1 /* ssl/s3_lib.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay (at) cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay (at) cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core (at) openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay (at) cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh (at) cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * 114 * Portions of the attached software ("Contribution") are developed by 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 116 * 117 * The Contribution is licensed pursuant to the OpenSSL open source 118 * license provided above. 119 * 120 * ECC cipher suite support in OpenSSL originally written by 121 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 122 * 123 */ 124 /* ==================================================================== 125 * Copyright 2005 Nokia. All rights reserved. 126 * 127 * The portions of the attached software ("Contribution") is developed by 128 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 129 * license. 130 * 131 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 132 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 133 * support (see RFC 4279) to OpenSSL. 134 * 135 * No patent licenses or other rights except those expressly stated in 136 * the OpenSSL open source license shall be deemed granted or received 137 * expressly, by implication, estoppel, or otherwise. 138 * 139 * No assurances are provided by Nokia that the Contribution does not 140 * infringe the patent or other intellectual property rights of any third 141 * party or that the license provides you with all the necessary rights 142 * to make use of the Contribution. 143 * 144 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 145 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 146 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 147 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 148 * OTHERWISE. 149 */ 150 151 #include <stdio.h> 152 #include <openssl/objects.h> 153 #include "ssl_locl.h" 154 #include "kssl_lcl.h" 155 #ifndef OPENSSL_NO_TLSEXT 156 #ifndef OPENSSL_NO_EC 157 #include "../crypto/ec/ec_lcl.h" 158 #endif /* OPENSSL_NO_EC */ 159 #endif /* OPENSSL_NO_TLSEXT */ 160 #include <openssl/md5.h> 161 #ifndef OPENSSL_NO_DH 162 #include <openssl/dh.h> 163 #endif 164 165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT; 166 167 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) 168 169 /* list of available SSLv3 ciphers (sorted by id) */ 170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 171 172 /* The RSA ciphers */ 173 /* Cipher 01 */ 174 { 175 1, 176 SSL3_TXT_RSA_NULL_MD5, 177 SSL3_CK_RSA_NULL_MD5, 178 SSL_kRSA, 179 SSL_aRSA, 180 SSL_eNULL, 181 SSL_MD5, 182 SSL_SSLV3, 183 SSL_NOT_EXP|SSL_STRONG_NONE, 184 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 185 0, 186 0, 187 }, 188 189 /* Cipher 02 */ 190 { 191 1, 192 SSL3_TXT_RSA_NULL_SHA, 193 SSL3_CK_RSA_NULL_SHA, 194 SSL_kRSA, 195 SSL_aRSA, 196 SSL_eNULL, 197 SSL_SHA1, 198 SSL_SSLV3, 199 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 200 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 201 0, 202 0, 203 }, 204 205 /* Cipher 03 */ 206 { 207 1, 208 SSL3_TXT_RSA_RC4_40_MD5, 209 SSL3_CK_RSA_RC4_40_MD5, 210 SSL_kRSA, 211 SSL_aRSA, 212 SSL_RC4, 213 SSL_MD5, 214 SSL_SSLV3, 215 SSL_EXPORT|SSL_EXP40, 216 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 217 40, 218 128, 219 }, 220 221 /* Cipher 04 */ 222 { 223 1, 224 SSL3_TXT_RSA_RC4_128_MD5, 225 SSL3_CK_RSA_RC4_128_MD5, 226 SSL_kRSA, 227 SSL_aRSA, 228 SSL_RC4, 229 SSL_MD5, 230 SSL_SSLV3, 231 SSL_NOT_EXP|SSL_MEDIUM, 232 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 233 128, 234 128, 235 }, 236 237 /* Cipher 05 */ 238 { 239 1, 240 SSL3_TXT_RSA_RC4_128_SHA, 241 SSL3_CK_RSA_RC4_128_SHA, 242 SSL_kRSA, 243 SSL_aRSA, 244 SSL_RC4, 245 SSL_SHA1, 246 SSL_SSLV3, 247 SSL_NOT_EXP|SSL_MEDIUM, 248 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 249 128, 250 128, 251 }, 252 253 /* Cipher 06 */ 254 { 255 1, 256 SSL3_TXT_RSA_RC2_40_MD5, 257 SSL3_CK_RSA_RC2_40_MD5, 258 SSL_kRSA, 259 SSL_aRSA, 260 SSL_RC2, 261 SSL_MD5, 262 SSL_SSLV3, 263 SSL_EXPORT|SSL_EXP40, 264 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 265 40, 266 128, 267 }, 268 269 /* Cipher 07 */ 270 #ifndef OPENSSL_NO_IDEA 271 { 272 1, 273 SSL3_TXT_RSA_IDEA_128_SHA, 274 SSL3_CK_RSA_IDEA_128_SHA, 275 SSL_kRSA, 276 SSL_aRSA, 277 SSL_IDEA, 278 SSL_SHA1, 279 SSL_SSLV3, 280 SSL_NOT_EXP|SSL_MEDIUM, 281 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 282 128, 283 128, 284 }, 285 #endif 286 287 /* Cipher 08 */ 288 { 289 1, 290 SSL3_TXT_RSA_DES_40_CBC_SHA, 291 SSL3_CK_RSA_DES_40_CBC_SHA, 292 SSL_kRSA, 293 SSL_aRSA, 294 SSL_DES, 295 SSL_SHA1, 296 SSL_SSLV3, 297 SSL_EXPORT|SSL_EXP40, 298 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 299 40, 300 56, 301 }, 302 303 /* Cipher 09 */ 304 { 305 1, 306 SSL3_TXT_RSA_DES_64_CBC_SHA, 307 SSL3_CK_RSA_DES_64_CBC_SHA, 308 SSL_kRSA, 309 SSL_aRSA, 310 SSL_DES, 311 SSL_SHA1, 312 SSL_SSLV3, 313 SSL_NOT_EXP|SSL_LOW, 314 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 315 56, 316 56, 317 }, 318 319 /* Cipher 0A */ 320 { 321 1, 322 SSL3_TXT_RSA_DES_192_CBC3_SHA, 323 SSL3_CK_RSA_DES_192_CBC3_SHA, 324 SSL_kRSA, 325 SSL_aRSA, 326 SSL_3DES, 327 SSL_SHA1, 328 SSL_SSLV3, 329 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 330 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 331 112, 332 168, 333 }, 334 335 /* The DH ciphers */ 336 /* Cipher 0B */ 337 { 338 0, 339 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 340 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 341 SSL_kDHd, 342 SSL_aDH, 343 SSL_DES, 344 SSL_SHA1, 345 SSL_SSLV3, 346 SSL_EXPORT|SSL_EXP40, 347 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 348 40, 349 56, 350 }, 351 352 /* Cipher 0C */ 353 { 354 0, /* not implemented (non-ephemeral DH) */ 355 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 356 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 357 SSL_kDHd, 358 SSL_aDH, 359 SSL_DES, 360 SSL_SHA1, 361 SSL_SSLV3, 362 SSL_NOT_EXP|SSL_LOW, 363 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 364 56, 365 56, 366 }, 367 368 /* Cipher 0D */ 369 { 370 0, /* not implemented (non-ephemeral DH) */ 371 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 372 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 373 SSL_kDHd, 374 SSL_aDH, 375 SSL_3DES, 376 SSL_SHA1, 377 SSL_SSLV3, 378 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 379 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 380 112, 381 168, 382 }, 383 384 /* Cipher 0E */ 385 { 386 0, /* not implemented (non-ephemeral DH) */ 387 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 388 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 389 SSL_kDHr, 390 SSL_aDH, 391 SSL_DES, 392 SSL_SHA1, 393 SSL_SSLV3, 394 SSL_EXPORT|SSL_EXP40, 395 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 396 40, 397 56, 398 }, 399 400 /* Cipher 0F */ 401 { 402 0, /* not implemented (non-ephemeral DH) */ 403 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 404 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 405 SSL_kDHr, 406 SSL_aDH, 407 SSL_DES, 408 SSL_SHA1, 409 SSL_SSLV3, 410 SSL_NOT_EXP|SSL_LOW, 411 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 412 56, 413 56, 414 }, 415 416 /* Cipher 10 */ 417 { 418 0, /* not implemented (non-ephemeral DH) */ 419 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 420 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 421 SSL_kDHr, 422 SSL_aDH, 423 SSL_3DES, 424 SSL_SHA1, 425 SSL_SSLV3, 426 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 427 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 428 112, 429 168, 430 }, 431 432 /* The Ephemeral DH ciphers */ 433 /* Cipher 11 */ 434 { 435 1, 436 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 437 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 438 SSL_kEDH, 439 SSL_aDSS, 440 SSL_DES, 441 SSL_SHA1, 442 SSL_SSLV3, 443 SSL_EXPORT|SSL_EXP40, 444 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 445 40, 446 56, 447 }, 448 449 /* Cipher 12 */ 450 { 451 1, 452 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 453 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 454 SSL_kEDH, 455 SSL_aDSS, 456 SSL_DES, 457 SSL_SHA1, 458 SSL_SSLV3, 459 SSL_NOT_EXP|SSL_LOW, 460 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 461 56, 462 56, 463 }, 464 465 /* Cipher 13 */ 466 { 467 1, 468 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 469 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 470 SSL_kEDH, 471 SSL_aDSS, 472 SSL_3DES, 473 SSL_SHA1, 474 SSL_SSLV3, 475 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 476 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 477 112, 478 168, 479 }, 480 481 /* Cipher 14 */ 482 { 483 1, 484 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 485 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 486 SSL_kEDH, 487 SSL_aRSA, 488 SSL_DES, 489 SSL_SHA1, 490 SSL_SSLV3, 491 SSL_EXPORT|SSL_EXP40, 492 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 493 40, 494 56, 495 }, 496 497 /* Cipher 15 */ 498 { 499 1, 500 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 501 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 502 SSL_kEDH, 503 SSL_aRSA, 504 SSL_DES, 505 SSL_SHA1, 506 SSL_SSLV3, 507 SSL_NOT_EXP|SSL_LOW, 508 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 509 56, 510 56, 511 }, 512 513 /* Cipher 16 */ 514 { 515 1, 516 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 517 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 518 SSL_kEDH, 519 SSL_aRSA, 520 SSL_3DES, 521 SSL_SHA1, 522 SSL_SSLV3, 523 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 524 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 525 112, 526 168, 527 }, 528 529 /* Cipher 17 */ 530 { 531 1, 532 SSL3_TXT_ADH_RC4_40_MD5, 533 SSL3_CK_ADH_RC4_40_MD5, 534 SSL_kEDH, 535 SSL_aNULL, 536 SSL_RC4, 537 SSL_MD5, 538 SSL_SSLV3, 539 SSL_EXPORT|SSL_EXP40, 540 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 541 40, 542 128, 543 }, 544 545 /* Cipher 18 */ 546 { 547 1, 548 SSL3_TXT_ADH_RC4_128_MD5, 549 SSL3_CK_ADH_RC4_128_MD5, 550 SSL_kEDH, 551 SSL_aNULL, 552 SSL_RC4, 553 SSL_MD5, 554 SSL_SSLV3, 555 SSL_NOT_EXP|SSL_MEDIUM, 556 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 557 128, 558 128, 559 }, 560 561 /* Cipher 19 */ 562 { 563 1, 564 SSL3_TXT_ADH_DES_40_CBC_SHA, 565 SSL3_CK_ADH_DES_40_CBC_SHA, 566 SSL_kEDH, 567 SSL_aNULL, 568 SSL_DES, 569 SSL_SHA1, 570 SSL_SSLV3, 571 SSL_EXPORT|SSL_EXP40, 572 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 573 40, 574 128, 575 }, 576 577 /* Cipher 1A */ 578 { 579 1, 580 SSL3_TXT_ADH_DES_64_CBC_SHA, 581 SSL3_CK_ADH_DES_64_CBC_SHA, 582 SSL_kEDH, 583 SSL_aNULL, 584 SSL_DES, 585 SSL_SHA1, 586 SSL_SSLV3, 587 SSL_NOT_EXP|SSL_LOW, 588 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 589 56, 590 56, 591 }, 592 593 /* Cipher 1B */ 594 { 595 1, 596 SSL3_TXT_ADH_DES_192_CBC_SHA, 597 SSL3_CK_ADH_DES_192_CBC_SHA, 598 SSL_kEDH, 599 SSL_aNULL, 600 SSL_3DES, 601 SSL_SHA1, 602 SSL_SSLV3, 603 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 604 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 605 112, 606 168, 607 }, 608 609 /* Fortezza ciphersuite from SSL 3.0 spec */ 610 #if 0 611 /* Cipher 1C */ 612 { 613 0, 614 SSL3_TXT_FZA_DMS_NULL_SHA, 615 SSL3_CK_FZA_DMS_NULL_SHA, 616 SSL_kFZA, 617 SSL_aFZA, 618 SSL_eNULL, 619 SSL_SHA1, 620 SSL_SSLV3, 621 SSL_NOT_EXP|SSL_STRONG_NONE, 622 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 623 0, 624 0, 625 }, 626 627 /* Cipher 1D */ 628 { 629 0, 630 SSL3_TXT_FZA_DMS_FZA_SHA, 631 SSL3_CK_FZA_DMS_FZA_SHA, 632 SSL_kFZA, 633 SSL_aFZA, 634 SSL_eFZA, 635 SSL_SHA1, 636 SSL_SSLV3, 637 SSL_NOT_EXP|SSL_STRONG_NONE, 638 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 639 0, 640 0, 641 }, 642 643 /* Cipher 1E */ 644 { 645 0, 646 SSL3_TXT_FZA_DMS_RC4_SHA, 647 SSL3_CK_FZA_DMS_RC4_SHA, 648 SSL_kFZA, 649 SSL_aFZA, 650 SSL_RC4, 651 SSL_SHA1, 652 SSL_SSLV3, 653 SSL_NOT_EXP|SSL_MEDIUM, 654 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 655 128, 656 128, 657 }, 658 #endif 659 660 #ifndef OPENSSL_NO_KRB5 661 /* The Kerberos ciphers*/ 662 /* Cipher 1E */ 663 { 664 1, 665 SSL3_TXT_KRB5_DES_64_CBC_SHA, 666 SSL3_CK_KRB5_DES_64_CBC_SHA, 667 SSL_kKRB5, 668 SSL_aKRB5, 669 SSL_DES, 670 SSL_SHA1, 671 SSL_SSLV3, 672 SSL_NOT_EXP|SSL_LOW, 673 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 674 56, 675 56, 676 }, 677 678 /* Cipher 1F */ 679 { 680 1, 681 SSL3_TXT_KRB5_DES_192_CBC3_SHA, 682 SSL3_CK_KRB5_DES_192_CBC3_SHA, 683 SSL_kKRB5, 684 SSL_aKRB5, 685 SSL_3DES, 686 SSL_SHA1, 687 SSL_SSLV3, 688 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 689 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 690 112, 691 168, 692 }, 693 694 /* Cipher 20 */ 695 { 696 1, 697 SSL3_TXT_KRB5_RC4_128_SHA, 698 SSL3_CK_KRB5_RC4_128_SHA, 699 SSL_kKRB5, 700 SSL_aKRB5, 701 SSL_RC4, 702 SSL_SHA1, 703 SSL_SSLV3, 