Add support for minimum and maximum protocol version supported by a cipher
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595
This commit is contained in:
parent
068c358ac3
commit
3eb2aff401
8 changed files with 504 additions and 318 deletions
534
ssl/s3_lib.c
534
ssl/s3_lib.c
File diff suppressed because it is too large
Load diff
190
ssl/ssl_ciph.c
190
ssl/ssl_ciph.c
|
@ -319,122 +319,123 @@ typedef struct cipher_order_st {
|
||||||
|
|
||||||
static const SSL_CIPHER cipher_aliases[] = {
|
static const SSL_CIPHER cipher_aliases[] = {
|
||||||
/* "ALL" doesn't include eNULL (must be specifically enabled) */
|
/* "ALL" doesn't include eNULL (must be specifically enabled) */
|
||||||
{0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
/* "COMPLEMENTOFALL" */
|
/* "COMPLEMENTOFALL" */
|
||||||
{0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
|
* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
|
||||||
* ALL!)
|
* ALL!)
|
||||||
*/
|
*/
|
||||||
{0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0},
|
{0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0},
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* key exchange aliases (some of those using only a single bit here
|
* key exchange aliases (some of those using only a single bit here
|
||||||
* combine multiple key exchange algs according to the RFCs, e.g. kDHE
|
* combine multiple key exchange algs according to the RFCs, e.g. kDHE
|
||||||
* combines DHE_DSS and DHE_RSA)
|
* combines DHE_DSS and DHE_RSA)
|
||||||
*/
|
*/
|
||||||
{0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
|
|
||||||
{0, SSL_TXT_kEDH, 0, SSL_kDHE, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kEDH, 0, SSL_kDHE, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_kDHE, 0, SSL_kDHE, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kDHE, 0, SSL_kDHE, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_DH, 0, SSL_kDHE, 0, 0, 0, 0, 0, 0, 0,
|
{0, SSL_TXT_DH, 0, SSL_kDHE, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
0},
|
|
||||||
|
|
||||||
{0, SSL_TXT_kEECDH, 0, SSL_kECDHE, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kEECDH, 0, SSL_kECDHE, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_kECDHE, 0, SSL_kECDHE, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kECDHE, 0, SSL_kECDHE, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_ECDH, 0, SSL_kECDHE, 0, 0, 0, 0, 0,
|
{0, SSL_TXT_ECDH, 0, SSL_kECDHE, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
0, 0, 0},
|
|
||||||
|
|
||||||
{0, SSL_TXT_kPSK, 0, SSL_kPSK, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kPSK, 0, SSL_kPSK, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_kRSAPSK, 0, SSL_kRSAPSK, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kRSAPSK, 0, SSL_kRSAPSK, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_kECDHEPSK, 0, SSL_kECDHEPSK, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kECDHEPSK, 0, SSL_kECDHEPSK, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_kDHEPSK, 0, SSL_kDHEPSK, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kDHEPSK, 0, SSL_kDHEPSK, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_kSRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kSRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_kGOST, 0, SSL_kGOST, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_kGOST, 0, SSL_kGOST, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
|
|
||||||
/* server authentication aliases */
|
/* server authentication aliases */
|
||||||
