generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ciphersuite string bugfixes, and ECC-related (re-)definitions.

Browse Source
This commit is contained in:
Bodo Möller 2006-06-14 17:40:31 +00:00
parent 6635b48cd1
commit 89bbe14c50
11 changed files with 253 additions and 183 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
CHANGES
View File

@ -4,6 +4,39 @@
Changes between 0.9.8b and 0.9.9 [xx XXX xxxx]
*) Various modifications and fixes to SSL/TLS cipher string
handling. For ECC, the code now distinguishes between fixed ECDH
with RSA certificates on the one hand and with ECDSA certificates
on the other hand, since these are separate ciphersuites. The
unused code for Fortezza ciphersuites has been removed.
For consistency with EDH, ephemeral ECDH is now called "EECDH"
(not "ECDHE"). For consistency with the code for DH
certificates, use of ECDH certificates is now considered ECDH
authentication, not RSA or ECDSA authentication (the latter is
merely the CA's signing algorithm and not actively used in the
protocol).
The temporary ciphersuite alias "ECCdraft" is no longer
available, and ECC ciphersuites are no longer excluded from "ALL"
and "DEFAULT". The following aliases now exist for RFC 4492
ciphersuites, most of these by analogy with the DH case:
kECDHr - ECDH cert, signed with RSA
kECDHe - ECDH cert, signed with ECDSA
kECDH - ECDH cert (signed with either RSA or ECDSA)
kEECDH - ephemeral ECDH
ECDH - ECDH cert or ephemeral ECDH
aECDH - ECDH cert
aECDSA - ECDSA cert
ECDSA - ECDSA cert
AECDH - anonymous ECDH
EECDH - non-anonymous ephemeral ECDH (equivalent to "kEECDH:-AECDH")
[Bodo Moeller]
*) Add additional S/MIME capabilities for AES and GOST ciphers if supported.
Use correct micalg parameters depending on digest(s) in signed message.
[Steve Henson]

4
ssl/d1_srvr.c
View File

@ -333,10 +333,10 @@ int dtls1_accept(SSL *s)
else
s->s3->tmp.use_rsa_tmp=0;
/* only send if a DH key exchange, fortezza or
/* only send if a DH key exchange or
* RSA but we have a sign only certificate */
if (s->s3->tmp.use_rsa_tmp
|| (l & (SSL_DH|SSL_kFZA))
|| (l & SSL_DH)
|| ((l & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
|| (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)

12
ssl/s3_clnt.c
View File

@ -1308,7 +1308,7 @@ int ssl3_get_key_exchange(SSL *s)
#endif /* !OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
else if (alg & SSL_kECDHE)
else if (alg & SSL_kEECDH)
{
EC_GROUP *ngroup;
const EC_GROUP *group;
@ -1407,19 +1407,13 @@ int ssl3_get_key_exchange(SSL *s)
EC_POINT_free(srvr_ecpoint);
srvr_ecpoint = NULL;
}
else if (alg & SSL_kECDH)
else if (alg)
{
al=SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
}
#endif /* !OPENSSL_NO_ECDH */
if (alg & SSL_aFZA)
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
goto f_err;
}
/* p points to the next byte, there are 'n' bytes left */
@ -2009,7 +2003,7 @@ int ssl3_send_client_key_exchange(SSL *s)
#endif
#ifndef OPENSSL_NO_ECDH
else if ((l & SSL_kECDH) || (l & SSL_kECDHE))
else if ((l & SSL_kECDH) || (l & SSL_kEECDH))
{
const EC_GROUP *srvr_group = NULL;
EC_KEY *tkey;