704 SSL_NOT_EXP|SSL_MEDIUM, 705 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 706 128, 707 128, 708 }, 709 710 /* Cipher 21 */ 711 { 712 1, 713 SSL3_TXT_KRB5_IDEA_128_CBC_SHA, 714 SSL3_CK_KRB5_IDEA_128_CBC_SHA, 715 SSL_kKRB5, 716 SSL_aKRB5, 717 SSL_IDEA, 718 SSL_SHA1, 719 SSL_SSLV3, 720 SSL_NOT_EXP|SSL_MEDIUM, 721 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 722 128, 723 128, 724 }, 725 726 /* Cipher 22 */ 727 { 728 1, 729 SSL3_TXT_KRB5_DES_64_CBC_MD5, 730 SSL3_CK_KRB5_DES_64_CBC_MD5, 731 SSL_kKRB5, 732 SSL_aKRB5, 733 SSL_DES, 734 SSL_MD5, 735 SSL_SSLV3, 736 SSL_NOT_EXP|SSL_LOW, 737 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 738 56, 739 56, 740 }, 741 742 /* Cipher 23 */ 743 { 744 1, 745 SSL3_TXT_KRB5_DES_192_CBC3_MD5, 746 SSL3_CK_KRB5_DES_192_CBC3_MD5, 747 SSL_kKRB5, 748 SSL_aKRB5, 749 SSL_3DES, 750 SSL_MD5, 751 SSL_SSLV3, 752 SSL_NOT_EXP|SSL_HIGH, 753 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 754 112, 755 168, 756 }, 757 758 /* Cipher 24 */ 759 { 760 1, 761 SSL3_TXT_KRB5_RC4_128_MD5, 762 SSL3_CK_KRB5_RC4_128_MD5, 763 SSL_kKRB5, 764 SSL_aKRB5, 765 SSL_RC4, 766 SSL_MD5, 767 SSL_SSLV3, 768 SSL_NOT_EXP|SSL_MEDIUM, 769 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 770 128, 771 128, 772 }, 773 774 /* Cipher 25 */ 775 { 776 1, 777 SSL3_TXT_KRB5_IDEA_128_CBC_MD5, 778 SSL3_CK_KRB5_IDEA_128_CBC_MD5, 779 SSL_kKRB5, 780 SSL_aKRB5, 781 SSL_IDEA, 782 SSL_MD5, 783 SSL_SSLV3, 784 SSL_NOT_EXP|SSL_MEDIUM, 785 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 786 128, 787 128, 788 }, 789 790 /* Cipher 26 */ 791 { 792 1, 793 SSL3_TXT_KRB5_DES_40_CBC_SHA, 794 SSL3_CK_KRB5_DES_40_CBC_SHA, 795 SSL_kKRB5, 796 SSL_aKRB5, 797 SSL_DES, 798 SSL_SHA1, 799 SSL_SSLV3, 800 SSL_EXPORT|SSL_EXP40, 801 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 802 40, 803 56, 804 }, 805 806 /* Cipher 27 */ 807 { 808 1, 809 SSL3_TXT_KRB5_RC2_40_CBC_SHA, 810 SSL3_CK_KRB5_RC2_40_CBC_SHA, 811 SSL_kKRB5, 812 SSL_aKRB5, 813 SSL_RC2, 814 SSL_SHA1, 815 SSL_SSLV3, 816 SSL_EXPORT|SSL_EXP40, 817 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 818 40, 819 128, 820 }, 821 822 /* Cipher 28 */ 823 { 824 1, 825 SSL3_TXT_KRB5_RC4_40_SHA, 826 SSL3_CK_KRB5_RC4_40_SHA, 827 SSL_kKRB5, 828 SSL_aKRB5, 829 SSL_RC4, 830 SSL_SHA1, 831 SSL_SSLV3, 832 SSL_EXPORT|SSL_EXP40, 833 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 834 40, 835 128, 836 }, 837 838 /* Cipher 29 */ 839 { 840 1, 841 SSL3_TXT_KRB5_DES_40_CBC_MD5, 842 SSL3_CK_KRB5_DES_40_CBC_MD5, 843 SSL_kKRB5, 844 SSL_aKRB5, 845 SSL_DES, 846 SSL_MD5, 847 SSL_SSLV3, 848 SSL_EXPORT|SSL_EXP40, 849 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 850 40, 851 56, 852 }, 853 854 /* Cipher 2A */ 855 { 856 1, 857 SSL3_TXT_KRB5_RC2_40_CBC_MD5, 858 SSL3_CK_KRB5_RC2_40_CBC_MD5, 859 SSL_kKRB5, 860 SSL_aKRB5, 861 SSL_RC2, 862 SSL_MD5, 863 SSL_SSLV3, 864 SSL_EXPORT|SSL_EXP40, 865 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 866 40, 867 128, 868 }, 869 870 /* Cipher 2B */ 871 { 872 1, 873 SSL3_TXT_KRB5_RC4_40_MD5, 874 SSL3_CK_KRB5_RC4_40_MD5, 875 SSL_kKRB5, 876 SSL_aKRB5, 877 SSL_RC4, 878 SSL_MD5, 879 SSL_SSLV3, 880 SSL_EXPORT|SSL_EXP40, 881 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 882 40, 883 128, 884 }, 885 #endif /* OPENSSL_NO_KRB5 */ 886 887 /* New AES ciphersuites */ 888 /* Cipher 2F */ 889 { 890 1, 891 TLS1_TXT_RSA_WITH_AES_128_SHA, 892 TLS1_CK_RSA_WITH_AES_128_SHA, 893 SSL_kRSA, 894 SSL_aRSA, 895 SSL_AES128, 896 SSL_SHA1, 897 SSL_TLSV1, 898 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 899 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 900 128, 901 128, 902 }, 903 /* Cipher 30 */ 904 { 905 0, 906 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 907 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 908 SSL_kDHd, 909 SSL_aDH, 910 SSL_AES128, 911 SSL_SHA1, 912 SSL_TLSV1, 913 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 914 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 915 128, 916 128, 917 }, 918 /* Cipher 31 */ 919 { 920 0, 921 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 922 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 923 SSL_kDHr, 924 SSL_aDH, 925 SSL_AES128, 926 SSL_SHA1, 927 SSL_TLSV1, 928 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 929 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 930 128, 931 128, 932 }, 933 /* Cipher 32 */ 934 { 935 1, 936 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 937 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 938 SSL_kEDH, 939 SSL_aDSS, 940 SSL_AES128, 941 SSL_SHA1, 942 SSL_TLSV1, 943 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 944 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 945 128, 946 128, 947 }, 948 /* Cipher 33 */ 949 { 950 1, 951 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 952 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 953 SSL_kEDH, 954 SSL_aRSA, 955 SSL_AES128, 956 SSL_SHA1, 957 SSL_TLSV1, 958 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 959 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 960 128, 961 128, 962 }, 963 /* Cipher 34 */ 964 { 965 1, 966 TLS1_TXT_ADH_WITH_AES_128_SHA, 967 TLS1_CK_ADH_WITH_AES_128_SHA, 968 SSL_kEDH, 969 SSL_aNULL, 970 SSL_AES128, 971 SSL_SHA1, 972 SSL_TLSV1, 973 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 974 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 975 128, 976 128, 977 }, 978 979 /* Cipher 35 */ 980 { 981 1, 982 TLS1_TXT_RSA_WITH_AES_256_SHA, 983 TLS1_CK_RSA_WITH_AES_256_SHA, 984 SSL_kRSA, 985 SSL_aRSA, 986 SSL_AES256, 987 SSL_SHA1, 988 SSL_TLSV1, 989 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 990 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 991 256, 992 256, 993 }, 994 /* Cipher 36 */ 995 { 996 0, 997 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 998 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 999 SSL_kDHd, 1000 SSL_aDH, 1001 SSL_AES256, 1002 SSL_SHA1, 1003 SSL_TLSV1, 1004 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1005 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1006 256, 1007 256, 1008 }, 1009 1010 /* Cipher 37 */ 1011 { 1012 0, /* not implemented (non-ephemeral DH) */ 1013 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 1014 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 1015 SSL_kDHr, 1016 SSL_aDH, 1017 SSL_AES256, 1018 SSL_SHA1, 1019 SSL_TLSV1, 1020 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1021 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1022 256, 1023 256, 1024 }, 1025 1026 /* Cipher 38 */ 1027 { 1028 1, 1029 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 1030 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 1031 SSL_kEDH, 1032 SSL_aDSS, 1033 SSL_AES256, 1034 SSL_SHA1, 1035 SSL_TLSV1, 1036 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1037 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1038 256, 1039 256, 1040 }, 1041 1042 /* Cipher 39 */ 1043 { 1044 1, 1045 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 1046 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 1047 SSL_kEDH, 1048 SSL_aRSA, 1049 SSL_AES256, 1050 SSL_SHA1, 1051 SSL_TLSV1, 1052 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1053 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1054 256, 1055 256, 1056 }, 1057 1058 /* Cipher 3A */ 1059 { 1060 1, 1061 TLS1_TXT_ADH_WITH_AES_256_SHA, 1062 TLS1_CK_ADH_WITH_AES_256_SHA, 1063 SSL_kEDH, 1064 SSL_aNULL, 1065 SSL_AES256, 1066 SSL_SHA1, 1067 SSL_TLSV1, 1068 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1069 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1070 256, 1071 256, 1072 }, 1073 1074 /* TLS v1.2 ciphersuites */ 1075 /* Cipher 3B */ 1076 { 1077 1, 1078 TLS1_TXT_RSA_WITH_NULL_SHA256, 1079 TLS1_CK_RSA_WITH_NULL_SHA256, 1080 SSL_kRSA, 1081 SSL_aRSA, 1082 SSL_eNULL, 1083 SSL_SHA256, 1084 SSL_TLSV1_2, 1085 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1086 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1087 0, 1088 0, 1089 }, 1090 1091 /* Cipher 3C */ 1092 { 1093 1, 1094 TLS1_TXT_RSA_WITH_AES_128_SHA256, 1095 TLS1_CK_RSA_WITH_AES_128_SHA256, 1096 SSL_kRSA, 1097 SSL_aRSA, 1098 SSL_AES128, 1099 SSL_SHA256, 1100 SSL_TLSV1_2, 1101 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1102 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1103 128, 1104 128, 1105 }, 1106 1107 /* Cipher 3D */ 1108 { 1109 1, 1110 TLS1_TXT_RSA_WITH_AES_256_SHA256, 1111 TLS1_CK_RSA_WITH_AES_256_SHA256, 1112 SSL_kRSA, 1113 SSL_aRSA, 1114 SSL_AES256, 1115 SSL_SHA256, 1116 SSL_TLSV1_2, 1117 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1118 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1119 256, 1120 256, 1121 }, 1122 1123 /* Cipher 3E */ 1124 { 1125 0, /* not implemented (non-ephemeral DH) */ 1126 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, 1127 TLS1_CK_DH_DSS_WITH_AES_128_SHA256, 1128 SSL_kDHd, 1129 SSL_aDH, 1130 SSL_AES128, 1131 SSL_SHA256, 1132 SSL_TLSV1_2, 1133 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1134 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1135 128, 1136 128, 1137 }, 1138 1139 /* Cipher 3F */ 1140 { 1141 0, /* not implemented (non-ephemeral DH) */ 1142 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, 1143 TLS1_CK_DH_RSA_WITH_AES_128_SHA256, 1144 SSL_kDHr, 1145 SSL_aDH, 1146 SSL_AES128, 1147 SSL_SHA256, 1148 SSL_TLSV1_2, 1149 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1150 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1151 128, 1152 128, 1153 }, 1154 1155 /* Cipher 40 */ 1156 { 1157 1, 1158 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 1159 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 1160 SSL_kEDH, 1161 SSL_aDSS, 1162 SSL_AES128, 1163 SSL_SHA256, 1164 SSL_TLSV1_2, 1165 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1166 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1167 128, 1168 128, 1169 }, 1170 1171 #ifndef OPENSSL_NO_CAMELLIA 1172 /* Camellia ciphersuites from RFC4132 (128-bit portion) */ 1173 1174 /* Cipher 41 */ 1175 { 1176 1, 1177 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 1178 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 1179 SSL_kRSA, 1180 SSL_aRSA, 1181 SSL_CAMELLIA128, 1182 SSL_SHA1, 1183 SSL_TLSV1, 1184 SSL_NOT_EXP|SSL_HIGH, 1185 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1186 128, 1187 128, 1188 }, 1189 1190 /* Cipher 42 */ 1191 { 1192 0, /* not implemented (non-ephemeral DH) */ 1193 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1194 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 1195 SSL_kDHd, 1196 SSL_aDH, 1197 SSL_CAMELLIA128, 1198 SSL_SHA1, 1199 SSL_TLSV1, 1200 SSL_NOT_EXP|SSL_HIGH, 1201 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1202 128, 1203 128, 1204 }, 1205 1206 /* Cipher 43 */ 1207 { 1208 0, /* not implemented (non-ephemeral DH) */ 1209 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1210 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 1211 SSL_kDHr, 1212 SSL_aDH, 1213 SSL_CAMELLIA128, 1214 SSL_SHA1, 1215 SSL_TLSV1, 1216 SSL_NOT_EXP|SSL_HIGH, 1217 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1218 128, 1219 128, 1220 }, 1221 1222 /* Cipher 44 */ 1223 { 1224 1, 1225 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1226 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 1227 SSL_kEDH, 1228 SSL_aDSS, 1229 SSL_CAMELLIA128, 1230 SSL_SHA1, 1231 SSL_TLSV1, 1232 SSL_NOT_EXP|SSL_HIGH, 1233 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1234 128, 1235 128, 1236 }, 1237 1238 /* Cipher 45 */ 1239 { 1240 1, 1241 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1242 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 1243 SSL_kEDH, 1244 SSL_aRSA, 1245 SSL_CAMELLIA128, 1246 SSL_SHA1, 1247 SSL_TLSV1, 1248 SSL_NOT_EXP|SSL_HIGH, 1249 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1250 128, 1251 128, 1252 }, 1253 1254 /* Cipher 46 */ 1255 { 1256 1, 1257 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 1258 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 1259 SSL_kEDH, 1260 SSL_aNULL, 1261 SSL_CAMELLIA128, 1262 SSL_SHA1, 1263 SSL_TLSV1, 1264 SSL_NOT_EXP|SSL_HIGH, 1265 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1266 128, 1267 128, 1268 }, 1269 #endif /* OPENSSL_NO_CAMELLIA */ 1270 1271 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1272 /* New TLS Export CipherSuites from expired ID */ 1273 #if 0 1274 /* Cipher 60 */ 1275 { 1276 1, 1277 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5, 1278 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5, 1279 SSL_kRSA, 1280 SSL_aRSA, 1281 SSL_RC4, 1282 SSL_MD5, 1283 SSL_TLSV1, 1284 SSL_EXPORT|SSL_EXP56, 1285 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1286 56, 1287 128, 1288 }, 1289 1290 /* Cipher 61 */ 1291 { 1292 1, 1293 TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1294 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, 1295 SSL_kRSA, 1296 SSL_aRSA, 1297 SSL_RC2, 1298 SSL_MD5, 1299 SSL_TLSV1, 1300 SSL_EXPORT|SSL_EXP56, 1301 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1302 