{0, SSL_TXT_aRSA, 0, 0, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_aRSA, 0, 0, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_aDSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_aDSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_DSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_DSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_aNULL, 0, 0, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_aNULL, 0, 0, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_aPSK, 0, 0, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_aPSK, 0, 0, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_aGOST12, 0, 0, SSL_aGOST12, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_aGOST12, 0, 0, SSL_aGOST12, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_aGOST, 0, 0, SSL_aGOST01 | SSL_aGOST12, 0, 0, 0,
|
{0, SSL_TXT_aGOST, 0, 0, SSL_aGOST01 | SSL_aGOST12, 0, 0, 0, 0, 0, 0,
|
||||||
0, 0, 0, 0},
|
0, 0, 0, 0},
|
||||||
{0, SSL_TXT_aSRP, 0, 0, SSL_aSRP, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_aSRP, 0, 0, SSL_aSRP, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
|
|
||||||
/* aliases combining key exchange and server authentication */
|
/* aliases combining key exchange and server authentication */
|
||||||
{0, SSL_TXT_EDH, 0, SSL_kDHE, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_EDH, 0, SSL_kDHE, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_DHE, 0, SSL_kDHE, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_DHE, 0, SSL_kDHE, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_EECDH, 0, SSL_kECDHE, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_EECDH, 0, SSL_kECDHE, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_ECDHE, 0, SSL_kECDHE, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_ECDHE, 0, SSL_kECDHE, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_ADH, 0, SSL_kDHE, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_ADH, 0, SSL_kDHE, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_AECDH, 0, SSL_kECDHE, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_AECDH, 0, SSL_kECDHE, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_PSK, 0, SSL_PSK, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_PSK, 0, SSL_PSK, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_SRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_SRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
|
|
||||||
/* symmetric encryption aliases */
|
/* symmetric encryption aliases */
|
||||||
{0, SSL_TXT_DES, 0, 0, 0, SSL_DES, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_DES, 0, 0, 0, SSL_DES, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_GOST, 0, 0, 0, SSL_eGOST2814789CNT | SSL_eGOST2814789CNT12, 0,
|
{0, SSL_TXT_GOST, 0, 0, 0, SSL_eGOST2814789CNT | SSL_eGOST2814789CNT12, 0,
|
||||||
0, 0, 0, 0, 0},
|
0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM | SSL_AES128CCM | SSL_AES128CCM8, 0,
|
{0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM | SSL_AES128CCM | SSL_AES128CCM8, 0,
|
||||||
0, 0, 0, 0, 0},
|
0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM | SSL_AES256CCM | SSL_AES256CCM8, 0,
|
{0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM | SSL_AES256CCM | SSL_AES256CCM8, 0,
|
||||||
0, 0, 0, 0, 0},
|
0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0,
|
{0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0,
|
||||||
0, 0},
|
0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_AES_CCM, 0, 0, 0, SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8, 0, 0, 0, 0,
|
{0, SSL_TXT_AES_CCM, 0, 0, 0,
|
||||||
0, 0},
|
SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8, 0, 0, 0,
|
||||||
|
0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_AES_CCM_8, 0, 0, 0, SSL_AES128CCM8 | SSL_AES256CCM8, 0, 0, 0, 0,
|
{0, SSL_TXT_AES_CCM_8, 0, 0, 0, SSL_AES128CCM8 | SSL_AES256CCM8, 0, 0, 0, 0,
|
||||||
0, 0},
|
0, 0},
|
||||||
{0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||||
{0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
|
0},
|
||||||
{0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA, 0, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||||
{0, SSL_TXT_CHACHA20, 0, 0, 0, SSL_CHACHA20, 0, 0, 0, 0, 0, 0 },
|
0},
|
||||||
|