103
ssl/s3_lib.c
View File

@ -317,7 +317,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
},
/* Cipher 0C */
{
0,
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
SSL3_CK_DH_DSS_DES_64_CBC_SHA,
SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
@ -330,7 +330,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
},
/* Cipher 0D */
{
0,
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
@ -343,7 +343,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
},
/* Cipher 0E */
{
0,
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
SSL3_CK_DH_RSA_DES_40_CBC_SHA,
SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
@ -356,7 +356,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
},
/* Cipher 0F */
{
0,
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
SSL3_CK_DH_RSA_DES_64_CBC_SHA,
SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
@ -369,7 +369,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
},
/* Cipher 10 */
{
0,
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
@ -526,7 +526,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Fortezza */
/* Fortezza ciphersuite from SSL 3.0 spec */
#if 0
/* Cipher 1C */
{
0,
@ -555,7 +556,6 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
#if 0
/* Cipher 1E */
{
0,
@ -576,7 +576,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
** 20000107 VRS: And the first shall be last,
** in hopes of avoiding the lynx ssl renegotiation problem.
*/
/* Cipher 1E VRS */
/* Cipher 1E */
{
1,
SSL3_TXT_KRB5_DES_64_CBC_SHA,
@ -590,7 +590,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 1F VRS */
/* Cipher 1F */
{
1,
SSL3_TXT_KRB5_DES_192_CBC3_SHA,
@ -604,7 +604,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 20 VRS */
/* Cipher 20 */
{
1,
SSL3_TXT_KRB5_RC4_128_SHA,
@ -618,7 +618,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 21 VRS */
/* Cipher 21 */
{
1,
SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
@ -632,7 +632,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 22 VRS */
/* Cipher 22 */
{
1,
SSL3_TXT_KRB5_DES_64_CBC_MD5,
@ -646,7 +646,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 23 VRS */
/* Cipher 23 */
{
1,
SSL3_TXT_KRB5_DES_192_CBC3_MD5,
@ -660,7 +660,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 24 VRS */
/* Cipher 24 */
{
1,
SSL3_TXT_KRB5_RC4_128_MD5,
@ -674,7 +674,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 25 VRS */
/* Cipher 25 */
{
1,
SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
@ -688,7 +688,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 26 VRS */
/* Cipher 26 */
{
1,
SSL3_TXT_KRB5_DES_40_CBC_SHA,
@ -702,7 +702,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 27 VRS */
/* Cipher 27 */
{
1,
SSL3_TXT_KRB5_RC2_40_CBC_SHA,
@ -716,7 +716,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 28 VRS */
/* Cipher 28 */
{
1,
SSL3_TXT_KRB5_RC4_40_SHA,
@ -730,7 +730,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 29 VRS */
/* Cipher 29 */
{
1,
SSL3_TXT_KRB5_DES_40_CBC_MD5,
@ -744,7 +744,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 2A VRS */
/* Cipher 2A */
{
1,
SSL3_TXT_KRB5_RC2_40_CBC_MD5,
@ -758,7 +758,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
/* Cipher 2B VRS */
/* Cipher 2B */
{
1,
SSL3_TXT_KRB5_RC4_40_MD5,
@ -772,8 +772,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
#endif /* OPENSSL_NO_KRB5 */
/* New AES ciphersuites */
/* New AES ciphersuites */
/* Cipher 2F */
{
1,
@ -881,7 +881,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
},
/* Cipher 37 */
{
0,
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
TLS1_CK_DH_RSA_WITH_AES_256_SHA,
SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1,
@ -1252,13 +1252,14 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL_ALL_STRENGTHS,
},
#endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_ECDH
/* Cipher C001 */
{
1,
TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
SSL_kECDH|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_kECDHe|SSL_aECDH|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
0,
@ -1272,7 +1273,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_kECDHe|SSL_aECDH|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
128,
@ -1286,7 +1287,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
SSL_kECDH|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_kECDHe|SSL_aECDH|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
168,
@ -1300,7 +1301,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kECDHe|SSL_aECDH|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
@ -1314,7 +1315,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kECDHe|SSL_aECDH|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
@ -1328,7 +1329,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
SSL_kECDHE|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
0,
@ -1342,7 +1343,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
SSL_kECDHE|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
128,
@ -1356,7 +1357,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
SSL_kECDHE|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
168,
@ -1370,7 +1371,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
@ -1384,7 +1385,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
@ -1398,7 +1399,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
SSL_kECDH|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_kECDHr|SSL_aECDH|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
0,
@ -1412,7 +1413,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_kECDHr|SSL_aECDH|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
128,
@ -1426,7 +1427,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
SSL_kECDH|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_kECDHr|SSL_aECDH|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
168,
@ -1440,7 +1441,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kECDHr|SSL_aECDH|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
@ -1454,7 +1455,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kECDHr|SSL_aECDH|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
@ -1468,7 +1469,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
SSL_kECDHE|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
0,
@ -1482,7 +1483,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
SSL_kECDHE|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
128,
@ -1496,7 +1497,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
SSL_kECDHE|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
168,
@ -1510,7 +1511,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
@ -1524,7 +1525,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
@ -1538,7 +1539,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
TLS1_CK_ECDH_anon_WITH_NULL_SHA,
SSL_kECDHE|SSL_aNULL|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aNULL|SSL_eNULL|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
0,
@ -1552,7 +1553,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP,
0,
128,
@ -1566,7 +1567,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
SSL_kECDHE|SSL_aNULL|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aNULL|SSL_3DES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
168,
@ -1580,7 +1581,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
SSL_kECDHE|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
128,
@ -1594,7 +1595,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
1,
TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
SSL_kECDHE|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_kEECDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH,
0,
256,
@ -2410,7 +2411,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
}
if (
/* if we are considering an ECC cipher suite that uses an ephemeral EC key */
((alg & SSL_kECDH) || (alg & SSL_kECDHE))
((alg & SSL_kECDH) || (alg & SSL_kEECDH))
/* and we have an ephemeral EC key */
&& (s->cert->ecdh_tmp != NULL)
/* and the client specified an EllipticCurves extension */
@ -2505,7 +2506,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
#endif
#ifndef OPENSSL_NO_ECDH
/* We should ask for fixed ECDH certificates only
* for SSL_kECDH (and not SSL_kECDHE)
* for SSL_kECDH (and not SSL_kEECDH)
*/
if ((alg & SSL_kECDH) && (s->version >= TLS1_VERSION))
{
@ -2516,7 +2517,7 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
#ifndef OPENSSL_NO_ECDSA
/* ECDSA certs can be used with RSA cipher suites as well
* so we don't need to check for SSL_kECDH or SSL_kECDHE
* so we don't need to check for SSL_kECDH or SSL_kEECDH
*/
if (s->version >= TLS1_VERSION)
{