56, 1303 128, 1304 }, 1305 #endif 1306 1307 /* Cipher 62 */ 1308 { 1309 1, 1310 TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1311 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, 1312 SSL_kRSA, 1313 SSL_aRSA, 1314 SSL_DES, 1315 SSL_SHA1, 1316 SSL_TLSV1, 1317 SSL_EXPORT|SSL_EXP56, 1318 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1319 56, 1320 56, 1321 }, 1322 1323 /* Cipher 63 */ 1324 { 1325 1, 1326 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1327 TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, 1328 SSL_kEDH, 1329 SSL_aDSS, 1330 SSL_DES, 1331 SSL_SHA1, 1332 SSL_TLSV1, 1333 SSL_EXPORT|SSL_EXP56, 1334 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1335 56, 1336 56, 1337 }, 1338 1339 /* Cipher 64 */ 1340 { 1341 1, 1342 TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, 1343 TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA, 1344 SSL_kRSA, 1345 SSL_aRSA, 1346 SSL_RC4, 1347 SSL_SHA1, 1348 SSL_TLSV1, 1349 SSL_EXPORT|SSL_EXP56, 1350 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1351 56, 1352 128, 1353 }, 1354 1355 /* Cipher 65 */ 1356 { 1357 1, 1358 TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1359 TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, 1360 SSL_kEDH, 1361 SSL_aDSS, 1362 SSL_RC4, 1363 SSL_SHA1, 1364 SSL_TLSV1, 1365 SSL_EXPORT|SSL_EXP56, 1366 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1367 56, 1368 128, 1369 }, 1370 1371 /* Cipher 66 */ 1372 { 1373 1, 1374 TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, 1375 TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, 1376 SSL_kEDH, 1377 SSL_aDSS, 1378 SSL_RC4, 1379 SSL_SHA1, 1380 SSL_TLSV1, 1381 SSL_NOT_EXP|SSL_MEDIUM, 1382 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1383 128, 1384 128, 1385 }, 1386 #endif 1387 1388 /* TLS v1.2 ciphersuites */ 1389 /* Cipher 67 */ 1390 { 1391 1, 1392 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 1393 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 1394 SSL_kEDH, 1395 SSL_aRSA, 1396 SSL_AES128, 1397 SSL_SHA256, 1398 SSL_TLSV1_2, 1399 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1400 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1401 128, 1402 128, 1403 }, 1404 1405 /* Cipher 68 */ 1406 { 1407 0, /* not implemented (non-ephemeral DH) */ 1408 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, 1409 TLS1_CK_DH_DSS_WITH_AES_256_SHA256, 1410 SSL_kDHd, 1411 SSL_aDH, 1412 SSL_AES256, 1413 SSL_SHA256, 1414 SSL_TLSV1_2, 1415 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1416 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1417 256, 1418 256, 1419 }, 1420 1421 /* Cipher 69 */ 1422 { 1423 0, /* not implemented (non-ephemeral DH) */ 1424 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, 1425 TLS1_CK_DH_RSA_WITH_AES_256_SHA256, 1426 SSL_kDHr, 1427 SSL_aDH, 1428 SSL_AES256, 1429 SSL_SHA256, 1430 SSL_TLSV1_2, 1431 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1432 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1433 256, 1434 256, 1435 }, 1436 1437 /* Cipher 6A */ 1438 { 1439 1, 1440 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 1441 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 1442 SSL_kEDH, 1443 SSL_aDSS, 1444 SSL_AES256, 1445 SSL_SHA256, 1446 SSL_TLSV1_2, 1447 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1448 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1449 256, 1450 256, 1451 }, 1452 1453 /* Cipher 6B */ 1454 { 1455 1, 1456 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 1457 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 1458 SSL_kEDH, 1459 SSL_aRSA, 1460 SSL_AES256, 1461 SSL_SHA256, 1462 SSL_TLSV1_2, 1463 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1464 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1465 256, 1466 256, 1467 }, 1468 1469 /* Cipher 6C */ 1470 { 1471 1, 1472 TLS1_TXT_ADH_WITH_AES_128_SHA256, 1473 TLS1_CK_ADH_WITH_AES_128_SHA256, 1474 SSL_kEDH, 1475 SSL_aNULL, 1476 SSL_AES128, 1477 SSL_SHA256, 1478 SSL_TLSV1_2, 1479 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1480 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1481 128, 1482 128, 1483 }, 1484 1485 /* Cipher 6D */ 1486 { 1487 1, 1488 TLS1_TXT_ADH_WITH_AES_256_SHA256, 1489 TLS1_CK_ADH_WITH_AES_256_SHA256, 1490 SSL_kEDH, 1491 SSL_aNULL, 1492 SSL_AES256, 1493 SSL_SHA256, 1494 SSL_TLSV1_2, 1495 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1496 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1497 256, 1498 256, 1499 }, 1500 1501 /* GOST Ciphersuites */ 1502 1503 { 1504 1, 1505 "GOST94-GOST89-GOST89", 1506 0x3000080, 1507 SSL_kGOST, 1508 SSL_aGOST94, 1509 SSL_eGOST2814789CNT, 1510 SSL_GOST89MAC, 1511 SSL_TLSV1, 1512 SSL_NOT_EXP|SSL_HIGH, 1513 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1514 256, 1515 256 1516 }, 1517 { 1518 1, 1519 "GOST2001-GOST89-GOST89", 1520 0x3000081, 1521 SSL_kGOST, 1522 SSL_aGOST01, 1523 SSL_eGOST2814789CNT, 1524 SSL_GOST89MAC, 1525 SSL_TLSV1, 1526 SSL_NOT_EXP|SSL_HIGH, 1527 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1528 256, 1529 256 1530 }, 1531 { 1532 1, 1533 "GOST94-NULL-GOST94", 1534 0x3000082, 1535 SSL_kGOST, 1536 SSL_aGOST94, 1537 SSL_eNULL, 1538 SSL_GOST94, 1539 SSL_TLSV1, 1540 SSL_NOT_EXP|SSL_STRONG_NONE, 1541 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1542 0, 1543 0 1544 }, 1545 { 1546 1, 1547 "GOST2001-NULL-GOST94", 1548 0x3000083, 1549 SSL_kGOST, 1550 SSL_aGOST01, 1551 SSL_eNULL, 1552 SSL_GOST94, 1553 SSL_TLSV1, 1554 SSL_NOT_EXP|SSL_STRONG_NONE, 1555 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1556 0, 1557 0 1558 }, 1559 1560 #ifndef OPENSSL_NO_CAMELLIA 1561 /* Camellia ciphersuites from RFC4132 (256-bit portion) */ 1562 1563 /* Cipher 84 */ 1564 { 1565 1, 1566 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1567 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1568 SSL_kRSA, 1569 SSL_aRSA, 1570 SSL_CAMELLIA256, 1571 SSL_SHA1, 1572 SSL_TLSV1, 1573 SSL_NOT_EXP|SSL_HIGH, 1574 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1575 256, 1576 256, 1577 }, 1578 /* Cipher 85 */ 1579 { 1580 0, /* not implemented (non-ephemeral DH) */ 1581 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1582 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1583 SSL_kDHd, 1584 SSL_aDH, 1585 SSL_CAMELLIA256, 1586 SSL_SHA1, 1587 SSL_TLSV1, 1588 SSL_NOT_EXP|SSL_HIGH, 1589 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1590 256, 1591 256, 1592 }, 1593 1594 /* Cipher 86 */ 1595 { 1596 0, /* not implemented (non-ephemeral DH) */ 1597 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1598 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1599 SSL_kDHr, 1600 SSL_aDH, 1601 SSL_CAMELLIA256, 1602 SSL_SHA1, 1603 SSL_TLSV1, 1604 SSL_NOT_EXP|SSL_HIGH, 1605 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1606 256, 1607 256, 1608 }, 1609 1610 /* Cipher 87 */ 1611 { 1612 1, 1613 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1614 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1615 SSL_kEDH, 1616 SSL_aDSS, 1617 SSL_CAMELLIA256, 1618 SSL_SHA1, 1619 SSL_TLSV1, 1620 SSL_NOT_EXP|SSL_HIGH, 1621 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1622 256, 1623 256, 1624 }, 1625 1626 /* Cipher 88 */ 1627 { 1628 1, 1629 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1630 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1631 SSL_kEDH, 1632 SSL_aRSA, 1633 SSL_CAMELLIA256, 1634 SSL_SHA1, 1635 SSL_TLSV1, 1636 SSL_NOT_EXP|SSL_HIGH, 1637 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1638 256, 1639 256, 1640 }, 1641 1642 /* Cipher 89 */ 1643 { 1644 1, 1645 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1646 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1647 SSL_kEDH, 1648 SSL_aNULL, 1649 SSL_CAMELLIA256, 1650 SSL_SHA1, 1651 SSL_TLSV1, 1652 SSL_NOT_EXP|SSL_HIGH, 1653 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1654 256, 1655 256, 1656 }, 1657 #endif /* OPENSSL_NO_CAMELLIA */ 1658 1659 #ifndef OPENSSL_NO_PSK 1660 /* Cipher 8A */ 1661 { 1662 1, 1663 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1664 TLS1_CK_PSK_WITH_RC4_128_SHA, 1665 SSL_kPSK, 1666 SSL_aPSK, 1667 SSL_RC4, 1668 SSL_SHA1, 1669 SSL_TLSV1, 1670 SSL_NOT_EXP|SSL_MEDIUM, 1671 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1672 128, 1673 128, 1674 }, 1675 1676 /* Cipher 8B */ 1677 { 1678 1, 1679 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1680 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1681 SSL_kPSK, 1682 SSL_aPSK, 1683 SSL_3DES, 1684 SSL_SHA1, 1685 SSL_TLSV1, 1686 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1687 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1688 112, 1689 168, 1690 }, 1691 1692 /* Cipher 8C */ 1693 { 1694 1, 1695 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1696 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1697 SSL_kPSK, 1698 SSL_aPSK, 1699 SSL_AES128, 1700 SSL_SHA1, 1701 SSL_TLSV1, 1702 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1703 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1704 128, 1705 128, 1706 }, 1707 1708 /* Cipher 8D */ 1709 { 1710 1, 1711 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1712 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1713 SSL_kPSK, 1714 SSL_aPSK, 1715 SSL_AES256, 1716 SSL_SHA1, 1717 SSL_TLSV1, 1718 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1719 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1720 256, 1721 256, 1722 }, 1723 #endif /* OPENSSL_NO_PSK */ 1724 1725 #ifndef OPENSSL_NO_SEED 1726 /* SEED ciphersuites from RFC4162 */ 1727 1728 /* Cipher 96 */ 1729 { 1730 1, 1731 TLS1_TXT_RSA_WITH_SEED_SHA, 1732 TLS1_CK_RSA_WITH_SEED_SHA, 1733 SSL_kRSA, 1734 SSL_aRSA, 1735 SSL_SEED, 1736 SSL_SHA1, 1737 SSL_TLSV1, 1738 SSL_NOT_EXP|SSL_MEDIUM, 1739 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1740 128, 1741 128, 1742 }, 1743 1744 /* Cipher 97 */ 1745 { 1746 0, /* not implemented (non-ephemeral DH) */ 1747 TLS1_TXT_DH_DSS_WITH_SEED_SHA, 1748 TLS1_CK_DH_DSS_WITH_SEED_SHA, 1749 SSL_kDHd, 1750 SSL_aDH, 1751 SSL_SEED, 1752 SSL_SHA1, 1753 SSL_TLSV1, 1754 SSL_NOT_EXP|SSL_MEDIUM, 1755 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1756 128, 1757 128, 1758 }, 1759 1760 /* Cipher 98 */ 1761 { 1762 0, /* not implemented (non-ephemeral DH) */ 1763 TLS1_TXT_DH_RSA_WITH_SEED_SHA, 1764 TLS1_CK_DH_RSA_WITH_SEED_SHA, 1765 SSL_kDHr, 1766 SSL_aDH, 1767 SSL_SEED, 1768 SSL_SHA1, 1769 SSL_TLSV1, 1770 SSL_NOT_EXP|SSL_MEDIUM, 1771 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1772 128, 1773 128, 1774 }, 1775 1776 /* Cipher 99 */ 1777 { 1778 1, 1779 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 1780 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 1781 SSL_kEDH, 1782 SSL_aDSS, 1783 SSL_SEED, 1784 SSL_SHA1, 1785 SSL_TLSV1, 1786 SSL_NOT_EXP|SSL_MEDIUM, 1787 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1788 128, 1789 128, 1790 }, 1791 1792 /* Cipher 9A */ 1793 { 1794 1, 1795 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 1796 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 1797 SSL_kEDH, 1798 SSL_aRSA, 1799 SSL_SEED, 1800 SSL_SHA1, 1801 SSL_TLSV1, 1802 SSL_NOT_EXP|SSL_MEDIUM, 1803 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1804 128, 1805 128, 1806 }, 1807 1808 /* Cipher 9B */ 1809 { 1810 1, 1811 TLS1_TXT_ADH_WITH_SEED_SHA, 1812 TLS1_CK_ADH_WITH_SEED_SHA, 1813 SSL_kEDH, 1814 SSL_aNULL, 1815 SSL_SEED, 1816 SSL_SHA1, 1817 SSL_TLSV1, 1818 SSL_NOT_EXP|SSL_MEDIUM, 1819 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1820 128, 1821 128, 1822 }, 1823 1824 #endif /* OPENSSL_NO_SEED */ 1825 1826 /* GCM ciphersuites from RFC5288 */ 1827 1828 /* Cipher 9C */ 1829 { 1830 1, 1831 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1832 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1833 SSL_kRSA, 1834 SSL_aRSA, 1835 SSL_AES128GCM, 1836 SSL_AEAD, 1837 SSL_TLSV1_2, 1838 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1839 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1840 128, 1841 128, 1842 }, 1843 1844 /* Cipher 9D */ 1845 { 1846 1, 1847 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1848 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1849 SSL_kRSA, 1850 SSL_aRSA, 1851 SSL_AES256GCM, 1852 SSL_AEAD, 1853 SSL_TLSV1_2, 1854 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1855 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1856 256, 1857 256, 1858 }, 1859 1860 /* Cipher 9E */ 1861 { 1862 1, 1863 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1864 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1865 SSL_kEDH, 1866 SSL_aRSA, 1867 SSL_AES128GCM, 1868 SSL_AEAD, 1869 SSL_TLSV1_2, 1870 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1871 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1872 128, 1873 128, 1874 }, 1875 1876 /* Cipher 9F */ 1877 { 1878 1, 1879 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1880 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1881 SSL_kEDH, 1882 SSL_aRSA, 1883 SSL_AES256GCM, 1884 