{0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA, 0, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
|
{0, SSL_TXT_CHACHA20, 0, 0, 0, SSL_CHACHA20, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
|
||||||
|
|
||||||
/* MAC aliases */
|
/* MAC aliases */
|
||||||
{0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC | SSL_GOST89MAC12, 0, 0,
|
{0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC | SSL_GOST89MAC12, 0, 0,
|
||||||
0, 0, 0},
|
0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_GOST12, 0, 0, 0, 0, SSL_GOST12_256, 0, 0, 0, 0, 0},
|
{0, SSL_TXT_GOST12, 0, 0, 0, 0, SSL_GOST12_256, 0, 0, 0, 0, 0, 0, 0, 0},
|
||||||
|
|
||||||
/* protocol version aliases */
|
/* protocol version aliases */
|
||||||
{0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL_SSLV3, 0, 0, 0, 0},
|
{0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL3_VERSION, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, SSL_SSLV3, 0, 0, 0, 0},
|
{0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, TLS1_VERSION, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, "TLSv1.0", 0, 0, 0, 0, 0, SSL_TLSV1, 0, 0, 0, 0},
|
{0, "TLSv1.0", 0, 0, 0, 0, 0, TLS1_VERSION, 0, 0, 0, 0, 0, 0, 0},
|
||||||
{0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, SSL_TLSV1_2, 0, 0, 0, 0},
|
{0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, TLS1_2_VERSION, 0, 0, 0, 0, 0, 0, 0},
|
||||||
|
|
||||||
/* strength classes */
|
/* strength classes */
|
||||||
{0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, SSL_LOW, 0, 0, 0},
|
{0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_LOW, 0, 0, 0},
|
||||||
{0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, SSL_MEDIUM, 0, 0, 0},
|
{0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_MEDIUM, 0, 0, 0},
|
||||||
{0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, SSL_HIGH, 0, 0, 0},
|
{0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_HIGH, 0, 0, 0},
|
||||||
/* FIPS 140-2 approved ciphersuite */
|
/* FIPS 140-2 approved ciphersuite */
|
||||||
{0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_FIPS, 0, 0, 0},
|
{0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, SSL_FIPS, 0, 0, 0},
|
||||||
|
|
||||||
/* "EDH-" aliases to "DHE-" labels (for backward compatibility) */
|
/* "EDH-" aliases to "DHE-" labels (for backward compatibility) */
|
||||||
{0, SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 0,
|
{0, SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 0,
|
||||||
SSL_kDHE, SSL_aDSS, SSL_3DES, SSL_SHA1, SSL_SSLV3,
|
SSL_kDHE, SSL_aDSS, SSL_3DES, SSL_SHA1, 0, 0, 0, 0,
|
||||||
SSL_HIGH | SSL_FIPS, 0, 0, 0,},
|
SSL_HIGH | SSL_FIPS, 0, 0, 0,},
|
||||||
{0, SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 0,
|
{0, SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 0,
|
||||||
SSL_kDHE, SSL_aRSA, SSL_3DES, SSL_SHA1, SSL_SSLV3,
|
SSL_kDHE, SSL_aRSA, SSL_3DES, SSL_SHA1, 0, 0, 0, 0,
|
||||||
SSL_HIGH | SSL_FIPS, 0, 0, 0,},
|
SSL_HIGH | SSL_FIPS, 0, 0, 0,},
|
||||||
|
|
||||||
};
|
};
|
||||||
|
@ -892,7 +893,7 @@ static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
|
||||||
|
|
||||||
static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||||
uint32_t alg_auth, uint32_t alg_enc,
|
uint32_t alg_auth, uint32_t alg_enc,
|
||||||
uint32_t alg_mac, uint32_t alg_ssl,
|
uint32_t alg_mac, int min_tls,
|
||||||
uint32_t algo_strength, int rule,
|
uint32_t algo_strength, int rule,
|
||||||
int32_t strength_bits, CIPHER_ORDER **head_p,
|
int32_t strength_bits, CIPHER_ORDER **head_p,
|
||||||
CIPHER_ORDER **tail_p)
|
CIPHER_ORDER **tail_p)
|
||||||
|
@ -904,7 +905,7 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||||
#ifdef CIPHER_DEBUG
|
#ifdef CIPHER_DEBUG
|
||||||
fprintf(stderr,
|
fprintf(stderr,
|
||||||
"Applying rule %d with %08x/%08x/%08x/%08x/%08x %08x (%d)\n",
|
"Applying rule %d with %08x/%08x/%08x/%08x/%08x %08x (%d)\n",
|
||||||
rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
|
rule, alg_mkey, alg_auth, alg_enc, alg_mac, min_tls,
|
||||||
algo_strength, strength_bits);
|
algo_strength, strength_bits);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -960,7 +961,7 @@ static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey,
|
||||||
continue;
|
continue;
|
||||||
if (alg_mac && !(alg_mac & cp->algorithm_mac))
|
if (alg_mac && !(alg_mac & cp->algorithm_mac))
|
||||||
continue;
|
continue;
|
||||||
if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
|
if (min_tls && (min_tls != cp->min_tls))
|
||||||
continue;
|
continue;
|
||||||
if (algo_strength && !(algo_strength & cp->algo_strength))
|
if (algo_strength && !(algo_strength & cp->algo_strength))
|
||||||
continue;
|
continue;
|
||||||
|
@ -1076,7 +1077,8 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||||
CIPHER_ORDER **tail_p,
|
CIPHER_ORDER **tail_p,
|
||||||
const SSL_CIPHER **ca_list, CERT *c)
|
const SSL_CIPHER **ca_list, CERT *c)
|
||||||
{
|
{
|
||||||
uint32_t alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength;
|
uint32_t alg_mkey, alg_auth, alg_enc, alg_mac, algo_strength;
|
||||||
|
int min_tls;
|
||||||
const char *l, *buf;
|
const char *l, *buf;
|
||||||
int j, multi, found, rule, retval, ok, buflen;
|
int j, multi, found, rule, retval, ok, buflen;
|
||||||
uint32_t cipher_id = 0;
|
uint32_t cipher_id = 0;
|
||||||
|
@ -1114,7 +1116,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||||
alg_auth = 0;
|
alg_auth = 0;
|
||||||
alg_enc = 0;
|
alg_enc = 0;
|
||||||
alg_mac = 0;
|
alg_mac = 0;
|
||||||
alg_ssl = 0;
|
min_tls = 0;
|
||||||
algo_strength = 0;
|
algo_strength = 0;
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
|
@ -1266,15 +1268,13 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||||
* protocol version is considered part of the search pattern
|
* protocol version is considered part of the search pattern
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (ca_list[j]->algorithm_ssl) {
|
if (ca_list[j]->min_tls) {
|
||||||
if (alg_ssl) {
|
if (min_tls != 0 && min_tls != ca_list[j]->min_tls) {
|
||||||
alg_ssl &= ca_list[j]->algorithm_ssl;
|
|
||||||
if (!alg_ssl) {
|
|
||||||
found = 0;
|
found = 0;
|
||||||
break;
|
break;
|
||||||
|
} else {
|
||||||
|
min_tls = ca_list[j]->min_tls;
|
||||||
}
|
}
|
||||||
} else
|
|
||||||
alg_ssl = ca_list[j]->algorithm_ssl;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1314,7 +1314,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||||
} else if (found) {
|
} else if (found) {
|
||||||
ssl_cipher_apply_rule(cipher_id,
|
ssl_cipher_apply_rule(cipher_id,
|
||||||
alg_mkey, alg_auth, alg_enc, alg_mac,
|
alg_mkey, alg_auth, alg_enc, alg_mac,
|
||||||
alg_ssl, algo_strength, rule, -1, head_p,
|
min_tls, algo_strength, rule, -1, head_p,
|
||||||
tail_p);
|
tail_p);
|
||||||
} else {
|
} else {
|
||||||
while ((*l != '\0') && !ITEM_SEP(*l))
|
while ((*l != '\0') && !ITEM_SEP(*l))
|
||||||
|
@ -1505,7 +1505,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK
|
||||||
* Partially overrule strength sort to prefer TLS 1.2 ciphers/PRFs.
|
* Partially overrule strength sort to prefer TLS 1.2 ciphers/PRFs.
|
||||||
* TODO(openssl-team): is there an easier way to accomplish all this?
|
* TODO(openssl-team): is there an easier way to accomplish all this?
|
||||||
*/
|
*/
|
||||||
ssl_cipher_apply_rule(0, 0, 0, 0, 0, SSL_TLSV1_2, 0, CIPHER_BUMP, -1,
|
ssl_cipher_apply_rule(0, 0, 0, 0, 0, TLS1_2_VERSION, 0, CIPHER_BUMP, -1,
|
||||||
&head, &tail);
|
&head, &tail);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -1641,7 +1641,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
|
||||||
alg_enc = cipher->algorithm_enc;
|
alg_enc = cipher->algorithm_enc;
|
||||||
alg_mac = cipher->algorithm_mac;
|
alg_mac = cipher->algorithm_mac;
|
||||||
|
|
||||||
ver = SSL_CIPHER_get_version(cipher);
|