21
ssl/s3_srvr.c
View File

@ -365,7 +365,7 @@ int ssl3_accept(SSL *s)
* For ECC ciphersuites, we send a serverKeyExchange
* message only if the cipher suite is either
* ECDH-anon or ECDHE. In other cases, the
* server certificate contains the server's
* server certificate contains the server's
* public key for key exchange.
*/
if (s->s3->tmp.use_rsa_tmp
@ -374,8 +374,7 @@ int ssl3_accept(SSL *s)
#ifndef OPENSSL_NO_PSK
|| ((l & SSL_kPSK) && s->ctx->psk_identity_hint)
#endif
|| (l & SSL_kECDHE)
|| (l & (SSL_DH|SSL_kFZA))
|| (l & SSL_kEECDH)
|| ((l & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
|| (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
@ -481,7 +480,7 @@ int ssl3_accept(SSL *s)
case SSL3_ST_SR_KEY_EXCH_A:
case SSL3_ST_SR_KEY_EXCH_B:
ret=ssl3_get_client_key_exchange(s);
if (ret <= 0)
if (ret <= 0)
goto end;
if (ret == 2)
{
@ -493,14 +492,14 @@ int ssl3_accept(SSL *s)
s->state=SSL3_ST_SR_FINISHED_A;
s->init_num = 0;
}
else
else
{
s->state=SSL3_ST_SR_CERT_VRFY_A;
s->init_num=0;
/* We need to get hashes here so if there is
* a client cert, it can be verified
*/
*/
s->method->ssl3_enc->cert_verify_mac(s,
&(s->s3->finish_dgst1),
&(s->s3->tmp.cert_verify_md[0]));
@ -735,7 +734,7 @@ int ssl3_get_client_hello(SSL *s)
if (s->client_version < s->version)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
if ((s->client_version>>8) == SSL3_VERSION_MAJOR)
{
/* similar to ssl3_get_record, send alert using remote version number */
s->version = s->client_version;
@ -1302,7 +1301,7 @@ int ssl3_send_server_key_exchange(SSL *s)
else
#endif
#ifndef OPENSSL_NO_ECDH
if (type & SSL_kECDHE)
if (type & SSL_kEECDH)
{
const EC_GROUP *group;
@ -1481,7 +1480,7 @@ int ssl3_send_server_key_exchange(SSL *s)
}
#ifndef OPENSSL_NO_ECDH
if (type & SSL_kECDHE)
if (type & SSL_kEECDH)
{
/* XXX: For now, we only support named (not generic) curves.
* In this situation, the serverKeyExchange message has:
@ -2088,7 +2087,7 @@ int ssl3_get_client_key_exchange(SSL *s)
#endif /* OPENSSL_NO_KRB5 */
#ifndef OPENSSL_NO_ECDH
if ((l & SSL_kECDH) || (l & SSL_kECDHE))
if ((l & SSL_kECDH) || (l & SSL_kEECDH))
{
int ret = 1;
int field_size = 0;
@ -2141,7 +2140,7 @@ int ssl3_get_client_key_exchange(SSL *s)
{
/* Client Publickey was in Client Certificate */
if (l & SSL_kECDHE)
if (l & SSL_kEECDH)
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_ECDH_KEY);

