1 /* 2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* ==================================================================== 11 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 12 * 13 * Portions of the attached software ("Contribution") are developed by 14 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 15 * 16 * The Contribution is licensed pursuant to the OpenSSL open source 17 * license provided above. 18 * 19 * ECC cipher suite support in OpenSSL originally written by 20 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 21 * 22 */ 23 /* ==================================================================== 24 * Copyright 2005 Nokia. All rights reserved. 25 * 26 * The portions of the attached software ("Contribution") is developed by 27 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 28 * license. 29 * 30 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 31 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 32 * support (see RFC 4279) to OpenSSL. 33 * 34 * No patent licenses or other rights except those expressly stated in 35 * the OpenSSL open source license shall be deemed granted or received 36 * expressly, by implication, estoppel, or otherwise. 37 * 38 * No assurances are provided by Nokia that the Contribution does not 39 * infringe the patent or other intellectual property rights of any third 40 * party or that the license provides you with all the necessary rights 41 * to make use of the Contribution. 42 * 43 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 44 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 45 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 46 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 47 * OTHERWISE. 48 */ 49 50 #include <stdio.h> 51 #include <openssl/objects.h> 52 #include "ssl_locl.h" 53 #include <openssl/md5.h> 54 #include <openssl/dh.h> 55 #include <openssl/rand.h> 56 57 #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers) 58 59 /* 60 * The list of available ciphers, mostly organized into the following 61 * groups: 62 * Always there 63 * EC 64 * PSK 65 * SRP (within that: RSA EC PSK) 66 * Cipher families: Chacha/poly, Camellila, Gost, IDEA, SEED 67 * Weak ciphers 68 */ 69 static SSL_CIPHER ssl3_ciphers[] = { 70 { 71 1, 72 SSL3_TXT_RSA_NULL_MD5, 73 SSL3_CK_RSA_NULL_MD5, 74 SSL_kRSA, 75 SSL_aRSA, 76 SSL_eNULL, 77 SSL_MD5, 78 SSL3_VERSION, TLS1_2_VERSION, 79 DTLS1_BAD_VER, DTLS1_2_VERSION, 80 SSL_STRONG_NONE, 81 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 82 0, 83 0, 84 }, 85 { 86 1, 87 SSL3_TXT_RSA_NULL_SHA, 88 SSL3_CK_RSA_NULL_SHA, 89 SSL_kRSA, 90 SSL_aRSA, 91 SSL_eNULL, 92 SSL_SHA1, 93 SSL3_VERSION, TLS1_2_VERSION, 94 DTLS1_BAD_VER, DTLS1_2_VERSION, 95 SSL_STRONG_NONE | SSL_FIPS, 96 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 97 0, 98 0, 99 }, 100 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 101 { 102 1, 103 SSL3_TXT_RSA_DES_192_CBC3_SHA, 104 SSL3_CK_RSA_DES_192_CBC3_SHA, 105 SSL_kRSA, 106 SSL_aRSA, 107 SSL_3DES, 108 SSL_SHA1, 109 SSL3_VERSION, TLS1_2_VERSION, 110 DTLS1_BAD_VER, DTLS1_2_VERSION, 111 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 112 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 113 112, 114 168, 115 }, 116 { 117 1, 118 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA, 119 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA, 120 SSL_kDHE, 121 SSL_aDSS, 122 SSL_3DES, 123 SSL_SHA1, 124 SSL3_VERSION, TLS1_2_VERSION, 125 DTLS1_BAD_VER, DTLS1_2_VERSION, 126 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 127 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 128 112, 129 168, 130 }, 131 { 132 1, 133 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA, 134 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA, 135 SSL_kDHE, 136 SSL_aRSA, 137 SSL_3DES, 138 SSL_SHA1, 139 SSL3_VERSION, TLS1_2_VERSION, 140 DTLS1_BAD_VER, DTLS1_2_VERSION, 141 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 142 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 143 112, 144 168, 145 }, 146 { 147 1, 148 SSL3_TXT_ADH_DES_192_CBC_SHA, 149 SSL3_CK_ADH_DES_192_CBC_SHA, 150 SSL_kDHE, 151 SSL_aNULL, 152 SSL_3DES, 153 SSL_SHA1, 154 SSL3_VERSION, TLS1_2_VERSION, 155 DTLS1_BAD_VER, DTLS1_2_VERSION, 156 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 157 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 158 112, 159 168, 160 }, 161 #endif 162 { 163 1, 164 TLS1_TXT_RSA_WITH_AES_128_SHA, 165 TLS1_CK_RSA_WITH_AES_128_SHA, 166 SSL_kRSA, 167 SSL_aRSA, 168 SSL_AES128, 169 SSL_SHA1, 170 SSL3_VERSION, TLS1_2_VERSION, 171 DTLS1_BAD_VER, DTLS1_2_VERSION, 172 SSL_HIGH | SSL_FIPS, 173 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 174 128, 175 128, 176 }, 177 { 178 1, 179 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 180 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 181 SSL_kDHE, 182 SSL_aDSS, 183 SSL_AES128, 184 SSL_SHA1, 185 SSL3_VERSION, TLS1_2_VERSION, 186 DTLS1_BAD_VER, DTLS1_2_VERSION, 187 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 188 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 189 128, 190 128, 191 }, 192 { 193 1, 194 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 195 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 196 SSL_kDHE, 197 SSL_aRSA, 198 SSL_AES128, 199 SSL_SHA1, 200 SSL3_VERSION, TLS1_2_VERSION, 201 DTLS1_BAD_VER, DTLS1_2_VERSION, 202 SSL_HIGH | SSL_FIPS, 203 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 204 128, 205 128, 206 }, 207 { 208 1, 209 TLS1_TXT_ADH_WITH_AES_128_SHA, 210 TLS1_CK_ADH_WITH_AES_128_SHA, 211 SSL_kDHE, 212 SSL_aNULL, 213 SSL_AES128, 214 SSL_SHA1, 215 SSL3_VERSION, TLS1_2_VERSION, 216 DTLS1_BAD_VER, DTLS1_2_VERSION, 217 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 218 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 219 128, 220 128, 221 }, 222 { 223 1, 224 TLS1_TXT_RSA_WITH_AES_256_SHA, 225 TLS1_CK_RSA_WITH_AES_256_SHA, 226 SSL_kRSA, 227 SSL_aRSA, 228 SSL_AES256, 229 SSL_SHA1, 230 SSL3_VERSION, TLS1_2_VERSION, 231 DTLS1_BAD_VER, DTLS1_2_VERSION, 232 SSL_HIGH | SSL_FIPS, 233 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 234 256, 235 256, 236 }, 237 { 238 1, 239 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 240 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 241 SSL_kDHE, 242 SSL_aDSS, 243 SSL_AES256, 244 SSL_SHA1, 245 SSL3_VERSION, TLS1_2_VERSION, 246 DTLS1_BAD_VER, DTLS1_2_VERSION, 247 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 248 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 249 256, 250 256, 251 }, 252 { 253 1, 254 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 255 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 256 SSL_kDHE, 257 SSL_aRSA, 258 SSL_AES256, 259 SSL_SHA1, 260 SSL3_VERSION, TLS1_2_VERSION, 261 DTLS1_BAD_VER, DTLS1_2_VERSION, 262 SSL_HIGH | SSL_FIPS, 263 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 264 256, 265 256, 266 }, 267 { 268 1, 269 TLS1_TXT_ADH_WITH_AES_256_SHA, 270 TLS1_CK_ADH_WITH_AES_256_SHA, 271 SSL_kDHE, 272 SSL_aNULL, 273 SSL_AES256, 274 SSL_SHA1, 275 SSL3_VERSION, TLS1_2_VERSION, 276 DTLS1_BAD_VER, DTLS1_2_VERSION, 277 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 278 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 279 256, 280 256, 281 }, 282 { 283 1, 284 TLS1_TXT_RSA_WITH_NULL_SHA256, 285 TLS1_CK_RSA_WITH_NULL_SHA256, 286 SSL_kRSA, 287 SSL_aRSA, 288 SSL_eNULL, 289 SSL_SHA256, 290 TLS1_2_VERSION, TLS1_2_VERSION, 291 DTLS1_2_VERSION, DTLS1_2_VERSION, 292 SSL_STRONG_NONE | SSL_FIPS, 293 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 294 0, 295 0, 296 }, 297 { 298 1, 299 TLS1_TXT_RSA_WITH_AES_128_SHA256, 300 TLS1_CK_RSA_WITH_AES_128_SHA256, 301 SSL_kRSA, 302 SSL_aRSA, 303 SSL_AES128, 304 SSL_SHA256, 305 TLS1_2_VERSION, TLS1_2_VERSION, 306 DTLS1_2_VERSION, DTLS1_2_VERSION, 307 SSL_HIGH | SSL_FIPS, 308 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 309 128, 310 128, 311 }, 312 { 313 1, 314 TLS1_TXT_RSA_WITH_AES_256_SHA256, 315 TLS1_CK_RSA_WITH_AES_256_SHA256, 316 SSL_kRSA, 317 SSL_aRSA, 318 SSL_AES256, 319 SSL_SHA256, 320 TLS1_2_VERSION, TLS1_2_VERSION, 321 DTLS1_2_VERSION, DTLS1_2_VERSION, 322 SSL_HIGH | SSL_FIPS, 323 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 324 256, 325 256, 326 }, 327 { 328 1, 329 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 330 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 331 SSL_kDHE, 332 SSL_aDSS, 333 SSL_AES128, 334 SSL_SHA256, 335 TLS1_2_VERSION, TLS1_2_VERSION, 336 DTLS1_2_VERSION, DTLS1_2_VERSION, 337 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 338 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 339 128, 340 128, 341 }, 342 { 343 1, 344 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 345 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 346 SSL_kDHE, 347 SSL_aRSA, 348 SSL_AES128, 349 SSL_SHA256, 350 TLS1_2_VERSION, TLS1_2_VERSION, 351 DTLS1_2_VERSION, DTLS1_2_VERSION, 352 SSL_HIGH | SSL_FIPS, 353 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 354 128, 355 128, 356 }, 357 { 358 1, 359 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 360 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 361 SSL_kDHE, 362 SSL_aDSS, 363 SSL_AES256, 364 SSL_SHA256, 365 TLS1_2_VERSION, TLS1_2_VERSION, 366 DTLS1_2_VERSION, DTLS1_2_VERSION, 367 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 368 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 369 256, 370 256, 371 }, 372 { 373 1, 374 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 375 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 376 SSL_kDHE, 377 SSL_aRSA, 378 SSL_AES256, 379 SSL_SHA256, 380 TLS1_2_VERSION, TLS1_2_VERSION, 381 DTLS1_2_VERSION, DTLS1_2_VERSION, 382 SSL_HIGH | SSL_FIPS, 383 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 384 256, 385 256, 386 }, 387 { 388 1, 389 TLS1_TXT_ADH_WITH_AES_128_SHA256, 390 TLS1_CK_ADH_WITH_AES_128_SHA256, 391 SSL_kDHE, 392 SSL_aNULL, 393 SSL_AES128, 394 SSL_SHA256, 395 TLS1_2_VERSION, TLS1_2_VERSION, 396 DTLS1_2_VERSION, DTLS1_2_VERSION, 397 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 398 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 399 128, 400 128, 401 }, 402 { 403 1, 404 TLS1_TXT_ADH_WITH_AES_256_SHA256, 405 TLS1_CK_ADH_WITH_AES_256_SHA256, 406 SSL_kDHE, 407 SSL_aNULL, 408 SSL_AES256, 409 SSL_SHA256, 410 TLS1_2_VERSION, TLS1_2_VERSION, 411 DTLS1_2_VERSION, DTLS1_2_VERSION, 412 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 413 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 414 256, 415 256, 416 }, 417 { 418 1, 419 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 420 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 421 SSL_kRSA, 422 SSL_aRSA, 423 SSL_AES128GCM, 424 SSL_AEAD, 425 TLS1_2_VERSION, TLS1_2_VERSION, 426 DTLS1_2_VERSION, DTLS1_2_VERSION, 427 SSL_HIGH | SSL_FIPS, 428 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 429 128, 430 128, 431 }, 432 { 433 1, 434 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 435 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 436 SSL_kRSA, 437 SSL_aRSA, 438 SSL_AES256GCM, 439 SSL_AEAD, 440 TLS1_2_VERSION, TLS1_2_VERSION, 441 DTLS1_2_VERSION, DTLS1_2_VERSION, 442 SSL_HIGH | SSL_FIPS, 443 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 444 256, 445 256, 446 }, 447 { 448 1, 449 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 450 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 451 SSL_kDHE, 452 SSL_aRSA, 453 SSL_AES128GCM, 454 SSL_AEAD, 455 TLS1_2_VERSION, TLS1_2_VERSION, 456 DTLS1_2_VERSION, DTLS1_2_VERSION, 457 SSL_HIGH | SSL_FIPS, 458 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 459 128, 460 128, 461 }, 462 { 463 1, 464 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 465 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 466 SSL_kDHE, 467 SSL_aRSA, 468 SSL_AES256GCM, 469 SSL_AEAD, 470 TLS1_2_VERSION, TLS1_2_VERSION, 471 DTLS1_2_VERSION, DTLS1_2_VERSION, 472 SSL_HIGH | SSL_FIPS, 473 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 474 256, 475 256, 476 }, 477 { 478 1, 479 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 480 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 481 SSL_kDHE, 482 SSL_aDSS, 483 SSL_AES128GCM, 484 SSL_AEAD, 485 TLS1_2_VERSION, TLS1_2_VERSION, 486 DTLS1_2_VERSION, DTLS1_2_VERSION, 487 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 488 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 