ver = ssl_protocol_to_string(cipher->min_tls);
|
||||||
|
|
||||||
switch (alg_mkey) {
|
switch (alg_mkey) {
|
||||||
case SSL_kRSA:
|
case SSL_kRSA:
|
||||||
|
@ -1809,19 +1809,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
|
||||||
|
|
||||||
const char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
|
const char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
|
||||||
{
|
{
|
||||||
uint32_t alg_ssl;
|
|
||||||
|
|
||||||
if (c == NULL)
|
if (c == NULL)
|
||||||
return "(NONE)";
|
return "(NONE)";
|
||||||
alg_ssl = c->algorithm_ssl;
|
return ssl_protocol_to_string(c->min_tls);
|
||||||
|
|
||||||
if (alg_ssl & SSL_SSLV3)
|
|
||||||
return "SSLv3";
|
|
||||||
if (alg_ssl & SSL_TLSV1)
|
|
||||||
return "TLSv1.0";
|
|
||||||
if (alg_ssl & SSL_TLSV1_2)
|
|
||||||
return "TLSv1.2";
|
|
||||||
return "unknown";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* return the actual cipher being used */
|
/* return the actual cipher being used */
|
||||||
|
|
|
@ -3060,7 +3060,7 @@ SSL_METHOD *ssl_bad_method(int ver)
|
||||||
return (NULL);
|
return (NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
const char *version_to_string(int version)
|
const char *ssl_protocol_to_string(int version)
|
||||||
{
|
{
|
||||||
if (version == TLS1_2_VERSION)
|
if (version == TLS1_2_VERSION)
|
||||||
return "TLSv1.2";
|
return "TLSv1.2";
|
||||||
|
@ -3082,7 +3082,7 @@ const char *version_to_string(int version)
|
||||||
|
|
||||||
const char *SSL_get_version(const SSL *s)
|
const char *SSL_get_version(const SSL *s)
|
||||||
{
|
{
|
||||||
return version_to_string(s->version);
|
return ssl_protocol_to_string(s->version);
|
||||||
}
|
}
|
||||||
|
|
||||||
SSL *SSL_dup(SSL *s)
|
SSL *SSL_dup(SSL *s)
|
||||||
|
|
|
@ -378,11 +378,6 @@
|
||||||
# define SSL_GOST89MAC12 0x00000100U
|
# define SSL_GOST89MAC12 0x00000100U
|
||||||
# define SSL_GOST12_512 0x00000200U
|
# define SSL_GOST12_512 0x00000200U
|
||||||
|
|
||||||
/* Bits for algorithm_ssl (protocol version) */
|
|
||||||
# define SSL_SSLV3 0x00000002U
|
|
||||||
# define SSL_TLSV1 0x00000004U
|
|
||||||
# define SSL_TLSV1_2 0x00000008U
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* When adding new digest in the ssl_ciph.c and increment SSL_MD_NUM_IDX make
|
* When adding new digest in the ssl_ciph.c and increment SSL_MD_NUM_IDX make
|
||||||
* sure to update this constant too
|
* sure to update this constant too
|
||||||
|
@ -517,7 +512,10 @@ struct ssl_cipher_st {
|
||||||
uint32_t algorithm_auth; /* server authentication */
|
uint32_t algorithm_auth; /* server authentication */
|
||||||
uint32_t algorithm_enc; /* symmetric encryption */
|
uint32_t algorithm_enc; /* symmetric encryption */
|
||||||
uint32_t algorithm_mac; /* symmetric authentication */
|
uint32_t algorithm_mac; /* symmetric authentication */
|
||||||
uint32_t algorithm_ssl; /* (major) protocol version */
|
int min_tls; /* minimum SSL/TLS protocol version */
|
||||||
|
int max_tls; /* maximum SSL/TLS protocol version */
|
||||||
|
int min_dtls; /* minimum DTLS protocol version */
|
||||||
|
int max_dtls; /* maximum DTLS protocol version */
|
||||||
uint32_t algo_strength; /* strength and export flags */
|
uint32_t algo_strength; /* strength and export flags */
|
||||||
uint32_t algorithm2; /* Extra flags */
|
uint32_t algorithm2; /* Extra flags */
|
||||||
int32_t strength_bits; /* Number of bits really used */
|
int32_t strength_bits; /* Number of bits really used */
|
||||||
|
@ -1347,8 +1345,13 @@ typedef struct ssl3_state_st {
|
||||||
*/
|
*/
|
||||||
uint32_t mask_k;
|
uint32_t mask_k;
|
||||||
uint32_t mask_a;
|
uint32_t mask_a;
|
||||||
/* Client only */
|
/*
|
||||||
uint32_t mask_ssl;
|
* The following are used by the client to see if a cipher is allowed or
|
||||||
|
* not. It contains the minimum and maximum version the client's using
|
||||||
|
* based on what it knows so far.