45
ssl/ssl.h
View File

@ -277,31 +277,43 @@ extern "C" {
#define SSL_TXT_LOW "LOW"
#define SSL_TXT_MEDIUM "MEDIUM"
#define SSL_TXT_HIGH "HIGH"
#define SSL_TXT_kFZA "kFZA"
#define SSL_TXT_aFZA "aFZA"
#define SSL_TXT_eFZA "eFZA"
#define SSL_TXT_FZA "FZA"
#define SSL_TXT_kFZA "kFZA" /* unused! */
#define SSL_TXT_aFZA "aFZA" /* unused! */
#define SSL_TXT_eFZA "eFZA" /* unused! */
#define SSL_TXT_FZA "FZA" /* unused! */
#define SSL_TXT_aNULL "aNULL"
#define SSL_TXT_eNULL "eNULL"
#define SSL_TXT_NULL "NULL"
#define SSL_TXT_kKRB5 "kKRB5"
#define SSL_TXT_aKRB5 "aKRB5"
#define SSL_TXT_KRB5 "KRB5"
#define SSL_TXT_kRSA "kRSA"
#define SSL_TXT_kDHr "kDHr"
#define SSL_TXT_kDHd "kDHd"
#define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */
#define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */
#define SSL_TXT_kEDH "kEDH"
#define SSL_TXT_kKRB5 "kKRB5"
#define SSL_TXT_kECDHr "kECDHr"
#define SSL_TXT_kECDHe "kECDHe"
#define SSL_TXT_kECDH "kECDH"
#define SSL_TXT_kEECDH "kEECDH"
#define SSL_TXT_kPSK "kPSK"
#define SSL_TXT_aRSA "aRSA"
#define SSL_TXT_aDSS "aDSS"
#define SSL_TXT_aDH "aDH"
#define SSL_TXT_aDH "aDH" /* no such ciphersuites supported! */
#define SSL_TXT_aECDH "aECDH"
#define SSL_TXT_aKRB5 "aKRB5"
#define SSL_TXT_aECDSA "aECDSA"
#define SSL_TXT_aPSK "aPSK"
#define SSL_TXT_DSS "DSS"
#define SSL_TXT_DH "DH"
#define SSL_TXT_EDH "EDH"
#define SSL_TXT_EDH "EDH" /* same as "kEDH:-ADH" */
#define SSL_TXT_ADH "ADH"
#define SSL_TXT_RSA "RSA"
#define SSL_TXT_ECDH "ECDH"
#define SSL_TXT_EECDH "EECDH" /* same as "kEECDH:-AECDH" */
#define SSL_TXT_AECDH "AECDH"
#define SSL_TXT_ECDSA "ECDSA"
#define SSL_TXT_DES "DES"
#define SSL_TXT_3DES "3DES"
#define SSL_TXT_RC4 "RC4"
@ -319,11 +331,10 @@ extern "C" {
#define SSL_TXT_SSLV2 "SSLv2"
#define SSL_TXT_SSLV3 "SSLv3"
#define SSL_TXT_TLSV1 "TLSv1"
#define SSL_TXT_ALL "ALL"
#define SSL_TXT_ECC "ECCdraft" /* ECC ciphersuites are not yet official */
#define SSL_TXT_KRB5 "KRB5"
#define SSL_TXT_PSK "PSK"
#define SSL_TXT_kPSK "kPSK"
#define SSL_TXT_aPSK "aPSK"
#define SSL_TXT_ALL "ALL"
/*
* COMPLEMENTOF* definitions. These identifiers are used to (de-select)
@ -345,7 +356,7 @@ extern "C" {
/* The following cipher list is used by default.
* It also is substituted when an application-defined cipher list string
* starts with 'DEFAULT'. */
#define SSL_DEFAULT_CIPHER_LIST "AES:CAMELLIA:ALL:!ADH:+RC4:@STRENGTH" /* low priority for RC4 */
#define SSL_DEFAULT_CIPHER_LIST "AES:CAMELLIA:ALL:!ADH:!AECDH:+RC4:@STRENGTH" /* low priority for RC4 */
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
#define SSL_SENT_SHUTDOWN 1