SSL_AEAD, 1885 SSL_TLSV1_2, 1886 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1887 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1888 256, 1889 256, 1890 }, 1891 1892 /* Cipher A0 */ 1893 { 1894 0, 1895 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1896 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1897 SSL_kDHr, 1898 SSL_aDH, 1899 SSL_AES128GCM, 1900 SSL_AEAD, 1901 SSL_TLSV1_2, 1902 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1903 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1904 128, 1905 128, 1906 }, 1907 1908 /* Cipher A1 */ 1909 { 1910 0, 1911 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1912 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1913 SSL_kDHr, 1914 SSL_aDH, 1915 SSL_AES256GCM, 1916 SSL_AEAD, 1917 SSL_TLSV1_2, 1918 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1919 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1920 256, 1921 256, 1922 }, 1923 1924 /* Cipher A2 */ 1925 { 1926 1, 1927 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 1928 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 1929 SSL_kEDH, 1930 SSL_aDSS, 1931 SSL_AES128GCM, 1932 SSL_AEAD, 1933 SSL_TLSV1_2, 1934 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1935 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1936 128, 1937 128, 1938 }, 1939 1940 /* Cipher A3 */ 1941 { 1942 1, 1943 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 1944 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 1945 SSL_kEDH, 1946 SSL_aDSS, 1947 SSL_AES256GCM, 1948 SSL_AEAD, 1949 SSL_TLSV1_2, 1950 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1951 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1952 256, 1953 256, 1954 }, 1955 1956 /* Cipher A4 */ 1957 { 1958 0, 1959 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 1960 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 1961 SSL_kDHd, 1962 SSL_aDH, 1963 SSL_AES128GCM, 1964 SSL_AEAD, 1965 SSL_TLSV1_2, 1966 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1967 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1968 128, 1969 128, 1970 }, 1971 1972 /* Cipher A5 */ 1973 { 1974 0, 1975 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 1976 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 1977 SSL_kDHd, 1978 SSL_aDH, 1979 SSL_AES256GCM, 1980 SSL_AEAD, 1981 SSL_TLSV1_2, 1982 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1983 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1984 256, 1985 256, 1986 }, 1987 1988 /* Cipher A6 */ 1989 { 1990 1, 1991 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 1992 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 1993 SSL_kEDH, 1994 SSL_aNULL, 1995 SSL_AES128GCM, 1996 SSL_AEAD, 1997 SSL_TLSV1_2, 1998 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1999 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2000 128, 2001 128, 2002 }, 2003 2004 /* Cipher A7 */ 2005 { 2006 1, 2007 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 2008 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 2009 SSL_kEDH, 2010 SSL_aNULL, 2011 SSL_AES256GCM, 2012 SSL_AEAD, 2013 SSL_TLSV1_2, 2014 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2015 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2016 256, 2017 256, 2018 }, 2019 2020 #ifndef OPENSSL_NO_ECDH 2021 /* Cipher C001 */ 2022 { 2023 1, 2024 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 2025 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 2026 SSL_kECDHe, 2027 SSL_aECDH, 2028 SSL_eNULL, 2029 SSL_SHA1, 2030 SSL_TLSV1, 2031 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2032 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2033 0, 2034 0, 2035 }, 2036 2037 /* Cipher C002 */ 2038 { 2039 1, 2040 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 2041 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 2042 SSL_kECDHe, 2043 SSL_aECDH, 2044 SSL_RC4, 2045 SSL_SHA1, 2046 SSL_TLSV1, 2047 SSL_NOT_EXP|SSL_MEDIUM, 2048 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2049 128, 2050 128, 2051 }, 2052 2053 /* Cipher C003 */ 2054 { 2055 1, 2056 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2057 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 2058 SSL_kECDHe, 2059 SSL_aECDH, 2060 SSL_3DES, 2061 SSL_SHA1, 2062 SSL_TLSV1, 2063 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2064 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2065 112, 2066 168, 2067 }, 2068 2069 /* Cipher C004 */ 2070 { 2071 1, 2072 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2073 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 2074 SSL_kECDHe, 2075 SSL_aECDH, 2076 SSL_AES128, 2077 SSL_SHA1, 2078 SSL_TLSV1, 2079 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2080 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2081 128, 2082 128, 2083 }, 2084 2085 /* Cipher C005 */ 2086 { 2087 1, 2088 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2089 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 2090 SSL_kECDHe, 2091 SSL_aECDH, 2092 SSL_AES256, 2093 SSL_SHA1, 2094 SSL_TLSV1, 2095 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2096 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2097 256, 2098 256, 2099 }, 2100 2101 /* Cipher C006 */ 2102 { 2103 1, 2104 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 2105 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 2106 SSL_kEECDH, 2107 SSL_aECDSA, 2108 SSL_eNULL, 2109 SSL_SHA1, 2110 SSL_TLSV1, 2111 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2112 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2113 0, 2114 0, 2115 }, 2116 2117 /* Cipher C007 */ 2118 { 2119 1, 2120 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 2121 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 2122 SSL_kEECDH, 2123 SSL_aECDSA, 2124 SSL_RC4, 2125 SSL_SHA1, 2126 SSL_TLSV1, 2127 SSL_NOT_EXP|SSL_MEDIUM, 2128 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2129 128, 2130 128, 2131 }, 2132 2133 /* Cipher C008 */ 2134 { 2135 1, 2136 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2137 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 2138 SSL_kEECDH, 2139 SSL_aECDSA, 2140 SSL_3DES, 2141 SSL_SHA1, 2142 SSL_TLSV1, 2143 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2144 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2145 112, 2146 168, 2147 }, 2148 2149 /* Cipher C009 */ 2150 { 2151 1, 2152 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2153 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 2154 SSL_kEECDH, 2155 SSL_aECDSA, 2156 SSL_AES128, 2157 SSL_SHA1, 2158 SSL_TLSV1, 2159 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2160 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2161 128, 2162 128, 2163 }, 2164 2165 /* Cipher C00A */ 2166 { 2167 1, 2168 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2169 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 2170 SSL_kEECDH, 2171 SSL_aECDSA, 2172 SSL_AES256, 2173 SSL_SHA1, 2174 SSL_TLSV1, 2175 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2176 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2177 256, 2178 256, 2179 }, 2180 2181 /* Cipher C00B */ 2182 { 2183 1, 2184 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 2185 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 2186 SSL_kECDHr, 2187 SSL_aECDH, 2188 SSL_eNULL, 2189 SSL_SHA1, 2190 SSL_TLSV1, 2191 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2192 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2193 0, 2194 0, 2195 }, 2196 2197 /* Cipher C00C */ 2198 { 2199 1, 2200 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 2201 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 2202 SSL_kECDHr, 2203 SSL_aECDH, 2204 SSL_RC4, 2205 SSL_SHA1, 2206 SSL_TLSV1, 2207 SSL_NOT_EXP|SSL_MEDIUM, 2208 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2209 128, 2210 128, 2211 }, 2212 2213 /* Cipher C00D */ 2214 { 2215 1, 2216 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2217 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 2218 SSL_kECDHr, 2219 SSL_aECDH, 2220 SSL_3DES, 2221 SSL_SHA1, 2222 SSL_TLSV1, 2223 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2224 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2225 112, 2226 168, 2227 }, 2228 2229 /* Cipher C00E */ 2230 { 2231 1, 2232 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 2233 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 2234 SSL_kECDHr, 2235 SSL_aECDH, 2236 SSL_AES128, 2237 SSL_SHA1, 2238 SSL_TLSV1, 2239 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2240 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2241 128, 2242 128, 2243 }, 2244 2245 /* Cipher C00F */ 2246 { 2247 1, 2248 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 2249 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 2250 SSL_kECDHr, 2251 SSL_aECDH, 2252 SSL_AES256, 2253 SSL_SHA1, 2254 SSL_TLSV1, 2255 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2256 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2257 256, 2258 256, 2259 }, 2260 2261 /* Cipher C010 */ 2262 { 2263 1, 2264 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 2265 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 2266 SSL_kEECDH, 2267 SSL_aRSA, 2268 SSL_eNULL, 2269 SSL_SHA1, 2270 SSL_TLSV1, 2271 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2272 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2273 0, 2274 0, 2275 }, 2276 2277 /* Cipher C011 */ 2278 { 2279 1, 2280 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 2281 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 2282 SSL_kEECDH, 2283 SSL_aRSA, 2284 SSL_RC4, 2285 SSL_SHA1, 2286 SSL_TLSV1, 2287 SSL_NOT_EXP|SSL_MEDIUM, 2288 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2289 128, 2290 128, 2291 }, 2292 2293 /* Cipher C012 */ 2294 { 2295 1, 2296 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2297 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 2298 SSL_kEECDH, 2299 SSL_aRSA, 2300 SSL_3DES, 2301 SSL_SHA1, 2302 SSL_TLSV1, 2303 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2304 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2305 112, 2306 168, 2307 }, 2308 2309 /* Cipher C013 */ 2310 { 2311 1, 2312 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2313 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 2314 SSL_kEECDH, 2315 SSL_aRSA, 2316 SSL_AES128, 2317 SSL_SHA1, 2318 SSL_TLSV1, 2319 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2320 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2321 128, 2322 128, 2323 }, 2324 2325 /* Cipher C014 */ 2326 { 2327 1, 2328 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2329 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 2330 SSL_kEECDH, 2331 SSL_aRSA, 2332 SSL_AES256, 2333 SSL_SHA1, 2334 SSL_TLSV1, 2335 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2336 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2337 256, 2338 256, 2339 }, 2340 2341 /* Cipher C015 */ 2342 { 2343 1, 2344 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 2345 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 2346 SSL_kEECDH, 2347 SSL_aNULL, 2348 SSL_eNULL, 2349 SSL_SHA1, 2350 SSL_TLSV1, 2351 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 2352 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2353 0, 2354 0, 2355 }, 2356 2357 /* Cipher C016 */ 2358 { 2359 1, 2360 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 2361 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 2362 SSL_kEECDH, 2363 SSL_aNULL, 2364 SSL_RC4, 2365 SSL_SHA1, 2366 SSL_TLSV1, 2367 SSL_NOT_EXP|SSL_MEDIUM, 2368 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2369 128, 2370 128, 2371 }, 2372 2373 /* Cipher C017 */ 2374 { 2375 1, 2376 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 2377 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 2378 SSL_kEECDH, 2379 SSL_aNULL, 2380 SSL_3DES, 2381 SSL_SHA1, 2382 SSL_TLSV1, 2383 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2384 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2385 112, 2386 168, 2387 }, 2388 2389 /* Cipher C018 */ 2390 { 2391 1, 2392 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 2393 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 2394 SSL_kEECDH, 2395 SSL_aNULL, 2396 SSL_AES128, 2397 SSL_SHA1, 2398 SSL_TLSV1, 2399 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2400 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2401 128, 2402 128, 2403 }, 2404 2405 /* Cipher C019 */ 2406 { 2407 1, 2408 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 2409 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 2410 SSL_kEECDH, 2411 SSL_aNULL, 2412 SSL_AES256, 2413 SSL_SHA1, 2414 SSL_TLSV1, 2415 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2416 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2417 256, 2418 256, 2419 }, 2420 #endif /* OPENSSL_NO_ECDH */ 2421 2422 #ifndef OPENSSL_NO_SRP 2423 /* Cipher C01A */ 2424 { 2425 1, 2426 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2427 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 2428 