|
||||||
|
*/
|
||||||
|
int min_ver;
|
||||||
|
int max_ver;
|
||||||
} tmp;
|
} tmp;
|
||||||
|
|
||||||
/* Connection binding to prevent renegotiation attacks */
|
/* Connection binding to prevent renegotiation attacks */
|
||||||
|
@ -1871,7 +1874,7 @@ struct openssl_ssl_test_functions {
|
||||||
# endif
|
# endif
|
||||||
};
|
};
|
||||||
|
|
||||||
const char *version_to_string(int version);
|
const char *ssl_protocol_to_string(int version);
|
||||||
|
|
||||||
# ifndef OPENSSL_UNIT_TEST
|
# ifndef OPENSSL_UNIT_TEST
|
||||||
|
|
||||||
|
|
|
@ -111,7 +111,7 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
|
||||||
goto err;
|
goto err;
|
||||||
if (BIO_puts(bp, "SSL-Session:\n") <= 0)
|
if (BIO_puts(bp, "SSL-Session:\n") <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
s = version_to_string(x->ssl_version);
|
s = ssl_protocol_to_string(x->ssl_version);
|
||||||
if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
|
if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
|
|
|
@ -1143,17 +1143,15 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt)
|
||||||
SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_UNKNOWN_CIPHER_RETURNED);
|
SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_UNKNOWN_CIPHER_RETURNED);
|
||||||
goto f_err;
|
goto f_err;
|
||||||
}
|
}
|
||||||
/* Set version disabled mask now we know version */
|
|
||||||
if (!SSL_USE_TLS1_2_CIPHERS(s))
|
|
||||||
s->s3->tmp.mask_ssl = SSL_TLSV1_2;
|
|
||||||
else
|
|
||||||
s->s3->tmp.mask_ssl = 0;
|
|
||||||
/* Skip TLS v1.0 ciphersuites if SSLv3 */
|
|
||||||
if ((c->algorithm_ssl & SSL_TLSV1) && s->version == SSL3_VERSION)
|
|
||||||
s->s3->tmp.mask_ssl |= SSL_TLSV1;
|
|
||||||
/*
|
/*
|
||||||
* If it is a disabled cipher we didn't send it in client hello, so
|
* Now that we know the version, update the check to see if it's an allowed
|
||||||
* return an error.
|
* version.
|
||||||
|
*/
|
||||||
|
s->s3->tmp.min_ver = s->version;
|
||||||
|
s->s3->tmp.max_ver = s->version;
|
||||||
|
/*
|
||||||
|
* If it is a disabled cipher we either didn't send it in client hello,
|
||||||
|
* or it's not allowed for the selected protocol. So we return an error.
|
||||||
*/
|
*/
|
||||||
if (ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_CHECK)) {
|
if (ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_CHECK)) {
|
||||||
al = SSL_AD_ILLEGAL_PARAMETER;
|
al = SSL_AD_ILLEGAL_PARAMETER;
|
||||||
|
|
|
@ -1117,13 +1117,13 @@ int ssl_get_client_min_max_version(const SSL *s, int *min_version, int *max_vers
|
||||||
*/
|
*/
|
||||||
int ssl_set_client_hello_version(SSL *s)
|
int ssl_set_client_hello_version(SSL *s)
|
||||||
{
|
{
|
||||||
int min, max, ret;
|
int ver_min, ver_max, ret;
|
||||||
|
|
||||||
ret = ssl_get_client_min_max_version(s, &min, &max);
|
ret = ssl_get_client_min_max_version(s, &ver_min, &ver_max);
|
||||||
|
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
s->client_version = s->version = max;
|
s->client_version = s->version = ver_max;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
41
ssl/t1_lib.c
41
ssl/t1_lib.c
|
@ -982,24 +982,21 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Get a mask of disabled algorithms: an algorithm is disabled if it isn't
|
* Set a mask of disabled algorithms: an algorithm is disabled if it isn't
|
||||||
* supported or doesn't appear in supported signature algorithms. Unlike
|
* supported, doesn't appear in supported signature algorithms, isn't supported
|
||||||
* ssl_cipher_get_disabled this applies to a specific session and not global
|
* by the enabled protocol versions or by the security level.
