_WITH_AES_128_SHA256, 1149 SSL_kDHr, 1150 SSL_aDH, 1151 SSL_AES128, 1152 SSL_SHA256, 1153 SSL_TLSV1_2, 1154 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1155 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1156 128, 1157 128, 1158 }, 1159 1160 /* Cipher 40 */ 1161 { 1162 1, 1163 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 1164 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 1165 SSL_kEDH, 1166 SSL_aDSS, 1167 SSL_AES128, 1168 SSL_SHA256, 1169 SSL_TLSV1_2, 1170 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1171 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1172 128, 1173 128, 1174 }, 1175 1176 #ifndef OPENSSL_NO_CAMELLIA 1177 /* Camellia ciphersuites from RFC4132 (128-bit portion) */ 1178 1179 /* Cipher 41 */ 1180 { 1181 1, 1182 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 1183 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 1184 SSL_kRSA, 1185 SSL_aRSA, 1186 SSL_CAMELLIA128, 1187 SSL_SHA1, 1188 SSL_TLSV1, 1189 SSL_NOT_EXP|SSL_HIGH, 1190 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1191 128, 1192 128, 1193 }, 1194 1195 /* Cipher 42 */ 1196 { 1197 0, /* not implemented (non-ephemeral DH) */ 1198 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1199 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1200 SSL_kDHd, 1201 SSL_aDH, 1202 SSL_CAMELLIA128, 1203 SSL_SHA1, 1204 SSL_TLSV1, 1205 SSL_NOT_EXP|SSL_HIGH, 1206 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1207 128, 1208 128, 1209 }, 1210 1211 /* Cipher 43 */ 1212 { 1213 0, /* not implemented (non-ephemeral DH) */ 1214 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1215 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1216 SSL_kDHr, 1217 SSL_aDH, 1218 SSL_CAMELLIA128, 1219 SSL_SHA1, 1220 SSL_TLSV1, 1221 SSL_NOT_EXP|SSL_HIGH, 1222 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1223 128, 1224 128, 1225 }, 1226 1227 /* Cipher 44 */ 1228 { 1229 1, 1230 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1231 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1232 SSL_kEDH, 1233 SSL_aDSS, 1234 SSL_CAMELLIA128, 1235 SSL_SHA1, 1236 SSL_TLSV1, 1237 SSL_NOT_EXP|SSL_HIGH, 1238 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1239 128, 1240 128, 1241 }, 1242 1243 /* Cipher 45 */ 1244 { 1245 1, 1246 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1247 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1248 SSL_kEDH, 1249 SSL_aRSA, 1250 SSL_CAMELLIA128, 1251 SSL_SHA1, 1252 SSL_TLSV1, 1253 SSL_NOT_EXP|SSL_HIGH, 1254 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1255 128, 1256 128, 1257 }, 1258 1259 /* Cipher 46 */ 1260 { 1261 1, 1262 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 1263 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 1264 SSL_kEDH, 1265 SSL_aNULL, 1266 SSL_CAMELLIA128, 1267 SSL_SHA1, 1268 SSL_TLSV1, 1269 SSL_NOT_EXP|SSL_HIGH, 1270 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1271 128, 1272 128, 1273 }, 1274 #endif /* OPENSSL_NO_CAMELLIA */ 1275 1276 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1277 /* New TLS Export CipherSuites from expired ID */ 1278 #if 0 1279 /* Cipher 60 */ 1280 { 1281 1, 1282 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5, 1283 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5, 1284 SSL_kRSA, 1285 SSL_aRSA, 1286 SSL_RC4, 1287 SSL_MD5, 1288 SSL_TLSV1, 1289 SSL_EXPORT|SSL_EXP56, 1290 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1291 56, 1292 128, 1293 }, 1294 1295 /* Cipher 61 */ 1296 { 1297 1, 1298 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1299 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1300 SSL_kRSA, 1301 SSL_aRSA, 1302 SSL_RC2, 1303 SSL_MD5, 1304 SSL_TLSV1, 1305 SSL_EXPORT|SSL_EXP56, 1306 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1307 56, 1308 128, 1309 }, 1310 #endif 1311 1312 /* Cipher 62 */ 1313 { 1314 1, 1315 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1316 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1317 SSL_kRSA, 1318 SSL_aRSA, 1319 SSL_DES, 1320 SSL_SHA1, 1321 SSL_TLSV1, 1322 SSL_EXPORT|SSL_EXP56, 1323 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1324 56, 1325 56, 1326 }, 1327 1328 /* Cipher 63 */ 1329 { 1330 1, 1331 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1332 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1333 SSL_kEDH, 1334 SSL_aDSS, 1335 SSL_DES, 1336 SSL_SHA1, 1337 SSL_TLSV1, 1338 SSL_EXPORT|SSL_EXP56, 1339 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1340 56, 1341 56, 1342 }, 1343 1344 /* Cipher 64 */ 1345 { 1346 1, 1347 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, 1348 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA, 1349 SSL_kRSA, 1350 SSL_aRSA, 1351 SSL_RC4, 1352 SSL_SHA1, 1353 SSL_TLSV1, 1354 SSL_EXPORT|SSL_EXP56, 1355 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1356 56, 1357 128, 1358 }, 1359 1360 /* Cipher 65 */ 1361 { 1362 1, 1363 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1364 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1365 SSL_kEDH, 1366 SSL_aDSS, 1367 SSL_RC4, 1368 SSL_SHA1, 1369 SSL_TLSV1, 1370 SSL_EXPORT|SSL_EXP56, 1371 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1372 56, 1373 128, 1374 }, 1375 1376 /* Cipher 66 */ 1377 { 1378 1, 1379 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 1380 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 1381 SSL_kEDH, 1382 SSL_aDSS, 1383 SSL_RC4, 1384 SSL_SHA1, 1385 SSL_TLSV1, 1386 SSL_NOT_EXP|SSL_MEDIUM, 1387 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1388 128, 1389 128, 1390 }, 1391 #endif 1392 1393 /* TLS v1.2 ciphersuites */ 1394 /* Cipher 67 */ 1395 { 1396 1, 1397 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 1398 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 1399 SSL_kEDH, 1400 SSL_aRSA, 1401 SSL_AES128, 1402 SSL_SHA256, 1403 SSL_TLSV1_2, 1404 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1405 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1406 128, 1407 128, 1408 }, 1409 1410 /* Cipher 68 */ 1411 { 1412 0, /* not implemented (non-ephemeral DH) */ 1413 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, 1414 TLS1_CK_DH_DSS_WITH_AES_256_SHA256, 1415 SSL_kDHd, 1416 SSL_aDH, 1417 SSL_AES256, 1418 SSL_SHA256, 1419 SSL_TLSV1_2, 1420 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1421 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1422 256, 1423 256, 1424 }, 1425 1426 /* Cipher 69 */ 1427 { 1428 0, /* not implemented (non-ephemeral DH) */ 1429 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, 1430 TLS1_CK_DH_RSA_WITH_AES_256_SHA256, 1431 SSL_kDHr, 1432 SSL_aDH, 1433 SSL_AES256, 1434 SSL_SHA256, 1435 SSL_TLSV1_2, 1436 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1437 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1438 256, 1439 256, 1440 }, 1441 1442 /* Cipher 6A */ 1443 { 1444 1, 1445 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 1446 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 1447 SSL_kEDH, 1448 SSL_aDSS, 1449 SSL_AES256, 1450 SSL_SHA256, 1451 SSL_TLSV1_2, 1452 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1453 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1454 256, 1455 256, 1456 }, 1457 1458 /* Cipher 6B */ 1459 { 1460 1, 1461 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 1462 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 1463 SSL_kEDH, 1464 SSL_aRSA, 1465 SSL_AES256, 1466 SSL_SHA256, 1467 SSL_TLSV1_2, 1468 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1469 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1470 256, 1471 256, 1472 }, 1473 1474 /* Cipher 6C */ 1475 { 1476 1, 1477 TLS1_TXT_ADH_WITH_AES_128_SHA256, 1478 TLS1_CK_ADH_WITH_AES_128_SHA256, 1479 SSL_kEDH, 1480 SSL_aNULL, 1481 SSL_AES128, 1482 SSL_SHA256, 1483 SSL_TLSV1_2, 1484 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1485 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1486 128, 1487 128, 1488 }, 1489 1490 /* Cipher 6D */ 1491 { 1492 1, 1493 TLS1_TXT_ADH_WITH_AES_256_SHA256, 1494 TLS1_CK_ADH_WITH_AES_256_SHA256, 1495 SSL_kEDH, 1496 SSL_aNULL, 1497 SSL_AES256, 1498 SSL_SHA256, 1499 SSL_TLSV1_2, 1500 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1501 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1502 256, 1503 256, 1504 }, 1505 1506 /* GOST Ciphersuites */ 1507 1508 { 1509 1, 1510 "GOST94-GOST89-GOST89", 1511 0x3000080, 1512 SSL_kGOST, 1513 SSL_aGOST94, 1514 SSL_eGOST2814789CNT, 1515 SSL_GOST89MAC, 1516 SSL_TLSV1, 1517 SSL_NOT_EXP|SSL_HIGH, 1518 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1519 256, 1520 256 1521 }, 1522 { 1523 1, 1524 "GOST2001-GOST89-GOST89", 1525 0x3000081, 1526 SSL_kGOST, 1527 SSL_aGOST01, 1528 SSL_eGOST2814789CNT, 1529 SSL_GOST89MAC, 1530 SSL_TLSV1, 1531 SSL_NOT_EXP|SSL_HIGH, 1532 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1533 256, 1534 256 1535 }, 1536 { 1537 1, 1538 "GOST94-NULL-GOST94", 1539 0x3000082, 1540 SSL_kGOST, 1541 SSL_aGOST94, 1542 SSL_eNULL, 1543 SSL_GOST94, 1544 SSL_TLSV1, 1545 SSL_NOT_EXP|SSL_STRONG_NONE, 1546 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1547 0, 1548 0 1549 }, 1550 { 1551 1, 1552 "GOST2001-NULL-GOST94", 1553 0x3000083, 1554 SSL_kGOST, 1555 SSL_aGOST01, 1556 SSL_eNULL, 1557 SSL_GOST94, 1558 SSL_TLSV1, 1559 SSL_NOT_EXP|SSL_STRONG_NONE, 1560 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1561 0, 1562 0 1563 }, 1564 1565 #ifndef OPENSSL_NO_CAMELLIA 1566 /* Camellia ciphersuites from RFC4132 (256-bit portion) */ 1567 1568 /* Cipher 84 */ 1569 { 1570 1, 1571 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1572 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1573 SSL_kRSA, 1574 SSL_aRSA, 1575 SSL_CAMELLIA256, 1576 SSL_SHA1, 1577 SSL_TLSV1, 1578 SSL_NOT_EXP|SSL_HIGH, 1579 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1580 256, 1581 256, 1582 }, 1583 /* Cipher 85 */ 1584 { 1585 0, /* not implemented (non-ephemeral DH) */ 1586 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1587 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1588 SSL_kDHd, 1589 SSL_aDH, 1590 SSL_CAMELLIA256, 1591 SSL_SHA1, 1592 SSL_TLSV1, 1593 SSL_NOT_EXP|SSL_HIGH, 1594 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1595 256, 1596 256, 1597 }, 