489 128, 490 128, 491 }, 492 { 493 1, 494 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 495 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 496 SSL_kDHE, 497 SSL_aDSS, 498 SSL_AES256GCM, 499 SSL_AEAD, 500 TLS1_2_VERSION, TLS1_2_VERSION, 501 DTLS1_2_VERSION, DTLS1_2_VERSION, 502 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 503 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 504 256, 505 256, 506 }, 507 { 508 1, 509 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 510 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 511 SSL_kDHE, 512 SSL_aNULL, 513 SSL_AES128GCM, 514 SSL_AEAD, 515 TLS1_2_VERSION, TLS1_2_VERSION, 516 DTLS1_2_VERSION, DTLS1_2_VERSION, 517 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 518 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 519 128, 520 128, 521 }, 522 { 523 1, 524 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 525 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 526 SSL_kDHE, 527 SSL_aNULL, 528 SSL_AES256GCM, 529 SSL_AEAD, 530 TLS1_2_VERSION, TLS1_2_VERSION, 531 DTLS1_2_VERSION, DTLS1_2_VERSION, 532 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 533 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 534 256, 535 256, 536 }, 537 { 538 1, 539 TLS1_TXT_RSA_WITH_AES_128_CCM, 540 TLS1_CK_RSA_WITH_AES_128_CCM, 541 SSL_kRSA, 542 SSL_aRSA, 543 SSL_AES128CCM, 544 SSL_AEAD, 545 TLS1_2_VERSION, TLS1_2_VERSION, 546 DTLS1_2_VERSION, DTLS1_2_VERSION, 547 SSL_NOT_DEFAULT | SSL_HIGH, 548 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 549 128, 550 128, 551 }, 552 { 553 1, 554 TLS1_TXT_RSA_WITH_AES_256_CCM, 555 TLS1_CK_RSA_WITH_AES_256_CCM, 556 SSL_kRSA, 557 SSL_aRSA, 558 SSL_AES256CCM, 559 SSL_AEAD, 560 TLS1_2_VERSION, TLS1_2_VERSION, 561 DTLS1_2_VERSION, DTLS1_2_VERSION, 562 SSL_NOT_DEFAULT | SSL_HIGH, 563 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 564 256, 565 256, 566 }, 567 { 568 1, 569 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM, 570 TLS1_CK_DHE_RSA_WITH_AES_128_CCM, 571 SSL_kDHE, 572 SSL_aRSA, 573 SSL_AES128CCM, 574 SSL_AEAD, 575 TLS1_2_VERSION, TLS1_2_VERSION, 576 DTLS1_2_VERSION, DTLS1_2_VERSION, 577 SSL_NOT_DEFAULT | SSL_HIGH, 578 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 579 128, 580 128, 581 }, 582 { 583 1, 584 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM, 585 TLS1_CK_DHE_RSA_WITH_AES_256_CCM, 586 SSL_kDHE, 587 SSL_aRSA, 588 SSL_AES256CCM, 589 SSL_AEAD, 590 TLS1_2_VERSION, TLS1_2_VERSION, 591 DTLS1_2_VERSION, DTLS1_2_VERSION, 592 SSL_NOT_DEFAULT | SSL_HIGH, 593 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 594 256, 595 256, 596 }, 597 { 598 1, 599 TLS1_TXT_RSA_WITH_AES_128_CCM_8, 600 TLS1_CK_RSA_WITH_AES_128_CCM_8, 601 SSL_kRSA, 602 SSL_aRSA, 603 SSL_AES128CCM8, 604 SSL_AEAD, 605 TLS1_2_VERSION, TLS1_2_VERSION, 606 DTLS1_2_VERSION, DTLS1_2_VERSION, 607 SSL_NOT_DEFAULT | SSL_HIGH, 608 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 609 128, 610 128, 611 }, 612 { 613 1, 614 TLS1_TXT_RSA_WITH_AES_256_CCM_8, 615 TLS1_CK_RSA_WITH_AES_256_CCM_8, 616 SSL_kRSA, 617 SSL_aRSA, 618 SSL_AES256CCM8, 619 SSL_AEAD, 620 TLS1_2_VERSION, TLS1_2_VERSION, 621 DTLS1_2_VERSION, DTLS1_2_VERSION, 622 SSL_NOT_DEFAULT | SSL_HIGH, 623 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 624 256, 625 256, 626 }, 627 { 628 1, 629 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8, 630 TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8, 631 SSL_kDHE, 632 SSL_aRSA, 633 SSL_AES128CCM8, 634 SSL_AEAD, 635 TLS1_2_VERSION, TLS1_2_VERSION, 636 DTLS1_2_VERSION, DTLS1_2_VERSION, 637 SSL_NOT_DEFAULT | SSL_HIGH, 638 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 639 128, 640 128, 641 }, 642 { 643 1, 644 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8, 645 TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8, 646 SSL_kDHE, 647 SSL_aRSA, 648 SSL_AES256CCM8, 649 SSL_AEAD, 650 TLS1_2_VERSION, TLS1_2_VERSION, 651 DTLS1_2_VERSION, DTLS1_2_VERSION, 652 SSL_NOT_DEFAULT | SSL_HIGH, 653 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 654 256, 655 256, 656 }, 657 { 658 1, 659 TLS1_TXT_PSK_WITH_AES_128_CCM, 660 TLS1_CK_PSK_WITH_AES_128_CCM, 661 SSL_kPSK, 662 SSL_aPSK, 663 SSL_AES128CCM, 664 SSL_AEAD, 665 TLS1_2_VERSION, TLS1_2_VERSION, 666 DTLS1_2_VERSION, DTLS1_2_VERSION, 667 SSL_NOT_DEFAULT | SSL_HIGH, 668 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 669 128, 670 128, 671 }, 672 { 673 1, 674 TLS1_TXT_PSK_WITH_AES_256_CCM, 675 TLS1_CK_PSK_WITH_AES_256_CCM, 676 SSL_kPSK, 677 SSL_aPSK, 678 SSL_AES256CCM, 679 SSL_AEAD, 680 TLS1_2_VERSION, TLS1_2_VERSION, 681 DTLS1_2_VERSION, DTLS1_2_VERSION, 682 SSL_NOT_DEFAULT | SSL_HIGH, 683 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 684 256, 685 256, 686 }, 687 { 688 1, 689 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM, 690 TLS1_CK_DHE_PSK_WITH_AES_128_CCM, 691 SSL_kDHEPSK, 692 SSL_aPSK, 693 SSL_AES128CCM, 694 SSL_AEAD, 695 TLS1_2_VERSION, TLS1_2_VERSION, 696 DTLS1_2_VERSION, DTLS1_2_VERSION, 697 SSL_NOT_DEFAULT | SSL_HIGH, 698 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 699 128, 700 128, 701 }, 702 { 703 1, 704 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM, 705 TLS1_CK_DHE_PSK_WITH_AES_256_CCM, 706 SSL_kDHEPSK, 707 SSL_aPSK, 708 SSL_AES256CCM, 709 SSL_AEAD, 710 TLS1_2_VERSION, TLS1_2_VERSION, 711 DTLS1_2_VERSION, DTLS1_2_VERSION, 712 SSL_NOT_DEFAULT | SSL_HIGH, 713 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 714 256, 715 256, 716 }, 717 { 718 1, 719 TLS1_TXT_PSK_WITH_AES_128_CCM_8, 720 TLS1_CK_PSK_WITH_AES_128_CCM_8, 721 SSL_kPSK, 722 SSL_aPSK, 723 SSL_AES128CCM8, 724 SSL_AEAD, 725 TLS1_2_VERSION, TLS1_2_VERSION, 726 DTLS1_2_VERSION, DTLS1_2_VERSION, 727 SSL_NOT_DEFAULT | SSL_HIGH, 728 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 729 128, 730 128, 731 }, 732 { 733 1, 734 TLS1_TXT_PSK_WITH_AES_256_CCM_8, 735 TLS1_CK_PSK_WITH_AES_256_CCM_8, 736 SSL_kPSK, 737 SSL_aPSK, 738 SSL_AES256CCM8, 739 SSL_AEAD, 740 TLS1_2_VERSION, TLS1_2_VERSION, 741 DTLS1_2_VERSION, DTLS1_2_VERSION, 742 SSL_NOT_DEFAULT | SSL_HIGH, 743 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 744 256, 745 256, 746 }, 747 { 748 1, 749 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8, 750 TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8, 751 SSL_kDHEPSK, 752 SSL_aPSK, 753 SSL_AES128CCM8, 754 SSL_AEAD, 755 TLS1_2_VERSION, TLS1_2_VERSION, 756 DTLS1_2_VERSION, DTLS1_2_VERSION, 757 SSL_NOT_DEFAULT | SSL_HIGH, 758 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 759 128, 760 128, 761 }, 762 { 763 1, 764 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8, 765 TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8, 766 SSL_kDHEPSK, 767 SSL_aPSK, 768 SSL_AES256CCM8, 769 SSL_AEAD, 770 TLS1_2_VERSION, TLS1_2_VERSION, 771 DTLS1_2_VERSION, DTLS1_2_VERSION, 772 SSL_NOT_DEFAULT | SSL_HIGH, 773 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 774 256, 775 256, 776 }, 777 { 778 1, 779 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM, 780 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM, 781 SSL_kECDHE, 782 SSL_aECDSA, 783 SSL_AES128CCM, 784 SSL_AEAD, 785 TLS1_2_VERSION, TLS1_2_VERSION, 786 DTLS1_2_VERSION, DTLS1_2_VERSION, 787 SSL_NOT_DEFAULT | SSL_HIGH, 788 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 789 128, 790 128, 791 }, 792 { 793 1, 794 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM, 795 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM, 796 SSL_kECDHE, 797 SSL_aECDSA, 798 SSL_AES256CCM, 799 SSL_AEAD, 800 TLS1_2_VERSION, TLS1_2_VERSION, 801 DTLS1_2_VERSION, DTLS1_2_VERSION, 802 SSL_NOT_DEFAULT | SSL_HIGH, 803 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 804 256, 805 256, 806 }, 807 { 808 1, 809 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8, 810 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8, 811 SSL_kECDHE, 812 SSL_aECDSA, 813 SSL_AES128CCM8, 814 SSL_AEAD, 815 TLS1_2_VERSION, TLS1_2_VERSION, 816 DTLS1_2_VERSION, DTLS1_2_VERSION, 817 SSL_NOT_DEFAULT | SSL_HIGH, 818 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 819 128, 820 128, 821 }, 822 { 823 1, 824 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8, 825 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8, 826 SSL_kECDHE, 827 SSL_aECDSA, 828 SSL_AES256CCM8, 829 SSL_AEAD, 830 TLS1_2_VERSION, TLS1_2_VERSION, 831 DTLS1_2_VERSION, DTLS1_2_VERSION, 832 SSL_NOT_DEFAULT | SSL_HIGH, 833 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 834 256, 835 256, 836 }, 837 838 #ifndef OPENSSL_NO_EC 839 { 840 1, 841 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 842 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 843 SSL_kECDHE, 844 SSL_aECDSA, 845 SSL_eNULL, 846 SSL_SHA1, 847 TLS1_VERSION, TLS1_2_VERSION, 848 DTLS1_BAD_VER, DTLS1_2_VERSION, 849 SSL_STRONG_NONE | SSL_FIPS, 850 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 851 0, 852 0, 853 }, 854 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 855 { 856 1, 857 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 858 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 859 SSL_kECDHE, 860 SSL_aECDSA, 861 SSL_3DES, 862 SSL_SHA1, 863 TLS1_VERSION, TLS1_2_VERSION, 864 DTLS1_BAD_VER, DTLS1_2_VERSION, 865 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 866 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 867 112, 868 168, 869 }, 870 # endif 871 { 872 1, 873 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 874 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 875 SSL_kECDHE, 876 SSL_aECDSA, 877 SSL_AES128, 878 SSL_SHA1, 879 TLS1_VERSION, TLS1_2_VERSION, 880 DTLS1_BAD_VER, DTLS1_2_VERSION, 881 SSL_HIGH | SSL_FIPS, 882 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 883 128, 884 128, 885 }, 886 { 887 1, 888 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 889 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 890 SSL_kECDHE, 891 SSL_aECDSA, 892 SSL_AES256, 893 SSL_SHA1, 894 TLS1_VERSION, TLS1_2_VERSION, 895 DTLS1_BAD_VER, DTLS1_2_VERSION, 896 SSL_HIGH | SSL_FIPS, 897 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 898 256, 899 256, 900 }, 901 { 902 1, 903 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 904 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 905 SSL_kECDHE, 906 SSL_aRSA, 907 SSL_eNULL, 908 SSL_SHA1, 909 TLS1_VERSION, TLS1_2_VERSION, 910 DTLS1_BAD_VER, DTLS1_2_VERSION, 911 SSL_STRONG_NONE | SSL_FIPS, 912 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 913 0, 914 0, 915 }, 916 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 917 { 918 1, 919 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 920 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 921 SSL_kECDHE, 922 SSL_aRSA, 923 SSL_3DES, 924 SSL_SHA1, 925 TLS1_VERSION, TLS1_2_VERSION, 926 DTLS1_BAD_VER, DTLS1_2_VERSION, 927 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 928 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 929 112, 930 168, 931 }, 932 # endif 933 { 934 1, 935 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 936 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 937 SSL_kECDHE, 938 SSL_aRSA, 939 SSL_AES128, 940 SSL_SHA1, 941 TLS1_VERSION, TLS1_2_VERSION, 942 DTLS1_BAD_VER, DTLS1_2_VERSION, 943 SSL_HIGH | SSL_FIPS, 944 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 945 128, 946 128, 947 }, 948 { 949 1, 950 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 951 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 952 SSL_kECDHE, 953 SSL_aRSA, 954 SSL_AES256, 955 SSL_SHA1, 956 TLS1_VERSION, TLS1_2_VERSION, 957 DTLS1_BAD_VER, DTLS1_2_VERSION, 958 SSL_HIGH | SSL_FIPS, 959 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 960 256, 961 256, 962 }, 963 { 964 1, 965 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 966 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 967 SSL_kECDHE, 968 SSL_aNULL, 969 SSL_eNULL, 970 SSL_SHA1, 971 TLS1_VERSION, TLS1_2_VERSION, 972 DTLS1_BAD_VER, DTLS1_2_VERSION, 973 SSL_STRONG_NONE | SSL_FIPS, 974 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 975 0, 976 0, 977 }, 978 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 979 { 980 1, 981 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 982 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 983 SSL_kECDHE, 984 SSL_aNULL, 985 SSL_3DES, 986 SSL_SHA1, 987 TLS1_VERSION, TLS1_2_VERSION, 988 DTLS1_BAD_VER, DTLS1_2_VERSION, 989 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 990 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 991 112, 992 168, 993 }, 994 # endif 995 { 996 1, 997 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 998 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 999 SSL_kECDHE, 1000 SSL_aNULL, 1001 SSL_AES128, 1002 SSL_SHA1, 1003 TLS1_VERSION, TLS1_2_VERSION, 1004 DTLS1_BAD_VER, DTLS1_2_VERSION, 1005 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 1006 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1007 128, 1008 128, 1009 }, 1010 { 1011 1, 1012 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 1013 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 1014 SSL_kECDHE, 1015 SSL_aNULL, 1016 SSL_AES256, 1017 SSL_SHA1, 1018 TLS1_VERSION, TLS1_2_VERSION, 1019 DTLS1_BAD_VER, DTLS1_2_VERSION, 1020 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 1021 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1022 256, 1023 256, 1024 }, 1025 { 1026 1, 1027 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 1028 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 1029 SSL_kECDHE, 1030 SSL_aECDSA, 1031 SSL_AES128, 1032 SSL_SHA256, 1033 TLS1_2_VERSION, TLS1_2_VERSION, 1034 DTLS1_2_VERSION, DTLS1_2_VERSION, 1035 SSL_HIGH | SSL_FIPS, 1036 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1037 128, 1038 128, 1039 }, 1040 { 1041 1, 1042 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 1043 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 1044 SSL_kECDHE, 1045 SSL_aECDSA, 1046 SSL_AES256, 1047 SSL_SHA384, 1048 TLS1_2_VERSION, TLS1_2_VERSION, 1049 DTLS1_2_VERSION, DTLS1_2_VERSION, 1050 SSL_HIGH | SSL_FIPS, 1051 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1052 256, 1053 256, 1054 }, 1055 { 1056 1, 1057 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 1058 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 1059 SSL_kECDHE, 1060 SSL_aRSA, 1061 SSL_AES128, 1062 SSL_SHA256, 1063 TLS1_2_VERSION, TLS1_2_VERSION, 1064 DTLS1_2_VERSION, DTLS1_2_VERSION, 1065 SSL_HIGH | SSL_FIPS, 1066 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1067 128, 1068 128, 1069 }, 1070 { 1071 1, 1072 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 1073 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 1074 SSL_kECDHE, 1075 SSL_aRSA, 1076 SSL_AES256, 1077 SSL_SHA384, 1078 TLS1_2_VERSION, TLS1_2_VERSION, 1079 DTLS1_2_VERSION, DTLS1_2_VERSION, 1080 SSL_HIGH | SSL_FIPS, 1081 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1082 256, 1083 256, 1084 }, 1085 { 1086 1, 1087 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 1088 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 1089 SSL_kECDHE, 1090 SSL_aECDSA, 1091 SSL_AES128GCM, 1092 SSL_AEAD, 1093 TLS1_2_VERSION, TLS1_2_VERSION, 1094 DTLS1_2_VERSION, DTLS1_2_VERSION, 1095 SSL_HIGH | SSL_FIPS, 1096 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1097 128, 1098 128, 1099 }, 1100 { 1101 1, 1102 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 1103 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 1104 SSL_kECDHE, 1105 SSL_aECDSA, 1106 SSL_AES256GCM, 1107 SSL_AEAD, 1108 TLS1_2_VERSION, TLS1_2_VERSION, 1109 DTLS1_2_VERSION, DTLS1_2_VERSION, 1110 SSL_HIGH | SSL_FIPS, 1111 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1112 256, 1113 256, 1114 }, 1115 { 1116 1, 1117 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 1118 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 1119 SSL_kECDHE, 1120 SSL_aRSA, 1121 SSL_AES128GCM, 1122 SSL_AEAD, 1123 TLS1_2_VERSION, TLS1_2_VERSION, 1124 DTLS1_2_VERSION, DTLS1_2_VERSION, 1125 SSL_HIGH | SSL_FIPS, 1126 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1127 128, 1128 128, 1129 }, 1130 { 1131 1, 1132 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 1133 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 1134 SSL_kECDHE, 1135 SSL_aRSA, 1136 SSL_AES256GCM, 1137 SSL_AEAD, 1138 TLS1_2_VERSION, TLS1_2_VERSION, 1139 DTLS1_2_VERSION, DTLS1_2_VERSION, 1140 SSL_HIGH | SSL_FIPS, 1141 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1142 256, 1143 256, 1144 }, 1145 #endif /* OPENSSL_NO_EC */ 1146 1147 #ifndef OPENSSL_NO_PSK 1148 { 1149 1, 1150 TLS1_TXT_PSK_WITH_NULL_SHA, 1151 TLS1_CK_PSK_WITH_NULL_SHA, 1152 SSL_kPSK, 1153 SSL_aPSK, 1154 SSL_eNULL, 1155 SSL_SHA1, 1156 SSL3_VERSION, TLS1_2_VERSION, 1157 DTLS1_BAD_VER, DTLS1_2_VERSION, 1158 SSL_STRONG_NONE | SSL_FIPS, 1159 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1160 0, 1161 0, 1162 }, 1163 { 1164 1, 1165 TLS1_TXT_DHE_PSK_WITH_NULL_SHA, 1166 TLS1_CK_DHE_PSK_WITH_NULL_SHA, 1167 SSL_kDHEPSK, 1168 SSL_aPSK, 1169 SSL_eNULL, 1170 SSL_SHA1, 1171 SSL3_VERSION, TLS1_2_VERSION, 1172 DTLS1_BAD_VER, DTLS1_2_VERSION, 1173 SSL_STRONG_NONE | SSL_FIPS, 1174 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1175 0, 1176 0, 1177 }, 1178 { 1179 1, 1180 TLS1_TXT_RSA_PSK_WITH_NULL_SHA, 1181 TLS1_CK_RSA_PSK_WITH_NULL_SHA, 1182 SSL_kRSAPSK, 1183 SSL_aRSA, 1184 SSL_eNULL, 1185 SSL_SHA1, 1186 SSL3_VERSION, TLS1_2_VERSION, 1187 DTLS1_BAD_VER, DTLS1_2_VERSION, 1188 SSL_STRONG_NONE | SSL_FIPS, 1189 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1190 0, 1191 0, 1192 }, 1193 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1194 { 1195 1, 1196 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1197 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1198 SSL_kPSK, 1199 SSL_aPSK, 1200 SSL_3DES, 1201 SSL_SHA1, 1202 SSL3_VERSION, TLS1_2_VERSION, 1203 DTLS1_BAD_VER, DTLS1_2_VERSION, 1204 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1205 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1206 112, 1207 168, 1208 }, 1209 # endif 1210 { 1211 1, 1212 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1213 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1214 SSL_kPSK, 1215 SSL_aPSK, 1216 SSL_AES128, 1217 SSL_SHA1, 1218 SSL3_VERSION, TLS1_2_VERSION, 1219 DTLS1_BAD_VER, DTLS1_2_VERSION, 1220 SSL_HIGH | SSL_FIPS, 1221 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1222 128, 1223 128, 1224 }, 1225 { 1226 1, 1227 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1228 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1229 SSL_kPSK, 1230 SSL_aPSK, 1231 SSL_AES256, 1232 SSL_SHA1, 1233 SSL3_VERSION, TLS1_2_VERSION, 1234 DTLS1_BAD_VER, DTLS1_2_VERSION, 1235 SSL_HIGH | SSL_FIPS, 1236 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1237 256, 1238 256, 1239 }, 1240 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1241 { 1242 1, 1243 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA, 1244 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA, 1245 SSL_kDHEPSK, 1246 SSL_aPSK, 1247 SSL_3DES, 1248 SSL_SHA1, 1249 SSL3_VERSION, TLS1_2_VERSION, 1250 DTLS1_BAD_VER, DTLS1_2_VERSION, 1251 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1252 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1253 112, 1254 168, 1255 }, 1256 # endif 1257 { 1258 1, 1259 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA, 1260 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA, 1261 SSL_kDHEPSK, 1262 SSL_aPSK, 1263 SSL_AES128, 1264 SSL_SHA1, 1265 SSL3_VERSION, TLS1_2_VERSION, 1266 DTLS1_BAD_VER, DTLS1_2_VERSION, 1267 SSL_HIGH | SSL_FIPS, 1268 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1269 128, 1270 128, 1271 }, 1272 { 1273 1, 1274 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA, 1275 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA, 1276 SSL_kDHEPSK, 1277 SSL_aPSK, 1278 SSL_AES256, 1279 SSL_SHA1, 1280 SSL3_VERSION, TLS1_2_VERSION, 1281 DTLS1_BAD_VER, DTLS1_2_VERSION, 1282 SSL_HIGH | SSL_FIPS, 1283 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1284 256, 1285 256, 1286 }, 1287 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1288 { 1289 1, 1290 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA, 1291 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA, 1292 SSL_kRSAPSK, 1293 SSL_aRSA, 1294 SSL_3DES, 1295 SSL_SHA1, 1296 SSL3_VERSION, TLS1_2_VERSION, 1297 DTLS1_BAD_VER, DTLS1_2_VERSION, 1298 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1299 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1300 112, 1301 168, 1302 }, 1303 # endif 1304 { 1305 1, 1306 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA, 1307 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA, 1308 SSL_kRSAPSK, 1309 SSL_aRSA, 1310 SSL_AES128, 1311 SSL_SHA1, 1312 SSL3_VERSION, TLS1_2_VERSION, 1313 DTLS1_BAD_VER, DTLS1_2_VERSION, 1314 SSL_HIGH | SSL_FIPS, 1315 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1316 128, 1317 128, 1318 }, 1319 { 1320 1, 1321 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA, 1322 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA, 1323 SSL_kRSAPSK, 1324 SSL_aRSA, 1325 SSL_AES256, 1326 SSL_SHA1, 1327 SSL3_VERSION, TLS1_2_VERSION, 1328 DTLS1_BAD_VER, DTLS1_2_VERSION, 1329 SSL_HIGH | SSL_FIPS, 1330 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1331 256, 1332 256, 1333 }, 1334 { 1335 1, 1336 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256, 1337 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256, 1338 SSL_kPSK, 1339 SSL_aPSK, 1340 SSL_AES128GCM, 1341 SSL_AEAD, 1342 TLS1_2_VERSION, TLS1_2_VERSION, 1343 DTLS1_2_VERSION, DTLS1_2_VERSION, 1344 SSL_HIGH | SSL_FIPS, 1345 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1346 128, 1347 128, 1348 }, 1349 { 1350 1, 1351 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384, 1352 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384, 1353 SSL_kPSK, 1354 SSL_aPSK, 1355 SSL_AES256GCM, 1356 SSL_AEAD, 1357 TLS1_2_VERSION, TLS1_2_VERSION, 1358 DTLS1_2_VERSION, DTLS1_2_VERSION, 1359 SSL_HIGH | SSL_FIPS, 1360 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1361 256, 1362 256, 1363 }, 1364 { 1365 1, 1366 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256, 1367 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256, 1368 SSL_kDHEPSK, 1369 SSL_aPSK, 1370 SSL_AES128GCM, 1371 SSL_AEAD, 1372 TLS1_2_VERSION, TLS1_2_VERSION, 1373 DTLS1_2_VERSION, DTLS1_2_VERSION, 1374 SSL_HIGH | SSL_FIPS, 1375 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1376 128, 1377 128, 1378 }, 1379 { 1380 1, 1381 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384, 1382 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384, 1383 SSL_kDHEPSK, 1384 SSL_aPSK, 1385 SSL_AES256GCM, 1386 SSL_AEAD, 1387 TLS1_2_VERSION, TLS1_2_VERSION, 1388 DTLS1_2_VERSION, DTLS1_2_VERSION, 1389 SSL_HIGH | SSL_FIPS, 1390 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1391 256, 1392 256, 1393 }, 1394 { 1395 1, 1396 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256, 1397 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256, 1398 SSL_kRSAPSK, 1399 SSL_aRSA, 1400 SSL_AES128GCM, 1401 SSL_AEAD, 1402 TLS1_2_VERSION, TLS1_2_VERSION, 1403 DTLS1_2_VERSION, DTLS1_2_VERSION, 1404 SSL_HIGH | SSL_FIPS, 1405 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1406 128, 1407 128, 1408 }, 1409 { 1410 1, 1411 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384, 1412 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384, 1413 SSL_kRSAPSK, 1414 SSL_aRSA, 1415 SSL_AES256GCM, 1416 SSL_AEAD, 1417 TLS1_2_VERSION, TLS1_2_VERSION, 1418 DTLS1_2_VERSION, DTLS1_2_VERSION, 1419 SSL_HIGH | SSL_FIPS, 1420 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1421 256, 1422 256, 1423 }, 1424 { 1425 1, 1426 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256, 1427 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256, 1428 SSL_kPSK, 1429 SSL_aPSK, 1430 SSL_AES128, 1431 SSL_SHA256, 1432 TLS1_VERSION, TLS1_2_VERSION, 1433 DTLS1_BAD_VER, DTLS1_2_VERSION, 1434 SSL_HIGH | SSL_FIPS, 1435 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1436 128, 1437 128, 1438 }, 1439 { 1440 1, 1441 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384, 1442 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384, 1443 SSL_kPSK, 1444 SSL_aPSK, 1445 SSL_AES256, 1446 SSL_SHA384, 1447 TLS1_VERSION, TLS1_2_VERSION, 1448 DTLS1_BAD_VER, DTLS1_2_VERSION, 1449 SSL_HIGH | SSL_FIPS, 1450 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1451 256, 1452 256, 1453 }, 1454 { 1455 1, 1456 TLS1_TXT_PSK_WITH_NULL_SHA256, 1457 TLS1_CK_PSK_WITH_NULL_SHA256, 1458 SSL_kPSK, 1459 SSL_aPSK, 1460 SSL_eNULL, 1461 SSL_SHA256, 1462 TLS1_VERSION, TLS1_2_VERSION, 1463 DTLS1_BAD_VER, DTLS1_2_VERSION, 1464 SSL_STRONG_NONE | SSL_FIPS, 1465 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1466 