SSL_kSRP, 2429 SSL_aSRP, 2430 SSL_3DES, 2431 SSL_SHA1, 2432 SSL_TLSV1, 2433 SSL_NOT_EXP|SSL_HIGH, 2434 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2435 112, 2436 168, 2437 }, 2438 2439 /* Cipher C01B */ 2440 { 2441 1, 2442 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2443 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 2444 SSL_kSRP, 2445 SSL_aRSA, 2446 SSL_3DES, 2447 SSL_SHA1, 2448 SSL_TLSV1, 2449 SSL_NOT_EXP|SSL_HIGH, 2450 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2451 112, 2452 168, 2453 }, 2454 2455 /* Cipher C01C */ 2456 { 2457 1, 2458 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2459 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 2460 SSL_kSRP, 2461 SSL_aDSS, 2462 SSL_3DES, 2463 SSL_SHA1, 2464 SSL_TLSV1, 2465 SSL_NOT_EXP|SSL_HIGH, 2466 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2467 112, 2468 168, 2469 }, 2470 2471 /* Cipher C01D */ 2472 { 2473 1, 2474 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, 2475 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, 2476 SSL_kSRP, 2477 SSL_aSRP, 2478 SSL_AES128, 2479 SSL_SHA1, 2480 SSL_TLSV1, 2481 SSL_NOT_EXP|SSL_HIGH, 2482 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2483 128, 2484 128, 2485 }, 2486 2487 /* Cipher C01E */ 2488 { 2489 1, 2490 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2491 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 2492 SSL_kSRP, 2493 SSL_aRSA, 2494 SSL_AES128, 2495 SSL_SHA1, 2496 SSL_TLSV1, 2497 SSL_NOT_EXP|SSL_HIGH, 2498 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2499 128, 2500 128, 2501 }, 2502 2503 /* Cipher C01F */ 2504 { 2505 1, 2506 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2507 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 2508 SSL_kSRP, 2509 SSL_aDSS, 2510 SSL_AES128, 2511 SSL_SHA1, 2512 SSL_TLSV1, 2513 SSL_NOT_EXP|SSL_HIGH, 2514 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2515 128, 2516 128, 2517 }, 2518 2519 /* Cipher C020 */ 2520 { 2521 1, 2522 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, 2523 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, 2524 SSL_kSRP, 2525 SSL_aSRP, 2526 SSL_AES256, 2527 SSL_SHA1, 2528 SSL_TLSV1, 2529 SSL_NOT_EXP|SSL_HIGH, 2530 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2531 256, 2532 256, 2533 }, 2534 2535 /* Cipher C021 */ 2536 { 2537 1, 2538 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2539 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2540 SSL_kSRP, 2541 SSL_aRSA, 2542 SSL_AES256, 2543 SSL_SHA1, 2544 SSL_TLSV1, 2545 SSL_NOT_EXP|SSL_HIGH, 2546 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2547 256, 2548 256, 2549 }, 2550 2551 /* Cipher C022 */ 2552 { 2553 1, 2554 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2555 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2556 SSL_kSRP, 2557 SSL_aDSS, 2558 SSL_AES256, 2559 SSL_SHA1, 2560 SSL_TLSV1, 2561 SSL_NOT_EXP|SSL_HIGH, 2562 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2563 256, 2564 256, 2565 }, 2566 #endif /* OPENSSL_NO_SRP */ 2567 #ifndef OPENSSL_NO_ECDH 2568 2569 /* HMAC based TLS v1.2 ciphersuites from RFC5289 */ 2570 2571 /* Cipher C023 */ 2572 { 2573 1, 2574 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 2575 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 2576 SSL_kEECDH, 2577 SSL_aECDSA, 2578 SSL_AES128, 2579 SSL_SHA256, 2580 SSL_TLSV1_2, 2581 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2582 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2583 128, 2584 128, 2585 }, 2586 2587 /* Cipher C024 */ 2588 { 2589 1, 2590 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 2591 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 2592 SSL_kEECDH, 2593 SSL_aECDSA, 2594 SSL_AES256, 2595 SSL_SHA384, 2596 SSL_TLSV1_2, 2597 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2598 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2599 256, 2600 256, 2601 }, 2602 2603 /* Cipher C025 */ 2604 { 2605 1, 2606 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256, 2607 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256, 2608 SSL_kECDHe, 2609 SSL_aECDH, 2610 SSL_AES128, 2611 SSL_SHA256, 2612 SSL_TLSV1_2, 2613 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2614 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2615 128, 2616 128, 2617 }, 2618 2619 /* Cipher C026 */ 2620 { 2621 1, 2622 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384, 2623 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384, 2624 SSL_kECDHe, 2625 SSL_aECDH, 2626 SSL_AES256, 2627 SSL_SHA384, 2628 SSL_TLSV1_2, 2629 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2630 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2631 256, 2632 256, 2633 }, 2634 2635 /* Cipher C027 */ 2636 { 2637 1, 2638 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 2639 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 2640 SSL_kEECDH, 2641 SSL_aRSA, 2642 SSL_AES128, 2643 SSL_SHA256, 2644 SSL_TLSV1_2, 2645 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2646 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2647 128, 2648 128, 2649 }, 2650 2651 /* Cipher C028 */ 2652 { 2653 1, 2654 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 2655 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 2656 SSL_kEECDH, 2657 SSL_aRSA, 2658 SSL_AES256, 2659 SSL_SHA384, 2660 SSL_TLSV1_2, 2661 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2662 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2663 256, 2664 256, 2665 }, 2666 2667 /* Cipher C029 */ 2668 { 2669 1, 2670 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, 2671 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, 2672 SSL_kECDHr, 2673 SSL_aECDH, 2674 SSL_AES128, 2675 SSL_SHA256, 2676 SSL_TLSV1_2, 2677 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2678 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2679 128, 2680 128, 2681 }, 2682 2683 /* Cipher C02A */ 2684 { 2685 1, 2686 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, 2687 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, 2688 SSL_kECDHr, 2689 SSL_aECDH, 2690 SSL_AES256, 2691 SSL_SHA384, 2692 SSL_TLSV1_2, 2693 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2694 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2695 256, 2696 256, 2697 }, 2698 2699 /* GCM based TLS v1.2 ciphersuites from RFC5289 */ 2700 2701 /* Cipher C02B */ 2702 { 2703 1, 2704 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2705 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2706 SSL_kEECDH, 2707 SSL_aECDSA, 2708 SSL_AES128GCM, 2709 SSL_AEAD, 2710 SSL_TLSV1_2, 2711 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2712 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2713 128, 2714 128, 2715 }, 2716 2717 /* Cipher C02C */ 2718 { 2719 1, 2720 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2721 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2722 SSL_kEECDH, 2723 SSL_aECDSA, 2724 SSL_AES256GCM, 2725 SSL_AEAD, 2726 SSL_TLSV1_2, 2727 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2728 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2729 256, 2730 256, 2731 }, 2732 2733 /* Cipher C02D */ 2734 { 2735 1, 2736 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2737 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2738 SSL_kECDHe, 2739 SSL_aECDH, 2740 SSL_AES128GCM, 2741 SSL_AEAD, 2742 SSL_TLSV1_2, 2743 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2744 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2745 128, 2746 128, 2747 }, 2748 2749 /* Cipher C02E */ 2750 { 2751 1, 2752 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2753 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2754 SSL_kECDHe, 2755 SSL_aECDH, 2756 SSL_AES256GCM, 2757 SSL_AEAD, 2758 SSL_TLSV1_2, 2759 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2760 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2761 256, 2762 256, 2763 }, 2764 2765 /* Cipher C02F */ 2766 { 2767 1, 2768 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2769 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2770 SSL_kEECDH, 2771 SSL_aRSA, 2772 SSL_AES128GCM, 2773 SSL_AEAD, 2774 SSL_TLSV1_2, 2775 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2776 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2777 128, 2778 128, 2779 }, 2780 2781 /* Cipher C030 */ 2782 { 2783 1, 2784 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2785 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2786 SSL_kEECDH, 2787 SSL_aRSA, 2788 SSL_AES256GCM, 2789 SSL_AEAD, 2790 SSL_TLSV1_2, 2791 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2792 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2793 256, 2794 256, 2795 }, 2796 2797 /* Cipher C031 */ 2798 { 2799 1, 2800 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2801 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2802 SSL_kECDHr, 2803 SSL_aECDH, 2804 SSL_AES128GCM, 2805 SSL_AEAD, 2806 SSL_TLSV1_2, 2807 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2808 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2809 128, 2810 128, 2811 }, 2812 2813 /* Cipher C032 */ 2814 { 2815 1, 2816 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2817 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2818 SSL_kECDHr, 2819 SSL_aECDH, 2820 SSL_AES256GCM, 2821 SSL_AEAD, 2822 SSL_TLSV1_2, 2823 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2824 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2825 256, 2826 256, 2827 }, 2828 2829 #ifndef OPENSSL_NO_PSK 2830 /* ECDH PSK ciphersuites from RFC 5489 */ 2831 /* Cipher C035 */ 2832 { 2833 1, 2834 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA, 2835 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA, 2836 SSL_kEECDH, 2837 SSL_aPSK, 2838 SSL_AES128, 2839 SSL_SHA1, 2840 SSL_TLSV1, 2841 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2842 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2843 128, 2844 128, 2845 }, 2846 2847 /* Cipher C036 */ 2848 { 2849 1, 2850 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA, 2851 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA, 2852 SSL_kEECDH, 2853 SSL_aPSK, 2854 SSL_AES256, 2855 SSL_SHA1, 2856 SSL_TLSV1, 2857 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2858 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2859 256, 2860 256, 2861 }, 2862 #endif /* OPENSSL_NO_PSK */ 2863 2864 #endif /* OPENSSL_NO_ECDH */ 2865 2866 2867 #ifdef TEMP_GOST_TLS 2868 /* Cipher FF00 */ 2869 { 2870 1, 2871 "GOST-MD5", 2872 0x0300ff00, 2873 SSL_kRSA, 2874 SSL_aRSA, 2875 SSL_eGOST2814789CNT, 2876 SSL_MD5, 2877 SSL_TLSV1, 2878 SSL_NOT_EXP|SSL_HIGH, 2879 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2880 256, 2881 256, 2882 }, 2883 { 2884 1, 2885 "GOST-GOST94", 2886 0x0300ff01, 2887 SSL_kRSA, 2888 SSL_aRSA, 2889 SSL_eGOST2814789CNT, 2890 SSL_GOST94, 2891 SSL_TLSV1, 2892 SSL_NOT_EXP|SSL_HIGH, 2893 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2894 256, 2895 256 2896 }, 2897 { 2898 1, 2899 "GOST-GOST89MAC", 2900 0x0300ff02, 2901 SSL_kRSA, 2902 SSL_aRSA, 2903 SSL_eGOST2814789CNT, 2904 SSL_GOST89MAC, 2905 SSL_TLSV1, 2906 SSL_NOT_EXP|SSL_HIGH, 2907 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2908 256, 2909 256 2910 }, 2911 { 2912 1, 2913 "GOST-GOST89STREAM", 2914 0x0300ff03, 2915 SSL_kRSA, 2916 SSL_aRSA, 2917 SSL_eGOST2814789CNT, 2918 SSL_GOST89MAC, 2919 SSL_TLSV1, 2920 SSL_NOT_EXP|SSL_HIGH, 2921 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC, 2922 256, 2923 256 2924 }, 2925 #endif 2926 2927 /* end of list */ 2928 }; 2929 2930 SSL3_ENC_METHOD SSLv3_enc_data={ 2931 ssl3_enc, 2932 n_ssl3_mac, 2933 ssl3_setup_key_block, 2934 ssl3_generate_master_secret, 2935 ssl3_change_cipher_state, 2936 ssl3_final_finish_mac, 2937 MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, 2938 ssl3_cert_verify_mac, 2939 SSL3_MD_CLIENT_FINISHED_CONST,4, 2940 SSL3_MD_SERVER_FINISHED_CONST,4, 2941 ssl3_alert_code, 2942 (int (*)(SSL *, unsigned char *, size_t, const char *, 2943 size_t, const unsigned char *, size_t, 2944 int use_context))ssl_undefined_function, 2945 }; 2946 2947 long ssl3_default_timeout(void) 2948 { 2949 /* 2 hours, the 24 hours mentioned in the SSLv3 spec 2950 * is way too long for http, the cache would over fill */ 2951 return(60*60*2); 2952 } 2953 2954 int ssl3_num_ciphers(void) 2955 { 2956 return(SSL3_NUM_CIPHERS); 2957 } 2958 2959 const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 2960 { 2961 if (u < SSL3_NUM_CIPHERS) 2962 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u])); 2963 else 2964 return(NULL); 2965 } 2966 2967 int ssl3_pending(const SSL *s) 2968 { 2969 if (s->rstate == SSL_ST_READ_BODY) 2970 return 0; 2971 2972 return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; 2973 } 2974 2975 int ssl3_new(SSL *s) 2976 { 2977 SSL3_STATE *s3; 2978 2979 if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err; 2980 memset(s3,0,sizeof *s3); 2981 memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num)); 2982 memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num)); 2983 2984 s->s3=s3; 2985 2986 #ifndef OPENSSL_NO_SRP 2987 SSL_SRP_CTX_init(s); 2988 #endif 2989 #if !defined(OPENSSL_NO_TLSEXT) 2990 s->tlsext_channel_id_enabled = s->ctx->tlsext_channel_id_enabled; 2991 if (s->ctx->tlsext_channel_id_private) 2992 s->tlsext_channel_id_private = EVP_PKEY_dup(s->ctx->tlsext_channel_id_private); 2993 #endif 2994 s->method->ssl_clear(s); 2995 return(1); 2996 err: 2997 return(0); 2998 } 2999 3000 void ssl3_free(SSL *s) 3001 { 3002 if(s == NULL) 3003 return; 3004 3005 #ifdef TLSEXT_TYPE_opaque_prf_input 3006 if (s->s3->client_opaque_prf_input != NULL) 3007 OPENSSL_free(s->s3->client_opaque_prf_input); 3008 if (s->s3->server_opaque_prf_input != NULL) 3009 OPENSSL_free(s->s3->server_opaque_prf_input); 3010 #endif 3011 3012 ssl3_cleanup_key_block(s); 3013 if (s->s3->rbuf.buf != NULL) 3014 ssl3_release_read_buffer(s); 3015 if (s->s3->wbuf.buf != NULL) 3016 ssl3_release_write_buffer(s); 3017 if (s->s3->rrec.comp != NULL) 3018 OPENSSL_free(s->s3->rrec.comp); 3019 #ifndef OPENSSL_NO_DH 3020 if (s->s3->tmp.dh != NULL) 3021 DH_free(s->s3->tmp.dh); 3022 #endif 3023 #ifndef OPENSSL_NO_ECDH 3024 if (s->s3->tmp.ecdh != NULL) 3025 EC_KEY_free(s->s3->tmp.ecdh); 3026 #endif 3027 3028 if (s->s3->tmp.ca_names != NULL) 3029 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); 3030 if (s->s3->handshake_buffer) { 3031 BIO_free(s->s3->handshake_buffer); 3032 } 3033 if (s->s3->handshake_dgst) ssl3_free_digest_list(s); 3034 #ifndef OPENSSL_NO_TLSEXT 3035 if (s->s3->alpn_selected) 3036 OPENSSL_free(s->s3->alpn_selected); 3037 #endif 3038 3039 #ifndef OPENSSL_NO_SRP 3040 SSL_SRP_CTX_free(s); 3041 #endif 3042 OPENSSL_cleanse(s->s3,sizeof *s->s3); 3043 OPENSSL_free(s->s3); 3044 s->s3=NULL; 3045 } 3046 3047 void ssl3_clear(SSL *s) 3048 { 3049 unsigned char *rp,*wp; 3050 size_t rlen, wlen; 3051 int init_extra; 3052 3053 #ifdef TLSEXT_TYPE_opaque_prf_input 3054 if (s->s3->client_opaque_prf_input != NULL) 3055 OPENSSL_free(s->s3->client_opaque_prf_input); 3056 s->s3->client_opaque_prf_input = NULL; 3057 if (s->s3->server_opaque_prf_input != NULL) 3058 OPENSSL_free(s->s3->server_opaque_prf_input); 3059 s->s3->server_opaque_prf_input = NULL; 3060 #endif 3061 3062 ssl3_cleanup_key_block(s); 3063 if (s->s3->tmp.ca_names != NULL) 3064 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); 3065 3066 if (s->s3->rrec.comp != NULL) 3067 { 3068 OPENSSL_free(s->s3->rrec.comp); 3069 s->s3->rrec.comp=NULL; 3070 } 3071 #ifndef OPENSSL_NO_DH 3072 if (s->s3->tmp.dh != NULL) 3073 { 3074 DH_free(s->s3->tmp.dh); 3075 s->s3->tmp.dh = NULL; 3076 } 3077 #endif 3078 #ifndef OPENSSL_NO_ECDH 3079 if (s->s3->tmp.ecdh != NULL) 3080 { 3081 EC_KEY_free(s->s3->tmp.ecdh); 3082 s->s3->tmp.ecdh = NULL; 3083 } 3084 #endif 3085 #ifndef OPENSSL_NO_TLSEXT 3086 #ifndef OPENSSL_NO_EC 3087 s->s3->is_probably_safari = 0; 3088 #endif /* !OPENSSL_NO_EC */ 3089 #endif /* !OPENSSL_NO_TLSEXT */ 3090 3091 rp = s->s3->rbuf.buf; 3092 wp = s->s3->wbuf.buf; 3093 rlen = s->s3->rbuf.len; 3094 wlen = s->s3->wbuf.len; 3095 init_extra = s->s3->init_extra; 3096 if (s->s3->handshake_buffer) { 3097 BIO_free(s->s3->handshake_buffer); 3098 s->s3->handshake_buffer = NULL; 3099 } 3100 if (s->s3->handshake_dgst) { 3101 ssl3_free_digest_list(s); 3102 } 3103 3104 #if !defined(OPENSSL_NO_TLSEXT) 3105 if (s->s3->alpn_selected) 3106 { 3107 free(s->s3->alpn_selected); 3108 s->s3->alpn_selected = NULL; 3109 } 3110 #endif 3111 memset(s->s3,0,sizeof *s->s3); 3112 s->s3->rbuf.buf = rp; 3113 s->s3->wbuf.buf = wp; 3114 s->s3->rbuf.len = rlen; 3115 s->s3->wbuf.len = wlen; 3116 s->s3->init_extra = init_extra; 3117 3118 ssl_free_wbio_buffer(s); 3119 3120 s->packet_length=0; 3121 s->s3->renegotiate=0; 3122 s->s3->total_renegotiations=0; 3123 s->s3->num_renegotiations=0; 3124 s->s3->in_read_app_data=0; 3125 s->version=SSL3_VERSION; 3126 3127 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 3128 if (s->next_proto_negotiated) 3129 { 3130 OPENSSL_free(s->next_proto_negotiated); 3131 s->next_proto_negotiated = NULL; 3132 s->next_proto_negotiated_len = 0; 3133 } 3134 #endif 3135 3136 #if !defined(OPENSSL_NO_TLSEXT) 3137 s->s3->tlsext_channel_id_valid = 0; 3138 #endif 3139 } 3140 3141 #ifndef OPENSSL_NO_SRP 3142 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg) 3143 { 3144 return BUF_strdup(s->srp_ctx.info) ; 3145 } 3146 #endif 3147 3148 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 3149 { 3150 int ret=0; 3151 3152 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3153 if ( 3154 #ifndef OPENSSL_NO_RSA 3155 cmd == SSL_CTRL_SET_TMP_RSA || 3156 cmd == SSL_CTRL_SET_TMP_RSA_CB || 3157 #endif 3158 #ifndef OPENSSL_NO_DSA 3159 cmd == SSL_CTRL_SET_TMP_DH || 3160 cmd == SSL_CTRL_SET_TMP_DH_CB || 3161 #endif 3162 0) 3163 { 3164 if (!ssl_cert_inst(&s->cert)) 3165 { 3166 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 3167 return(0); 3168 } 3169 } 3170 #endif 3171 3172 switch (cmd) 3173 { 3174 case SSL_CTRL_GET_SESSION_REUSED: 3175 ret=s->hit; 3176 break; 3177 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 3178 break; 3179 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 3180 ret=s->s3->num_renegotiations; 3181 break; 3182 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 3183 ret=s->s3->num_renegotiations; 3184 s->s3->num_renegotiations=0; 3185 break; 3186 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 3187 ret=s->s3->total_renegotiations; 3188 break; 3189 case SSL_CTRL_GET_FLAGS: 3190 ret=(int)(s->s3->flags); 3191 break; 3192 #ifndef OPENSSL_NO_RSA 3193 case SSL_CTRL_NEED_TMP_RSA: 3194 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && 3195 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3196 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))) 3197 ret = 1; 3198 break; 3199 case SSL_CTRL_SET_TMP_RSA: 3200 { 3201 RSA *rsa = (RSA *)parg; 3202 if (rsa == NULL) 3203 { 3204 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3205 return(ret); 3206 } 3207 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) 3208 { 3209 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); 3210 return(ret); 3211 } 3212 if (s->cert->rsa_tmp != NULL) 3213 RSA_free(s->cert->rsa_tmp); 3214 s->cert->rsa_tmp = rsa; 3215 ret = 1; 3216 } 3217 break; 3218 case SSL_CTRL_SET_TMP_RSA_CB: 3219 { 3220 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3221 return(ret); 3222 } 3223 break; 3224 #endif 3225 #ifndef OPENSSL_NO_DH 3226 case SSL_CTRL_SET_TMP_DH: 3227 { 3228 DH *dh = (DH *)parg; 3229 if (dh == NULL) 3230 { 3231 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3232 return(ret); 3233 } 3234 if ((dh = DHparams_dup(dh)) == NULL) 3235 { 3236 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3237 return(ret); 3238 } 3239 if (!(s->options & SSL_OP_SINGLE_DH_USE)) 3240 { 3241 if (!DH_generate_key(dh)) 3242 { 3243 DH_free(dh); 3244 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); 3245 return(ret); 3246 } 3247 } 3248 if (s->cert->dh_tmp != NULL) 3249 DH_free(s->cert->dh_tmp); 3250 s->cert->dh_tmp = dh; 3251 ret = 1; 3252 } 3253 break; 3254 case SSL_CTRL_SET_TMP_DH_CB: 3255 { 3256 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3257 return(ret); 3258 } 3259 break; 3260 #endif 3261 #ifndef OPENSSL_NO_ECDH 3262 case SSL_CTRL_SET_TMP_ECDH: 3263 { 3264 EC_KEY *ecdh = NULL; 3265 3266 if (parg == NULL) 3267 { 3268 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3269 return(ret); 3270 } 3271 if (!EC_KEY_up_ref((EC_KEY *)parg)) 3272 { 3273 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB); 3274 return(ret); 3275 } 3276 ecdh = (EC_KEY *)parg; 3277 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) 3278 { 3279 if (!EC_KEY_generate_key(ecdh)) 3280 { 3281 EC_KEY_free(ecdh); 3282 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB); 3283 return(ret); 3284 } 3285 } 3286 if (s->cert->ecdh_tmp != NULL) 3287 EC_KEY_free(s->cert->ecdh_tmp); 3288 s->cert->ecdh_tmp = ecdh; 3289 ret = 1; 3290 } 3291 break; 3292 case SSL_CTRL_SET_TMP_ECDH_CB: 3293 { 3294 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3295 return(ret); 3296 } 3297 break; 3298 #endif /* !OPENSSL_NO_ECDH */ 3299 #ifndef OPENSSL_NO_TLSEXT 3300 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 3301 if (larg == TLSEXT_NAMETYPE_host_name) 3302 { 3303 if (s->tlsext_hostname != NULL) 3304 OPENSSL_free(s->tlsext_hostname); 3305 s->tlsext_hostname = NULL; 3306 3307 ret = 1; 3308 if (parg == NULL) 3309 break; 3310 if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) 3311 { 3312 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 3313 return 0; 3314 } 3315 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) 3316 { 3317 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 3318 return 0; 3319 } 3320 } 3321 else 3322 { 3323 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 3324 return 0; 3325 } 3326 break; 3327 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 3328 s->tlsext_debug_arg=parg; 3329 ret = 1; 3330 break; 3331 3332 #ifdef TLSEXT_TYPE_opaque_prf_input 3333 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: 3334 if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message 3335 * (including the cert chain and everything) */ 3336 { 3337 SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); 3338 break; 3339 } 3340 if (s->tlsext_opaque_prf_input != NULL) 3341 OPENSSL_free(s->tlsext_opaque_prf_input); 3342 if ((size_t)larg == 0) 3343 s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ 3344 else 3345 s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); 3346 if (s->tlsext_opaque_prf_input != NULL) 3347 { 3348 s->tlsext_opaque_prf_input_len = (size_t)larg; 3349 ret = 1; 3350 } 3351 else 3352 s->tlsext_opaque_prf_input_len = 0; 3353 break; 3354 #endif 3355 3356 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3357 s->tlsext_status_type=larg; 3358 ret = 1; 3359 break; 3360 3361 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 3362 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; 3363 ret = 1; 3364 break; 3365 3366 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 3367 s->tlsext_ocsp_exts = parg; 3368 ret = 1; 3369 break; 3370 3371 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 3372 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; 3373 ret = 1; 3374 break; 3375 3376 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 3377 s->tlsext_ocsp_ids = parg; 3378 ret = 1; 3379 break; 3380 3381 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 3382 *(unsigned char **)parg = s->tlsext_ocsp_resp; 3383 return s->tlsext_ocsp_resplen; 3384 3385 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 3386 if (s->tlsext_ocsp_resp) 3387 OPENSSL_free(s->tlsext_ocsp_resp); 3388 s->tlsext_ocsp_resp = parg; 3389 s->tlsext_ocsp_resplen = larg; 3390 ret = 1; 3391 break; 3392 3393 #ifndef OPENSSL_NO_HEARTBEATS 3394 case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT: 3395 if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) 3396 ret = dtls1_heartbeat(s); 3397 else 3398 ret = tls1_heartbeat(s); 3399 break; 3400 3401 case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING: 3402 ret = s->tlsext_hb_pending; 3403 break; 3404 3405 case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS: 3406 if (larg) 3407 s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3408 else 3409 s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS; 3410 ret = 1; 3411 break; 3412 #endif 3413 case SSL_CTRL_CHANNEL_ID: 3414 s->tlsext_channel_id_enabled = 1; 3415 ret = 1; 3416 break; 3417 3418 case SSL_CTRL_SET_CHANNEL_ID: 3419 if (s->server) 3420 break; 3421 s->tlsext_channel_id_enabled = 1; 3422 if (EVP_PKEY_bits(parg) != 256) 3423 { 3424 SSLerr(SSL_F_SSL3_CTRL,SSL_R_CHANNEL_ID_NOT_P256); 3425 break; 3426 } 3427 if (s->tlsext_channel_id_private) 3428 EVP_PKEY_free(s->tlsext_channel_id_private); 3429 s->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg); 3430 ret = 1; 3431 break; 3432 3433 case SSL_CTRL_GET_CHANNEL_ID: 3434 if (!s->server) 3435 break; 3436 if (!s->s3->tlsext_channel_id_valid) 3437 break; 3438 memcpy(parg, s->s3->tlsext_channel_id, larg < 64 ? larg : 64); 3439 return 64; 3440 3441 #endif /* !OPENSSL_NO_TLSEXT */ 3442 3443 case SSL_CTRL_CHECK_PROTO_VERSION: 3444 /* For library-internal use; checks that the current protocol 3445 * is the highest enabled version (according to s->ctx->method, 3446 * as version negotiation may have changed s->method). */ 3447 if (s->version == s->ctx->method->version) 3448 return 1; 3449 /* Apparently we're using a version-flexible SSL_METHOD 3450 * (not at its highest protocol version). */ 3451 if (s->ctx->method->version == SSLv23_method()->version) 3452 { 3453 #if TLS_MAX_VERSION != TLS1_2_VERSION 3454 # error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION. 3455 #endif 3456 if (!(s->options & SSL_OP_NO_TLSv1_2)) 3457 return s->version == TLS1_2_VERSION; 3458 if (!(s->options & SSL_OP_NO_TLSv1_1)) 3459 return s->version == TLS1_1_VERSION; 3460 if (!(s->options & SSL_OP_NO_TLSv1)) 3461 return s->version == TLS1_VERSION; 3462 if (!(s->options & SSL_OP_NO_SSLv3)) 3463 return s->version == SSL3_VERSION; 3464 if (!(s->options & SSL_OP_NO_SSLv2)) 3465 return s->version == SSL2_VERSION; 3466 } 3467 return 0; /* Unexpected state; fail closed. */ 3468 3469 default: 3470 break; 3471 } 3472 return(ret); 3473 } 3474 3475 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) 3476 { 3477 int ret=0; 3478 3479 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA) 3480 if ( 3481 #ifndef OPENSSL_NO_RSA 3482 cmd == SSL_CTRL_SET_TMP_RSA_CB || 3483 #endif 3484 #ifndef OPENSSL_NO_DSA 3485 cmd == SSL_CTRL_SET_TMP_DH_CB || 3486 #endif 3487 0) 3488 { 3489 if (!ssl_cert_inst(&s->cert)) 3490 { 3491 SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); 3492 return(0); 3493 } 3494 } 3495 #endif 3496 3497 switch (cmd) 3498 { 3499 #ifndef OPENSSL_NO_RSA 3500 case SSL_CTRL_SET_TMP_RSA_CB: 3501 { 3502 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3503 } 3504 break; 3505 #endif 3506 #ifndef OPENSSL_NO_DH 3507 case SSL_CTRL_SET_TMP_DH_CB: 3508 { 3509 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3510 } 3511 break; 3512 #endif 3513 #ifndef OPENSSL_NO_ECDH 3514 case SSL_CTRL_SET_TMP_ECDH_CB: 3515 { 3516 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3517 } 3518 break; 3519 #endif 3520 #ifndef OPENSSL_NO_TLSEXT 3521 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3522 s->tlsext_debug_cb=(void (*)(SSL *,int ,int, 3523 unsigned char *, int, void *))fp; 3524 break; 3525 #endif 3526 default: 3527 break; 3528 } 3529 return(ret); 3530 } 3531 3532 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3533 { 3534 CERT *cert; 3535 3536 cert=ctx->cert; 3537 3538 switch (cmd) 3539 { 3540 #ifndef OPENSSL_NO_RSA 3541 case SSL_CTRL_NEED_TMP_RSA: 3542 if ( (cert->rsa_tmp == NULL) && 3543 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || 3544 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))) 3545 ) 3546 return(1); 3547 else 3548 return(0); 3549 /* break; */ 3550 case SSL_CTRL_SET_TMP_RSA: 3551 { 3552 RSA *rsa; 3553 int i; 3554 3555 rsa=(RSA *)parg; 3556 i=1; 3557 if (rsa == NULL) 3558 i=0; 3559 else 3560 { 3561 if ((rsa=RSAPrivateKey_dup(rsa)) == NULL) 3562 i=0; 3563 } 3564 if (!i) 3565 { 3566 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB); 3567 return(0); 3568 } 3569 else 3570 { 3571 if (cert->rsa_tmp != NULL) 3572 RSA_free(cert->rsa_tmp); 3573 cert->rsa_tmp=rsa; 3574 return(1); 3575 } 3576 } 3577 /* break; */ 3578 case SSL_CTRL_SET_TMP_RSA_CB: 3579 { 3580 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3581 return(0); 3582 } 3583 break; 3584 #endif 3585 #ifndef OPENSSL_NO_DH 3586 case SSL_CTRL_SET_TMP_DH: 3587 { 3588 DH *new=NULL,*dh; 3589 3590 dh=(DH *)parg; 3591 if ((new=DHparams_dup(dh)) == NULL) 3592 { 3593 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); 3594 return 0; 3595 } 3596 if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) 3597 { 3598 if (!DH_generate_key(new)) 3599 { 3600 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); 3601 DH_free(new); 3602 return 0; 3603 } 3604 } 3605 if (cert->dh_tmp != NULL) 3606 DH_free(cert->dh_tmp); 3607 cert->dh_tmp=new; 3608 return 1; 3609 } 3610 /*break; */ 3611 case SSL_CTRL_SET_TMP_DH_CB: 3612 { 3613 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3614 return(0); 3615 } 3616 break; 3617 #endif 3618 #ifndef OPENSSL_NO_ECDH 3619 case SSL_CTRL_SET_TMP_ECDH: 3620 { 3621 EC_KEY *ecdh = NULL; 3622 3623 if (parg == NULL) 3624 { 3625 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB); 3626 return 0; 3627 } 3628 ecdh = EC_KEY_dup((EC_KEY *)parg); 3629 if (ecdh == NULL) 3630 { 3631 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB); 3632 return 0; 3633 } 3634 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) 3635 { 3636 if (!EC_KEY_generate_key(ecdh)) 3637 { 3638 EC_KEY_free(ecdh); 3639 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB); 3640 return 0; 3641 } 3642 } 3643 3644 if (cert->ecdh_tmp != NULL) 3645 { 3646 EC_KEY_free(cert->ecdh_tmp); 3647 } 3648 cert->ecdh_tmp = ecdh; 3649 return 1; 3650 } 3651 /* break; */ 3652 case SSL_CTRL_SET_TMP_ECDH_CB: 3653 { 3654 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3655 return(0); 3656 } 3657 break; 3658 #endif /* !OPENSSL_NO_ECDH */ 3659 #ifndef OPENSSL_NO_TLSEXT 3660 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 3661 ctx->tlsext_servername_arg=parg; 3662 break; 3663 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 3664 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 3665 { 3666 unsigned char *keys = parg; 3667 if (!keys) 3668 return 48; 3669 if (larg != 48) 3670 { 3671 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3672 return 0; 3673 } 3674 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) 3675 { 3676 memcpy(ctx->tlsext_tick_key_name, keys, 16); 3677 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 3678 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 3679 } 3680 else 3681 { 3682 memcpy(keys, ctx->tlsext_tick_key_name, 16); 3683 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 3684 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 3685 } 3686 return 1; 3687 } 3688 case SSL_CTRL_CHANNEL_ID: 3689 /* must be called on a server */ 3690 if (ctx->method->ssl_accept == ssl_undefined_function) 3691 return 0; 3692 ctx->tlsext_channel_id_enabled=1; 3693 return 1; 3694 3695 #ifdef TLSEXT_TYPE_opaque_prf_input 3696 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG: 3697 ctx->tlsext_opaque_prf_input_callback_arg = parg; 3698 return 1; 3699 #endif 3700 3701 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 3702 ctx->tlsext_status_arg=parg; 3703 return 1; 3704 break; 3705 3706 #ifndef OPENSSL_NO_SRP 3707 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: 3708 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3709 if (ctx->srp_ctx.login != NULL) 3710 OPENSSL_free(ctx->srp_ctx.login); 3711 ctx->srp_ctx.login = NULL; 3712 if (parg == NULL) 3713 break; 3714 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) 3715 { 3716 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3717 return 0; 3718 } 3719 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) 3720 { 3721 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3722 return 0; 3723 } 3724 break; 3725 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3726 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb; 3727 ctx->srp_ctx.info=parg; 3728 break; 3729 case SSL_CTRL_SET_SRP_ARG: 3730 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3731 ctx->srp_ctx.SRP_cb_arg=parg; 3732 break; 3733 3734 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH: 3735 ctx->srp_ctx.strength=larg; 3736 break; 3737 #endif 3738 #endif /* !OPENSSL_NO_TLSEXT */ 3739 3740 /* A Thawte special :-) */ 3741 case SSL_CTRL_EXTRA_CHAIN_CERT: 3742 if (ctx->extra_certs == NULL) 3743 { 3744 if ((ctx->extra_certs=sk_X509_new_null()) == NULL) 3745 return(0); 3746 } 3747 sk_X509_push(ctx->extra_certs,(X509 *)parg); 3748 break; 3749 3750 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 3751 *(STACK_OF(X509) **)parg = ctx->extra_certs; 3752 break; 3753 3754 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 3755 if (ctx->extra_certs) 3756 { 3757 sk_X509_pop_free(ctx->extra_certs, X509_free); 3758 ctx->extra_certs = NULL; 3759 } 3760 break; 3761 3762 case SSL_CTRL_SET_CHANNEL_ID: 3763 ctx->tlsext_channel_id_enabled = 1; 3764 if (EVP_PKEY_bits(parg) != 256) 3765 { 3766 SSLerr(SSL_F_SSL3_CTX_CTRL,SSL_R_CHANNEL_ID_NOT_P256); 3767 break; 3768 } 3769 if (ctx->tlsext_channel_id_private) 3770 EVP_PKEY_free(ctx->tlsext_channel_id_private); 3771 ctx->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg); 3772 break; 3773 3774 default: 3775 return(0); 3776 } 3777 return(1); 3778 } 3779 3780 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) 3781 { 3782 CERT *cert; 3783 3784 cert=ctx->cert; 3785 3786 switch (cmd) 3787 { 3788 #ifndef OPENSSL_NO_RSA 3789 case SSL_CTRL_SET_TMP_RSA_CB: 3790 { 3791 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; 3792 } 3793 break; 3794 #endif 3795 #ifndef OPENSSL_NO_DH 3796 case SSL_CTRL_SET_TMP_DH_CB: 3797 { 3798 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3799 } 3800 break; 3801 #endif 3802 #ifndef OPENSSL_NO_ECDH 3803 case SSL_CTRL_SET_TMP_ECDH_CB: 3804 { 3805 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp; 3806 } 3807 break; 3808 #endif 3809 #ifndef OPENSSL_NO_TLSEXT 3810 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 3811 ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp; 3812 break; 3813 3814 #ifdef TLSEXT_TYPE_opaque_prf_input 3815 case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB: 3816 ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp; 3817 break; 3818 #endif 3819 3820 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 3821 ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp; 3822 break; 3823 3824 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 3825 ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char *, 3826 unsigned char *, 3827 EVP_CIPHER_CTX *, 3828 HMAC_CTX *, int))fp; 3829 break; 3830 3831 #ifndef OPENSSL_NO_SRP 3832 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: 3833 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3834 ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp; 3835 break; 3836 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB: 3837 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3838 ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp; 3839 break; 3840 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB: 3841 ctx->srp_ctx.srp_Mask|=SSL_kSRP; 3842 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp; 3843 break; 3844 #endif 3845 #endif 3846 3847 default: 3848 return(0); 3849 } 3850 return(1); 3851 } 3852 3853 /* This function needs to check if the ciphers required are actually 3854 * available */ 3855 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 3856 { 3857 SSL_CIPHER c; 3858 const SSL_CIPHER *cp; 3859 unsigned long id; 3860 3861 id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1]; 3862 c.id=id; 3863 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 3864 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES 3865 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]); 3866 #endif 3867 if (cp == NULL || cp->valid == 0) 3868 return NULL; 3869 else 3870 return cp; 3871 } 3872 3873 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 3874 { 3875 long l; 3876 3877 if (p != NULL) 3878 { 3879 l=c->id; 3880 if ((l & 0xff000000) != 0x03000000) return(0); 3881 p[0]=((unsigned char)(l>> 8L))&0xFF; 3882 p[1]=((unsigned char)(l ))&0xFF; 3883 } 3884 return(2); 3885 } 3886 3887 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 3888 STACK_OF(SSL_CIPHER) *srvr) 3889 { 3890 SSL_CIPHER *c,*ret=NULL; 3891 STACK_OF(SSL_CIPHER) *prio, *allow; 3892 int i,ii,ok; 3893 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC) 3894 unsigned int j; 3895 int ec_ok, ec_nid; 3896 unsigned char ec_search1 = 0, ec_search2 = 0; 3897 #endif 3898 CERT *cert; 3899 unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a; 3900 3901 /* Let's see which ciphers we can support */ 3902 cert=s->cert; 3903 3904 #if 0 3905 /* Do not set the compare functions, because this may lead to a 3906 * reordering by "id". We want to keep the original ordering. 3907 * We may pay a price in performance during sk_SSL_CIPHER_find(), 3908 * but would have to pay with the price of sk_SSL_CIPHER_dup(). 3909 */ 3910 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp); 3911 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp); 3912 #endif 3913 3914 #ifdef CIPHER_DEBUG 3915 printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr); 3916 for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i) 3917 { 3918 c=sk_SSL_CIPHER_value(srvr,i); 3919 printf("%p:%s\n",(void *)c,c->name); 3920 } 3921 printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt); 3922 for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i) 3923 { 3924 c=sk_SSL_CIPHER_value(clnt,i); 3925 printf("%p:%s\n",(void *)c,c->name); 3926 } 3927 #endif 3928 3929 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) 3930 { 3931 prio = srvr; 3932 allow = clnt; 3933 } 3934 else 3935 { 3936 prio = clnt; 3937 allow = srvr; 3938 } 3939 3940 for (i=0; i<sk_SSL_CIPHER_num(prio); i++) 3941 { 3942 c=sk_SSL_CIPHER_value(prio,i); 3943 3944 /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */ 3945 if ((c->algorithm_ssl & SSL_TLSV1_2) && 3946 (TLS1_get_version(s) < TLS1_2_VERSION)) 3947 continue; 3948 3949 ssl_set_cert_masks(cert,c); 3950 mask_k = cert->mask_k; 3951 mask_a = cert->mask_a; 3952 emask_k = cert->export_mask_k; 3953 emask_a = cert->export_mask_a; 3954 #ifndef OPENSSL_NO_SRP 3955 if (s->srp_ctx.srp_Mask & SSL_kSRP) 3956 { 3957 mask_k |= SSL_kSRP; 3958 emask_k |= SSL_kSRP; 3959 mask_a |= SSL_aSRP; 3960 emask_a |= SSL_aSRP; 3961 } 3962 #endif 3963 3964 #ifdef KSSL_DEBUG 3965 /* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/ 3966 #endif /* KSSL_DEBUG */ 3967 3968 alg_k=c->algorithm_mkey; 3969 alg_a=c->algorithm_auth; 3970 3971 #ifndef OPENSSL_NO_KRB5 3972 if (alg_k & SSL_kKRB5) 3973 { 3974 if ( !kssl_keytab_is_available(s->kssl_ctx) ) 3975 continue; 3976 } 3977 #endif /* OPENSSL_NO_KRB5 */ 3978 #ifndef OPENSSL_NO_PSK 3979 /* with PSK there must be server callback set */ 3980 if ((alg_a & SSL_aPSK) && s->psk_server_callback == NULL) 3981 continue; 3982 #endif /* OPENSSL_NO_PSK */ 3983 3984 if (SSL_C_IS_EXPORT(c)) 3985 { 3986 ok = (alg_k & emask_k) && (alg_a & emask_a); 3987 #ifdef CIPHER_DEBUG 3988 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a, 3989 (void *)c,c->name); 3990 #endif 3991 } 3992 else 3993 { 3994 ok = (alg_k & mask_k) && (alg_a & mask_a); 3995 #ifdef CIPHER_DEBUG 3996 printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c, 3997 c->name); 3998 #endif 3999 } 4000 4001 #ifndef OPENSSL_NO_TLSEXT 4002 #ifndef OPENSSL_NO_EC 4003 if ( 4004 /* if we are considering an ECC cipher suite that uses our certificate */ 4005 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 4006 /* and we have an ECC certificate */ 4007 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 4008 /* and the client specified a Supported Point Formats extension */ 4009 && ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL)) 4010 /* and our certificate's point is compressed */ 4011 && ( 4012 (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL) 4013 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL) 4014 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL) 4015 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL) 4016 && ( 4017 (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED) 4018 || (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1) 4019 ) 4020 ) 4021 ) 4022 { 4023 ec_ok = 0; 4024 /* if our certificate's curve is over a field type that the client does not support 4025 * then do not allow this cipher suite to be negotiated */ 4026 if ( 4027 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) 4028 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL) 4029 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL) 4030 && (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field) 4031 ) 4032 { 4033 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) 4034 { 4035 if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime) 4036 { 4037 ec_ok = 1; 4038 break; 4039 } 4040 } 4041 } 4042 else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) 4043 { 4044 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++) 4045 { 4046 if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2) 4047 { 4048 ec_ok = 1; 4049 break; 4050 } 4051 } 4052 } 4053 ok = ok && ec_ok; 4054 } 4055 if ( 4056 /* if we are considering an ECC cipher suite that uses our certificate */ 4057 (alg_a & SSL_aECDSA || alg_a & SSL_aECDH) 4058 /* and we have an ECC certificate */ 4059 && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) 4060 /* and the client specified an EllipticCurves extension */ 4061 && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL)) 4062 ) 4063 { 4064 ec_ok = 0; 4065 if ( 4066 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL) 4067 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL) 4068 ) 4069 { 4070 ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group); 4071 if ((ec_nid == 0) 4072 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL) 4073 ) 4074 { 4075 if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field) 4076 { 4077 ec_search1 = 0xFF; 4078 ec_search2 = 0x01; 4079 } 4080 else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field) 4081 { 4082 ec_search1 = 0xFF; 4083 ec_search2 = 0x02; 4084 } 4085 } 4086 else 4087 { 4088 ec_search1 = 0x00; 4089 ec_search2 = tls1_ec_nid2curve_id(ec_nid); 4090 } 4091 if ((ec_search1 != 0) || (ec_search2 != 0)) 4092 { 4093 for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) 4094 { 4095 if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2)) 4096 { 4097 ec_ok = 1; 4098 break; 4099 } 4100 } 4101 } 4102 } 4103 ok = ok && ec_ok; 4104 } 4105 if ( 4106 /* if we are considering an ECC cipher suite that uses an ephemeral EC key */ 4107 (alg_k & SSL_kEECDH) 4108 /* and we have an ephemeral EC key */ 4109 && (s->cert->ecdh_tmp != NULL) 4110 /* and the client specified an EllipticCurves extension */ 4111 && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL)) 4112 ) 4113 { 4114 ec_ok = 0; 4115 if (s->cert->ecdh_tmp->group != NULL) 4116 { 4117 ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group); 4118 if ((ec_nid == 0) 4119 && (s->cert->ecdh_tmp->group->meth != NULL) 4120 ) 4121 { 4122 if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field) 4123 { 4124 ec_search1 = 0xFF; 4125 ec_search2 = 0x01; 4126 } 4127 else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field) 4128 { 4129 ec_search1 = 0xFF; 4130 ec_search2 = 0x02; 4131 } 4132 } 4133 else 4134 { 4135 ec_search1 = 0x00; 4136 ec_search2 = tls1_ec_nid2curve_id(ec_nid); 4137 } 4138 if ((ec_search1 != 0) || (ec_search2 != 0)) 4139 { 4140 for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++) 4141 { 4142 if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2)) 4143 { 4144 ec_ok = 1; 4145 break; 4146 } 4147 } 4148 } 4149 } 4150 ok = ok && ec_ok; 4151 } 4152 #endif /* OPENSSL_NO_EC */ 4153 #endif /* OPENSSL_NO_TLSEXT */ 4154 4155 if (!ok) continue; 4156 ii=sk_SSL_CIPHER_find(allow,c); 4157 if (ii >= 0) 4158 { 4159 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT) 4160 if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari) 4161 { 4162 if (!ret) ret=sk_SSL_CIPHER_value(allow,ii); 4163 continue; 4164 } 4165 #endif 4166 ret=sk_SSL_CIPHER_value(allow,ii); 4167 break; 4168 } 4169 } 4170 return(ret); 4171 } 4172 4173 int ssl3_get_req_cert_type(SSL *s, unsigned char *p) 4174 { 4175 int ret=0; 4176 unsigned long alg_k; 4177 4178 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 4179 4180 #ifndef OPENSSL_NO_GOST 4181 if (s->version >= TLS1_VERSION) 4182 { 4183 if (alg_k & SSL_kGOST) 4184 { 4185 p[ret++]=TLS_CT_GOST94_SIGN; 4186 p[ret++]=TLS_CT_GOST01_SIGN; 4187 return(ret); 4188 } 4189 } 4190 #endif 4191 4192 #ifndef OPENSSL_NO_DH 4193 if (alg_k & (SSL_kDHr|SSL_kEDH)) 4194 { 4195 # ifndef OPENSSL_NO_RSA 4196 p[ret++]=SSL3_CT_RSA_FIXED_DH; 4197 # endif 4198 # ifndef OPENSSL_NO_DSA 4199 p[ret++]=SSL3_CT_DSS_FIXED_DH; 4200 # endif 4201 } 4202 if ((s->version == SSL3_VERSION) && 4203 (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) 4204 { 4205 # ifndef OPENSSL_NO_RSA 4206 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH; 4207 # endif 4208 # ifndef OPENSSL_NO_DSA 4209 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH; 4210 # endif 4211 } 4212 #endif /* !OPENSSL_NO_DH */ 4213 #ifndef OPENSSL_NO_RSA 4214 p[ret++]=SSL3_CT_RSA_SIGN; 4215 #endif 4216 #ifndef OPENSSL_NO_DSA 4217 p[ret++]=SSL3_CT_DSS_SIGN; 4218 #endif 4219 #ifndef OPENSSL_NO_ECDH 4220 if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) 4221 { 4222 p[ret++]=TLS_CT_RSA_FIXED_ECDH; 4223 p[ret++]=TLS_CT_ECDSA_FIXED_ECDH; 4224 } 4225 #endif 4226 4227 #ifndef OPENSSL_NO_ECDSA 4228 /* ECDSA certs can be used with RSA cipher suites as well 4229 * so we don't need to check for SSL_kECDH or SSL_kEECDH 4230 */ 4231 if (s->version >= TLS1_VERSION) 4232 { 4233 p[ret++]=TLS_CT_ECDSA_SIGN; 4234 } 4235 #endif 4236 return(ret); 4237 } 4238 4239 int ssl3_shutdown(SSL *s) 4240 { 4241 int ret; 4242 4243 /* Don't do anything much if we have not done the handshake or 4244 * we don't want to send messages :-) */ 4245 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) 4246 { 4247 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 4248 return(1); 4249 } 4250 4251 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) 4252 { 4253 s->shutdown|=SSL_SENT_SHUTDOWN; 4254 #if 1 4255 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY); 4256 #endif 4257 /* our shutdown alert has been sent now, and if it still needs 4258 * to be written, s->s3->alert_dispatch will be true */ 4259 if (s->s3->alert_dispatch) 4260 return(-1); /* return WANT_WRITE */ 4261 } 4262 else if (s->s3->alert_dispatch) 4263 { 4264 /* resend it if not sent */ 4265 #if 1 4266 ret=s->method->ssl_dispatch_alert(s); 4267 if(ret == -1) 4268 { 4269 /* we only get to return -1 here the 2nd/Nth 4270 * invocation, we must have already signalled 4271 * return 0 upon a previous invoation, 4272 * return WANT_WRITE */ 4273 return(ret); 4274 } 4275 #endif 4276 } 4277 else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) 4278 { 4279 /* If we are waiting for a close from our peer, we are closed */ 4280 s->method->ssl_read_bytes(s,0,NULL,0,0); 4281 if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) 4282 { 4283 return(-1); /* return WANT_READ */ 4284 } 4285 } 4286 4287 if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && 4288 !s->s3->alert_dispatch) 4289 return(1); 4290 else 4291 return(0); 4292 } 4293 4294 int ssl3_write(SSL *s, const void *buf, int len) 4295 { 4296 int ret,n; 4297 4298 #if 0 4299 if (s->shutdown & SSL_SEND_SHUTDOWN) 4300 { 4301 s->rwstate=SSL_NOTHING; 4302 return(0); 4303 } 4304 #endif 4305 clear_sys_error(); 4306 if (s->s3->renegotiate) ssl3_renegotiate_check(s); 4307 4308 /* This is an experimental flag that sends the 4309 * last handshake message in the same packet as the first 4310 * use data - used to see if it helps the TCP protocol during 4311 * session-id reuse */ 4312 /* The second test is because the buffer may have been removed */ 4313 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) 4314 { 4315 /* First time through, we write into the buffer */ 4316 if (s->s3->delay_buf_pop_ret == 0) 4317 { 4318 ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA, 4319 buf,len); 4320 if (ret <= 0) return(ret); 4321 4322 s->s3->delay_buf_pop_ret=ret; 4323 } 4324 4325 s->rwstate=SSL_WRITING; 4326 n=BIO_flush(s->wbio); 4327 if (n <= 0) return(n); 4328 s->rwstate=SSL_NOTHING; 4329 4330 /* We have flushed the buffer, so remove it */ 4331 ssl_free_wbio_buffer(s); 4332 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; 4333 4334 ret=s->s3->delay_buf_pop_ret; 4335 s->s3->delay_buf_pop_ret=0; 4336 } 4337 else 4338 { 4339 ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA, 4340 buf,len); 4341 if (ret <= 0) return(ret); 4342 } 4343 4344 return(ret); 4345 } 4346 4347 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 4348 { 4349 int n,ret; 4350 4351 clear_sys_error(); 4352 if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) 4353 { 4354 /* Deal with an application that calls SSL_read() when handshake data 4355 * is yet to be written. 4356 */ 4357 if (BIO_wpending(s->wbio) > 0) 4358 { 4359 s->rwstate=SSL_WRITING; 4360 n=BIO_flush(s->wbio); 4361 if (n <= 0) return(n); 4362 s->rwstate=SSL_NOTHING; 4363 } 4364 } 4365 if (s->s3->renegotiate) ssl3_renegotiate_check(s); 4366 s->s3->in_read_app_data=1; 4367 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); 4368 if ((ret == -1) && (s->s3->in_read_app_data == 2)) 4369 { 4370 /* ssl3_read_bytes decided to call s->handshake_func, which 4371 * called ssl3_read_bytes to read handshake data. 4372 * However, ssl3_read_bytes actually found application data 4373 * and thinks that application data makes sense here; so disable 4374 * handshake processing and try to read application data again. */ 4375 s->in_handshake++; 4376 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek); 4377 s->in_handshake--; 4378 } 4379 else 4380 s->s3->in_read_app_data=0; 4381 4382 return(ret); 4383 } 4384 4385 int ssl3_read(SSL *s, void *buf, int len) 4386 { 4387 return ssl3_read_internal(s, buf, len, 0); 4388 } 4389 4390 int ssl3_peek(SSL *s, void *buf, int len) 4391 { 4392 return ssl3_read_internal(s, buf, len, 1); 4393 } 4394 4395 int ssl3_renegotiate(SSL *s) 4396 { 4397 if (s->handshake_func == NULL) 4398 return(1); 4399 4400 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 4401 return(0); 4402 4403 s->s3->renegotiate=1; 4404 return(1); 4405 } 4406 4407 int ssl3_renegotiate_check(SSL *s) 4408 { 4409 int ret=0; 4410 4411 if (s->s3->renegotiate) 4412 { 4413 if ( (s->s3->rbuf.left == 0) && 4414 (s->s3->wbuf.left == 0) && 4415 !SSL_in_init(s)) 4416 { 4417 /* 4418 if we are the server, and we have sent a 'RENEGOTIATE' message, we 4419 need to go to SSL_ST_ACCEPT. 4420 */ 4421 /* SSL_ST_ACCEPT */ 4422 s->state=SSL_ST_RENEGOTIATE; 4423 s->s3->renegotiate=0; 4424 s->s3->num_renegotiations++; 4425 s->s3->total_renegotiations++; 4426 ret=1; 4427 } 4428 } 4429 return(ret); 4430 } 4431 /* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch 4432 * to new SHA256 PRF and handshake macs 4433 */ 4434 long ssl_get_algorithm2(SSL *s) 4435 { 4436 long alg2 = s->s3->tmp.new_cipher->algorithm2; 4437 if (s->method->version == TLS1_2_VERSION && 4438 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF)) 4439 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 4440 return alg2; 4441 } 4442