1598 1599 /* Cipher 86 */ 1600 { 1601 0, /* not implemented (non-ephemeral DH) */ 1602 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1603 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1604 SSL_kDHr, 1605 SSL_aDH, 1606 SSL_CAMELLIA256, 1607 SSL_SHA1, 1608 SSL_TLSV1, 1609 SSL_NOT_EXP|SSL_HIGH, 1610 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1611 256, 1612 256, 1613 }, 1614 1615 /* Cipher 87 */ 1616 { 1617 1, 1618 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1619 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1620 SSL_kEDH, 1621 SSL_aDSS, 1622 SSL_CAMELLIA256, 1623 SSL_SHA1, 1624 SSL_TLSV1, 1625 SSL_NOT_EXP|SSL_HIGH, 1626 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1627 256, 1628 256, 1629 }, 1630 1631 /* Cipher 88 */ 1632 { 1633 1, 1634 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1635 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1636 SSL_kEDH, 1637 SSL_aRSA, 1638 SSL_CAMELLIA256, 1639 SSL_SHA1, 1640 SSL_TLSV1, 1641 SSL_NOT_EXP|SSL_HIGH, 1642 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1643 256, 1644 256, 1645 }, 1646 1647 /* Cipher 89 */ 1648 { 1649 1, 1650 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1651 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1652 SSL_kEDH, 1653 SSL_aNULL, 1654 SSL_CAMELLIA256, 1655 SSL_SHA1, 1656 SSL_TLSV1, 1657 SSL_NOT_EXP|SSL_HIGH, 1658 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1659 256, 1660 256, 1661 }, 1662 #endif /* OPENSSL_NO_CAMELLIA */ 1663 1664 #ifndef OPENSSL_NO_PSK 1665 /* Cipher 8A */ 1666 { 1667 1, 1668 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1669 TLS1_CK_PSK_WITH_RC4_128_SHA, 1670 SSL_kPSK, 1671 SSL_aPSK, 1672 SSL_RC4, 1673 SSL_SHA1, 1674 SSL_TLSV1, 1675 SSL_NOT_EXP|SSL_MEDIUM, 1676 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1677 128, 1678 128, 1679 }, 1680 1681 /* Cipher 8B */ 1682 { 1683 1, 1684 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1685 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1686 SSL_kPSK, 1687 SSL_aPSK, 1688 SSL_3DES, 1689 SSL_SHA1, 1690 SSL_TLSV1, 1691 SSL_NOT_EXP|SSL_HIGH, 1692 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1693 168, 1694 168, 1695 }, 1696 1697 /* Cipher 8C */ 1698 { 1699 1, 1700 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1701 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1702 SSL_kPSK, 1703 SSL_aPSK, 1704 SSL_AES128, 1705 SSL_SHA1, 1706 SSL_TLSV1, 1707 SSL_NOT_EXP|SSL_HIGH, 1708 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1709 128, 1710 128, 1711 }, 1712 1713 /* Cipher 8D */ 1714 { 1715 1, 1716 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1717 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1718 SSL_kPSK, 1719 SSL_aPSK, 1720 SSL_AES256, 1721 SSL_SHA1, 1722 SSL_TLSV1, 1723 SSL_NOT_EXP|SSL_HIGH, 1724 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1725 256, 1726 256, 1727 }, 1728 #endif /* OPENSSL_NO_PSK */ 1729 1730 #ifndef OPENSSL_NO_SEED 1731 /* SEED ciphersuites from RFC4162 */ 1732 1733 /* Cipher 96 */ 1734 { 1735 1, 1736 TLS1_TXT_RSA_WITH_SEED_SHA, 1737 TLS1_CK_RSA_WITH_SEED_SHA, 1738 SSL_kRSA, 1739 SSL_aRSA, 1740 SSL_SEED, 1741 SSL_SHA1, 1742 SSL_TLSV1, 1743 SSL_NOT_EXP|SSL_MEDIUM, 1744 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1745 128, 1746 128, 1747 }, 1748 1749 /* Cipher 97 */ 1750 { 1751 0, /* not implemented (non-ephemeral DH) */ 1752 TLS1_TXT_DH_DSS_WITH_SEED_SHA, 1753 TLS1_CK_DH_DSS_WITH_SEED_SHA, 1754 SSL_kDHd, 1755 SSL_aDH, 1756 SSL_SEED, 1757 SSL_SHA1, 1758 SSL_TLSV1, 1759 SSL_NOT_EXP|SSL_MEDIUM, 1760 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1761 128, 1762 128, 1763 }, 1764 1765 /* Cipher 98 */ 1766 { 1767 0, /* not implemented (non-ephemeral DH) */ 1768 TLS1_TXT_DH_RSA_WITH_SEED_SHA, 1769 TLS1_CK_DH_RSA_WITH_SEED_SHA, 1770 SSL_kDHr, 1771 SSL_aDH, 1772 SSL_SEED, 1773 SSL_SHA1, 1774 SSL_TLSV1, 1775 SSL_NOT_EXP|SSL_MEDIUM, 1776 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1777 128, 1778 128, 1779 }, 1780 1781 /* Cipher 99 */ 1782 { 1783 1, 1784 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 1785 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 1786 SSL_kEDH, 1787 SSL_aDSS, 1788 SSL_SEED, 1789 SSL_SHA1, 1790 SSL_TLSV1, 1791 SSL_NOT_EXP|SSL_MEDIUM, 1792 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1793 128, 1794 128, 1795 }, 1796 1797 /* Cipher 9A */ 1798 { 1799 1, 1800 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 1801 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 1802 SSL_kEDH, 1803 SSL_aRSA, 1804 SSL_SEED, 1805 SSL_SHA1, 1806 SSL_TLSV1, 1807 SSL_NOT_EXP|SSL_MEDIUM, 1808 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1809 128, 1810 128, 1811 }, 1812 1813 /* Cipher 9B */ 1814 { 1815 1, 1816 TLS1_TXT_ADH_WITH_SEED_SHA, 1817 TLS1_CK_ADH_WITH_SEED_SHA, 1818 SSL_kEDH, 1819 SSL_aNULL, 1820 SSL_SEED, 1821 SSL_SHA1, 1822 SSL_TLSV1, 1823 SSL_NOT_EXP|SSL_MEDIUM, 1824 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1825 128, 1826 128, 1827 }, 1828 1829 #endif /* OPENSSL_NO_SEED */ 1830 1831 /* GCM ciphersuites from RFC5288 */ 1832 1833 /* Cipher 9C */ 1834 { 1835 1, 1836 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1837 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1838 SSL_kRSA, 1839 SSL_aRSA, 1840 SSL_AES128GCM, 1841 SSL_AEAD, 1842 SSL_TLSV1_2, 1843 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1844 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 1845 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 1846 128, 1847 128, 1848 }, 1849 1850 /* Cipher 9D */ 1851 { 1852 1, 1853 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1854 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1855 SSL_kRSA, 1856 SSL_aRSA, 1857 SSL_AES256GCM, 1858 SSL_AEAD, 1859 SSL_TLSV1_2, 1860 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1861 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1862 256, 1863 256, 1864 }, 1865 1866 /* Cipher 9E */ 1867 { 1868 1, 1869 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1870 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1871 SSL_kEDH, 1872 SSL_aRSA, 1873 SSL_AES128GCM, 1874 SSL_AEAD, 1875 SSL_TLSV1_2, 1876 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1877 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 1878 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 1879 128, 1880 128, 1881 }, 1882 1883 /* Cipher 9F */ 1884 { 1885 1, 1886 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1887 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1888 SSL_kEDH, 1889 SSL_aRSA, 1890 SSL_AES256GCM, 1891 SSL_AEAD, 1892 SSL_TLSV1_2, 1893 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1894 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1895 256, 1896 256, 1897 }, 1898 1899 /* Cipher A0 */ 1900 { 1901 0, 1902 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1903 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1904 SSL_kDHr, 1905 SSL_aDH, 1906 SSL_AES128GCM, 1907 SSL_AEAD, 1908 SSL_TLSV1_2, 1909 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1910 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 1911 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 1912 128, 1913 128, 1914 }, 1915 1916 /* Cipher A1 */ 1917 { 1918 0, 1919 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1920 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1921 SSL_kDHr, 1922 SSL_aDH, 1923 SSL_AES256GCM, 1924 SSL_AEAD, 1925 SSL_TLSV1_2, 1926 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1927 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1928 256, 1929 256, 1930 }, 1931 1932 /* Cipher A2 */ 1933 { 1934 1, 1935 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 1936 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 1937 SSL_kEDH, 1938 SSL_aDSS, 1939 SSL_AES128GCM, 1940 SSL_AEAD, 1941 SSL_TLSV1_2, 1942 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1943 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 1944 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 1945 128, 1946 128, 1947 }, 1948 1949 /* Cipher A3 */ 1950 { 1951 1, 1952 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 1953 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 1954 SSL_kEDH, 1955 SSL_aDSS, 1956 SSL_AES256GCM, 1957 SSL_AEAD, 1958 SSL_TLSV1_2, 1959 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1960 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1961 256, 1962 256, 1963 }, 1964 1965 /* Cipher A4 */ 1966 { 1967 0, 1968 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 1969 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 1970 SSL_kDHd, 1971 SSL_aDH, 1972 SSL_AES128GCM, 1973 SSL_AEAD, 1974 SSL_TLSV1_2, 1975 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1976 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 1977 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 1978 128, 1979 128, 1980 }, 1981 1982 /* Cipher A5 */ 1983 { 1984 0, 1985 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 1986 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 1987 SSL_kDHd, 1988 SSL_aDH, 1989 SSL_AES256GCM, 1990 SSL_AEAD, 1991 SSL_TLSV1_2, 1992 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1993 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1994 256, 1995 256, 1996 }, 1997 1998 /* Cipher A6 */ 1999 { 2000 1, 2001 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 2002 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 2003 SSL_kEDH, 2004 SSL_aNULL, 2005 SSL_AES128GCM, 2006 SSL_AEAD, 2007 SSL_TLSV1_2, 2008 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2009 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 2010 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 2011 128, 2012 128, 2013 }, 2014 2015 /* Cipher A7 */ 2016 { 2017 1, 2018 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 2019 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 2020 SSL_kEDH, 2021 SSL_aNULL, 2022 SSL_AES256GCM, 2023 SSL_AEAD, 2024 SSL_TLSV1_2, 2025 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2026 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2027 256, 2028 256, 2029 }, 2030 2031 #ifndef OPENSSL_NO_ECDH 2032 /* Cipher C001 */ 2033 { 2034 1, 2035 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 2036 