| #
f4fe6251 |
| 22-Jul-2024 |
jsing <jsing@openbsd.org> |
Use cipher suite values instead of IDs.
OpenSSL has had the concept of cipher IDs, which were a way of working
around overlapping cipher suite values between SSLv2 and SSLv3. Given
that we no longer
Use cipher suite values instead of IDs.
OpenSSL has had the concept of cipher IDs, which were a way of working
around overlapping cipher suite values between SSLv2 and SSLv3. Given
that we no longer have to deal with this issue, replace the use of IDs
with cipher suite values. In particular, this means that we can stop
mapping back and forth between the two, simplifying things considerably.
While here, remove the 'valid' member of the SSL_CIPHER. The ssl3_ciphers[]
table is no longer mutable, meaning that ciphers cannot be disabled at
runtime (and we have `#if 0' if we want to do it at compile time).
Clean up the comments and add/update RFC references for cipher suites.
ok tb@
show more ...
|
| #
c9675a23 |
| 26-Nov-2022 |
tb <tb@openbsd.org> |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_l
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.
discussed with jsing,
no objection bcook
show more ...
|
| #
6f7f653b |
| 02-Oct-2022 |
jsing <jsing@openbsd.org> |
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully
opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back
into SSL.
P
Get rid of SSL_CTX_INTERNAL and SSL_INTERNAL.
These are no longer necessary due to SSL_CTX and SSL now being fully
opaque. Merge SSL_CTX_INTERNAL back into SSL_CTX and SSL_INTERNAL back
into SSL.
Prompted by tb@
show more ...
|
| #
1fd41f50 |
| 02-Jul-2022 |
tb <tb@openbsd.org> |
Stop using ssl{_ctx,}_security() outside of ssl_seclevel.c
The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff
is now confined into ssl_seclevel.c and the rest of the library c
Stop using ssl{_ctx,}_security() outside of ssl_seclevel.c
The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff
is now confined into ssl_seclevel.c and the rest of the library can make
use of the more straightforward wrappers, which makes it a lot easier on
the eyes.
ok beck jsing
show more ...
|
| #
67f84b87 |
| 29-Jun-2022 |
tb <tb@openbsd.org> |
Check security level when convertin a cipher list to bytes
ok beck jsing
|
| #
93fa6e49 |
| 05-Feb-2022 |
tb <tb@openbsd.org> |
Switch TLSv1.3 cipher names from AEAD- to OpenSSL's TLS_
OpenSSL chose to break the previous naming convention for ciphers and
to adopt TLS_* "RFC" names instead. Unfortunately, these names are
expo
Switch TLSv1.3 cipher names from AEAD- to OpenSSL's TLS_
OpenSSL chose to break the previous naming convention for ciphers and
to adopt TLS_* "RFC" names instead. Unfortunately, these names are
exposed in several APIs and some language bindings test for these
non-standard names instead of cipher values, which is ... unfortunate
(others would say "plain crazy").
We currently have to maintain patches in regress and ports (p5-Net-SSLeay,
openssl-ruby-tests - which means that Ruby will pick this up at some point)
to work around this difference and that's just not worth the effort.
The old AEAD- names will become aliases and continue to work, but in
openssl ciphers and netcat output the TLS_* names will now be displayed.
"I would be very happy if this gets committed" bluhm
ok beck inoguchi, begrudgingly ok jsing
show more ...
|
| #
02876cc3 |
| 05-Feb-2022 |
jsing <jsing@openbsd.org> |
Bye bye S3I.
S3I has served us well, however now that libssl is fully opaque it is time
to say goodbye. Aside from removing the calloc/free/memset, the rest is
mechanical sed.
ok inoguchi@ tb@
|
| #
1927d779 |
| 11-Mar-2021 |
jsing <jsing@openbsd.org> |
Remove ssl_downgrade_max_version().
Now that we store our maximum TLS version at the start of the handshake,
we can check against that directly.
ok inoguchi@ tb@
|
| #
970acf87 |
| 25-Feb-2021 |
jsing <jsing@openbsd.org> |
Only use TLS versions internally (rather than both TLS and DTLS versions).
DTLS protocol version numbers are the 1's compliment of human readable TLS
version numbers, which means that newer versions
Only use TLS versions internally (rather than both TLS and DTLS versions).
DTLS protocol version numbers are the 1's compliment of human readable TLS
version numbers, which means that newer versions decrease in value and
there is no direct mapping between TLS protocol version numbers and DTLS
protocol version numbers.
Rather than having to deal with this internally, only use TLS versions
internally and map between DTLS and TLS protocol versions when necessary.
Rename functions and variables to use 'tls_version' when they contain a
TLS version (and never a DTLS version).
ok tb@
show more ...
|
| #
728d659e |
| 15-Sep-2020 |
schwarze <schwarze@openbsd.org> |
Do not destroy an existing cipher list when ssl_parse_ciphersuites()
fails, to match the behaviour of ssl_create_cipher_list(). This also
agrees with the behaviour of SSL_set_ciphersuites(3) in Open
Do not destroy an existing cipher list when ssl_parse_ciphersuites()
fails, to match the behaviour of ssl_create_cipher_list(). This also
agrees with the behaviour of SSL_set_ciphersuites(3) in OpenSSL.
Issue found while writing documentation.
OK jsing@
show more ...
|
| #
06b6c48d |
| 14-Sep-2020 |
tb <tb@openbsd.org> |
Avoid NULL deref SSL_{,CTX_}set_ciphersuites
Move assignment to the correct place so that the run continuation condition
actually checks what it is supposed to. Found by getting lucky when running
r
Avoid NULL deref SSL_{,CTX_}set_ciphersuites
Move assignment to the correct place so that the run continuation condition
actually checks what it is supposed to. Found by getting lucky when running
regress.
ok beck jsing
show more ...
|
| #
61a9dc01 |
| 13-Sep-2020 |
jsing <jsing@openbsd.org> |
Implement SSL_{CTX_,}set_ciphersuites().
OpenSSL added a separate API for configuring TLSv1.3 ciphersuites. Provide
this API, while retaining the current behaviour of being able to configure
TLSv1.3
Implement SSL_{CTX_,}set_ciphersuites().
OpenSSL added a separate API for configuring TLSv1.3 ciphersuites. Provide
this API, while retaining the current behaviour of being able to configure
TLSv1.3 via the existing interface.
Note that this is not currently exposed in the headers/exported symbols.
ok beck@ inoguchi@ tb@
show more ...
|
| #
8b316ce8 |
| 11-Sep-2020 |
jsing <jsing@openbsd.org> |
Remove cipher_list_by_id.
When parsing a cipher string, a cipher list is created, before being
duplicated and sorted - the second copy being stored as cipher_list_by_id.
This is done only so that a
Remove cipher_list_by_id.
When parsing a cipher string, a cipher list is created, before being
duplicated and sorted - the second copy being stored as cipher_list_by_id.
This is done only so that a client can ensure that the cipher selected by
a server is in the cipher list. This is pretty pointless given that most
clients are short-lived and that we already had to iterate over the cipher
list in order to build the client hello. Additionally, any update to the
cipher list requires that cipher_list_by_id also be updated and kept in
sync.
Remove all of this and replace it with a simple linear scan - the overhead
of duplicating and sorting the cipher list likely exceeds that of a simple
linear scan over the cipher list (64 maximum, more typically ~9 or so).
ok beck@ tb@
show more ...
|
| #
115de268 |
| 11-Sep-2020 |
jsing <jsing@openbsd.org> |
Rename ssl_cipher_is_permitted()
The name ssl_cipher_is_permitted() is not entirely specific - what it
really means is "can this cipher be used with a given version range".
Use ssl_cipher_allowed_in
Rename ssl_cipher_is_permitted()
The name ssl_cipher_is_permitted() is not entirely specific - what it
really means is "can this cipher be used with a given version range".
Use ssl_cipher_allowed_in_version_range() to more clearly indicate this.
Bikeshedded with tb@
ok tb@
show more ...
|
| #
b9f2fbd8 |
| 31-May-2020 |
jsing <jsing@openbsd.org> |
Replace ssl_max_server_version() with ssl_downgrade_max_version()
Replace the only occurrence of ssl_max_server_version() with a call
to ssl_downgrade_max_version() and remove ssl_max_server_version
Replace ssl_max_server_version() with ssl_downgrade_max_version()
Replace the only occurrence of ssl_max_server_version() with a call
to ssl_downgrade_max_version() and remove ssl_max_server_version().
ok beck@ tb@
show more ...
|
| #
370b9647 |
| 15-May-2019 |
bcook <bcook@openbsd.org> |
s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is
no need to check for it. Fixes COV-165788, identified with help from Alex
Bumstead.
ok jsing@
|
| #
5ceed53a |
| 21-Jan-2019 |
tb <tb@openbsd.org> |
Move ssl_cipher_list_to_bytes() and ssl_bytes_to_cipher_list() to
a more appropriately licenced file. jsing and doug have rewritten
these functions (including the comments) over the past years.
ok
Move ssl_cipher_list_to_bytes() and ssl_bytes_to_cipher_list() to
a more appropriately licenced file. jsing and doug have rewritten
these functions (including the comments) over the past years.
ok jsing
show more ...
|
| #
a36841cf |
| 21-Jan-2019 |
tb <tb@openbsd.org> |
Add ssl_cipher_is_permitted(), an internal helper function that
will be used in a few places shortly, e.g. in
ssl_cipher_list_to_bytes().
ok jsing
|