22
ssl/ssl3.h
View File

@ -159,12 +159,14 @@ extern "C" {
#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
of the ietf-tls list */
#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
#if 0
#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
of the ietf-tls list */
#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
#endif
#endif
/* VRS Additional Kerberos5 entries
@ -216,9 +218,11 @@ extern "C" {
#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
#if 0
#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
#endif
#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"

130
ssl/ssl_ciph.c
View File

@ -150,15 +150,12 @@
#define SSL_ENC_RC4_IDX 2
#define SSL_ENC_RC2_IDX 3
#define SSL_ENC_IDEA_IDX 4
#define SSL_ENC_eFZA_IDX 5
#define SSL_ENC_NULL_IDX 6
#define SSL_ENC_AES128_IDX 7
#define SSL_ENC_AES256_IDX 8
#define SSL_ENC_NUM_IDX 9
#define SSL_ENC_CAMELLIA128_IDX 9
#define SSL_ENC_CAMELLIA256_IDX 10
#undef SSL_ENC_NUM_IDX
#define SSL_ENC_NUM_IDX 11
#define SSL_ENC_NULL_IDX 5
#define SSL_ENC_AES128_IDX 6
#define SSL_ENC_AES256_IDX 7
#define SSL_ENC_CAMELLIA128_IDX 8
#define SSL_ENC_CAMELLIA256_IDX 9
#define SSL_ENC_NUM_IDX 10
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
@ -193,31 +190,49 @@ typedef struct cipher_order_st
} CIPHER_ORDER;
static const SSL_CIPHER cipher_aliases[]={
/* Don't include eNULL unless specifically enabled. */
/* Don't include ECC in ALL because these ciphers are not yet official. */
{0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL & ~SSL_kECDH & ~SSL_kECDHE, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */
/* TODO: COMPLEMENT OF ALL and COMPLEMENT OF DEFAULT do not have ECC cipher suites handled properly. */
{0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, /* COMPLEMENT OF ALL */
{0,SSL_TXT_CMPDEF,0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */
/* "ALL" must be first; it doesn't include eNULL (must be specifically enabled) */
{0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL},
/* "COMPLEMENTOFALL" */
{0,SSL_TXT_CMPALL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
/* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in ALL!) */
{0,SSL_TXT_CMPDEF,0,SSL_ADH|SSL_AECDH|(SSL_ENC_MASK & ~SSL_eNULL), 0,0,0,0,SSL_AUTH_MASK|SSL_ENC_MASK,0},
/* Single key exchange bits
* (some of these are multiple key exchange algs according to the RFCs,
* e.g. kEDH combines DHE_DSS and DHE_RSA) */
{0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0}, /* no such ciphersuites supported! */
{0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0}, /* no such ciphersuites supported! */
{0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_kECDHr,0,SSL_kECDHr,0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_kECDHe,0,SSL_kECDHe,0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_kEECDH,0,SSL_kEECDH,0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_kPSK,0,SSL_kPSK, 0,0,0,0,SSL_MKEY_MASK,0},
/* More key exchange aliases (combined bits) */
{0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_ECC, 0,(SSL_kECDH|SSL_kECDHE), 0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
{0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0}, /* VRS Kerberos5 */
{0,SSL_TXT_kECDH,0,SSL_kECDH,0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_ECDH,0,SSL_ECDH, 0,0,0,0,SSL_MKEY_MASK,0},
{0,SSL_TXT_EECDH,0,SSL_EECDH,0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
/* Single authentication bits */
{0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_aPSK,0,SSL_aPSK, 0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_aKRB5,0,SSL_aKRB5,0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0}, /* no such ciphersuites supported! */
{0,SSL_TXT_aECDH, 0,SSL_aECDH,0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_aECDSA, 0,SSL_aECDSA,0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_aPSK,0,SSL_aPSK, 0,0,0,0,SSL_AUTH_MASK,0},
/* More authentication aliases */
{0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0},
{0,SSL_TXT_ECDSA,0,SSL_ECDSA,0,0,0,0,SSL_AUTH_MASK,0},
/* Single encryption bits */
{0,SSL_TXT_DES, 0,SSL_DES, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0},
@ -226,19 +241,20 @@ static const SSL_CIPHER cipher_aliases[]={
{0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
#endif
{0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_AES, 0,SSL_AES, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_CAMELLIA, 0,SSL_CAMELLIA, 0,0,0,0,SSL_ENC_MASK,0},
/* Single MAC bits */
{0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
{0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
{0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0},
/* More aliases */
{0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0},
{0,SSL_TXT_KRB5,0,SSL_KRB5, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
{0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
{0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
{0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0},
{0,SSL_TXT_AECDH,0,SSL_AECDH,0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
{0,SSL_TXT_PSK, 0,SSL_PSK, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
{0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0},
@ -466,7 +482,6 @@ static unsigned long ssl_cipher_get_disabled(void)
{
unsigned long mask;
mask = SSL_kFZA;
#ifdef OPENSSL_NO_RSA
mask |= SSL_aRSA|SSL_kRSA;
#endif
@ -479,8 +494,11 @@ static unsigned long ssl_cipher_get_disabled(void)
#ifdef OPENSSL_NO_KRB5
mask |= SSL_kKRB5|SSL_aKRB5;
#endif
#ifdef OPENSSL_NO_ECDSA
mask |= SSL_aECDSA;
#endif
#ifdef OPENSSL_NO_ECDH
mask |= SSL_kECDH|SSL_kECDHE;
mask |= SSL_kECDHe|SSL_kECDHr|SSL_kECDHE|SSL_aECDH;
#endif
#ifdef OPENSSL_NO_PSK
mask |= SSL_kPSK;
@ -494,7 +512,6 @@ static unsigned long ssl_cipher_get_disabled(void)
mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
mask |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES:0;
mask |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA:0;
@ -581,14 +598,24 @@ static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
/*
* Now we add the available ones from the cipher_aliases[] table.
* They represent either an algorithm, that must be fully
* supported (not match any bit in mask) or represent a cipher
* strength value (will be added in any case because algorithms=0).
* They represent either an algorithm, that must be
* supported (not disabled through 'mask', i.e. all of the
* SSL_MKEY_MASK, SSL_AUTH_MASK, .. bits in the alias are set in 'mask')
* or represent a cipher strength value (will be added in any case because algorithms=0).
*/
for (i = 0; i < num_of_group_aliases; i++)
{
if ((i == 0) || /* always fetch "ALL" */
!(cipher_aliases[i].algorithms & mask))
int algorithms = cipher_aliases[i].algorithms;
if ((i == 0) /* always fetch "ALL" */ ||
!(((SSL_MKEY_MASK & algorithms) && (SSL_MKEY_MASK & mask)
&& ((algorithms & SSL_MKEY_MASK & mask) == (SSL_MKEY_MASK & mask))) ||
((SSL_AUTH_MASK & algorithms) && (SSL_AUTH_MASK & mask)
&& ((algorithms & SSL_AUTH_MASK & mask) == (SSL_AUTH_MASK & mask))) ||
((SSL_ENC_MASK & algorithms) && (SSL_ENC_MASK & mask)
&& ((algorithms & SSL_ENC_MASK & mask) == (SSL_ENC_MASK & mask))) ||
((SSL_MAC_MASK & algorithms) && (SSL_MAC_MASK & mask)
&& ((algorithms & SSL_MAC_MASK & mask) == (SSL_MAC_MASK & mask)))))
{
*ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
ca_curr++;
@ -1105,19 +1132,20 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
case SSL_kDHd:
kx="DH/DSS";
break;
case SSL_kKRB5: /* VRS */
case SSL_KRB5: /* VRS */
kx="KRB5";
break;
case SSL_kFZA:
kx="Fortezza";
case SSL_kKRB5:
kx="KRB5";
break;
case SSL_kEDH:
kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
break;
case SSL_kECDH:
case SSL_kECDHE:
kx=is_export?"ECDH(<=163)":"ECDH";
case SSL_kECDHr:
kx="ECDH/RSA";
break;
case SSL_kECDHe:
kx="ECDH/ECDSA";
break;
case SSL_kEECDH:
kx="ECDH";
break;
case SSL_kPSK:
kx="PSK";
@ -1137,11 +1165,12 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
case SSL_aDH:
au="DH";
break;
case SSL_aKRB5: /* VRS */
case SSL_KRB5: /* VRS */
au="KRB5";
break;
case SSL_aFZA:
case SSL_aKRB5:
au="KRB5";
break;
case SSL_aECDH:
au="ECDH";
break;
case SSL_aNULL:
au="None";
break;
@ -1174,9 +1203,6 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
case SSL_IDEA:
enc="IDEA(128)";
break;
case SSL_eFZA:
enc="Fortezza";
break;
case SSL_eNULL:
enc="None";
break;

18
ssl/ssl_lib.c
View File

@ -1784,15 +1784,15 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
(signature_nid == NID_md4WithRSAEncryption) ||
(signature_nid == NID_md2WithRSAEncryption))
{
mask|=SSL_kECDH|SSL_aRSA;
mask|=SSL_kECDHr|SSL_aECDH;
if (ecc_pkey_size <= 163)
emask|=SSL_kECDH|SSL_aRSA;
emask|=SSL_kECDHr|SSL_aECDH;
}
if (signature_nid == NID_ecdsa_with_SHA1)
{
mask|=SSL_kECDH|SSL_aECDSA;
mask|=SSL_kECDHe|SSL_aECDH;
if (ecc_pkey_size <= 163)
emask|=SSL_kECDH|SSL_aECDSA;
emask|=SSL_kECDHe|SSL_aECDH;
}
}
#endif
@ -1808,8 +1808,8 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
#ifndef OPENSSL_NO_ECDH
if (have_ecdh_tmp)
{
mask|=SSL_kECDHE;
emask|=SSL_kECDHE;
mask|=SSL_kEECDH;
emask|=SSL_kEECDH;
}
#endif
@ -1902,13 +1902,13 @@ X509 *ssl_get_server_send_cert(SSL *s)
if (kalg & SSL_kECDH)
{
/* we don't need to look at SSL_kECDHE
/* we don't need to look at SSL_kEECDH
* since no certificate is needed for
* anon ECDH and for authenticated
* ECDHE, the check for the auth
* EECDH, the check for the auth
* algorithm will set i correctly
* NOTE: For ECDH-RSA, we need an ECC
* not an RSA cert but for ECDHE-RSA
* not an RSA cert but for EECDH-RSA
* we need an RSA cert. Placing the
* checks for SSL_kECDH before RSA
* checks ensures the correct cert is chosen.

42
ssl/ssl_locl.h
View File

@ -277,33 +277,36 @@
*/
#define SSL_MKEY_MASK 0x200000FFL
#define SSL_kRSA 0x00000001L /* RSA key exchange */
#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */
#define SSL_kFZA 0x00000008L
#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */
#define SSL_kKRB5 0x00000020L /* Kerberos5 key exchange */
#define SSL_kECDH 0x00000040L /* ECDH w/ long-term keys */
#define SSL_kECDHE 0x00000080L /* ephemeral ECDH */
#define SSL_kDHr 0x00000002L /* DH cert, RSA CA cert */ /* no such ciphersuites supported! */
#define SSL_kDHd 0x00000004L /* DH cert, DSA CA cert */ /* no such ciphersuite supported! */
#define SSL_kEDH 0x00000008L /* tmp DH key no DH cert */
#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
#define SSL_kPSK 0x20000000L /* PSK */
#define SSL_kKRB5 0x00000010L /* Kerberos5 key exchange */
#define SSL_kECDHr 0x00000020L /* ECDH cert, RSA CA cert */
#define SSL_kECDHe 0x00000040L /* ECDH cert, ECDSA CA cert */
#define SSL_kECDH (SSL_kECDHr|SSL_kECDHe)
#define SSL_kEECDH 0x00000080L /* ephemeral ECDH */
#define SSL_EECDH (SSL_kEECDH|(SSL_AUTH_MASK^SSL_aNULL))
#define SSL_kPSK 0x20000000L /* PSK */
#define SSL_AUTH_MASK 0x10007f00L
#define SSL_aRSA 0x00000100L /* Authenticate with RSA */
#define SSL_aDSS 0x00000200L /* Authenticate with DSS */
#define SSL_aRSA 0x00000100L /* RSA auth */
#define SSL_aDSS 0x00000200L /* DSS auth */
#define SSL_DSS SSL_aDSS
#define SSL_aFZA 0x00000400L
#define SSL_aNULL 0x00000800L /* no Authenticate, ADH */
#define SSL_aDH 0x00001000L /* no Authenticate, ADH */
#define SSL_aKRB5 0x00002000L /* Authenticate with KRB5 */
#define SSL_aECDSA 0x00004000L /* Authenticate with ECDSA */
#define SSL_aPSK 0x10000000L /* PSK */
#define SSL_aNULL 0x00000400L /* no auth (i.e. use ADH or AECDH) */
#define SSL_aDH 0x00000800L /* Fixed DH auth (kDHd or kDHr) */ /* no such ciphersuites supported! */
#define SSL_aECDH 0x00001000L /* Fixed ECDH auth (kECDHe or kECDHr) */
#define SSL_aKRB5 0x00002000L /* KRB5 auth */
#define SSL_aECDSA 0x00004000L /* ECDSA auth*/
#define SSL_ECDSA SSL_aECDSA
#define SSL_aPSK 0x10000000L /* PSK auth */
#define SSL_NULL (SSL_eNULL)
#define SSL_ADH (SSL_kEDH|SSL_aNULL)
#define SSL_RSA (SSL_kRSA|SSL_aRSA)
#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
#define SSL_ECDH (SSL_kECDH|SSL_kECDHE)
#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
#define SSL_ADH (SSL_kEDH|SSL_aNULL)
#define SSL_ECDH (SSL_kECDH|SSL_kEECDH)
#define SSL_AECDH (SSL_kEECDH|SSL_aNULL)
#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
#define SSL_PSK (SSL_kPSK|SSL_aPSK)
@ -313,7 +316,6 @@
#define SSL_RC4 0x00020000L
#define SSL_RC2 0x00040000L
#define SSL_IDEA 0x00080000L
#define SSL_eFZA 0x00100000L
#define SSL_eNULL 0x00200000L
#define SSL_AES 0x04000000L
#define SSL_CAMELLIA 0x08000000L

6
ssl/t1_lib.c
View File

@ -686,7 +686,7 @@ int ssl_prepare_clienthello_tlsext(SSL *s)
for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++)
{
algs = (sk_SSL_CIPHER_value(cipher_stack, i))->algorithms;
if ((algs & SSL_kECDH) || (algs & SSL_kECDHE) || (algs & SSL_aECDSA))
if ((algs & SSL_kECDH) || (algs & SSL_kEECDH) || (algs & SSL_aECDSA))
{
using_ecc = 1;
break;
@ -731,7 +731,7 @@ int ssl_prepare_serverhello_tlsext(SSL *s)
* supposed to send an EllipticCurves extension.
*/
int algs = s->s3->tmp.new_cipher->algorithms;
int using_ecc = (algs & SSL_kECDH) || (algs & SSL_kECDHE) || (algs & SSL_aECDSA);
int using_ecc = (algs & SSL_kECDH) || (algs & SSL_kEECDH) || (algs & SSL_aECDSA);
using_ecc = using_ecc && (s->session->tlsext_ecpointformatlist != NULL);
if (using_ecc)
@ -797,7 +797,7 @@ int ssl_check_serverhello_tlsext(SSL *s)
*/
int algs = s->s3->tmp.new_cipher->algorithms;
if ((s->tlsext_ecpointformatlist != NULL) && (s->tlsext_ecpointformatlist_length > 0) &&
((algs & SSL_kECDH) || (algs & SSL_kECDHE) || (algs & SSL_aECDSA)))
((algs & SSL_kECDH) || (algs & SSL_kEECDH) || (algs & SSL_aECDSA)))
{
/* we are using an ECC cipher */
size_t i;