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 2037 SSL_kECDHe, 2038 SSL_aECDH, 2039 SSL_eNULL, 2040 SSL_SHA1, 2041 SSL_TLSV1, 2042 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2043 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2044 0, 2045 0, 2046 }, 2047 2048 /* Cipher C002 */ 2049 { 2050 1, 2051 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 2052 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 2053 SSL_kECDHe, 2054 SSL_aECDH, 2055 SSL_RC4, 2056 SSL_SHA1, 2057 SSL_TLSV1, 2058 SSL_NOT_EXP|SSL_MEDIUM, 2059 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2060 128, 2061 128, 2062 }, 2063 2064 /* Cipher C003 */ 2065 { 2066 1, 2067 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2068 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2069 SSL_kECDHe, 2070 SSL_aECDH, 2071 SSL_3DES, 2072 SSL_SHA1, 2073 SSL_TLSV1, 2074 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2075 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2076 168, 2077 168, 2078 }, 2079 2080 /* Cipher C004 */ 2081 { 2082 1, 2083 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2084 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2085 SSL_kECDHe, 2086 SSL_aECDH, 2087 SSL_AES128, 2088 SSL_SHA1, 2089 SSL_TLSV1, 2090 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2091 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2092 128, 2093 128, 2094 }, 2095 2096 /* Cipher C005 */ 2097 { 2098 1, 2099 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2100 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2101 SSL_kECDHe, 2102 SSL_aECDH, 2103 SSL_AES256, 2104 SSL_SHA1, 2105 SSL_TLSV1, 2106 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2107 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2108 256, 2109 256, 2110 }, 2111 2112 /* Cipher C006 */ 2113 { 2114 1, 2115 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 2116 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 2117 SSL_kEECDH, 2118 SSL_aECDSA, 2119 SSL_eNULL, 2120 SSL_SHA1, 2121 SSL_TLSV1, 2122 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2123 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2124 0, 2125 0, 2126 }, 2127 2128 /* Cipher C007 */ 2129 { 2130 1, 2131 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 2132 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 2133 SSL_kEECDH, 2134 SSL_aECDSA, 2135 SSL_RC4, 2136 SSL_SHA1, 2137 SSL_TLSV1, 2138 SSL_NOT_EXP|SSL_MEDIUM, 2139 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2140 128, 2141 128, 2142 }, 2143 2144 /* Cipher C008 */ 2145 { 2146 1, 2147 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2148 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2149 SSL_kEECDH, 2150 SSL_aECDSA, 2151 SSL_3DES, 2152 SSL_SHA1, 2153 SSL_TLSV1, 2154 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2155 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2156 168, 2157 168, 2158 }, 2159 2160 /* Cipher C009 */ 2161 { 2162 1, 2163 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2164 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2165 SSL_kEECDH, 2166 SSL_aECDSA, 2167 SSL_AES128, 2168 SSL_SHA1, 2169 SSL_TLSV1, 2170 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2171 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2172 128, 2173 128, 2174 }, 2175 2176 /* Cipher C00A */ 2177 { 2178 1, 2179 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2180 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2181 SSL_kEECDH, 2182 SSL_aECDSA, 2183 SSL_AES256, 2184 SSL_SHA1, 2185 SSL_TLSV1, 2186 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2187 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2188 256, 2189 256, 2190 }, 2191 2192 /* Cipher C00B */ 2193 { 2194 1, 2195 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 2196 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 2197 SSL_kECDHr, 2198 SSL_aECDH, 2199 SSL_eNULL, 2200 SSL_SHA1, 2201 SSL_TLSV1, 2202 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2203 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2204 0, 2205 0, 2206 }, 2207 2208 /* Cipher C00C */ 2209 { 2210 1, 2211 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 2212 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 2213 SSL_kECDHr, 2214 SSL_aECDH, 2215 SSL_RC4, 2216 SSL_SHA1, 2217 SSL_TLSV1, 2218 SSL_NOT_EXP|SSL_MEDIUM, 2219 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2220 128, 2221 128, 2222 }, 2223 2224 /* Cipher C00D */ 2225 { 2226 1, 2227 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2228 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2229 SSL_kECDHr, 2230 SSL_aECDH, 2231 SSL_3DES, 2232 SSL_SHA1, 2233 SSL_TLSV1, 2234 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2235 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2236 168, 2237 168, 2238 }, 2239 2240 /* Cipher C00E */ 2241 { 2242 1, 2243 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 2244 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 2245 SSL_kECDHr, 2246 SSL_aECDH, 2247 SSL_AES128, 2248 SSL_SHA1, 2249 SSL_TLSV1, 2250 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2251 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2252 128, 2253 128, 2254 }, 2255 2256 /* Cipher C00F */ 2257 { 2258 1, 2259 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 2260 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 2261 SSL_kECDHr, 2262 SSL_aECDH, 2263 SSL_AES256, 2264 SSL_SHA1, 2265 SSL_TLSV1, 2266 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2267 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2268 256, 2269 256, 2270 }, 2271 2272 /* Cipher C010 */ 2273 { 2274 1, 2275 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 2276 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 2277 SSL_kEECDH, 2278 SSL_aRSA, 2279 SSL_eNULL, 2280 SSL_SHA1, 2281 SSL_TLSV1, 2282 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2283 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2284 0, 2285 0, 2286 }, 2287 2288 /* Cipher C011 */ 2289 { 2290 1, 2291 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 2292 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 2293 SSL_kEECDH, 2294 SSL_aRSA, 2295 SSL_RC4, 2296 SSL_SHA1, 2297 SSL_TLSV1, 2298 SSL_NOT_EXP|SSL_MEDIUM, 2299 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2300 128, 2301 128, 2302 }, 2303 2304 /* Cipher C012 */ 2305 { 2306 1, 2307 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2308 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2309 SSL_kEECDH, 2310 SSL_aRSA, 2311 SSL_3DES, 2312 SSL_SHA1, 2313 SSL_TLSV1, 2314 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2315 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2316 168, 2317 168, 2318 }, 2319 2320 /* Cipher C013 */ 2321 { 2322 1, 2323 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2324 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2325 SSL_kEECDH, 2326 SSL_aRSA, 2327 SSL_AES128, 2328 SSL_SHA1, 2329 SSL_TLSV1, 2330 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2331 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2332 128, 2333 128, 2334 }, 2335 2336 /* Cipher C014 */ 2337 { 2338 1, 2339 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2340 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2341 SSL_kEECDH, 2342 SSL_aRSA, 2343 SSL_AES256, 2344 SSL_SHA1, 2345 SSL_TLSV1, 2346 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2347 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2348 256, 2349 256, 2350 }, 2351 2352 /* Cipher C015 */ 2353 { 2354 1, 2355 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 2356 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 2357 SSL_kEECDH, 2358 SSL_aNULL, 2359 SSL_eNULL, 2360 SSL_SHA1, 2361 SSL_TLSV1, 2362 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2363 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2364 0, 2365 0, 2366 }, 2367 2368 /* Cipher C016 */ 2369 { 2370 1, 2371 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 2372 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 2373 SSL_kEECDH, 2374 SSL_aNULL, 2375 SSL_RC4, 2376 SSL_SHA1, 2377 SSL_TLSV1, 2378 SSL_NOT_EXP|SSL_MEDIUM, 2379 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2380 128, 2381 128, 2382 }, 2383 2384 /* Cipher C017 */ 2385 { 2386 1, 2387 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 2388 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 2389 SSL_kEECDH, 2390 SSL_aNULL, 2391 SSL_3DES, 2392 SSL_SHA1, 2393 SSL_TLSV1, 2394 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2395 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2396 168, 2397 168, 2398 }, 2399 2400 /* Cipher C018 */ 2401 { 2402 1, 2403 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 2404 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 2405 SSL_kEECDH, 2406 SSL_aNULL, 2407 SSL_AES128, 2408 SSL_SHA1, 2409 SSL_TLSV1, 2410 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2411 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2412 128, 2413 128, 2414 }, 2415 2416 /* Cipher C019 */ 2417 { 2418 1, 2419 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 2420 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 2421 SSL_kEECDH, 2422 SSL_aNULL, 2423 SSL_AES256, 2424 SSL_SHA1, 2425 SSL_TLSV1, 2426 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2427 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2428 256, 2429 256, 2430 }, 2431 #endif /* OPENSSL_NO_ECDH */ 2432 2433 #ifndef OPENSSL_NO_SRP 2434 /* Cipher C01A */ 2435 { 2436 1, 2437 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2438 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2439 SSL_kSRP, 2440 SSL_aNULL, 2441 SSL_3DES, 2442 SSL_SHA1, 2443 SSL_TLSV1, 2444 SSL_NOT_EXP|SSL_HIGH, 2445 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2446 168, 2447 168, 2448 }, 2449 2450 /* Cipher C01B */ 2451 { 2452 1, 2453 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2454 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2455 SSL_kSRP, 2456 SSL_aRSA, 2457 SSL_3DES, 2458 SSL_SHA1, 2459 SSL_TLSV1, 2460 SSL_NOT_EXP|SSL_HIGH, 2461 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2462 168, 2463 168, 2464 }, 2465 2466 /* Cipher C01C */ 2467 { 2468 1, 2469 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2470 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2471 SSL_kSRP, 2472 SSL_aDSS, 2473 SSL_3DES, 2474 SSL_SHA1, 2475 SSL_TLSV1, 2476 SSL_NOT_EXP|SSL_HIGH, 2477 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2478 168, 2479 168, 2480 }, 2481 2482 /* Cipher C01D */ 2483 { 2484 1, 2485 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, 2486 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, 2487 SSL_kSRP, 2488 SSL_aNULL, 2489 SSL_AES128, 2490 SSL_SHA1, 2491 SSL_TLSV1, 2492 SSL_NOT_EXP|SSL_HIGH, 2493 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2494 128, 2495 128, 2496 }, 2497 2498 /* Cipher C01E */ 2499 { 2500 1, 2501 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2502 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2503 SSL_kSRP, 2504 SSL_aRSA, 2505 SSL_AES128, 2506 SSL_SHA1, 2507 SSL_TLSV1, 2508 SSL_NOT_EXP|SSL_HIGH, 2509 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2510 128, 2511 128, 2512 }, 2513 2514 /* Cipher C01F */ 2515 { 2516 1, 2517 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2518 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2519 SSL_kSRP, 2520 SSL_aDSS, 2521 SSL_AES128, 2522 SSL_SHA1, 2523 SSL_TLSV1, 2524 SSL_NOT_EXP|SSL_HIGH, 2525 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2526 128, 2527 128, 2528 }, 2529 2530 /* Cipher C020 */ 2531 { 2532 1, 2533 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, 2534 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, 2535 SSL_kSRP, 2536 SSL_aNULL, 2537 SSL_AES256, 2538 SSL_SHA1, 2539 SSL_TLSV1, 2540 SSL_NOT_EXP|SSL_HIGH, 2541 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2542 256, 2543 256, 2544 }, 2545 2546 /* Cipher C021 */ 2547 { 2548 1, 2549 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2550 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2551 SSL_kSRP, 2552 SSL_aRSA, 2553 SSL_AES256, 2554 SSL_SHA1, 2555 SSL_TLSV1, 2556 SSL_NOT_EXP|SSL_HIGH, 2557 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2558 256, 2559 256, 2560 }, 2561 2562 /* Cipher C022 */ 2563 { 2564 1, 2565 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2566 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2567 SSL_kSRP, 2568 SSL_aDSS, 2569 SSL_AES256, 2570 SSL_SHA1, 2571 SSL_TLSV1, 2572 SSL_NOT_EXP|SSL_HIGH, 2573 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2574 256, 2575 256, 2576 }, 2577 #endif /* OPENSSL_NO_SRP */ 2578 #ifndef OPENSSL_NO_ECDH 2579 2580 /* HMAC based TLS v1.2 ciphersuites from RFC5289 */ 2581 2582 /* Cipher C023 */ 2583 { 2584 1, 2585 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 2586 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 2587 SSL_kEECDH, 2588 SSL_aECDSA, 2589 SSL_AES128, 2590 SSL_SHA256, 2591 SSL_TLSV1_2, 2592 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2593 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2594 128, 2595 128, 2596 }, 2597 2598 /* Cipher C024 */ 2599 { 2600 1, 2601 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 2602 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 2603 SSL_kEECDH, 2604 SSL_aECDSA, 2605 SSL_AES256, 2606 SSL_SHA384, 2607 SSL_TLSV1_2, 2608 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2609 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2610 256, 2611 256, 2612 }, 2613 2614 /* Cipher C025 */ 2615 { 2616 1, 2617 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256, 2618 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256, 2619 SSL_kECDHe, 2620 SSL_aECDH, 2621 SSL_AES128, 2622 SSL_SHA256, 2623 SSL_TLSV1_2, 2624 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2625 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2626 128, 2627 128, 2628 }, 2629 2630 /* Cipher C026 */ 2631 { 2632 1, 2633 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384, 2634 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384, 2635 SSL_kECDHe, 2636 SSL_aECDH, 2637 SSL_AES256, 2638 SSL_SHA384, 2639 SSL_TLSV1_2, 2640 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2641 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2642 256, 2643 256, 2644 }, 2645 2646 /* Cipher C027 */ 2647 { 2648 1, 2649 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 2650 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 2651 SSL_kEECDH, 2652 SSL_aRSA, 2653 SSL_AES128, 2654 SSL_SHA256, 2655 SSL_TLSV1_2, 2656 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2657 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2658 128, 2659 128, 2660 }, 2661 2662 /* Cipher C028 */ 2663 { 2664 1, 2665 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 2666 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 2667 SSL_kEECDH, 2668 SSL_aRSA, 2669 SSL_AES256, 2670 SSL_SHA384, 2671 SSL_TLSV1_2, 2672 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2673 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2674 256, 2675 256, 2676 }, 2677 2678 /* Cipher C029 */ 2679 { 2680 1, 2681 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, 2682 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, 2683 SSL_kECDHr, 2684 SSL_aECDH, 2685 SSL_AES128, 2686 SSL_SHA256, 2687 SSL_TLSV1_2, 2688 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2689 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2690 128, 2691 128, 2692 }, 2693 2694 /* Cipher C02A */ 2695 { 2696 1, 2697 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, 2698 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, 2699 SSL_kECDHr, 2700 SSL_aECDH, 2701 SSL_AES256, 2702 SSL_SHA384, 2703 SSL_TLSV1_2, 2704 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2705 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2706 256, 2707 256, 2708 }, 2709 2710 /* GCM based TLS v1.2 ciphersuites from RFC5289 */ 2711 2712 /* Cipher C02B */ 2713 { 2714 1, 2715 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2716 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2717 SSL_kEECDH, 2718 SSL_aECDSA, 2719 SSL_AES128GCM, 2720 SSL_AEAD, 2721 SSL_TLSV1_2, 2722 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2723 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 2724 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 2725 128, 2726 128, 2727 }, 2728 2729 /* Cipher C02C */ 2730 { 2731 1, 2732 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2733 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2734 SSL_kEECDH, 2735 SSL_aECDSA, 2736 SSL_AES256GCM, 2737 SSL_AEAD, 2738 SSL_TLSV1_2, 2739 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2740 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2741 256, 2742 256, 2743 }, 2744 2745 /* Cipher C02D */ 2746 { 2747 1, 2748 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2749 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2750 SSL_kECDHe, 2751 SSL_aECDH, 2752 SSL_AES128GCM, 2753 SSL_AEAD, 2754 SSL_TLSV1_2, 2755 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2756 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 2757 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 2758 128, 2759 128, 2760 }, 2761 2762 /* Cipher C02E */ 2763 { 2764 1, 2765 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2766 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2767 SSL_kECDHe, 2768 SSL_aECDH, 2769 SSL_AES256GCM, 2770 SSL_AEAD, 2771 SSL_TLSV1_2, 2772 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2773 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2774 256, 2775 256, 2776 }, 2777 2778 /* Cipher C02F */ 2779 { 2780 1, 2781 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2782 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2783 SSL_kEECDH, 2784 SSL_aRSA, 2785 SSL_AES128GCM, 2786 SSL_AEAD, 2787 SSL_TLSV1_2, 2788 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2789 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 2790 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 2791 128, 2792 128, 2793 }, 2794 2795 /* Cipher C030 */ 2796 { 2797 1, 2798 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2799 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2800 SSL_kEECDH, 2801 SSL_aRSA, 2802 SSL_AES256GCM, 2803 SSL_AEAD, 2804 SSL_TLSV1_2, 2805 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2806 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2807 256, 2808 256, 2809 }, 2810 2811 /* Cipher C031 */ 2812 { 2813 1, 2814 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2815 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2816 SSL_kECDHr, 2817 SSL_aECDH, 2818 SSL_AES128GCM, 2819 SSL_AEAD, 2820 SSL_TLSV1_2, 2821 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2822 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)| 2823 SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, 2824 128, 2825 128, 2826 }, 2827 2828 /* Cipher C032 */ 2829 { 2830 1, 2831 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2832 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2833 SSL_kECDHr, 2834 SSL_aECDH, 2835 SSL_AES256GCM, 2836 SSL_AEAD, 2837 SSL_TLSV1_2, 2838 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2839 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2840 256, 2841 256, 2842 }, 2843 2844 #endif /* OPENSSL_NO_ECDH */ 2845 2846 2847 #ifdef TEMP_GOST_TLS 2848 /* Cipher FF00 */ 2849 { 2850 1, 2851 "GOST-MD5", 2852 0x0300ff00, 2853 SSL_kRSA, 2854 SSL_aRSA, 2855 SSL_eGOST2814789CNT, 2856 SSL_MD5, 2857 SSL_TLSV1, 2858 SSL_NOT_EXP|SSL_HIGH, 2859 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2860 256, 2861 256, 2862 }, 2863 { 2864 1, 2865 "GOST-GOST94", 2866 0x0300ff01, 2867 SSL_kRSA, 2868 SSL_aRSA, 2869 SSL_eGOST2814789CNT, 2870 SSL_GOST94, 2871 SSL_TLSV1, 2872 SSL_NOT_EXP|SSL_HIGH, 2873 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2874 256, 2875 256 2876 }, 2877 { 2878 1, 2879 "GOST-GOST89MAC", 2880 0x0300ff02, 2881 SSL_kRSA, 2882 SSL_aRSA, 2883 SSL_eGOST2814789CNT, 2884 SSL_GOST89MAC, 2885 SSL_TLSV1, 2886 SSL_NOT_EXP|SSL_HIGH, 2887 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2888 256, 2889 256 2890 }, 2891 { 2892 1, 2893 "GOST-GOST89STREAM", 2894 0x0300ff03, 2895 SSL_kRSA, 2896 SSL_aRSA, 2897 SSL_eGOST2814789CNT, 2898 SSL_GOST89MAC, 2899 SSL_TLSV1, 2900 SSL_NOT_EXP|SSL_HIGH, 2901 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC, 2902 256, 2903 256 2904 }, 2905 #endif 2906 2907 { 2908 1, 2909 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, 2910 TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, 2911 SSL_kEECDH, 2912 SSL_aRSA, 2913 SSL_CHACHA20POLY1305, 2914 SSL_AEAD, 2915 SSL_TLSV1_2, 2916 SSL_NOT_EXP|SSL_HIGH, 2917 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), 2918 256, 2919 0, 2920 }, 2921 2922 { 2923 1, 2924 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 2925 TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305, 2926 SSL_kEECDH, 2927 SSL_aECDSA, 2928 SSL_CHACHA20POLY1305, 2929 SSL_AEAD, 2930 SSL_TLSV1_2, 2931 SSL_NOT_EXP|SSL_HIGH, 2932 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), 2933 256, 2934 0, 2935 }, 2936 2937 { 2938 1, 2939 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305, 2940 TLS1_CK_DHE_RSA_CHACHA20_POLY1305, 2941 SSL_kEDH, 2942 SSL_aRSA, 2943 SSL_CHACHA20POLY1305, 2944 SSL_AEAD, 2945 SSL_TLSV1_2, 2946 SSL_NOT_EXP|SSL_HIGH, 2947 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), 2948 256, 2949 0, 2950 }, 2951 2952 /* end of list */ 2953 }; 2954 2955 SSL3_ENC_METHOD SSLv3_enc_data={ 2956 ssl3_enc, 2957 n_ssl3_mac, 2958 ssl3_setup_key_block, 2959 ssl3_generate_master_secret, 2960 ssl3_change_cipher_state, 2961 ssl3_final_finish_mac, 2962 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, 2963 ssl3_cert_verify_mac, 2964 SSL3_MD_CLIENT_FINISHED_CONST,4, 2965 SSL3_MD_SERVER_FINISHED_CONST,4, 2966 ssl3_alert_code, 2967 (int (*)(SSL *, unsigned char *, size_t, const char *, 2968 size_t, const unsigned char *, size_t, 2969 int use_context))ssl_undefined_function, 2970 }; 2971 2972 long ssl3_default_timeout(void) 2973 { 2974 /* 2 hours, the 24 hours mentioned in the SSLv3 spec 2975 * is way too long for http, the cache would over fill */ 2976 return(60*60*2); 2977 } 2978 2979 int ssl3_num_ciphers(void) 2980 { 2981 return(SSL3_NUM_CIPHERS); 2982 } 2983 2984 const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 2985 { 2986 if (u < SSL3_NUM_CIPHERS) 2987 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u])); 2988 else 2989 return(NULL); 2990 } 2991 2992 int ssl3_pending(const SSL *s) 2993 { 2994 if (s->rstate == SSL_ST_READ_BODY) 2995 return 0; 2996 2997 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 2998 } 2999 3000 int ssl3_new(SSL *s) 3001 { 3002 SSL3_STATE *s3; 3003 3004 if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err; 3005 memset(s3,0,sizeof *s3); 3006 memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num)); 3007 memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num)); 3008 3009 s->s3=s3; 3010 3011 #ifndef OPENSSL_NO_SRP 3012 SSL_SRP_CTX_init(s); 3013 #endif 3014 #if !defined(OPENSSL_NO_TLSEXT) 3015 s->tlsext_channel_id_enabled = s->ctx->tlsext_channel_id_enabled; 3016 if (s->ctx->tlsext_channel_id_private) 3017 s->tlsext_channel_id_private = EVP_PKEY_dup(s->ctx->tlsext_channel_id_private); 3018 #endif 3019 s->method->ssl_clear(s); 3020 return(1); 3021 err: 3022 return(0); 3023 } 3024 3025 void ssl3_free(SSL *s) 3026 { 3027 if(s == NULL) 3028 return; 3029 3030 #ifdef TLSEXT_TYPE_opaque_prf_input 3031 if (s->s3->client_opaque_prf_input != NULL) 3032 OPENSSL_free(s->s3->client_opaque_prf_input); 3033 if (s->s3->server_opaque_prf_input != NULL) 3034 OPENSSL_free(s->s3->server_opaque_prf_input); 3035 #endif 3036 3037 ssl3_cleanup_key_block(s); 3038 if (s->s3->rbuf.buf != NULL) 3039 ssl3_release_read_buffer(s); 3040 if (s->s3->wbuf.buf != NULL) 3041 ssl3_release_write_buffer(s); 3042 if (s->s3->rrec.comp != NULL) 3043 OPENSSL_free(s->s3->rrec.comp); 3044 #ifndef OPENSSL_NO_DH 3045 if (s->s3->tmp.dh != NULL) 3046 DH_free(s->s3->tmp.dh); 3047 #endif 3048 #ifndef OPENSSL_NO_ECDH 3049 if (s->s3->tmp.ecdh != NULL) 3050 EC_KEY_free(s->s3->tmp.ecdh); 3051 #endif 3052 3053 if (s->s3->tmp.ca_names != NULL) 3054 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); 3055 if (s->s3->handshake_buffer) { 3056 BIO_free(s->s3->handshake_buffer); 3057 } 3058 if (s->s3->handshake_dgst) ssl3_free_digest_list(s); 3059 #ifndef OPENSSL_NO_SRP 3060 SSL_SRP_CTX_free(s); 3061 #endif 3062 OPENSSL_cleanse(s->s3,sizeof *s->s3); 3063 OPENSSL_free(s->s3); 3064 s->s3=NULL; 3065 } 3066 3067 void ssl3_clear(SSL *s) 3068 { 3069 unsigned char *rp,*wp; 3070 size_t rlen, wlen; 3071 int init_extra; 3072 3073 #ifdef TLSEXT_TYPE_opaque_prf_input 3074 if (s->s3->client_opaque_prf_input != NULL) 3075 OPENSSL_free(s->s3->client_opaque_prf_input); 3076 s->s3->client_opaque_prf_input = NULL; 3077 if (s->s3->server_opaque_prf_input != NULL) 3078 OPENSSL_free(s->s3->server_opaque_prf_input); 3079 s->s3->server_opaque_prf_input = NULL; 3080 #endif 3081 3082 ssl3_cleanup_key_block(s); 3083 if (s->s3->tmp.ca_names != NULL) 3084 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); 3085 3086 if (s->s3->rrec.comp != NULL) 3087 { 3088 OPENSSL_free(s->s3->rrec.comp); 3089 s->s3->rrec.comp=NULL; 3090 } 3091 #ifndef OPENSSL_NO_DH 3092 if (s->s3->tmp.dh != NULL) 3093 { 3094 DH_free(s->s3->tmp.dh); 3095 s->s3->tmp.dh = NULL; 3096 } 3097 #endif 3098 #ifndef OPENSSL_NO_ECDH 3099 if (s->s3->tmp.ecdh != NULL) 3100 { 3101 EC_KEY_free(s->s3->tmp.ecdh); 3102 s->s3->tmp.ecdh = NULL; 3103 } 3104 #endif 3105 3106 rp = s->s3->rbuf.buf; 3107 wp = s->s3->wbuf.buf; 3108 rlen = s->s3->rbuf.len; 3109 wlen = s->s3->wbuf.len; 3110 init_extra = s->s3->init_extra; 3111 if (s->s3->handshake_buffer) { 3112 BIO_free(s->s3->handshake_buffer); 3113 s->s3->handshake_buffer = NULL; 3114 } 3115 if (s->s3->handshake_dgst) { 3116 ssl3_free_digest_list(s); 3117 } 3118 memset(s->s3,0,sizeof *s->s3); 3119 s->s3->rbuf.buf = rp; 3120 s->s3->wbuf.buf = wp; 3121 s->s3->rbuf.len = rlen; 3122 s->s3->wbuf.len = wlen; 3123 s->s3->init_extra = init_extra; 3124 3125 ssl_free_wbio_buffer(s); 3126 3127 s->packet_length=0; 3128 s->s3->renegotiate=0; 3129 s->s3->total_renegotiations=0; 3130 s->s3->num_renegotiations=0; 3131 s->s3->in_read_app_data=0; 3132 s->version=SSL3_VERSION; 3133 3134 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 3135 if (s->next_proto_negotiated) 3136 { 3137 OPENSSL_free(s->next_proto_negotiated); 3138 s->next_proto_negotiated = NULL; 3139 s->next_proto_negotiated_len = 0; 3140 } 3141 #endif 3142 3143 #if !defined(OPENSSL_NO_TLSEXT) 3144 s->s3->tlsext_channel_id_valid = 0; 3145 #endif 3146 } 3147 3148 #ifndef OPENSSL_NO_SRP 3149 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg) 3150 { 3151 return BUF_strdup(s->srp_ctx.info) ; 3152 } 3153 #endif 3154 3155 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 3156 { 3157 int ret=0; 3158 3159 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3160 if ( 3161 #ifndef OPENSSL_NO_RSA 3162 cmd == SSL_CTRL_SET_TMP_RSA || 3163 cmd == SSL_CTRL_SET_TMP_RSA_CB || 3164 #endif 3165 #ifndef OPENSSL_NO_DSA 3166 cmd == SSL_CTRL_SET_TMP_DH || 3167 cmd == SSL_CTRL_SET_TMP_DH_CB || 3168 #endif 3169 0) 3170 { 3171 if (!ssl_cert_inst(&s->cert)) 3172 { 3173 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 3174 return(0); 3175 } 3176 } 3177 #endif 3178 3179 switch (cmd) 3180 { 3181 case SSL_CTRL_GET_SESSION_REUSED: 3182 ret=s->hit; 3183 break; 3184 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 3185 break; 3186 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 3187 ret=s->s3->num_renegotiations; 3188 break; 3189 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 3190 ret=s->s3->num_renegotiations; 3191 s->s3->num_renegotiations=0; 3192 break; 3193 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 3194 ret=s->s3->total_renegotiations; 3195 break; 3196 case SSL_CTRL_GET_FLAGS: 3197 ret=(int)(s->s3->flags); 3198 break; 3199 #ifndef OPENSSL_NO_RSA 3200 case SSL_CTRL_NEED_TMP_RSA: 3201 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 3202 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3203 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))) 3204 ret = 1; 3205 break; 3206 case SSL_CTRL_SET_TMP_RSA: 3207 { 3208 RSA *rsa = (RSA *)parg; 3209 if (rsa == NULL) 3210 { 3211 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3212 return(ret); 3213 } 3214 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) 3215 { 3216 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); 3217 return(ret); 3218 } 3219 if (s->cert->rsa_tmp != NULL) 3220 RSA_free(s->cert->rsa_tmp); 3221 s->cert->rsa_tmp = rsa; 3222 ret = 1; 3223 } 3224 break; 3225 case SSL_CTRL_SET_TMP_RSA_CB: 3226 { 3227 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3228 return(ret); 3229 } 3230 break; 3231 #endif 3232 #ifndef OPENSSL_NO_DH 3233 case SSL_CTRL_SET_TMP_DH: 3234 { 3235 DH *dh = (DH *)parg; 3236 if (dh == NULL) 3237 { 3238 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3239 return(ret); 3240 } 3241 if ((dh = DHparams_dup(dh)) == NULL) 3242 { 3243 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3244 return(ret); 3245 } 3246 if (!(s->options & SSL_OP_SINGLE_DH_USE)) 3247 { 3248 if (!DH_generate_key(dh)) 3249 { 3250 DH_free(dh); 3251 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3252 return(ret); 3253 } 3254 } 3255 if (s->cert->dh_tmp != NULL) 3256 DH_free(s->cert->dh_tmp); 3257 s->cert->dh_tmp = dh; 3258 ret = 1; 3259 } 3260 break; 3261 case SSL_CTRL_SET_TMP_DH_CB: 3262 { 3263 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3264 return(ret); 3265 } 3266 break; 3267 #endif 3268 #ifndef OPENSSL_NO_ECDH 3269 case SSL_CTRL_SET_TMP_ECDH: 3270 { 3271 EC_KEY *ecdh = NULL; 3272 3273 if (parg == NULL) 3274 { 3275 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3276 return(ret); 3277 } 3278 if (!EC_KEY_up_ref((EC_KEY *)parg)) 3279 { 3280 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB); 3281 return(ret); 3282 } 3283 ecdh = (EC_KEY *)parg; 3284 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) 3285 { 3286 if (!EC_KEY_generate_key(ecdh)) 3287 { 3288 EC_KEY_free(ecdh); 3289 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB); 3290 return(ret); 3291 } 3292 } 3293 if (s->cert->ecdh_tmp != NULL) 3294 EC_KEY_free(s->cert->ecdh_tmp); 3295 s->cert->ecdh_tmp = ecdh; 3296 ret = 1; 3297 } 3298 break; 3299 case SSL_CTRL_SET_TMP_ECDH_CB: 3300 { 3301 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3302 return(ret); 3303 } 3304 break; 3305 #endif /* !OPENSSL_NO_ECDH */ 3306 #ifndef OPENSSL_NO_TLSEXT 3307 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 3308 if (larg == TLSEXT_NAMETYPE_host_name) 3309 { 3310 if (s->tlsext_hostname != NULL) 3311 OPENSSL_free(s->tlsext_hostname); 3312 s->tlsext_hostname = NULL; 3313 3314 ret = 1; 3315 if (parg == NULL) 3316 break; 3317 if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) 3318 { 3319 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 3320 return 0; 3321 } 3322 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) 3323 { 3324 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 3325 return 0; 3326 } 3327 } 3328 else 3329 { 3330 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 3331 return 0; 3332 } 3333 break; 3334 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 3335 s->tlsext_debug_arg=parg; 3336 ret = 1; 3337 break; 3338 3339 #ifdef TLSEXT_TYPE_opaque_prf_input 3340 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3341 if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message 3342 * (including the cert chain and everything) */ 3343 { 3344 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3345 break; 3346 } 3347 if (s->tlsext_opaque_prf_input != NULL) 3348 OPENSSL_free(s->tlsext_opaque_prf_input); 3349 if ((size_t)larg == 0) 3350 s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ 3351 else 3352 s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); 3353 if (s->tlsext_opaque_prf_input != NULL) 3354 { 3355 s->tlsext_opaque_prf_input_len = (size_t)larg; 3356 ret = 1; 3357 } 3358 else 3359 s->tlsext_opaque_prf_input_len = 0; 3360 break; 3361 #endif 3362 3363 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3364 s->tlsext_status_type=larg; 3365 ret = 1; 3366 break; 3367 3368 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 3369 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; 3370 ret = 1; 3371 break; 3372 3373 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 3374 s->tlsext_ocsp_exts = parg; 3375 ret = 1; 3376 break; 3377 3378 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 3379 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; 3380 ret = 1; 3381 break; 3382 3383 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 3384 s->tlsext_ocsp_ids = parg; 3385 ret = 1; 3386 break; 3387 3388 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 3389 *(unsigned char **)parg = s->tlsext_ocsp_resp; 3390 return s->tlsext_ocsp_resplen; 3391 3392 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 3393 if (s->tlsext_ocsp_resp) 3394 OPENSSL_free(s->tlsext_ocsp_resp); 3395 s->tlsext_ocsp_resp = parg; 3396 s->tlsext_ocsp_resplen = larg; 3397 ret = 1; 3398 break; 3399 3400 #ifndef OPENSSL_NO_HEARTBEATS 3401 case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT: 3402 if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) 3403 ret = dtls1_heartbeat(s); 3404 else 3405 ret = tls1_heartbeat(s); 3406 break; 3407 3408 case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING: 3409 ret = s->tlsext_hb_pending; 3410 break; 3411 3412 case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS: 3413 if (larg) 3414 s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3415 else 3416 s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3417 ret = 1; 3418 break; 3419 #endif 3420 case SSL_CTRL_CHANNEL_ID: 3421 s->tlsext_channel_id_enabled = 1; 3422 ret = 1; 3423 break; 3424 3425 case SSL_CTRL_SET_CHANNEL_ID: 3426 if (s->server) 3427 break; 3428 s->tlsext_channel_id_enabled = 1; 3429 if (EVP_PKEY_bits(parg) != 256) 3430 { 3431 SSLerr(SSL_F_SSL3_CTRL,SSL_R_CHANNEL_ID_NOT_P256); 3432 break; 3433 } 3434 if (s->tlsext_channel_id_private) 3435 EVP_PKEY_free(s->tlsext_channel_id_private); 3436 s->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg); 3437 ret = 1; 3438 break; 3439 3440 case SSL_CTRL_GET_CHANNEL_ID: 3441 if (!s->server) 3442 break; 3443 if (!s->s3->tlsext_channel_id_valid) 3444 break; 3445 memcpy(parg, s->s3->tlsext_channel_id, larg < 64 ? larg : 64); 3446 return 64; 3447 3448 #endif /* !OPENSSL_NO_TLSEXT */ 3449 3450 case SSL_CTRL_CHECK_PROTO_VERSION: 3451 /* For library-internal use; checks that the current protocol 3452 * is the highest enabled version (according to s->ctx->method, 3453 * as version negotiation may have changed s->method). */ 3454 if (s->version == s->ctx->method->version) 3455 return 1; 3456 /* Apparently we're using a version-flexible SSL_METHOD 3457 * (not at its highest protocol version). */ 3458 if (s->ctx->method->version == SSLv23_method()->version) 3459 { 3460 #if TLS_MAX_VERSION != TLS1_2_VERSION 3461 # error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. 3462 #endif 3463 if (!(s->options & SSL_OP_NO_TLSv1_2)) 3464 return s->version == TLS1_2_VERSION; 3465 if (!(s->options & SSL_OP_NO_TLSv1_1)) 3466 return s->version == TLS1_1_VERSION; 3467 if (!(s->options & SSL_OP_NO_TLSv1)) 3468 return s->version == TLS1_VERSION; 3469 if (!(s->options & SSL_OP_NO_SSLv3)) 3470 return s->version == SSL3_VERSION; 3471 if (!(s->options & SSL_OP_NO_SSLv2)) 3472 return s->version == SSL2_VERSION; 3473 } 3474 return 0; /* Unexpected state; fail closed. */ 3475 3476 default: 3477 break; 3478 } 3479 return(ret); 3480 } 3481 3482 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) 3483 { 3484 int ret=0; 3485 3486 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3487 if ( 3488 #ifndef OPENSSL_NO_RSA 3489 cmd == SSL_CTRL_SET_TMP_RSA_CB || 3490 #endif 3491 #ifndef OPENSSL_NO_DSA 3492 cmd == SSL_CTRL_SET_TMP_DH_CB || 3493 #endif 3494 0) 3495 { 3496 if (!ssl_cert_inst(&s->cert)) 3497 { 3498 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); 3499 return(0); 3500 } 3501 } 3502 #endif 3503 3504 switch (cmd) 3505 { 3506 #ifndef OPENSSL_NO_RSA 3507 case SSL_CTRL_SET_TMP_RSA_CB: 3508 { 3509 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3510 } 3511 break; 3512 #endif 3513 #ifndef OPENSSL_NO_DH 3514 case SSL_CTRL_SET_TMP_DH_CB: 3515 { 3516 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3517 } 3518 break; 3519 #endif 3520 #ifndef OPENSSL_NO_ECDH 3521 case SSL_CTRL_SET_TMP_ECDH_CB: 3522 { 3523 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3524 } 3525 break; 3526 #endif 3527 #ifndef OPENSSL_NO_TLSEXT 3528 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3529 s->tlsext_debug_cb=(void (*)(SSL *,int ,int, 3530 unsigned char *, int, void *))fp; 3531 break; 3532 #endif 3533 3534 default: 3535 break; 3536 } 3537 return(ret); 3538 } 3539 3540 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3541 { 3542 CERT *cert; 3543 3544 cert=ctx->cert; 3545 3546 switch (cmd) 3547 { 3548 #ifndef OPENSSL_NO_RSA 3549 case SSL_CTRL_NEED_TMP_RSA: 3550 if ( (cert->rsa_tmp == NULL) && 3551 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3552 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))) 3553 ) 3554 return(1); 3555 else 3556 return(0); 3557 /* break; */ 3558 case SSL_CTRL_SET_TMP_RSA: 3559 { 3560 RSA *rsa; 3561 int i; 3562 3563 rsa=(RSA *)parg; 3564 i=1; 3565 if (rsa == NULL) 3566 i=0; 3567 else 3568 { 3569 if ((rsa=RSAPrivateKey_dup(rsa)) == NULL) 3570 i=0; 3571 } 3572 if (!i) 3573 { 3574 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB); 3575 return(0); 3576 } 3577 else 3578 { 3579 if (cert->rsa_tmp != NULL) 3580 RSA_free(cert->rsa_tmp); 3581 cert->rsa_tmp=rsa; 3582 return(1); 3583 } 3584 } 3585 /* break; */ 3586 case SSL_CTRL_SET_TMP_RSA_CB: 3587 { 3588 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3589 return(0); 3590 } 3591 break; 3592 #endif 3593 #ifndef OPENSSL_NO_DH 3594 case SSL_CTRL_SET_TMP_DH: 3595 { 3596 DH *new=NULL,*dh; 3597 3598 dh=(DH *)parg; 3599 if ((new=DHparams_dup(dh)) == NULL) 3600 { 3601 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); 3602 return 0; 3603 } 3604 if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) 3605 { 3606 if (!DH_generate_key(new)) 3607 { 3608 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); 3609 DH_free(new); 3610 return 0; 3611 } 3612 } 3613 if (cert->dh_tmp != NULL) 3614 DH_free(cert->dh_tmp); 3615 cert->dh_tmp=new; 3616 return 1; 3617 } 3618 /*break; */ 3619 case SSL_CTRL_SET_TMP_DH_CB: 3620 { 3621 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3622 return(0); 3623 } 3624 break; 3625 #endif 3626 #ifndef OPENSSL_NO_ECDH 3627 case SSL_CTRL_SET_TMP_ECDH: 3628 { 3629 EC_KEY *ecdh = NULL; 3630 3631 if (parg == NULL) 3632 { 3633 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB); 3634 return 0; 3635 } 3636 ecdh = EC_KEY_dup((EC_KEY *)parg); 3637 if (ecdh == NULL) 3638 { 3639 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB); 3640 return 0; 3641 } 3642 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) 3643 { 3644 if (!EC_KEY_generate_key(ecdh)) 3645 { 3646 EC_KEY_free(ecdh); 3647 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB); 3648 return 0; 3649 } 3650 } 3651 3652 if (cert->ecdh_tmp != NULL) 3653 { 3654 EC_KEY_free(cert->ecdh_tmp); 3655 } 3656 cert->ecdh_tmp = ecdh; 3657 return 1; 3658 } 3659 /* break; */ 3660 case SSL_CTRL_SET_TMP_ECDH_CB: 3661 { 3662 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3663 return(0); 3664 } 3665 break; 3666 #endif /* !OPENSSL_NO_ECDH */ 3667 #ifndef OPENSSL_NO_TLSEXT 3668 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 3669 ctx->tlsext_servername_arg=parg; 3670 break; 3671 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 3672 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 3673 { 3674 unsigned char *keys = parg; 3675 if (!keys) 3676 return 48; 3677 if (larg != 48) 3678 { 3679 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3680 return 0; 3681 } 3682 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) 3683 { 3684 memcpy(ctx->tlsext_tick_key_name, keys, 16); 3685 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 3686 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 3687 } 3688 else 3689 { 3690 memcpy(keys, ctx->tlsext_tick_key_name, 16); 3691 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 3692 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 3693 } 3694 return 1; 3695 } 3696 case SSL_CTRL_CHANNEL_ID: 3697 /* must be called on a server */ 3698 if (ctx->method->ssl_accept == ssl_undefined_function) 3699 return 0; 3700 ctx->tlsext_channel_id_enabled=1; 3701 return 1; 3702 3703 #ifdef TLSEXT_TYPE_opaque_prf_input 3704 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG: 3705 ctx->tlsext_opaque_prf_input_callback_arg = parg; 3706 return 1; 3707 #endif 3708 3709 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 3710 ctx->tlsext_status_arg=parg; 3711 return 1; 3712 break; 3713 3714 #ifndef OPENSSL_NO_SRP 3715 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: 3716 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3717 if (ctx->srp_ctx.login != NULL) 3718 OPENSSL_free(ctx->srp_ctx.login); 3719 ctx->srp_ctx.login = NULL; 3720 if (parg == NULL) 3721 break; 3722 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) 3723 { 3724 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3725 return 0; 3726 } 3727 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) 3728 { 3729 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3730 return 0; 3731 } 3732 break; 3733 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3734 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb; 3735 ctx->srp_ctx.info=parg; 3736 break; 3737 case SSL_CTRL_SET_SRP_ARG: 3738 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3739 ctx->srp_ctx.SRP_cb_arg=parg; 3740 break; 3741 3742 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH: 3743 ctx->srp_ctx.strength=larg; 3744 break; 3745 #endif 3746 #endif /* !OPENSSL_NO_TLSEXT */ 3747 3748 /* A Thawte special :-) */ 3749 case SSL_CTRL_EXTRA_CHAIN_CERT: 3750 if (ctx->extra_certs == NULL) 3751 { 3752 if ((ctx->extra_certs=sk_X509_new_null()) == NULL) 3753 return(0); 3754 } 3755 sk_X509_push(ctx->extra_certs,(X509 *)parg); 3756 break; 3757 3758 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 3759 *(STACK_OF(X509) **)parg = ctx->extra_certs; 3760 break; 3761 3762 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 3763 if (ctx->extra_certs) 3764 { 3765 sk_X509_pop_free(ctx->extra_certs, X509_free); 3766 ctx->extra_certs = NULL; 3767 } 3768 break; 3769 3770 case SSL_CTRL_SET_CHANNEL_ID: 3771 ctx->tlsext_channel_id_enabled = 1; 3772 if (EVP_PKEY_bits(parg) != 256) 3773 { 3774 SSLerr(SSL_F_SSL3_CTX_CTRL,SSL_R_CHANNEL_ID_NOT_P256); 3775 break; 3776 } 3777 if (ctx->tlsext_channel_id_private) 3778 EVP_PKEY_free(ctx->tlsext_channel_id_private); 3779 ctx->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg); 3780 break; 3781 3782 default: 3783 return(0); 3784 } 3785 return(1); 3786 } 3787 3788 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) 3789 { 3790 CERT *cert; 3791 3792 cert=ctx->cert; 3793 3794 switch (cmd) 3795 { 3796 #ifndef OPENSSL_NO_RSA 3797 case SSL_CTRL_SET_TMP_RSA_CB: 3798 { 3799 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3800 } 3801 break; 3802 #endif 3803 #ifndef OPENSSL_NO_DH 3804 case SSL_CTRL_SET_TMP_DH_CB: 3805 { 3806 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3807 } 3808 break; 3809 #endif 3810 #ifndef OPENSSL_NO_ECDH 3811 case SSL_CTRL_SET_TMP_ECDH_CB: 3812 { 3813 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3814 } 3815 break; 3816 #endif 3817 #ifndef OPENSSL_NO_TLSEXT 3818 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 3819 ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp; 3820 break; 3821 3822 #ifdef TLSEXT_TYPE_opaque_prf_input 3823 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB: 3824 ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp; 3825 break; 3826 #endif 3827 3828 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 3829 ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp; 3830 break; 3831 3832 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 3833 ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char *, 3834 unsigned char *, 3835 EVP_CIPHER_CTX *, 3836 HMAC_CTX *, int))fp; 3837 break; 3838 3839 #ifndef OPENSSL_NO_SRP 3840 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: 3841 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3842 ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp; 3843 break; 3844 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB: 3845 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3846 ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp; 3847 break; 3848 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB: 3849 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3850 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp; 3851 break; 3852 #endif 3853 #endif 3854 3855 default: 3856 return(0); 3857 } 3858 return(1); 3859 } 3860 3861 /* This function needs to check if the ciphers required are actually 3862 * available */ 3863 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 3864 { 3865 SSL_CIPHER c; 3866 const SSL_CIPHER *cp; 3867 unsigned long id; 3868 3869 id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1]; 3870 c.id=id; 3871 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 3872 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES 3873 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]); 3874 #endif 3875 if (cp == NULL || cp->valid == 0) 3876 return NULL; 3877 else 3878 return cp; 3879 } 3880 3881 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 3882 { 3883 long l; 3884 3885 if (p != NULL) 3886 { 3887 l=c->id; 3888 if ((l & 0xff000000) != 0x03000000) return(0); 3889 p[0]=((unsigned char)(l>> 8L))&0xFF; 3890 p[1]=((unsigned char)(l ))&0xFF; 3891 } 3892 return(2); 3893 } 3894 3895 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 3896 STACK_OF(SSL_CIPHER) *srvr) 3897 { 3898 SSL_CIPHER *c,*ret=NULL; 3899 STACK_OF(SSL_CIPHER) *prio, *allow; 3900 int i,ii,ok; 3901 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC) 3902 unsigned int j; 3903 int ec_ok, ec_nid; 3904 unsigned char ec_search1 = 0, ec_search2 = 0; 3905 #endif 3906 CERT *cert; 3907 unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a; 3908 3909 /* Let's see which ciphers we can support */ 3910 cert=s->cert; 3911 3912 #if 0 3913 /* Do not set the compare functions, because this may lead to a 3914 * reordering by "id". We want to keep the original ordering. 3915 * We may pay a price in performance during sk_SSL_CIPHER_find(), 3916 * but would have to pay with the price of sk_SSL_CIPHER_dup(). 3917 */ 3918 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp); 3919 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp); 3920 #endif 3921 3922 #ifdef CIPHER_DEBUG 3923 printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr); 3924 for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i) 3925 { 3926 c=sk_SSL_CIPHER_value(srvr,i); 3927 printf("%p:%s\n",(void *)c,c->name); 3928 } 3929 printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt); 3930 for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i) 3931 { 3932 c=sk_SSL_CIPHER_value(clnt,i); 3933 printf("%p:%s\n",(void *)c,c->name); 3934 } 3935 #endif 3936 3937 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) 3938 { 3939 prio = srvr; 3940 allow = clnt; 3941 } 3942 else 3943 { 3944 prio = clnt; 3945 allow = srvr; 3946 } 3947 3948 for (i=0; i<sk_SSL_CIPHER_num(prio); i++) 3949 { 3950 c=sk_SSL_CIPHER_value(prio,i); 3951 3952 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */ 3953 if ((c->algorithm_ssl & SSL_TLSV1_2) && 3954 (TLS1_get_version(s) < TLS1_2_VERSION)) 3955 continue; 3956 3957 ssl_set_cert_masks(cert,c); 3958 mask_k = cert->mask_k; 3959 mask_a = cert->mask_a; 3960 emask_k = cert->export_mask_k; 3961 emask_a = cert->export_mask_a; 3962 #ifndef OPENSSL_NO_SRP 3963 mask_k=cert->mask_k | s->srp_ctx.srp_Mask; 3964 emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask; 3965 #endif 3966 3967 #ifdef KSSL_DEBUG 3968 /* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/ 3969 #endif /* KSSL_DEBUG */ 3970 3971 alg_k=c->algorithm_mkey; 3972 alg_a=c->algorithm_auth; 3973 3974 #ifndef OPENSSL_NO_KRB5 3975 if (alg_k & SSL_kKRB5) 3976 { 3977 if ( !kssl_keytab_is_available(s->kssl_ctx) ) 3978 continue; 3979 } 3980 #endif /* OPENSSL_NO_KRB5 */ 3981 #ifndef OPENSSL_NO_PSK 3982 /* with PSK there must be server callback set */ 3983 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL) 3984 continue; 3985 #endif /* OPENSSL_NO_PSK */ 3986 3987 if (SSL_C_IS_EXPORT(c)) 3988 { 3989 ok = (alg_k & emask_k) && (alg_a & emask_a); 3990 #ifdef CIPHER_DEBUG 3991 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a, 3992 (void *)c,c->name); 3993 #endif 3994 } 3995 else 3996 { 3997 ok = (alg_k & mask_k) && (alg_a & mask_a); 3998 #ifdef CIPHER_DEBUG 3999 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c, 4000 c->name); 4001 #endif 4002 } 4003 4004 #ifndef OPENSSL_NO_TLSEXT 4005 #ifndef OPENSSL_NO_EC 4006 if ( 4007 /* if we are considering an ECC cipher suite that uses our certificate */ 4008 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 4009 /* and we have an ECC certificate */ 4010 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 4011 /* and the client specified a Supported Point Formats extension */ 4012 && ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL)) 4013 /* and our certificate's point is compressed */ 4014 && ( 4015 (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL) 4016 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL) 4017 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL) 4018 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL) 4019 && ( 4020 (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED) 4021 || (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1) 4022 ) 4023 ) 4024 ) 4025 { 4026 ec_ok = 0; 4027 /* if our certificate's curve is over a field type that the client does not support 4028 * then do not allow this cipher suite to be negotiated */ 4029 if ( 4030 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) 4031 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL) 4032 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL) 4033 && (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field) 4034 ) 4035 { 4036 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) 4037 { 4038 if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime) 4039 { 4040 ec_ok = 1; 4041 break; 4042 } 4043 } 4044 } 4045 else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) 4046 { 4047 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) 4048 { 4049 if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2) 4050 { 4051 ec_ok = 1; 4052 break; 4053 } 4054 } 4055 } 4056 ok = ok && ec_ok; 4057 } 4058 if ( 4059 /* if we are considering an ECC cipher suite that uses our certificate */ 4060 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 4061 /* and we have an ECC certificate */ 4062 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 4063 /* and the client specified an EllipticCurves extension */ 4064 && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL)) 4065 ) 4066 { 4067 ec_ok = 0; 4068 if ( 4069 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) 4070 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL) 4071 ) 4072 { 4073 ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group); 4074 if ((ec_nid == 0) 4075 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL) 4076 ) 4077 { 4078 if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field) 4079 { 4080 ec_search1 = 0xFF; 4081 ec_search2 = 0x01; 4082 } 4083 else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) 4084 { 4085 ec_search1 = 0xFF; 4086 ec_search2 = 0x02; 4087 } 4088 } 4089 else 4090 { 4091 ec_search1 = 0x00; 4092 ec_search2 = tls1_ec_nid2curve_id(ec_nid); 4093 } 4094 if ((ec_search1 != 0) || (ec_search2 != 0)) 4095 { 4096 for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) 4097 { 4098 if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2)) 4099 { 4100 ec_ok = 1; 4101 break; 4102 } 4103 } 4104 } 4105 } 4106 ok = ok && ec_ok; 4107 } 4108 if ( 4109 /* if we are considering an ECC cipher suite that uses an ephemeral EC key */ 4110 (alg_k & SSL_kEECDH) 4111 /* and we have an ephemeral EC key */ 4112 && (s->cert->ecdh_tmp != NULL) 4113 /* and the client specified an EllipticCurves extension */ 4114 && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL)) 4115 ) 4116 { 4117 ec_ok = 0; 4118 if (s->cert->ecdh_tmp->group != NULL) 4119 { 4120 ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group); 4121 if ((ec_nid == 0) 4122 && (s->cert->ecdh_tmp->group->meth != NULL) 4123 ) 4124 { 4125 if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field) 4126 { 4127 ec_search1 = 0xFF; 4128 ec_search2 = 0x01; 4129 } 4130 else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field) 4131 { 4132 ec_search1 = 0xFF; 4133 ec_search2 = 0x02; 4134 } 4135 } 4136 else 4137 { 4138 ec_search1 = 0x00; 4139 ec_search2 = tls1_ec_nid2curve_id(ec_nid); 4140 } 4141 if ((ec_search1 != 0) || (ec_search2 != 0)) 4142 { 4143 for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) 4144 { 4145 if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2)) 4146 { 4147 ec_ok = 1; 4148 break; 4149 } 4150 } 4151 } 4152 } 4153 ok = ok && ec_ok; 4154 } 4155 #endif /* OPENSSL_NO_EC */ 4156 #endif /* OPENSSL_NO_TLSEXT */ 4157 4158 if (!ok) continue; 4159 ii=sk_SSL_CIPHER_find(allow,c); 4160 if (ii >= 0) 4161 { 4162 ret=sk_SSL_CIPHER_value(allow,ii); 4163 break; 4164 } 4165 } 4166 return(ret); 4167 } 4168 4169 int ssl3_get_req_cert_type(SSL *s, unsigned char *p) 4170 { 4171 int ret=0; 4172 unsigned long alg_k; 4173 4174 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 4175 4176 #ifndef OPENSSL_NO_GOST 4177 if (s->version >= TLS1_VERSION) 4178 { 4179 if (alg_k & SSL_kGOST) 4180 { 4181 p[ret++]=TLS_CT_GOST94_SIGN; 4182 p[ret++]=TLS_CT_GOST01_SIGN; 4183 return(ret); 4184 } 4185 } 4186 #endif 4187 4188 #ifndef OPENSSL_NO_DH 4189 if (alg_k & (SSL_kDHr|SSL_kEDH)) 4190 { 4191 # ifndef OPENSSL_NO_RSA 4192 p[ret++]=SSL3_CT_RSA_FIXED_DH; 4193 # endif 4194 # ifndef OPENSSL_NO_DSA 4195 p[ret++]=SSL3_CT_DSS_FIXED_DH; 4196 # endif 4197 } 4198 if ((s->version == SSL3_VERSION) && 4199 (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) 4200 { 4201 # ifndef OPENSSL_NO_RSA 4202 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH; 4203 # endif 4204 # ifndef OPENSSL_NO_DSA 4205 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH; 4206 # endif 4207 } 4208 #endif /* !OPENSSL_NO_DH */ 4209 #ifndef OPENSSL_NO_RSA 4210 p[ret++]=SSL3_CT_RSA_SIGN; 4211 #endif 4212 #ifndef OPENSSL_NO_DSA 4213 p[ret++]=SSL3_CT_DSS_SIGN; 4214 #endif 4215 #ifndef OPENSSL_NO_ECDH 4216 if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) 4217 { 4218 p[ret++]=TLS_CT_RSA_FIXED_ECDH; 4219 p[ret++]=TLS_CT_ECDSA_FIXED_ECDH; 4220 } 4221 #endif 4222 4223 #ifndef OPENSSL_NO_ECDSA 4224 /* ECDSA certs can be used with RSA cipher suites as well 4225 * so we don't need to check for SSL_kECDH or SSL_kEECDH 4226 */ 4227 if (s->version >= TLS1_VERSION) 4228 { 4229 p[ret++]=TLS_CT_ECDSA_SIGN; 4230 } 4231 #endif 4232 return(ret); 4233 } 4234 4235 int ssl3_shutdown(SSL *s) 4236 { 4237 int ret; 4238 4239 /* Don't do anything much if we have not done the handshake or 4240 * we don't want to send messages :-) */ 4241 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) 4242 { 4243 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 4244 return(1); 4245 } 4246 4247 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) 4248 { 4249 s->shutdown|=SSL_SENT_SHUTDOWN; 4250 #if 1 4251 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY); 4252 #endif 4253 /* our shutdown alert has been sent now, and if it still needs 4254 * to be written, s->s3->alert_dispatch will be true */ 4255 if (s->s3->alert_dispatch) 4256 return(-1); /* return WANT_WRITE */ 4257 } 4258 else if (s->s3->alert_dispatch) 4259 { 4260 /* resend it if not sent */ 4261 #if 1 4262 ret=s->method->ssl_dispatch_alert(s); 4263 if(ret == -1) 4264 { 4265 /* we only get to return -1 here the 2nd/Nth 4266 * invocation, we must have already signalled 4267 * return 0 upon a previous invoation, 4268 * return WANT_WRITE */ 4269 return(ret); 4270 } 4271 #endif 4272 } 4273 else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) 4274 { 4275 /* If we are waiting for a close from our peer, we are closed */ 4276 s->method->ssl_read_bytes(s,0,NULL,0,0); 4277 if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) 4278 { 4279 return(-1); /* return WANT_READ */ 4280 } 4281 } 4282 4283 if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && 4284 !s->s3->alert_dispatch) 4285 return(1); 4286 else 4287 return(0); 4288 } 4289 4290 int ssl3_write(SSL *s, const void *buf, int len) 4291 { 4292 int ret,n; 4293 4294 #if 0 4295 if (s->shutdown & SSL_SEND_SHUTDOWN) 4296 { 4297 s->rwstate=SSL_NOTHING; 4298 return(0); 4299 } 4300 #endif 4301 clear_sys_error(); 4302 if (s->s3->renegotiate) ssl3_renegotiate_check(s); 4303 4304 /* This is an experimental flag that sends the 4305 * last handshake message in the same packet as the first 4306 * use data - used to see if it helps the TCP protocol during 4307 * session-id reuse */ 4308 /* The second test is because the buffer may have been removed */ 4309 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) 4310 { 4311 /* First time through, we write into the buffer */ 4312 if (s->s3->delay_buf_pop_ret == 0) 4313 { 4314 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA, 4315 buf,len); 4316 if (ret <= 0) return(ret); 4317 4318 s->s3->delay_buf_pop_ret=ret; 4319 } 4320 4321 s->rwstate=SSL_WRITING; 4322 n=BIO_flush(s->wbio); 4323 if (n <= 0) return(n); 4324 s->rwstate=SSL_NOTHING; 4325 4326 /* We have flushed the buffer, so remove it */ 4327 ssl_free_wbio_buffer(s); 4328 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; 4329 4330 ret=s->s3->delay_buf_pop_ret; 4331 s->s3->delay_buf_pop_ret=0; 4332 } 4333 else 4334 { 4335 ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA, 4336 buf,len); 4337 if (ret <= 0) return(ret); 4338 } 4339 4340 return(ret); 4341 } 4342 4343 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 4344 { 4345 int n,ret; 4346 4347 clear_sys_error(); 4348 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) 4349 { 4350 /* Deal with an application that calls SSL_read() when handshake data 4351 * is yet to be written. 4352 */ 4353 if (BIO_wpending(s->wbio) > 0) 4354 { 4355 s->rwstate=SSL_WRITING; 4356 n=BIO_flush(s->wbio); 4357 if (n <= 0) return(n); 4358 s->rwstate=SSL_NOTHING; 4359 } 4360 } 4361 if (s->s3->renegotiate) ssl3_renegotiate_check(s); 4362 s->s3->in_read_app_data=1; 4363 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); 4364 if ((ret == -1) && (s->s3->in_read_app_data == 2)) 4365 { 4366 /* ssl3_read_bytes decided to call s->handshake_func, which 4367 * called ssl3_read_bytes to read handshake data. 4368 * However, ssl3_read_bytes actually found application data 4369 * and thinks that application data makes sense here; so disable 4370 * handshake processing and try to read application data again. */ 4371 s->in_handshake++; 4372 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); 4373 s->in_handshake--; 4374 } 4375 else 4376 s->s3->in_read_app_data=0; 4377 4378 return(ret); 4379 } 4380 4381 int ssl3_read(SSL *s, void *buf, int len) 4382 { 4383 return ssl3_read_internal(s, buf, len, 0); 4384 } 4385 4386 int ssl3_peek(SSL *s, void *buf, int len) 4387 { 4388 return ssl3_read_internal(s, buf, len, 1); 4389 } 4390 4391 int ssl3_renegotiate(SSL *s) 4392 { 4393 if (s->handshake_func == NULL) 4394 return(1); 4395 4396 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 4397 return(0); 4398 4399 s->s3->renegotiate=1; 4400 return(1); 4401 } 4402 4403 int ssl3_renegotiate_check(SSL *s) 4404 { 4405 int ret=0; 4406 4407 if (s->s3->renegotiate) 4408 { 4409 if ( (s->s3->rbuf.left == 0) && 4410 (s->s3->wbuf.left == 0) && 4411 !SSL_in_init(s)) 4412 { 4413 /* 4414 if we are the server, and we have sent a 'RENEGOTIATE' message, we 4415 need to go to SSL_ST_ACCEPT. 4416 */ 4417 /* SSL_ST_ACCEPT */ 4418 s->state=SSL_ST_RENEGOTIATE; 4419 s->s3->renegotiate=0; 4420 s->s3->num_renegotiations++; 4421 s->s3->total_renegotiations++; 4422 ret=1; 4423 } 4424 } 4425 return(ret); 4426 } 4427 /* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch 4428 * to new SHA256 PRF and handshake macs 4429 */ 4430 long ssl_get_algorithm2(SSL *s) 4431 { 4432 long alg2 = s->s3->tmp.new_cipher->algorithm2; 4433 if (TLS1_get_version(s) >= TLS1_2_VERSION && 4434 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF)) 4435 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 4436 return alg2; 4437 } 4438