|
||||||
* settings.
|
*
|
||||||
|
* This function should only be used for checking which ciphers are supported
|
||||||
|
* by the client.
|
||||||
|
*
|
||||||
|
* Call ssl_cipher_disabled() to check that it's enabled or not.
|
||||||
*/
|
*/
|
||||||
void ssl_set_client_disabled(SSL *s)
|
void ssl_set_client_disabled(SSL *s)
|
||||||
{
|
{
|
||||||
s->s3->tmp.mask_a = 0;
|
s->s3->tmp.mask_a = 0;
|
||||||
s->s3->tmp.mask_k = 0;
|
s->s3->tmp.mask_k = 0;
|
||||||
/* Don't allow TLS 1.2 only ciphers if we don't suppport them */
|
|
||||||
if (!SSL_CLIENT_USE_TLS1_2_CIPHERS(s))
|
|
||||||
s->s3->tmp.mask_ssl = SSL_TLSV1_2;
|
|
||||||
else
|
|
||||||
s->s3->tmp.mask_ssl = 0;
|
|
||||||
/* Disable TLS 1.0 ciphers if using SSL v3 */
|
|
||||||
if (s->client_version == SSL3_VERSION)
|
|
||||||
s->s3->tmp.mask_ssl |= SSL_TLSV1;
|
|
||||||
ssl_set_sig_mask(&s->s3->tmp.mask_a, s, SSL_SECOP_SIGALG_MASK);
|
ssl_set_sig_mask(&s->s3->tmp.mask_a, s, SSL_SECOP_SIGALG_MASK);
|
||||||
|
ssl_get_client_min_max_version(s, &s->s3->tmp.min_ver, &s->s3->tmp.max_ver);
|
||||||
# ifndef OPENSSL_NO_PSK
|
# ifndef OPENSSL_NO_PSK
|
||||||
/* with PSK there must be client callback set */
|
/* with PSK there must be client callback set */
|
||||||
if (!s->psk_client_callback) {
|
if (!s->psk_client_callback) {
|
||||||
|
@ -1015,12 +1012,28 @@ void ssl_set_client_disabled(SSL *s)
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ssl_cipher_disabled - check that a cipher is disabled or not
|
||||||
|
* @s: SSL connection that you want to use the cipher on
|
||||||
|
* @c: cipher to check
|
||||||
|
* @op: Security check that you want to do
|
||||||
|
*
|
||||||
|
* Returns 1 when it's disabled, 0 when enabled.
|
||||||
|
*/
|
||||||
int ssl_cipher_disabled(SSL *s, const SSL_CIPHER *c, int op)
|
int ssl_cipher_disabled(SSL *s, const SSL_CIPHER *c, int op)
|
||||||
{
|
{
|
||||||
if (c->algorithm_ssl & s->s3->tmp.mask_ssl
|
if (c->algorithm_mkey & s->s3->tmp.mask_k
|
||||||
|| c->algorithm_mkey & s->s3->tmp.mask_k
|
|
||||||
|| c->algorithm_auth & s->s3->tmp.mask_a)
|
|| c->algorithm_auth & s->s3->tmp.mask_a)
|
||||||
return 1;
|
return 1;
|
||||||
|
if (s->s3->tmp.max_ver == 0)
|
||||||
|
return 1;
|
||||||
|
if (!SSL_IS_DTLS(s) && ((c->min_tls > s->s3->tmp.max_ver)
|
||||||
|
|| (c->max_tls < s->s3->tmp.min_ver)))
|
||||||
|
return 1;
|
||||||
|
if (SSL_IS_DTLS(s) && (DTLS_VERSION_GT(c->min_dtls, s->s3->tmp.max_ver)
|
||||||
|
|| DTLS_VERSION_LT(c->max_dtls, s->s3->tmp.min_ver)))
|
||||||
|
return 1;
|
||||||
|
|
||||||
return !ssl_security(s, op, c->strength_bits, 0, (void *)c);
|
return !ssl_security(s, op, c->strength_bits, 0, (void *)c);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue