Support for fixed DH ciphersuites.
The cipher definitions of these ciphersuites have been around since SSLeay but were always disabled. Now OpenSSL supports DH certificates they can be finally enabled. Various additional changes were needed to make them work properly: many unused fixed DH sections of code were untested.
This commit is contained in:
Dr. Stephen Henson
parent
a985410d2d
commit
8e1dc4d7ca
4
CHANGES
4
CHANGES
@ -4,6 +4,10 @@
|
|||||||
|
|
||||||
Changes between 1.0.1 and 1.1.0 [xx XXX xxxx]
|
Changes between 1.0.1 and 1.1.0 [xx XXX xxxx]
|
||||||
|
|
||||||
|
*) Support for fixed DH ciphersuites: those requiring DH server
|
||||||
|
certificates.
|
||||||
|
[Steve Henson]
|
||||||
|
|
||||||
*) Transparently support X9.42 DH parameters when calling
|
*) Transparently support X9.42 DH parameters when calling
|
||||||
PEM_read_bio_DHparameters. This means existing applications can handle
|
PEM_read_bio_DHparameters. This means existing applications can handle
|
||||||
the new parameter format automatically.
|
the new parameter format automatically.
|
||||||
|
|||||||
@ -594,6 +594,18 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
|
|||||||
{
|
{
|
||||||
ret = SSL_PKEY_GOST01;
|
ret = SSL_PKEY_GOST01;
|
||||||
}
|
}
|
||||||
|
else if (x && i == EVP_PKEY_DH)
|
||||||
|
{
|
||||||
|
/* For DH two cases: DH certificate signed with RSA and
|
||||||
|
* DH certificate signed with DSA.
|
||||||
|
*/
|
||||||
|
i = X509_certificate_type(x, pk);
|
||||||
|
if (i & EVP_PKS_RSA)
|
||||||
|
ret = SSL_PKEY_DH_RSA;
|
||||||
|
else if (i & EVP_PKS_DSA)
|
||||||
|
ret = SSL_PKEY_DH_DSA;
|
||||||
|
}
|
||||||
|
|
||||||
err:
|
err:
|
||||||
if(!pkey) EVP_PKEY_free(pk);
|
if(!pkey) EVP_PKEY_free(pk);
|
||||||
return(ret);
|
return(ret);
|
||||||
|
|||||||
@ -2396,24 +2396,39 @@ int ssl3_send_client_key_exchange(SSL *s)
|
|||||||
else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
|
else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
|
||||||
{
|
{
|
||||||
DH *dh_srvr,*dh_clnt;
|
DH *dh_srvr,*dh_clnt;
|
||||||
|
SESS_CERT *scert = s->session->sess_cert;
|
||||||
|
|
||||||
if (s->session->sess_cert == NULL)
|
if (scert == NULL)
|
||||||
{
|
{
|
||||||
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
|
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
|
||||||
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
|
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (s->session->sess_cert->peer_dh_tmp != NULL)
|
if (scert->peer_dh_tmp != NULL)
|
||||||
dh_srvr=s->session->sess_cert->peer_dh_tmp;
|
dh_srvr=scert->peer_dh_tmp;
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
/* we get them from the cert */
|
/* we get them from the cert */
|
||||||
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
|
int idx = scert->peer_cert_type;
|
||||||
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
|
EVP_PKEY *spkey = NULL;
|
||||||
goto err;
|
dh_srvr = NULL;
|
||||||
|
if (idx >= 0)
|
||||||
|
spkey = X509_get_pubkey(
|
||||||
|
scert->peer_pkeys[idx].x509);
|
||||||
|
if (spkey)
|
||||||
|
{
|
||||||
|
dh_srvr = EVP_PKEY_get1_DH(spkey);
|
||||||
|
EVP_PKEY_free(spkey);
|
||||||
|
}
|
||||||
|
if (dh_srvr == NULL)
|
||||||
|
{
|
||||||
|
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
|
||||||
|
ERR_R_INTERNAL_ERROR);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* generate a new random key */
|
/* generate a new random key */
|
||||||
if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
|
if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
|
||||||
{
|
{
|
||||||
@ -2431,6 +2446,8 @@ int ssl3_send_client_key_exchange(SSL *s)
|
|||||||
* make sure to clear it out afterwards */
|
* make sure to clear it out afterwards */
|
||||||
|
|
||||||
n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
|
n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
|
||||||
|
if (scert->peer_dh_tmp == NULL)
|
||||||
|
DH_free(dh_srvr);
|
||||||
|
|
||||||
if (n <= 0)
|
if (n <= 0)
|
||||||
{
|
{
|
||||||
@ -3132,7 +3149,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
|
|||||||
alg_a=s->s3->tmp.new_cipher->algorithm_auth;
|
alg_a=s->s3->tmp.new_cipher->algorithm_auth;
|
||||||
|
|
||||||
/* we don't have a certificate */
|
/* we don't have a certificate */
|
||||||
if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
|
if ((alg_a & (SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
|
||||||
return(1);
|
return(1);
|
||||||
|
|
||||||
sc=s->session->sess_cert;
|
sc=s->session->sess_cert;
|
||||||
@ -3194,19 +3211,21 @@ int ssl3_check_cert_and_algorithm(SSL *s)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_DH
|
#ifndef OPENSSL_NO_DH
|
||||||
if ((alg_k & SSL_kEDH) &&
|
if ((alg_k & SSL_kEDH) &&
|
||||||
!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
|
!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
|
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
|
||||||
goto f_err;
|
goto f_err;
|
||||||
}
|
}
|
||||||
else if ((alg_k & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
|
else if ((alg_k & SSL_kDHr) && (TLS1_get_version(s) < TLS1_2_VERSION) &&
|
||||||
|
!has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
|
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
|
||||||
goto f_err;
|
goto f_err;
|
||||||
}
|
}
|
||||||
#ifndef OPENSSL_NO_DSA
|
#ifndef OPENSSL_NO_DSA
|
||||||
else if ((alg_k & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
|
else if ((alg_k & SSL_kDHd) && (TLS1_get_version(s) < TLS1_2_VERSION) &&
|
||||||
|
!has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
|
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
|
||||||
goto f_err;
|
goto f_err;
|
||||||
|
|||||||
48
ssl/s3_lib.c
48
ssl/s3_lib.c
@ -335,7 +335,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
/* The DH ciphers */
|
/* The DH ciphers */
|
||||||
/* Cipher 0B */
|
/* Cipher 0B */
|
||||||
{
|
{
|
||||||
0,
|
1,
|
||||||
SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
|
SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
|
||||||
SSL3_CK_DH_DSS_DES_40_CBC_SHA,
|
SSL3_CK_DH_DSS_DES_40_CBC_SHA,
|
||||||
SSL_kDHd,
|
SSL_kDHd,
|
||||||
@ -351,7 +351,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 0C */
|
/* Cipher 0C */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
|
SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
|
||||||
SSL3_CK_DH_DSS_DES_64_CBC_SHA,
|
SSL3_CK_DH_DSS_DES_64_CBC_SHA,
|
||||||
SSL_kDHd,
|
SSL_kDHd,
|
||||||
@ -367,7 +367,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 0D */
|
/* Cipher 0D */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
|
SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
|
||||||
SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
|
SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
|
||||||
SSL_kDHd,
|
SSL_kDHd,
|
||||||
@ -383,7 +383,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 0E */
|
/* Cipher 0E */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
|
SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
|
||||||
SSL3_CK_DH_RSA_DES_40_CBC_SHA,
|
SSL3_CK_DH_RSA_DES_40_CBC_SHA,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -399,7 +399,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 0F */
|
/* Cipher 0F */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
|
SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
|
||||||
SSL3_CK_DH_RSA_DES_64_CBC_SHA,
|
SSL3_CK_DH_RSA_DES_64_CBC_SHA,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -415,7 +415,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 10 */
|
/* Cipher 10 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
|
SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
|
||||||
SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
|
SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -902,7 +902,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
},
|
},
|
||||||
/* Cipher 30 */
|
/* Cipher 30 */
|
||||||
{
|
{
|
||||||
0,
|
1,
|
||||||
TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
|
TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
|
||||||
TLS1_CK_DH_DSS_WITH_AES_128_SHA,
|
TLS1_CK_DH_DSS_WITH_AES_128_SHA,
|
||||||
SSL_kDHd,
|
SSL_kDHd,
|
||||||
@ -917,7 +917,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
},
|
},
|
||||||
/* Cipher 31 */
|
/* Cipher 31 */
|
||||||
{
|
{
|
||||||
0,
|
1,
|
||||||
TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
|
TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
|
||||||
TLS1_CK_DH_RSA_WITH_AES_128_SHA,
|
TLS1_CK_DH_RSA_WITH_AES_128_SHA,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -993,7 +993,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
},
|
},
|
||||||
/* Cipher 36 */
|
/* Cipher 36 */
|
||||||
{
|
{
|
||||||
0,
|
1,
|
||||||
TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
|
TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
|
||||||
TLS1_CK_DH_DSS_WITH_AES_256_SHA,
|
TLS1_CK_DH_DSS_WITH_AES_256_SHA,
|
||||||
SSL_kDHd,
|
SSL_kDHd,
|
||||||
@ -1009,7 +1009,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 37 */
|
/* Cipher 37 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
|
TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
|
||||||
TLS1_CK_DH_RSA_WITH_AES_256_SHA,
|
TLS1_CK_DH_RSA_WITH_AES_256_SHA,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1122,7 +1122,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 3E */
|
/* Cipher 3E */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
|
TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
|
||||||
TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
|
TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1138,7 +1138,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 3F */
|
/* Cipher 3F */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
|
TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
|
||||||
TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
|
TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1189,7 +1189,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 42 */
|
/* Cipher 42 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
|
TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
|
||||||
TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
|
TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
|
||||||
SSL_kDHd,
|
SSL_kDHd,
|
||||||
@ -1205,7 +1205,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 43 */
|
/* Cipher 43 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||||
TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1404,7 +1404,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 68 */
|
/* Cipher 68 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
|
TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
|
||||||
TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
|
TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1420,7 +1420,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 69 */
|
/* Cipher 69 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
|
TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
|
||||||
TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
|
TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1577,7 +1577,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
},
|
},
|
||||||
/* Cipher 85 */
|
/* Cipher 85 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
|
TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
|
||||||
TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
|
TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
|
||||||
SSL_kDHd,
|
SSL_kDHd,
|
||||||
@ -1593,7 +1593,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 86 */
|
/* Cipher 86 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||||
TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1743,7 +1743,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 97 */
|
/* Cipher 97 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_DSS_WITH_SEED_SHA,
|
TLS1_TXT_DH_DSS_WITH_SEED_SHA,
|
||||||
TLS1_CK_DH_DSS_WITH_SEED_SHA,
|
TLS1_CK_DH_DSS_WITH_SEED_SHA,
|
||||||
SSL_kDHd,
|
SSL_kDHd,
|
||||||
@ -1759,7 +1759,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher 98 */
|
/* Cipher 98 */
|
||||||
{
|
{
|
||||||
0, /* not implemented (non-ephemeral DH) */
|
1,
|
||||||
TLS1_TXT_DH_RSA_WITH_SEED_SHA,
|
TLS1_TXT_DH_RSA_WITH_SEED_SHA,
|
||||||
TLS1_CK_DH_RSA_WITH_SEED_SHA,
|
TLS1_CK_DH_RSA_WITH_SEED_SHA,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1891,7 +1891,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher A0 */
|
/* Cipher A0 */
|
||||||
{
|
{
|
||||||
0,
|
1,
|
||||||
TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
|
TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
|
TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1907,7 +1907,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher A1 */
|
/* Cipher A1 */
|
||||||
{
|
{
|
||||||
0,
|
1,
|
||||||
TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
|
TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
|
||||||
TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
|
TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1955,7 +1955,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher A4 */
|
/* Cipher A4 */
|
||||||
{
|
{
|
||||||
0,
|
1,
|
||||||
TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
|
TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
|
||||||
TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
|
TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
@ -1971,7 +1971,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|||||||
|
|
||||||
/* Cipher A5 */
|
/* Cipher A5 */
|
||||||
{
|
{
|
||||||
0,
|
1,
|
||||||
TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
|
TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
|
||||||
TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
|
TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
|
||||||
SSL_kDHr,
|
SSL_kDHr,
|
||||||
|
|||||||
@ -478,7 +478,7 @@ int ssl3_accept(SSL *s)
|
|||||||
/* SRP: send ServerKeyExchange */
|
/* SRP: send ServerKeyExchange */
|
||||||
|| (alg_k & SSL_kSRP)
|
|| (alg_k & SSL_kSRP)
|
||||||
#endif
|
#endif
|
||||||
|| (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kEDH))
|
|| (alg_k & SSL_kEDH)
|
||||||
|| (alg_k & SSL_kEECDH)
|
|| (alg_k & SSL_kEECDH)
|
||||||
|| ((alg_k & SSL_kRSA)
|
|| ((alg_k & SSL_kRSA)
|
||||||
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
|
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
|
||||||
@ -2289,7 +2289,25 @@ int ssl3_get_client_key_exchange(SSL *s)
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
if (s->s3->tmp.dh == NULL)
|
int idx = -1;
|
||||||
|
if (alg_k & SSL_kDHr)
|
||||||
|
idx = SSL_PKEY_DH_RSA;
|
||||||
|
else if (alg_k & SSL_kDHd)
|
||||||
|
idx = SSL_PKEY_DH_DSA;
|
||||||
|
if (idx >= 0)
|
||||||
|
{
|
||||||
|
EVP_PKEY *skey = s->cert->pkeys[idx].privatekey;
|
||||||
|
if ((skey == NULL) ||
|
||||||
|
(skey->type != EVP_PKEY_DH) ||
|
||||||
|
(skey->pkey.dh == NULL))
|
||||||
|
{
|
||||||
|
al=SSL_AD_HANDSHAKE_FAILURE;
|
||||||
|
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
|
||||||
|
goto f_err;
|
||||||
|
}
|
||||||
|
dh_srvr = skey->pkey.dh;
|
||||||
|
}
|
||||||
|
else if (s->s3->tmp.dh == NULL)
|
||||||
{
|
{
|
||||||
al=SSL_AD_HANDSHAKE_FAILURE;
|
al=SSL_AD_HANDSHAKE_FAILURE;
|
||||||
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
|
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
|
||||||
|
|||||||
@ -241,9 +241,9 @@ extern "C" {
|
|||||||
#define SSL_TXT_NULL "NULL"
|
#define SSL_TXT_NULL "NULL"
|
||||||
|
|
||||||
#define SSL_TXT_kRSA "kRSA"
|
#define SSL_TXT_kRSA "kRSA"
|
||||||
#define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */
|
#define SSL_TXT_kDHr "kDHr"
|
||||||
#define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */
|
#define SSL_TXT_kDHd "kDHd"
|
||||||
#define SSL_TXT_kDH "kDH" /* no such ciphersuites supported! */
|
#define SSL_TXT_kDH "kDH"
|
||||||
#define SSL_TXT_kEDH "kEDH"
|
#define SSL_TXT_kEDH "kEDH"
|
||||||
#define SSL_TXT_kKRB5 "kKRB5"
|
#define SSL_TXT_kKRB5 "kKRB5"
|
||||||
#define SSL_TXT_kECDHr "kECDHr"
|
#define SSL_TXT_kECDHr "kECDHr"
|
||||||
@ -256,7 +256,7 @@ extern "C" {
|
|||||||
|
|
||||||
#define SSL_TXT_aRSA "aRSA"
|
#define SSL_TXT_aRSA "aRSA"
|
||||||
#define SSL_TXT_aDSS "aDSS"
|
#define SSL_TXT_aDSS "aDSS"
|
||||||
#define SSL_TXT_aDH "aDH" /* no such ciphersuites supported! */
|
#define SSL_TXT_aDH "aDH"
|
||||||
#define SSL_TXT_aECDH "aECDH"
|
#define SSL_TXT_aECDH "aECDH"
|
||||||
#define SSL_TXT_aKRB5 "aKRB5"
|
#define SSL_TXT_aKRB5 "aKRB5"
|
||||||
#define SSL_TXT_aECDSA "aECDSA"
|
#define SSL_TXT_aECDSA "aECDSA"
|
||||||
|
|||||||
@ -238,9 +238,9 @@ static const SSL_CIPHER cipher_aliases[]={
|
|||||||
* e.g. kEDH combines DHE_DSS and DHE_RSA) */
|
* e.g. kEDH combines DHE_DSS and DHE_RSA) */
|
||||||
{0,SSL_TXT_kRSA,0, SSL_kRSA, 0,0,0,0,0,0,0,0},
|
{0,SSL_TXT_kRSA,0, SSL_kRSA, 0,0,0,0,0,0,0,0},
|
||||||
|
|
||||||
{0,SSL_TXT_kDHr,0, SSL_kDHr, 0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
|
{0,SSL_TXT_kDHr,0, SSL_kDHr, 0,0,0,0,0,0,0,0},
|
||||||
{0,SSL_TXT_kDHd,0, SSL_kDHd, 0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
|
{0,SSL_TXT_kDHd,0, SSL_kDHd, 0,0,0,0,0,0,0,0},
|
||||||
{0,SSL_TXT_kDH,0, SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0}, /* no such ciphersuites supported! */
|
{0,SSL_TXT_kDH,0, SSL_kDHr|SSL_kDHd,0,0,0,0,0,0,0,0},
|
||||||
{0,SSL_TXT_kEDH,0, SSL_kEDH, 0,0,0,0,0,0,0,0},
|
{0,SSL_TXT_kEDH,0, SSL_kEDH, 0,0,0,0,0,0,0,0},
|
||||||
{0,SSL_TXT_DH,0, SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
|
{0,SSL_TXT_DH,0, SSL_kDHr|SSL_kDHd|SSL_kEDH,0,0,0,0,0,0,0,0},
|
||||||
|
|
||||||
@ -701,8 +701,6 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un
|
|||||||
#ifdef OPENSSL_NO_DSA
|
#ifdef OPENSSL_NO_DSA
|
||||||
*auth |= SSL_aDSS;
|
*auth |= SSL_aDSS;
|
||||||
#endif
|
#endif
|
||||||
*mkey |= SSL_kDHr|SSL_kDHd; /* no such ciphersuites supported! */
|
|
||||||
*auth |= SSL_aDH;
|
|
||||||
#ifdef OPENSSL_NO_DH
|
#ifdef OPENSSL_NO_DH
|
||||||
*mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
|
*mkey |= SSL_kDHr|SSL_kDHd|SSL_kEDH;
|
||||||
*auth |= SSL_aDH;
|
*auth |= SSL_aDH;
|
||||||
|
|||||||
@ -2110,6 +2110,9 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
|
|||||||
if (dh_dsa) mask_k|=SSL_kDHd;
|
if (dh_dsa) mask_k|=SSL_kDHd;
|
||||||
if (dh_dsa_export) emask_k|=SSL_kDHd;
|
if (dh_dsa_export) emask_k|=SSL_kDHd;
|
||||||
|
|
||||||
|
if (emask_k & (SSL_kDHr|SSL_kDHd))
|
||||||
|
mask_a |= SSL_aDH;
|
||||||
|
|
||||||
if (rsa_enc || rsa_sign)
|
if (rsa_enc || rsa_sign)
|
||||||
{
|
{
|
||||||
mask_a|=SSL_aRSA;
|
mask_a|=SSL_aRSA;
|
||||||
|
|||||||
@ -280,8 +280,8 @@
|
|||||||
|
|
||||||
/* Bits for algorithm_mkey (key exchange algorithm) */
|
/* Bits for algorithm_mkey (key exchange algorithm) */
|
||||||
#define SSL_kRSA 0x00000001L /* RSA key exchange */
|
#define SSL_kRSA 0x00000001L /* RSA key exchange */
|
||||||
#define SSL_kDHr 0x00000002L /* DH cert, RSA CA cert */ /* no such ciphersuites supported! */
|
#define SSL_kDHr 0x00000002L /* DH cert, RSA CA cert */
|
||||||
#define SSL_kDHd 0x00000004L /* DH cert, DSA CA cert */ /* no such ciphersuite supported! */
|
#define SSL_kDHd 0x00000004L /* DH cert, DSA CA cert */
|
||||||
#define SSL_kEDH 0x00000008L /* tmp DH key no DH cert */
|
#define SSL_kEDH 0x00000008L /* tmp DH key no DH cert */
|
||||||
#define SSL_kKRB5 0x00000010L /* Kerberos5 key exchange */
|
#define SSL_kKRB5 0x00000010L /* Kerberos5 key exchange */
|
||||||
#define SSL_kECDHr 0x00000020L /* ECDH cert, RSA CA cert */
|
#define SSL_kECDHr 0x00000020L /* ECDH cert, RSA CA cert */
|
||||||
@ -295,7 +295,7 @@
|
|||||||
#define SSL_aRSA 0x00000001L /* RSA auth */
|
#define SSL_aRSA 0x00000001L /* RSA auth */
|
||||||
#define SSL_aDSS 0x00000002L /* DSS auth */
|
#define SSL_aDSS 0x00000002L /* DSS auth */
|
||||||
#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */
|
#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */
|
||||||
#define SSL_aDH 0x00000008L /* Fixed DH auth (kDHd or kDHr) */ /* no such ciphersuites supported! */
|
#define SSL_aDH 0x00000008L /* Fixed DH auth (kDHd or kDHr) */
|
||||||
#define SSL_aECDH 0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
|
#define SSL_aECDH 0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
|
||||||
#define SSL_aKRB5 0x00000020L /* KRB5 auth */
|
#define SSL_aKRB5 0x00000020L /* KRB5 auth */
|
||||||
#define SSL_aECDSA 0x00000040L /* ECDSA auth*/
|
#define SSL_aECDSA 0x00000040L /* ECDSA auth*/
|
||||||
|
|||||||
@ -182,8 +182,23 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
|
|||||||
static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
|
static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
/* Special case for DH: check two DH certificate types for a match.
|
||||||
i=ssl_cert_type(NULL,pkey);
|
* This means for DH certificates we must set the certificate first.
|
||||||
|
*/
|
||||||
|
if (pkey->type == EVP_PKEY_DH)
|
||||||
|
{
|
||||||
|
X509 *x;
|
||||||
|
i = -1;
|
||||||
|
x = c->pkeys[SSL_PKEY_DH_RSA].x509;
|
||||||
|
if (x && X509_check_private_key(x, pkey))
|
||||||
|
i = SSL_PKEY_DH_RSA;
|
||||||
|
x = c->pkeys[SSL_PKEY_DH_DSA].x509;
|
||||||
|
if (i == -1 && x && X509_check_private_key(x, pkey))
|
||||||
|
i = SSL_PKEY_DH_DSA;
|
||||||
|
ERR_clear_error();
|
||||||
|
}
|
||||||
|
else
|
||||||
|
i=ssl_cert_type(NULL,pkey);
|
||||||
if (i < 0)
|
if (i < 0)
|
||||||
{
|
{
|
||||||
SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
|
SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user