0, 1467 0, 1468 }, 1469 { 1470 1, 1471 TLS1_TXT_PSK_WITH_NULL_SHA384, 1472 TLS1_CK_PSK_WITH_NULL_SHA384, 1473 SSL_kPSK, 1474 SSL_aPSK, 1475 SSL_eNULL, 1476 SSL_SHA384, 1477 TLS1_VERSION, TLS1_2_VERSION, 1478 DTLS1_BAD_VER, DTLS1_2_VERSION, 1479 SSL_STRONG_NONE | SSL_FIPS, 1480 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1481 0, 1482 0, 1483 }, 1484 { 1485 1, 1486 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256, 1487 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256, 1488 SSL_kDHEPSK, 1489 SSL_aPSK, 1490 SSL_AES128, 1491 SSL_SHA256, 1492 TLS1_VERSION, TLS1_2_VERSION, 1493 DTLS1_BAD_VER, DTLS1_2_VERSION, 1494 SSL_HIGH | SSL_FIPS, 1495 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1496 128, 1497 128, 1498 }, 1499 { 1500 1, 1501 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384, 1502 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384, 1503 SSL_kDHEPSK, 1504 SSL_aPSK, 1505 SSL_AES256, 1506 SSL_SHA384, 1507 TLS1_VERSION, TLS1_2_VERSION, 1508 DTLS1_BAD_VER, DTLS1_2_VERSION, 1509 SSL_HIGH | SSL_FIPS, 1510 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1511 256, 1512 256, 1513 }, 1514 { 1515 1, 1516 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256, 1517 TLS1_CK_DHE_PSK_WITH_NULL_SHA256, 1518 SSL_kDHEPSK, 1519 SSL_aPSK, 1520 SSL_eNULL, 1521 SSL_SHA256, 1522 TLS1_VERSION, TLS1_2_VERSION, 1523 DTLS1_BAD_VER, DTLS1_2_VERSION, 1524 SSL_STRONG_NONE | SSL_FIPS, 1525 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1526 0, 1527 0, 1528 }, 1529 { 1530 1, 1531 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384, 1532 TLS1_CK_DHE_PSK_WITH_NULL_SHA384, 1533 SSL_kDHEPSK, 1534 SSL_aPSK, 1535 SSL_eNULL, 1536 SSL_SHA384, 1537 TLS1_VERSION, TLS1_2_VERSION, 1538 DTLS1_BAD_VER, DTLS1_2_VERSION, 1539 SSL_STRONG_NONE | SSL_FIPS, 1540 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1541 0, 1542 0, 1543 }, 1544 { 1545 1, 1546 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256, 1547 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256, 1548 SSL_kRSAPSK, 1549 SSL_aRSA, 1550 SSL_AES128, 1551 SSL_SHA256, 1552 TLS1_VERSION, TLS1_2_VERSION, 1553 DTLS1_BAD_VER, DTLS1_2_VERSION, 1554 SSL_HIGH | SSL_FIPS, 1555 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1556 128, 1557 128, 1558 }, 1559 { 1560 1, 1561 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384, 1562 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384, 1563 SSL_kRSAPSK, 1564 SSL_aRSA, 1565 SSL_AES256, 1566 SSL_SHA384, 1567 TLS1_VERSION, TLS1_2_VERSION, 1568 DTLS1_BAD_VER, DTLS1_2_VERSION, 1569 SSL_HIGH | SSL_FIPS, 1570 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1571 256, 1572 256, 1573 }, 1574 { 1575 1, 1576 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256, 1577 TLS1_CK_RSA_PSK_WITH_NULL_SHA256, 1578 SSL_kRSAPSK, 1579 SSL_aRSA, 1580 SSL_eNULL, 1581 SSL_SHA256, 1582 TLS1_VERSION, TLS1_2_VERSION, 1583 DTLS1_BAD_VER, DTLS1_2_VERSION, 1584 SSL_STRONG_NONE | SSL_FIPS, 1585 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1586 0, 1587 0, 1588 }, 1589 { 1590 1, 1591 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384, 1592 TLS1_CK_RSA_PSK_WITH_NULL_SHA384, 1593 SSL_kRSAPSK, 1594 SSL_aRSA, 1595 SSL_eNULL, 1596 SSL_SHA384, 1597 TLS1_VERSION, TLS1_2_VERSION, 1598 DTLS1_BAD_VER, DTLS1_2_VERSION, 1599 SSL_STRONG_NONE | SSL_FIPS, 1600 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1601 0, 1602 0, 1603 }, 1604 # ifndef OPENSSL_NO_EC 1605 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1606 { 1607 1, 1608 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, 1609 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, 1610 SSL_kECDHEPSK, 1611 SSL_aPSK, 1612 SSL_3DES, 1613 SSL_SHA1, 1614 TLS1_VERSION, TLS1_2_VERSION, 1615 DTLS1_BAD_VER, DTLS1_2_VERSION, 1616 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1617 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1618 112, 1619 168, 1620 }, 1621 # endif 1622 { 1623 1, 1624 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA, 1625 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA, 1626 SSL_kECDHEPSK, 1627 SSL_aPSK, 1628 SSL_AES128, 1629 SSL_SHA1, 1630 TLS1_VERSION, TLS1_2_VERSION, 1631 DTLS1_BAD_VER, DTLS1_2_VERSION, 1632 SSL_HIGH | SSL_FIPS, 1633 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1634 128, 1635 128, 1636 }, 1637 { 1638 1, 1639 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA, 1640 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA, 1641 SSL_kECDHEPSK, 1642 SSL_aPSK, 1643 SSL_AES256, 1644 SSL_SHA1, 1645 TLS1_VERSION, TLS1_2_VERSION, 1646 DTLS1_BAD_VER, DTLS1_2_VERSION, 1647 SSL_HIGH | SSL_FIPS, 1648 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1649 256, 1650 256, 1651 }, 1652 { 1653 1, 1654 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 1655 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 1656 SSL_kECDHEPSK, 1657 SSL_aPSK, 1658 SSL_AES128, 1659 SSL_SHA256, 1660 TLS1_VERSION, TLS1_2_VERSION, 1661 DTLS1_BAD_VER, DTLS1_2_VERSION, 1662 SSL_HIGH | SSL_FIPS, 1663 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1664 128, 1665 128, 1666 }, 1667 { 1668 1, 1669 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 1670 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 1671 SSL_kECDHEPSK, 1672 SSL_aPSK, 1673 SSL_AES256, 1674 SSL_SHA384, 1675 TLS1_VERSION, TLS1_2_VERSION, 1676 DTLS1_BAD_VER, DTLS1_2_VERSION, 1677 SSL_HIGH | SSL_FIPS, 1678 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1679 256, 1680 256, 1681 }, 1682 { 1683 1, 1684 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA, 1685 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA, 1686 SSL_kECDHEPSK, 1687 SSL_aPSK, 1688 SSL_eNULL, 1689 SSL_SHA1, 1690 TLS1_VERSION, TLS1_2_VERSION, 1691 DTLS1_BAD_VER, DTLS1_2_VERSION, 1692 SSL_STRONG_NONE | SSL_FIPS, 1693 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1694 0, 1695 0, 1696 }, 1697 { 1698 1, 1699 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256, 1700 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256, 1701 SSL_kECDHEPSK, 1702 SSL_aPSK, 1703 SSL_eNULL, 1704 SSL_SHA256, 1705 TLS1_VERSION, TLS1_2_VERSION, 1706 DTLS1_BAD_VER, DTLS1_2_VERSION, 1707 SSL_STRONG_NONE | SSL_FIPS, 1708 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1709 0, 1710 0, 1711 }, 1712 { 1713 1, 1714 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384, 1715 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384, 1716 SSL_kECDHEPSK, 1717 SSL_aPSK, 1718 SSL_eNULL, 1719 SSL_SHA384, 1720 TLS1_VERSION, TLS1_2_VERSION, 1721 DTLS1_BAD_VER, DTLS1_2_VERSION, 1722 SSL_STRONG_NONE | SSL_FIPS, 1723 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1724 0, 1725 0, 1726 }, 1727 # endif /* OPENSSL_NO_EC */ 1728 #endif /* OPENSSL_NO_PSK */ 1729 1730 #ifndef OPENSSL_NO_SRP 1731 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1732 { 1733 1, 1734 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 1735 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 1736 SSL_kSRP, 1737 SSL_aSRP, 1738 SSL_3DES, 1739 SSL_SHA1, 1740 SSL3_VERSION, TLS1_2_VERSION, 1741 DTLS1_BAD_VER, DTLS1_2_VERSION, 1742 SSL_NOT_DEFAULT | SSL_MEDIUM, 1743 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1744 112, 1745 168, 1746 }, 1747 { 1748 1, 1749 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 1750 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 1751 SSL_kSRP, 1752 SSL_aRSA, 1753 SSL_3DES, 1754 SSL_SHA1, 1755 SSL3_VERSION, TLS1_2_VERSION, 1756 DTLS1_BAD_VER, DTLS1_2_VERSION, 1757 SSL_NOT_DEFAULT | SSL_MEDIUM, 1758 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1759 112, 1760 168, 1761 }, 1762 { 1763 1, 1764 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 1765 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 1766 SSL_kSRP, 1767 SSL_aDSS, 1768 SSL_3DES, 1769 SSL_SHA1, 1770 SSL3_VERSION, TLS1_2_VERSION, 1771 DTLS1_BAD_VER, DTLS1_2_VERSION, 1772 SSL_NOT_DEFAULT | SSL_MEDIUM, 1773 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1774 112, 1775 168, 1776 }, 1777 # endif 1778 { 1779 1, 1780 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, 1781 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, 1782 SSL_kSRP, 1783 SSL_aSRP, 1784 SSL_AES128, 1785 SSL_SHA1, 1786 SSL3_VERSION, TLS1_2_VERSION, 1787 DTLS1_BAD_VER, DTLS1_2_VERSION, 1788 SSL_HIGH, 1789 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1790 128, 1791 128, 1792 }, 1793 { 1794 1, 1795 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 1796 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 1797 SSL_kSRP, 1798 SSL_aRSA, 1799 SSL_AES128, 1800 SSL_SHA1, 1801 SSL3_VERSION, TLS1_2_VERSION, 1802 DTLS1_BAD_VER, DTLS1_2_VERSION, 1803 SSL_HIGH, 1804 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1805 128, 1806 128, 1807 }, 1808 { 1809 1, 1810 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 1811 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 1812 SSL_kSRP, 1813 SSL_aDSS, 1814 SSL_AES128, 1815 SSL_SHA1, 1816 SSL3_VERSION, TLS1_2_VERSION, 1817 DTLS1_BAD_VER, DTLS1_2_VERSION, 1818 SSL_NOT_DEFAULT | SSL_HIGH, 1819 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1820 128, 1821 128, 1822 }, 1823 { 1824 1, 1825 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, 1826 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, 1827 SSL_kSRP, 1828 SSL_aSRP, 1829 SSL_AES256, 1830 SSL_SHA1, 1831 SSL3_VERSION, TLS1_2_VERSION, 1832 DTLS1_BAD_VER, DTLS1_2_VERSION, 1833 SSL_HIGH, 1834 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1835 256, 1836 256, 1837 }, 1838 { 1839 1, 1840 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 1841 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 1842 SSL_kSRP, 1843 SSL_aRSA, 1844 SSL_AES256, 1845 SSL_SHA1, 1846 SSL3_VERSION, TLS1_2_VERSION, 1847 DTLS1_BAD_VER, DTLS1_2_VERSION, 1848 SSL_HIGH, 1849 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1850 256, 1851 256, 1852 }, 1853 { 1854 1, 1855 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 1856 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 1857 SSL_kSRP, 1858 SSL_aDSS, 1859 SSL_AES256, 1860 SSL_SHA1, 1861 SSL3_VERSION, TLS1_2_VERSION, 1862 DTLS1_BAD_VER, DTLS1_2_VERSION, 1863 SSL_NOT_DEFAULT | SSL_HIGH, 1864 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1865 256, 1866 256, 1867 }, 1868 #endif /* OPENSSL_NO_SRP */ 1869 1870 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 1871 # ifndef OPENSSL_NO_RSA 1872 { 1873 1, 1874 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305, 1875 TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305, 1876 SSL_kDHE, 1877 SSL_aRSA, 1878 SSL_CHACHA20POLY1305, 1879 SSL_AEAD, 1880 TLS1_2_VERSION, TLS1_2_VERSION, 1881 DTLS1_2_VERSION, DTLS1_2_VERSION, 1882 SSL_HIGH, 1883 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1884 256, 1885 256, 1886 }, 1887 # endif /* OPENSSL_NO_RSA */ 1888 1889 # ifndef OPENSSL_NO_EC 1890 { 1891 1, 1892 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, 1893 TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305, 1894 SSL_kECDHE, 1895 SSL_aRSA, 1896 SSL_CHACHA20POLY1305, 1897 SSL_AEAD, 1898 TLS1_2_VERSION, TLS1_2_VERSION, 1899 DTLS1_2_VERSION, DTLS1_2_VERSION, 1900 SSL_HIGH, 1901 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1902 256, 1903 256, 1904 }, 1905 { 1906 1, 1907 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 1908 TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 1909 SSL_kECDHE, 1910 SSL_aECDSA, 1911 SSL_CHACHA20POLY1305, 1912 SSL_AEAD, 1913 TLS1_2_VERSION, TLS1_2_VERSION, 1914 DTLS1_2_VERSION, DTLS1_2_VERSION, 1915 SSL_HIGH, 1916 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1917 256, 1918 256, 1919 }, 1920 # endif /* OPENSSL_NO_EC */ 1921 1922 # ifndef OPENSSL_NO_PSK 1923 { 1924 1, 1925 TLS1_TXT_PSK_WITH_CHACHA20_POLY1305, 1926 TLS1_CK_PSK_WITH_CHACHA20_POLY1305, 1927 SSL_kPSK, 1928 SSL_aPSK, 1929 SSL_CHACHA20POLY1305, 1930 SSL_AEAD, 1931 TLS1_2_VERSION, TLS1_2_VERSION, 1932 DTLS1_2_VERSION, DTLS1_2_VERSION, 1933 SSL_HIGH, 1934 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1935 256, 1936 256, 1937 }, 1938 { 1939 1, 1940 TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305, 1941 TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305, 1942 SSL_kECDHEPSK, 1943 SSL_aPSK, 1944 SSL_CHACHA20POLY1305, 1945 SSL_AEAD, 1946 TLS1_2_VERSION, TLS1_2_VERSION, 1947 DTLS1_2_VERSION, DTLS1_2_VERSION, 1948 SSL_HIGH, 1949 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1950 256, 1951 256, 1952 }, 1953 { 1954 1, 1955 TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305, 1956 TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305, 1957 SSL_kDHEPSK, 1958 SSL_aPSK, 1959 SSL_CHACHA20POLY1305, 1960 SSL_AEAD, 1961 TLS1_2_VERSION, TLS1_2_VERSION, 1962 DTLS1_2_VERSION, DTLS1_2_VERSION, 1963 SSL_HIGH, 1964 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1965 256, 1966 256, 1967 }, 1968 { 1969 1, 1970 TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305, 1971 TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305, 1972 SSL_kRSAPSK, 1973 SSL_aRSA, 1974 SSL_CHACHA20POLY1305, 1975 SSL_AEAD, 1976 TLS1_2_VERSION, TLS1_2_VERSION, 1977 DTLS1_2_VERSION, DTLS1_2_VERSION, 1978 SSL_HIGH, 1979 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1980 256, 1981 256, 1982 }, 1983 # endif /* OPENSSL_NO_PSK */ 1984 #endif /* !defined(OPENSSL_NO_CHACHA) && 1985 * !defined(OPENSSL_NO_POLY1305) */ 1986 1987 #ifndef OPENSSL_NO_CAMELLIA 1988 { 1989 1, 1990 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256, 1991 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256, 1992 SSL_kRSA, 1993 SSL_aRSA, 1994 SSL_CAMELLIA128, 1995 SSL_SHA256, 1996 TLS1_2_VERSION, TLS1_2_VERSION, 1997 DTLS1_2_VERSION, DTLS1_2_VERSION, 1998 SSL_NOT_DEFAULT | SSL_HIGH, 1999 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2000 128, 2001 128, 2002 }, 2003 { 2004 1, 2005 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, 2006 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, 2007 SSL_kEDH, 2008 SSL_aDSS, 2009 SSL_CAMELLIA128, 2010 SSL_SHA256, 2011 TLS1_2_VERSION, TLS1_2_VERSION, 2012 DTLS1_2_VERSION, DTLS1_2_VERSION, 2013 SSL_NOT_DEFAULT | SSL_HIGH, 2014 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2015 128, 2016 128, 2017 }, 2018 { 2019 1, 2020 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2021 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2022 SSL_kEDH, 2023 SSL_aRSA, 2024 SSL_CAMELLIA128, 2025 SSL_SHA256, 2026 TLS1_2_VERSION, TLS1_2_VERSION, 2027 DTLS1_2_VERSION, DTLS1_2_VERSION, 2028 SSL_NOT_DEFAULT | SSL_HIGH, 2029 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2030 128, 2031 128, 2032 }, 2033 { 2034 1, 2035 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256, 2036 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256, 2037 SSL_kEDH, 2038 SSL_aNULL, 2039 SSL_CAMELLIA128, 2040 SSL_SHA256, 2041 TLS1_2_VERSION, TLS1_2_VERSION, 2042 DTLS1_2_VERSION, DTLS1_2_VERSION, 2043 SSL_NOT_DEFAULT | SSL_HIGH, 2044 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2045 128, 2046 128, 2047 }, 2048 { 2049 1, 2050 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2051 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2052 SSL_kRSA, 2053 SSL_aRSA, 2054 SSL_CAMELLIA256, 2055 SSL_SHA256, 2056 TLS1_2_VERSION, TLS1_2_VERSION, 2057 DTLS1_2_VERSION, DTLS1_2_VERSION, 2058 SSL_NOT_DEFAULT | SSL_HIGH, 2059 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2060 256, 2061 256, 2062 }, 2063 { 2064 1, 2065 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, 2066 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, 2067 SSL_kEDH, 2068 SSL_aDSS, 2069 SSL_CAMELLIA256, 2070 SSL_SHA256, 2071 TLS1_2_VERSION, TLS1_2_VERSION, 2072 DTLS1_2_VERSION, DTLS1_2_VERSION, 2073 SSL_NOT_DEFAULT | SSL_HIGH, 2074 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2075 256, 2076 256, 2077 }, 2078 { 2079 1, 2080 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2081 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2082 SSL_kEDH, 2083 SSL_aRSA, 2084 SSL_CAMELLIA256, 2085 SSL_SHA256, 2086 TLS1_2_VERSION, TLS1_2_VERSION, 2087 DTLS1_2_VERSION, DTLS1_2_VERSION, 2088 SSL_NOT_DEFAULT | SSL_HIGH, 2089 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2090 256, 2091 256, 2092 }, 2093 { 2094 1, 2095 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256, 2096 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256, 2097 SSL_kEDH, 2098 SSL_aNULL, 2099 SSL_CAMELLIA256, 2100 SSL_SHA256, 2101 TLS1_2_VERSION, TLS1_2_VERSION, 2102 DTLS1_2_VERSION, DTLS1_2_VERSION, 2103 SSL_NOT_DEFAULT | SSL_HIGH, 2104 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2105 256, 2106 256, 2107 }, 2108 { 2109 1, 2110 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 2111 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 2112 SSL_kRSA, 2113 SSL_aRSA, 2114 SSL_CAMELLIA256, 2115 SSL_SHA1, 2116 SSL3_VERSION, TLS1_2_VERSION, 2117 DTLS1_BAD_VER, DTLS1_2_VERSION, 2118 SSL_NOT_DEFAULT | SSL_HIGH, 2119 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2120 256, 2121 256, 2122 }, 2123 { 2124 1, 2125 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 2126 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 2127 SSL_kDHE, 2128 SSL_aDSS, 2129 SSL_CAMELLIA256, 2130 SSL_SHA1, 2131 SSL3_VERSION, TLS1_2_VERSION, 2132 DTLS1_BAD_VER, DTLS1_2_VERSION, 2133 SSL_NOT_DEFAULT | SSL_HIGH, 2134 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2135 256, 2136 256, 2137 }, 2138 { 2139 1, 2140 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 2141 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 2142 SSL_kDHE, 2143 SSL_aRSA, 2144 SSL_CAMELLIA256, 2145 SSL_SHA1, 2146 SSL3_VERSION, TLS1_2_VERSION, 2147 DTLS1_BAD_VER, DTLS1_2_VERSION, 2148 SSL_NOT_DEFAULT | SSL_HIGH, 2149 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2150 256, 2151 256, 2152 }, 2153 { 2154 1, 2155 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 2156 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 2157 SSL_kDHE, 2158 SSL_aNULL, 2159 SSL_CAMELLIA256, 2160 SSL_SHA1, 2161 SSL3_VERSION, TLS1_2_VERSION, 2162 DTLS1_BAD_VER, DTLS1_2_VERSION, 2163 SSL_NOT_DEFAULT | SSL_HIGH, 2164 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2165 256, 2166 256, 2167 }, 2168 { 2169 1, 2170 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 2171 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 2172 SSL_kRSA, 2173 SSL_aRSA, 2174 SSL_CAMELLIA128, 2175 SSL_SHA1, 2176 SSL3_VERSION, TLS1_2_VERSION, 2177 DTLS1_BAD_VER, DTLS1_2_VERSION, 2178 SSL_NOT_DEFAULT | SSL_HIGH, 2179 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2180 128, 2181 128, 2182 }, 2183 { 2184 1, 2185 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 2186 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 2187 SSL_kDHE, 2188 SSL_aDSS, 2189 SSL_CAMELLIA128, 2190 SSL_SHA1, 2191 SSL3_VERSION, TLS1_2_VERSION, 2192 DTLS1_BAD_VER, DTLS1_2_VERSION, 2193 SSL_NOT_DEFAULT | SSL_HIGH, 2194 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2195 128, 2196 128, 2197 }, 2198 { 2199 1, 2200 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 2201 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 2202 SSL_kDHE, 2203 SSL_aRSA, 2204 SSL_CAMELLIA128, 2205 SSL_SHA1, 2206 SSL3_VERSION, TLS1_2_VERSION, 2207 DTLS1_BAD_VER, DTLS1_2_VERSION, 2208 SSL_NOT_DEFAULT | SSL_HIGH, 2209 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2210 128, 2211 128, 2212 }, 2213 { 2214 1, 2215 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 2216 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 2217 SSL_kDHE, 2218 SSL_aNULL, 2219 SSL_CAMELLIA128, 2220 SSL_SHA1, 2221 SSL3_VERSION, TLS1_2_VERSION, 2222 DTLS1_BAD_VER, DTLS1_2_VERSION, 2223 SSL_NOT_DEFAULT | SSL_HIGH, 2224 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2225 128, 2226 128, 2227 }, 2228 2229 # ifndef OPENSSL_NO_EC 2230 { 2231 1, 2232 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 2233 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 2234 SSL_kECDHE, 2235 SSL_aECDSA, 2236 SSL_CAMELLIA128, 2237 SSL_SHA256, 2238 TLS1_2_VERSION, TLS1_2_VERSION, 2239 DTLS1_2_VERSION, DTLS1_2_VERSION, 2240 SSL_NOT_DEFAULT | SSL_HIGH, 2241 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2242 128, 2243 128, 2244 }, 2245 { 2246 1, 2247 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 2248 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 2249 SSL_kECDHE, 2250 SSL_aECDSA, 2251 SSL_CAMELLIA256, 2252 SSL_SHA384, 2253 TLS1_2_VERSION, TLS1_2_VERSION, 2254 DTLS1_2_VERSION, DTLS1_2_VERSION, 2255 SSL_NOT_DEFAULT | SSL_HIGH, 2256 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2257 256, 2258 256, 2259 }, 2260 { 2261 1, 2262 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2263 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2264 SSL_kECDHE, 2265 SSL_aRSA, 2266 SSL_CAMELLIA128, 2267 SSL_SHA256, 2268 TLS1_2_VERSION, TLS1_2_VERSION, 2269 DTLS1_2_VERSION, DTLS1_2_VERSION, 2270 SSL_NOT_DEFAULT | SSL_HIGH, 2271 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2272 128, 2273 128, 2274 }, 2275 { 2276 1, 2277 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, 2278 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, 2279 SSL_kECDHE, 2280 SSL_aRSA, 2281 SSL_CAMELLIA256, 2282 SSL_SHA384, 2283 TLS1_2_VERSION, TLS1_2_VERSION, 2284 DTLS1_2_VERSION, DTLS1_2_VERSION, 2285 SSL_NOT_DEFAULT | SSL_HIGH, 2286 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2287 256, 2288 256, 2289 }, 2290 # endif /* OPENSSL_NO_EC */ 2291 2292 # ifndef OPENSSL_NO_PSK 2293 { 2294 1, 2295 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2296 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2297 SSL_kPSK, 2298 SSL_aPSK, 2299 SSL_CAMELLIA128, 2300 SSL_SHA256, 2301 TLS1_VERSION, TLS1_2_VERSION, 2302 DTLS1_BAD_VER, DTLS1_2_VERSION, 2303 SSL_NOT_DEFAULT | SSL_HIGH, 2304 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2305 128, 2306 128, 2307 }, 2308 { 2309 1, 2310 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2311 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2312 SSL_kPSK, 2313 SSL_aPSK, 2314 SSL_CAMELLIA256, 2315 SSL_SHA384, 2316 TLS1_VERSION, TLS1_2_VERSION, 2317 DTLS1_BAD_VER, DTLS1_2_VERSION, 2318 SSL_NOT_DEFAULT | SSL_HIGH, 2319 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2320 256, 2321 256, 2322 }, 2323 { 2324 1, 2325 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2326 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2327 SSL_kDHEPSK, 2328 SSL_aPSK, 2329 SSL_CAMELLIA128, 2330 SSL_SHA256, 2331 TLS1_VERSION, TLS1_2_VERSION, 2332 DTLS1_BAD_VER, DTLS1_2_VERSION, 2333 SSL_NOT_DEFAULT | SSL_HIGH, 2334 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2335 128, 2336 128, 2337 }, 2338 { 2339 1, 2340 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2341 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2342 SSL_kDHEPSK, 2343 SSL_aPSK, 2344 SSL_CAMELLIA256, 2345 SSL_SHA384, 2346 TLS1_VERSION, TLS1_2_VERSION, 2347 DTLS1_BAD_VER, DTLS1_2_VERSION, 2348 SSL_NOT_DEFAULT | SSL_HIGH, 2349 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2350 256, 2351 256, 2352 }, 2353 { 2354 1, 2355 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2356 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2357 SSL_kRSAPSK, 2358 SSL_aRSA, 2359 SSL_CAMELLIA128, 2360 SSL_SHA256, 2361 TLS1_VERSION, TLS1_2_VERSION, 2362 DTLS1_BAD_VER, DTLS1_2_VERSION, 2363 SSL_NOT_DEFAULT | SSL_HIGH, 2364 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2365 128, 2366 128, 2367 }, 2368 { 2369 1, 2370 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2371 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2372 SSL_kRSAPSK, 2373 SSL_aRSA, 2374 SSL_CAMELLIA256, 2375 SSL_SHA384, 2376 TLS1_VERSION, TLS1_2_VERSION, 2377 DTLS1_BAD_VER, DTLS1_2_VERSION, 2378 SSL_NOT_DEFAULT | SSL_HIGH, 2379 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2380 256, 2381 256, 2382 }, 2383 { 2384 1, 2385 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2386 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2387 SSL_kECDHEPSK, 2388 SSL_aPSK, 2389 SSL_CAMELLIA128, 2390 SSL_SHA256, 2391 TLS1_VERSION, TLS1_2_VERSION, 2392 DTLS1_BAD_VER, DTLS1_2_VERSION, 2393 SSL_NOT_DEFAULT | SSL_HIGH, 2394 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2395 128, 2396 128, 2397 }, 2398 { 2399 1, 2400 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2401 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2402 SSL_kECDHEPSK, 2403 SSL_aPSK, 2404 SSL_CAMELLIA256, 2405 SSL_SHA384, 2406 TLS1_VERSION, TLS1_2_VERSION, 2407 DTLS1_BAD_VER, DTLS1_2_VERSION, 2408 SSL_NOT_DEFAULT | SSL_HIGH, 2409 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2410 256, 2411 256, 2412 }, 2413 # endif /* OPENSSL_NO_PSK */ 2414 2415 #endif /* OPENSSL_NO_CAMELLIA */ 2416 2417 #ifndef OPENSSL_NO_GOST 2418 { 2419 1, 2420 "GOST2001-GOST89-GOST89", 2421 0x3000081, 2422 SSL_kGOST, 2423 SSL_aGOST01, 2424 SSL_eGOST2814789CNT, 2425 SSL_GOST89MAC, 2426 TLS1_VERSION, TLS1_2_VERSION, 2427 0, 0, 2428 SSL_HIGH, 2429 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 2430 256, 2431 256, 2432 }, 2433 { 2434 1, 2435 "GOST2001-NULL-GOST94", 2436 0x3000083, 2437 SSL_kGOST, 2438 SSL_aGOST01, 2439 SSL_eNULL, 2440 SSL_GOST94, 2441 TLS1_VERSION, TLS1_2_VERSION, 2442 0, 0, 2443 SSL_STRONG_NONE, 2444 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 2445 0, 2446 0, 2447 }, 2448 { 2449 1, 2450 "GOST2012-GOST8912-GOST8912", 2451 0x0300ff85, 2452 SSL_kGOST, 2453 SSL_aGOST12 | SSL_aGOST01, 2454 SSL_eGOST2814789CNT12, 2455 SSL_GOST89MAC12, 2456 TLS1_VERSION, TLS1_2_VERSION, 2457 0, 0, 2458 SSL_HIGH, 2459 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, 2460 256, 2461 256, 2462 }, 2463 { 2464 1, 2465 "GOST2012-NULL-GOST12", 2466 0x0300ff87, 2467 SSL_kGOST, 2468 SSL_aGOST12 | SSL_aGOST01, 2469 SSL_eNULL, 2470 SSL_GOST12_256, 2471 TLS1_VERSION, TLS1_2_VERSION, 2472 0, 0, 2473 SSL_STRONG_NONE, 2474 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, 2475 0, 2476 0, 2477 }, 2478 #endif /* OPENSSL_NO_GOST */ 2479 2480 #ifndef OPENSSL_NO_IDEA 2481 { 2482 1, 2483 SSL3_TXT_RSA_IDEA_128_SHA, 2484 SSL3_CK_RSA_IDEA_128_SHA, 2485 SSL_kRSA, 2486 SSL_aRSA, 2487 SSL_IDEA, 2488 SSL_SHA1, 2489 SSL3_VERSION, TLS1_1_VERSION, 2490 DTLS1_BAD_VER, DTLS1_VERSION, 2491 SSL_NOT_DEFAULT | SSL_MEDIUM, 2492 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2493 128, 2494 128, 2495 }, 2496 #endif 2497 2498 #ifndef OPENSSL_NO_SEED 2499 { 2500 1, 2501 TLS1_TXT_RSA_WITH_SEED_SHA, 2502 TLS1_CK_RSA_WITH_SEED_SHA, 2503 SSL_kRSA, 2504 SSL_aRSA, 2505 SSL_SEED, 2506 SSL_SHA1, 2507 SSL3_VERSION, TLS1_2_VERSION, 2508 DTLS1_BAD_VER, DTLS1_2_VERSION, 2509 SSL_NOT_DEFAULT | SSL_MEDIUM, 2510 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2511 128, 2512 128, 2513 }, 2514 { 2515 1, 2516 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 2517 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 2518 SSL_kDHE, 2519 SSL_aDSS, 2520 SSL_SEED, 2521 SSL_SHA1, 2522 SSL3_VERSION, TLS1_2_VERSION, 2523 DTLS1_BAD_VER, DTLS1_2_VERSION, 2524 SSL_NOT_DEFAULT | SSL_MEDIUM, 2525 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2526 128, 2527 128, 2528 }, 2529 { 2530 1, 2531 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 2532 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 2533 SSL_kDHE, 2534 SSL_aRSA, 2535 SSL_SEED, 2536 SSL_SHA1, 2537 SSL3_VERSION, TLS1_2_VERSION, 2538 DTLS1_BAD_VER, DTLS1_2_VERSION, 2539 SSL_NOT_DEFAULT | SSL_MEDIUM, 2540 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2541 128, 2542 128, 2543 }, 2544 { 2545 1, 2546 TLS1_TXT_ADH_WITH_SEED_SHA, 2547 TLS1_CK_ADH_WITH_SEED_SHA, 2548 SSL_kDHE, 2549 SSL_aNULL, 2550 SSL_SEED, 2551 SSL_SHA1, 2552 SSL3_VERSION, TLS1_2_VERSION, 2553 DTLS1_BAD_VER, DTLS1_2_VERSION, 2554 SSL_NOT_DEFAULT | SSL_MEDIUM, 2555 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2556 128, 2557 128, 2558 }, 2559 #endif /* OPENSSL_NO_SEED */ 2560 2561 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 2562 { 2563 1, 2564 SSL3_TXT_RSA_RC4_128_MD5, 2565 SSL3_CK_RSA_RC4_128_MD5, 2566 SSL_kRSA, 2567 SSL_aRSA, 2568 SSL_RC4, 2569 SSL_MD5, 2570 SSL3_VERSION, TLS1_2_VERSION, 2571 0, 0, 2572 SSL_NOT_DEFAULT | SSL_MEDIUM, 2573 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2574 128, 2575 128, 2576 }, 2577 { 2578 1, 2579 SSL3_TXT_RSA_RC4_128_SHA, 2580 SSL3_CK_RSA_RC4_128_SHA, 2581 SSL_kRSA, 2582 SSL_aRSA, 2583 SSL_RC4, 2584 SSL_SHA1, 2585 SSL3_VERSION, TLS1_2_VERSION, 2586 0, 0, 2587 SSL_NOT_DEFAULT | SSL_MEDIUM, 2588 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2589 128, 2590 128, 2591 }, 2592 { 2593 1, 2594 SSL3_TXT_ADH_RC4_128_MD5, 2595 SSL3_CK_ADH_RC4_128_MD5, 2596 SSL_kDHE, 2597 SSL_aNULL, 2598 SSL_RC4, 2599 SSL_MD5, 2600 SSL3_VERSION, TLS1_2_VERSION, 2601 0, 0, 2602 SSL_NOT_DEFAULT | SSL_MEDIUM, 2603 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2604 128, 2605 128, 2606 }, 2607 2608 # ifndef OPENSSL_NO_EC 2609 { 2610 1, 2611 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA, 2612 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA, 2613 SSL_kECDHEPSK, 2614 SSL_aPSK, 2615 SSL_RC4, 2616 SSL_SHA1, 2617 TLS1_VERSION, TLS1_2_VERSION, 2618 0, 0, 2619 SSL_NOT_DEFAULT | SSL_MEDIUM, 2620 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2621 128, 2622 128, 2623 }, 2624 { 2625 1, 2626 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 2627 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 2628 SSL_kECDHE, 2629 SSL_aNULL, 2630 SSL_RC4, 2631 SSL_SHA1, 2632 TLS1_VERSION, TLS1_2_VERSION, 2633 0, 0, 2634 SSL_NOT_DEFAULT | SSL_MEDIUM, 2635 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2636 128, 2637 128, 2638 }, 2639 { 2640 1, 2641 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 2642 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 2643 SSL_kECDHE, 2644 SSL_aECDSA, 2645 SSL_RC4, 2646 SSL_SHA1, 2647 TLS1_VERSION, TLS1_2_VERSION, 2648 0, 0, 2649 SSL_NOT_DEFAULT | SSL_MEDIUM, 2650 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2651 128, 2652 128, 2653 }, 2654 { 2655 1, 2656 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 2657 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 2658 SSL_kECDHE, 2659 SSL_aRSA, 2660 SSL_RC4, 2661 SSL_SHA1, 2662 TLS1_VERSION, TLS1_2_VERSION, 2663 0, 0, 2664 SSL_NOT_DEFAULT | SSL_MEDIUM, 2665 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2666 128, 2667 128, 2668 }, 2669 # endif /* OPENSSL_NO_EC */ 2670 2671 # ifndef OPENSSL_NO_PSK 2672 { 2673 1, 2674 TLS1_TXT_PSK_WITH_RC4_128_SHA, 2675 TLS1_CK_PSK_WITH_RC4_128_SHA, 2676 SSL_kPSK, 2677 SSL_aPSK, 2678 SSL_RC4, 2679 SSL_SHA1, 2680 SSL3_VERSION, TLS1_2_VERSION, 2681 0, 0, 2682 SSL_NOT_DEFAULT | SSL_MEDIUM, 2683 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2684 128, 2685 128, 2686 }, 2687 { 2688 1, 2689 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA, 2690 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA, 2691 SSL_kRSAPSK, 2692 SSL_aRSA, 2693 SSL_RC4, 2694 SSL_SHA1, 2695 SSL3_VERSION, TLS1_2_VERSION, 2696 0, 0, 2697 SSL_NOT_DEFAULT | SSL_MEDIUM, 2698 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2699 128, 2700 128, 2701 }, 2702 { 2703 1, 2704 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA, 2705 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA, 2706 SSL_kDHEPSK, 2707 SSL_aPSK, 2708 SSL_RC4, 2709 SSL_SHA1, 2710 SSL3_VERSION, TLS1_2_VERSION, 2711 0, 0, 2712 SSL_NOT_DEFAULT | SSL_MEDIUM, 2713 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2714 128, 2715 128, 2716 }, 2717 # endif /* OPENSSL_NO_PSK */ 2718 2719 #endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */ 2720 2721 }; 2722 2723 static int cipher_compare(const void *a, const void *b) 2724 { 2725 const SSL_CIPHER *ap = (const SSL_CIPHER *)a; 2726 const SSL_CIPHER *bp = (const SSL_CIPHER *)b; 2727 2728 if (ap->id == bp->id) 2729 return 0; 2730 return ap->id < bp->id ? -1 : 1; 2731 } 2732 2733 void ssl_sort_cipher_list(void) 2734 { 2735 qsort(ssl3_ciphers, OSSL_NELEM(ssl3_ciphers), sizeof(ssl3_ciphers[0]), 2736 cipher_compare); 2737 } 2738 2739 static int ssl_undefined_function_1(SSL *ssl, unsigned char *r, size_t s, 2740 const char * t, size_t u, 2741 const unsigned char * v, size_t w, int x) 2742 { 2743 (void)r; 2744 (void)s; 2745 (void)t; 2746 (void)u; 2747 (void)v; 2748 (void)w; 2749 (void)x; 2750 return ssl_undefined_function(ssl); 2751 } 2752 2753 const SSL3_ENC_METHOD SSLv3_enc_data = { 2754 ssl3_enc, 2755 n_ssl3_mac, 2756 ssl3_setup_key_block, 2757 ssl3_generate_master_secret, 2758 ssl3_change_cipher_state, 2759 ssl3_final_finish_mac, 2760 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, 2761 SSL3_MD_CLIENT_FINISHED_CONST, 4, 2762 SSL3_MD_SERVER_FINISHED_CONST, 4, 2763 ssl3_alert_code, 2764 ssl_undefined_function_1, 2765 0, 2766 SSL3_HM_HEADER_LENGTH, 2767 ssl3_set_handshake_header, 2768 ssl3_handshake_write 2769 }; 2770 2771 long ssl3_default_timeout(void) 2772 { 2773 /* 2774 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for 2775 * http, the cache would over fill 2776 */ 2777 return (60 * 60 * 2); 2778 } 2779 2780 int ssl3_num_ciphers(void) 2781 { 2782 return (SSL3_NUM_CIPHERS); 2783 } 2784 2785 const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 2786 { 2787 if (u < SSL3_NUM_CIPHERS) 2788 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u])); 2789 else 2790 return (NULL); 2791 } 2792 2793 int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) 2794 { 2795 unsigned char *p = (unsigned char *)s->init_buf->data; 2796 *(p++) = htype; 2797 l2n3(len, p); 2798 s->init_num = (int)len + SSL3_HM_HEADER_LENGTH; 2799 s->init_off = 0; 2800 2801 return 1; 2802 } 2803 2804 int ssl3_handshake_write(SSL *s) 2805 { 2806 return ssl3_do_write(s, SSL3_RT_HANDSHAKE); 2807 } 2808 2809 int ssl3_new(SSL *s) 2810 { 2811 SSL3_STATE *s3; 2812 2813 if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL) 2814 goto err; 2815 s->s3 = s3; 2816 2817 #ifndef OPENSSL_NO_SRP 2818 if (!SSL_SRP_CTX_init(s)) 2819 goto err; 2820 #endif 2821 s->method->ssl_clear(s); 2822 return (1); 2823 err: 2824 return (0); 2825 } 2826 2827 void ssl3_free(SSL *s) 2828 { 2829 if (s == NULL || s->s3 == NULL) 2830 return; 2831 2832 ssl3_cleanup_key_block(s); 2833 2834 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) 2835 EVP_PKEY_free(s->s3->peer_tmp); 2836 s->s3->peer_tmp = NULL; 2837 EVP_PKEY_free(s->s3->tmp.pkey); 2838 s->s3->tmp.pkey = NULL; 2839 #endif 2840 2841 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 2842 OPENSSL_free(s->s3->tmp.ciphers_raw); 2843 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen); 2844 OPENSSL_free(s->s3->tmp.peer_sigalgs); 2845 ssl3_free_digest_list(s); 2846 OPENSSL_free(s->s3->alpn_selected); 2847 OPENSSL_free(s->s3->alpn_proposed); 2848 2849 #ifndef OPENSSL_NO_SRP 2850 SSL_SRP_CTX_free(s); 2851 #endif 2852 OPENSSL_clear_free(s->s3, sizeof(*s->s3)); 2853 s->s3 = NULL; 2854 } 2855 2856 void ssl3_clear(SSL *s) 2857 { 2858 ssl3_cleanup_key_block(s); 2859 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 2860 OPENSSL_free(s->s3->tmp.ciphers_raw); 2861 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen); 2862 OPENSSL_free(s->s3->tmp.peer_sigalgs); 2863 2864 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) 2865 EVP_PKEY_free(s->s3->tmp.pkey); 2866 EVP_PKEY_free(s->s3->peer_tmp); 2867 #endif /* !OPENSSL_NO_EC */ 2868 2869 ssl3_free_digest_list(s); 2870 2871 OPENSSL_free(s->s3->alpn_selected); 2872 OPENSSL_free(s->s3->alpn_proposed); 2873 2874 /* NULL/zero-out everything in the s3 struct */ 2875 memset(s->s3, 0, sizeof(*s->s3)); 2876 2877 ssl_free_wbio_buffer(s); 2878 2879 s->version = SSL3_VERSION; 2880 2881 #if !defined(OPENSSL_NO_NEXTPROTONEG) 2882 OPENSSL_free(s->next_proto_negotiated); 2883 s->next_proto_negotiated = NULL; 2884 s->next_proto_negotiated_len = 0; 2885 #endif 2886 } 2887 2888 #ifndef OPENSSL_NO_SRP 2889 static char *srp_password_from_info_cb(SSL *s, void *arg) 2890 { 2891 return OPENSSL_strdup(s->srp_ctx.info); 2892 } 2893 #endif 2894 2895 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len); 2896 2897 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 2898 { 2899 int ret = 0; 2900 2901 switch (cmd) { 2902 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 2903 break; 2904 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 2905 ret = s->s3->num_renegotiations; 2906 break; 2907 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 2908 ret = s->s3->num_renegotiations; 2909 s->s3->num_renegotiations = 0; 2910 break; 2911 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 2912 ret = s->s3->total_renegotiations; 2913 break; 2914 case SSL_CTRL_GET_FLAGS: 2915 ret = (int)(s->s3->flags); 2916 break; 2917 #ifndef OPENSSL_NO_DH 2918 case SSL_CTRL_SET_TMP_DH: 2919 { 2920 DH *dh = (DH *)parg; 2921 EVP_PKEY *pkdh = NULL; 2922 if (dh == NULL) { 2923 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 2924 return (ret); 2925 } 2926 pkdh = ssl_dh_to_pkey(dh); 2927 if (pkdh == NULL) { 2928 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 2929 return 0; 2930 } 2931 if (!ssl_security(s, SSL_SECOP_TMP_DH, 2932 EVP_PKEY_security_bits(pkdh), 0, pkdh)) { 2933 SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL); 2934 EVP_PKEY_free(pkdh); 2935 return ret; 2936 } 2937 EVP_PKEY_free(s->cert->dh_tmp); 2938 s->cert->dh_tmp = pkdh; 2939 ret = 1; 2940 } 2941 break; 2942 case SSL_CTRL_SET_TMP_DH_CB: 2943 { 2944 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2945 return (ret); 2946 } 2947 case SSL_CTRL_SET_DH_AUTO: 2948 s->cert->dh_tmp_auto = larg; 2949 return 1; 2950 #endif 2951 #ifndef OPENSSL_NO_EC 2952 case SSL_CTRL_SET_TMP_ECDH: 2953 { 2954 const EC_GROUP *group = NULL; 2955 int nid; 2956 2957 if (parg == NULL) { 2958 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 2959 return 0; 2960 } 2961 group = EC_KEY_get0_group((const EC_KEY *)parg); 2962 if (group == NULL) { 2963 SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS); 2964 return 0; 2965 } 2966 nid = EC_GROUP_get_curve_name(group); 2967 if (nid == NID_undef) 2968 return 0; 2969 return tls1_set_curves(&s->tlsext_ellipticcurvelist, 2970 &s->tlsext_ellipticcurvelist_length, 2971 &nid, 1); 2972 } 2973 break; 2974 #endif /* !OPENSSL_NO_EC */ 2975 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 2976 if (larg == TLSEXT_NAMETYPE_host_name) { 2977 size_t len; 2978 2979 OPENSSL_free(s->tlsext_hostname); 2980 s->tlsext_hostname = NULL; 2981 2982 ret = 1; 2983 if (parg == NULL) 2984 break; 2985 len = strlen((char *)parg); 2986 if (len == 0 || len > TLSEXT_MAXLEN_host_name) { 2987 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 2988 return 0; 2989 } 2990 if ((s->tlsext_hostname = OPENSSL_strdup((char *)parg)) == NULL) { 2991 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 2992 return 0; 2993 } 2994 } else { 2995 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 2996 return 0; 2997 } 2998 break; 2999 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 3000 s->tlsext_debug_arg = parg; 3001 ret = 1; 3002 break; 3003 3004 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE: 3005 ret = s->tlsext_status_type; 3006 break; 3007 3008 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3009 s->tlsext_status_type = larg; 3010 ret = 1; 3011 break; 3012 3013 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 3014 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; 3015 ret = 1; 3016 break; 3017 3018 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 3019 s->tlsext_ocsp_exts = parg; 3020 ret = 1; 3021 break; 3022 3023 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 3024 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; 3025 ret = 1; 3026 break; 3027 3028 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 3029 s->tlsext_ocsp_ids = parg; 3030 ret = 1; 3031 break; 3032 3033 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 3034 *(unsigned char **)parg = s->tlsext_ocsp_resp; 3035 return s->tlsext_ocsp_resplen; 3036 3037 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 3038 OPENSSL_free(s->tlsext_ocsp_resp); 3039 s->tlsext_ocsp_resp = parg; 3040 s->tlsext_ocsp_resplen = larg; 3041 ret = 1; 3042 break; 3043 3044 #ifndef OPENSSL_NO_HEARTBEATS 3045 case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT: 3046 if (SSL_IS_DTLS(s)) 3047 ret = dtls1_heartbeat(s); 3048 break; 3049 3050 case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING: 3051 if (SSL_IS_DTLS(s)) 3052 ret = s->tlsext_hb_pending; 3053 break; 3054 3055 case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS: 3056 if (SSL_IS_DTLS(s)) { 3057 if (larg) 3058 s->tlsext_heartbeat |= SSL_DTLSEXT_HB_DONT_RECV_REQUESTS; 3059 else 3060 s->tlsext_heartbeat &= ~SSL_DTLSEXT_HB_DONT_RECV_REQUESTS; 3061 ret = 1; 3062 } 3063 break; 3064 #endif 3065 3066 case SSL_CTRL_CHAIN: 3067 if (larg) 3068 return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg); 3069 else 3070 return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg); 3071 3072 case SSL_CTRL_CHAIN_CERT: 3073 if (larg) 3074 return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg); 3075 else 3076 return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg); 3077 3078 case SSL_CTRL_GET_CHAIN_CERTS: 3079 *(STACK_OF(X509) **)parg = s->cert->key->chain; 3080 break; 3081 3082 case SSL_CTRL_SELECT_CURRENT_CERT: 3083 return ssl_cert_select_current(s->cert, (X509 *)parg); 3084 3085 case SSL_CTRL_SET_CURRENT_CERT: 3086 if (larg == SSL_CERT_SET_SERVER) { 3087 CERT_PKEY *cpk; 3088 const SSL_CIPHER *cipher; 3089 if (!s->server) 3090 return 0; 3091 cipher = s->s3->tmp.new_cipher; 3092 if (!cipher) 3093 return 0; 3094 /* 3095 * No certificate for unauthenticated ciphersuites or using SRP 3096 * authentication 3097 */ 3098 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP)) 3099 return 2; 3100 cpk = ssl_get_server_send_pkey(s); 3101 if (!cpk) 3102 return 0; 3103 s->cert->key = cpk; 3104 return 1; 3105 } 3106 return ssl_cert_set_current(s->cert, larg); 3107 3108 #ifndef OPENSSL_NO_EC 3109 case SSL_CTRL_GET_CURVES: 3110 { 3111 unsigned char *clist; 3112 size_t clistlen; 3113 if (!s->session) 3114 return 0; 3115 clist = s->session->tlsext_ellipticcurvelist; 3116 clistlen = s->session->tlsext_ellipticcurvelist_length / 2; 3117 if (parg) { 3118 size_t i; 3119 int *cptr = parg; 3120 unsigned int cid, nid; 3121 for (i = 0; i < clistlen; i++) { 3122 n2s(clist, cid); 3123 nid = tls1_ec_curve_id2nid(cid, NULL); 3124 if (nid != 0) 3125 cptr[i] = nid; 3126 else 3127 cptr[i] = TLSEXT_nid_unknown | cid; 3128 } 3129 } 3130 return (int)clistlen; 3131 } 3132 3133 case SSL_CTRL_SET_CURVES: 3134 return tls1_set_curves(&s->tlsext_ellipticcurvelist, 3135 &s->tlsext_ellipticcurvelist_length, parg, larg); 3136 3137 case SSL_CTRL_SET_CURVES_LIST: 3138 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist, 3139 &s->tlsext_ellipticcurvelist_length, parg); 3140 3141 case SSL_CTRL_GET_SHARED_CURVE: 3142 return tls1_shared_curve(s, larg); 3143 3144 #endif 3145 case SSL_CTRL_SET_SIGALGS: 3146 return tls1_set_sigalgs(s->cert, parg, larg, 0); 3147 3148 case SSL_CTRL_SET_SIGALGS_LIST: 3149 return tls1_set_sigalgs_list(s->cert, parg, 0); 3150 3151 case SSL_CTRL_SET_CLIENT_SIGALGS: 3152 return tls1_set_sigalgs(s->cert, parg, larg, 1); 3153 3154 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3155 return tls1_set_sigalgs_list(s->cert, parg, 1); 3156 3157 case SSL_CTRL_GET_CLIENT_CERT_TYPES: 3158 { 3159 const unsigned char **pctype = parg; 3160 if (s->server || !s->s3->tmp.cert_req) 3161 return 0; 3162 if (s->cert->ctypes) { 3163 if (pctype) 3164 *pctype = s->cert->ctypes; 3165 return (int)s->cert->ctype_num; 3166 } 3167 if (pctype) 3168 *pctype = (unsigned char *)s->s3->tmp.ctype; 3169 return s->s3->tmp.ctype_num; 3170 } 3171 3172 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3173 if (!s->server) 3174 return 0; 3175 return ssl3_set_req_cert_type(s->cert, parg, larg); 3176 3177 case SSL_CTRL_BUILD_CERT_CHAIN: 3178 return ssl_build_cert_chain(s, NULL, larg); 3179 3180 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3181 return ssl_cert_set_cert_store(s->cert, parg, 0, larg); 3182 3183 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3184 return ssl_cert_set_cert_store(s->cert, parg, 1, larg); 3185 3186 case SSL_CTRL_GET_PEER_SIGNATURE_NID: 3187 if (SSL_USE_SIGALGS(s)) { 3188 if (s->session) { 3189 const EVP_MD *sig; 3190 sig = s->s3->tmp.peer_md; 3191 if (sig) { 3192 *(int *)parg = EVP_MD_type(sig); 3193 return 1; 3194 } 3195 } 3196 return 0; 3197 } 3198 /* Might want to do something here for other versions */ 3199 else 3200 return 0; 3201 3202 case SSL_CTRL_GET_SERVER_TMP_KEY: 3203 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) 3204 if (s->server || s->session == NULL || s->s3->peer_tmp == NULL) { 3205 return 0; 3206 } else { 3207 EVP_PKEY_up_ref(s->s3->peer_tmp); 3208 *(EVP_PKEY **)parg = s->s3->peer_tmp; 3209 return 1; 3210 } 3211 #else 3212 return 0; 3213 #endif 3214 #ifndef OPENSSL_NO_EC 3215 case SSL_CTRL_GET_EC_POINT_FORMATS: 3216 { 3217 SSL_SESSION *sess = s->session; 3218 const unsigned char **pformat = parg; 3219 if (!sess || !sess->tlsext_ecpointformatlist) 3220 return 0; 3221 *pformat = sess->tlsext_ecpointformatlist; 3222 return (int)sess->tlsext_ecpointformatlist_length; 3223 } 3224 #endif 3225 3226 default: 3227 break; 3228 } 3229 return (ret); 3230 } 3231 3232 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 3233 { 3234 int ret = 0; 3235 3236 switch (cmd) { 3237 #ifndef OPENSSL_NO_DH 3238 case SSL_CTRL_SET_TMP_DH_CB: 3239 { 3240 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3241 } 3242 break; 3243 #endif 3244 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3245 s->tlsext_debug_cb = (void (*)(SSL *, int, int, 3246 const unsigned char *, int, void *))fp; 3247 break; 3248 3249 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB: 3250 { 3251 s->not_resumable_session_cb = (int (*)(SSL *, int))fp; 3252 } 3253 break; 3254 default: 3255 break; 3256 } 3257 return (ret); 3258 } 3259 3260 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3261 { 3262 switch (cmd) { 3263 #ifndef OPENSSL_NO_DH 3264 case SSL_CTRL_SET_TMP_DH: 3265 { 3266 DH *dh = (DH *)parg; 3267 EVP_PKEY *pkdh = NULL; 3268 if (dh == NULL) { 3269 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3270 return 0; 3271 } 3272 pkdh = ssl_dh_to_pkey(dh); 3273 if (pkdh == NULL) { 3274 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); 3275 return 0; 3276 } 3277 if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, 3278 EVP_PKEY_security_bits(pkdh), 0, pkdh)) { 3279 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); 3280 EVP_PKEY_free(pkdh); 3281 return 1; 3282 } 3283 EVP_PKEY_free(ctx->cert->dh_tmp); 3284 ctx->cert->dh_tmp = pkdh; 3285 return 1; 3286 } 3287 /* 3288 * break; 3289 */ 3290 case SSL_CTRL_SET_TMP_DH_CB: 3291 { 3292 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3293 return (0); 3294 } 3295 case SSL_CTRL_SET_DH_AUTO: 3296 ctx->cert->dh_tmp_auto = larg; 3297 return 1; 3298 #endif 3299 #ifndef OPENSSL_NO_EC 3300 case SSL_CTRL_SET_TMP_ECDH: 3301 { 3302 const EC_GROUP *group = NULL; 3303 int nid; 3304 3305 if (parg == NULL) { 3306 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3307 return 0; 3308 } 3309 group = EC_KEY_get0_group((const EC_KEY *)parg); 3310 if (group == NULL) { 3311 SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS); 3312 return 0; 3313 } 3314 nid = EC_GROUP_get_curve_name(group); 3315 if (nid == NID_undef) 3316 return 0; 3317 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, 3318 &ctx->tlsext_ellipticcurvelist_length, 3319 &nid, 1); 3320 } 3321 /* break; */ 3322 #endif /* !OPENSSL_NO_EC */ 3323 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 3324 ctx->tlsext_servername_arg = parg; 3325 break; 3326 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 3327 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 3328 { 3329 unsigned char *keys = parg; 3330 long tlsext_tick_keylen = (sizeof(ctx->tlsext_tick_key_name) + 3331 sizeof(ctx->tlsext_tick_hmac_key) + 3332 sizeof(ctx->tlsext_tick_aes_key)); 3333 if (keys == NULL) 3334 return tlsext_tick_keylen; 3335 if (larg != tlsext_tick_keylen) { 3336 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3337 return 0; 3338 } 3339 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 3340 memcpy(ctx->tlsext_tick_key_name, keys, 3341 sizeof(ctx->tlsext_tick_key_name)); 3342 memcpy(ctx->tlsext_tick_hmac_key, 3343 keys + sizeof(ctx->tlsext_tick_key_name), 3344 sizeof(ctx->tlsext_tick_hmac_key)); 3345 memcpy(ctx->tlsext_tick_aes_key, 3346 keys + sizeof(ctx->tlsext_tick_key_name) + 3347 sizeof(ctx->tlsext_tick_hmac_key), 3348 sizeof(ctx->tlsext_tick_aes_key)); 3349 } else { 3350 memcpy(keys, ctx->tlsext_tick_key_name, 3351 sizeof(ctx->tlsext_tick_key_name)); 3352 memcpy(keys + sizeof(ctx->tlsext_tick_key_name), 3353 ctx->tlsext_tick_hmac_key, 3354 sizeof(ctx->tlsext_tick_hmac_key)); 3355 memcpy(keys + sizeof(ctx->tlsext_tick_key_name) + 3356 sizeof(ctx->tlsext_tick_hmac_key), 3357 ctx->tlsext_tick_aes_key, 3358 sizeof(ctx->tlsext_tick_aes_key)); 3359 } 3360 return 1; 3361 } 3362 3363 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE: 3364 return ctx->tlsext_status_type; 3365 3366 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3367 ctx->tlsext_status_type = larg; 3368 break; 3369 3370 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 3371 ctx->tlsext_status_arg = parg; 3372 return 1; 3373 3374 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG: 3375 *(void**)parg = ctx->tlsext_status_arg; 3376 break; 3377 3378 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB: 3379 *(int (**)(SSL*, void*))parg = ctx->tlsext_status_cb; 3380 break; 3381 3382 #ifndef OPENSSL_NO_SRP 3383 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: 3384 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3385 OPENSSL_free(ctx->srp_ctx.login); 3386 ctx->srp_ctx.login = NULL; 3387 if (parg == NULL) 3388 break; 3389 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) { 3390 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3391 return 0; 3392 } 3393 if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) { 3394 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3395 return 0; 3396 } 3397 break; 3398 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3399 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3400 srp_password_from_info_cb; 3401 if (ctx->srp_ctx.info != NULL) 3402 OPENSSL_free(ctx->srp_ctx.info); 3403 if ((ctx->srp_ctx.info = BUF_strdup((char *)parg)) == NULL) { 3404 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3405 return 0; 3406 } 3407 break; 3408 case SSL_CTRL_SET_SRP_ARG: 3409 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3410 ctx->srp_ctx.SRP_cb_arg = parg; 3411 break; 3412 3413 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH: 3414 ctx->srp_ctx.strength = larg; 3415 break; 3416 #endif 3417 3418 #ifndef OPENSSL_NO_EC 3419 case SSL_CTRL_SET_CURVES: 3420 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, 3421 &ctx->tlsext_ellipticcurvelist_length, 3422 parg, larg); 3423 3424 case SSL_CTRL_SET_CURVES_LIST: 3425 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist, 3426 &ctx->tlsext_ellipticcurvelist_length, 3427 parg); 3428 #endif 3429 case SSL_CTRL_SET_SIGALGS: 3430 return tls1_set_sigalgs(ctx->cert, parg, larg, 0); 3431 3432 case SSL_CTRL_SET_SIGALGS_LIST: 3433 return tls1_set_sigalgs_list(ctx->cert, parg, 0); 3434 3435 case SSL_CTRL_SET_CLIENT_SIGALGS: 3436 return tls1_set_sigalgs(ctx->cert, parg, larg, 1); 3437 3438 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3439 return tls1_set_sigalgs_list(ctx->cert, parg, 1); 3440 3441 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3442 return ssl3_set_req_cert_type(ctx->cert, parg, larg); 3443 3444 case SSL_CTRL_BUILD_CERT_CHAIN: 3445 return ssl_build_cert_chain(NULL, ctx, larg); 3446 3447 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3448 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg); 3449 3450 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3451 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg); 3452 3453 /* A Thawte special :-) */ 3454 case SSL_CTRL_EXTRA_CHAIN_CERT: 3455 if (ctx->extra_certs == NULL) { 3456 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) { 3457 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); 3458 return 0; 3459 } 3460 } 3461 if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) { 3462 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); 3463 return 0; 3464 } 3465 break; 3466 3467 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 3468 if (ctx->extra_certs == NULL && larg == 0) 3469 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3470 else 3471 *(STACK_OF(X509) **)parg = ctx->extra_certs; 3472 break; 3473 3474 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 3475 sk_X509_pop_free(ctx->extra_certs, X509_free); 3476 ctx->extra_certs = NULL; 3477 break; 3478 3479 case SSL_CTRL_CHAIN: 3480 if (larg) 3481 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg); 3482 else 3483 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg); 3484 3485 case SSL_CTRL_CHAIN_CERT: 3486 if (larg) 3487 return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg); 3488 else 3489 return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg); 3490 3491 case SSL_CTRL_GET_CHAIN_CERTS: 3492 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3493 break; 3494 3495 case SSL_CTRL_SELECT_CURRENT_CERT: 3496 return ssl_cert_select_current(ctx->cert, (X509 *)parg); 3497 3498 case SSL_CTRL_SET_CURRENT_CERT: 3499 return ssl_cert_set_current(ctx->cert, larg); 3500 3501 default: 3502 return (0); 3503 } 3504 return (1); 3505 } 3506 3507 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 3508 { 3509 switch (cmd) { 3510 #ifndef OPENSSL_NO_DH 3511 case SSL_CTRL_SET_TMP_DH_CB: 3512 { 3513 ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3514 } 3515 break; 3516 #endif 3517 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 3518 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp; 3519 break; 3520 3521 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 3522 ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp; 3523 break; 3524 3525 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 3526 ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *, 3527 unsigned char *, 3528 EVP_CIPHER_CTX *, 3529 HMAC_CTX *, int))fp; 3530 break; 3531 3532 #ifndef OPENSSL_NO_SRP 3533 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: 3534 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3535 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp; 3536 break; 3537 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB: 3538 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3539 ctx->srp_ctx.TLS_ext_srp_username_callback = 3540 (int (*)(SSL *, int *, void *))fp; 3541 break; 3542 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB: 3543 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3544 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3545 (char *(*)(SSL *, void *))fp; 3546 break; 3547 #endif 3548 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB: 3549 { 3550 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp; 3551 } 3552 break; 3553 default: 3554 return (0); 3555 } 3556 return (1); 3557 } 3558 3559 /* 3560 * This function needs to check if the ciphers required are actually 3561 * available 3562 */ 3563 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 3564 { 3565 SSL_CIPHER c; 3566 const SSL_CIPHER *cp; 3567 uint32_t id; 3568 3569 id = 0x03000000 | ((uint32_t)p[0] << 8L) | (uint32_t)p[1]; 3570 c.id = id; 3571 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 3572 return cp; 3573 } 3574 3575 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) 3576 { 3577 long l; 3578 3579 if (p != NULL) { 3580 l = c->id; 3581 if ((l & 0xff000000) != 0x03000000) 3582 return (0); 3583 p[0] = ((unsigned char)(l >> 8L)) & 0xFF; 3584 p[1] = ((unsigned char)(l)) & 0xFF; 3585 } 3586 return (2); 3587 } 3588 3589 /* 3590 * ssl3_choose_cipher - choose a cipher from those offered by the client 3591 * @s: SSL connection 3592 * @clnt: ciphers offered by the client 3593 * @srvr: ciphers enabled on the server? 3594 * 3595 * Returns the selected cipher or NULL when no common ciphers. 3596 */ 3597 const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 3598 STACK_OF(SSL_CIPHER) *srvr) 3599 { 3600 const SSL_CIPHER *c, *ret = NULL; 3601 STACK_OF(SSL_CIPHER) *prio, *allow; 3602 int i, ii, ok; 3603 unsigned long alg_k, alg_a, mask_k, mask_a; 3604 3605 /* Let's see which ciphers we can support */ 3606 3607 #if 0 3608 /* 3609 * Do not set the compare functions, because this may lead to a 3610 * reordering by "id". We want to keep the original ordering. We may pay 3611 * a price in performance during sk_SSL_CIPHER_find(), but would have to 3612 * pay with the price of sk_SSL_CIPHER_dup(). 3613 */ 3614 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp); 3615 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp); 3616 #endif 3617 3618 #ifdef CIPHER_DEBUG 3619 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), 3620 (void *)srvr); 3621 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { 3622 c = sk_SSL_CIPHER_value(srvr, i); 3623 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 3624 } 3625 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), 3626 (void *)clnt); 3627 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { 3628 c = sk_SSL_CIPHER_value(clnt, i); 3629 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 3630 } 3631 #endif 3632 3633 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) { 3634 prio = srvr; 3635 allow = clnt; 3636 } else { 3637 prio = clnt; 3638 allow = srvr; 3639 } 3640 3641 tls1_set_cert_validity(s); 3642 ssl_set_masks(s); 3643 3644 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) { 3645 c = sk_SSL_CIPHER_value(prio, i); 3646 3647 /* Skip ciphers not supported by the protocol version */ 3648 if (!SSL_IS_DTLS(s) && 3649 ((s->version < c->min_tls) || (s->version > c->max_tls))) 3650 continue; 3651 if (SSL_IS_DTLS(s) && 3652 (DTLS_VERSION_LT(s->version, c->min_dtls) || 3653 DTLS_VERSION_GT(s->version, c->max_dtls))) 3654 continue; 3655 3656 mask_k = s->s3->tmp.mask_k; 3657 mask_a = s->s3->tmp.mask_a; 3658 #ifndef OPENSSL_NO_SRP 3659 if (s->srp_ctx.srp_Mask & SSL_kSRP) { 3660 mask_k |= SSL_kSRP; 3661 mask_a |= SSL_aSRP; 3662 } 3663 #endif 3664 3665 alg_k = c->algorithm_mkey; 3666 alg_a = c->algorithm_auth; 3667 3668 #ifndef OPENSSL_NO_PSK 3669 /* with PSK there must be server callback set */ 3670 if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL) 3671 continue; 3672 #endif /* OPENSSL_NO_PSK */ 3673 3674 ok = (alg_k & mask_k) && (alg_a & mask_a); 3675 #ifdef CIPHER_DEBUG 3676 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, 3677 alg_a, mask_k, mask_a, (void *)c, c->name); 3678 #endif 3679 3680 #ifndef OPENSSL_NO_EC 3681 /* 3682 * if we are considering an ECC cipher suite that uses an ephemeral 3683 * EC key check it 3684 */ 3685 if (alg_k & SSL_kECDHE) 3686 ok = ok && tls1_check_ec_tmp_key(s, c->id); 3687 #endif /* OPENSSL_NO_EC */ 3688 3689 if (!ok) 3690 continue; 3691 ii = sk_SSL_CIPHER_find(allow, c); 3692 if (ii >= 0) { 3693 /* Check security callback permits this cipher */ 3694 if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED, 3695 c->strength_bits, 0, (void *)c)) 3696 continue; 3697 #if !defined(OPENSSL_NO_EC) 3698 if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA) 3699 && s->s3->is_probably_safari) { 3700 if (!ret) 3701 ret = sk_SSL_CIPHER_value(allow, ii); 3702 continue; 3703 } 3704 #endif 3705 ret = sk_SSL_CIPHER_value(allow, ii); 3706 break; 3707 } 3708 } 3709 return (ret); 3710 } 3711 3712 int ssl3_get_req_cert_type(SSL *s, unsigned char *p) 3713 { 3714 int ret = 0; 3715 uint32_t alg_k, alg_a = 0; 3716 3717 /* If we have custom certificate types set, use them */ 3718 if (s->cert->ctypes) { 3719 memcpy(p, s->cert->ctypes, s->cert->ctype_num); 3720 return (int)s->cert->ctype_num; 3721 } 3722 /* Get mask of algorithms disabled by signature list */ 3723 ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK); 3724 3725 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 3726 3727 #ifndef OPENSSL_NO_GOST 3728 if (s->version >= TLS1_VERSION) { 3729 if (alg_k & SSL_kGOST) { 3730 p[ret++] = TLS_CT_GOST01_SIGN; 3731 p[ret++] = TLS_CT_GOST12_SIGN; 3732 p[ret++] = TLS_CT_GOST12_512_SIGN; 3733 return (ret); 3734 } 3735 } 3736 #endif 3737 3738 if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) { 3739 #ifndef OPENSSL_NO_DH 3740 # ifndef OPENSSL_NO_RSA 3741 p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH; 3742 # endif 3743 # ifndef OPENSSL_NO_DSA 3744 p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH; 3745 # endif 3746 #endif /* !OPENSSL_NO_DH */ 3747 } 3748 #ifndef OPENSSL_NO_RSA 3749 if (!(alg_a & SSL_aRSA)) 3750 p[ret++] = SSL3_CT_RSA_SIGN; 3751 #endif 3752 #ifndef OPENSSL_NO_DSA 3753 if (!(alg_a & SSL_aDSS)) 3754 p[ret++] = SSL3_CT_DSS_SIGN; 3755 #endif 3756 #ifndef OPENSSL_NO_EC 3757 /* 3758 * ECDSA certs can be used with RSA cipher suites too so we don't 3759 * need to check for SSL_kECDH or SSL_kECDHE 3760 */ 3761 if (s->version >= TLS1_VERSION) { 3762 if (!(alg_a & SSL_aECDSA)) 3763 p[ret++] = TLS_CT_ECDSA_SIGN; 3764 } 3765 #endif 3766 return (ret); 3767 } 3768 3769 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len) 3770 { 3771 OPENSSL_free(c->ctypes); 3772 c->ctypes = NULL; 3773 if (!p || !len) 3774 return 1; 3775 if (len > 0xff) 3776 return 0; 3777 c->ctypes = OPENSSL_malloc(len); 3778 if (c->ctypes == NULL) 3779 return 0; 3780 memcpy(c->ctypes, p, len); 3781 c->ctype_num = len; 3782 return 1; 3783 } 3784 3785 int ssl3_shutdown(SSL *s) 3786 { 3787 int ret; 3788 3789 /* 3790 * Don't do anything much if we have not done the handshake or we don't 3791 * want to send messages :-) 3792 */ 3793 if (s->quiet_shutdown || SSL_in_before(s)) { 3794 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 3795 return (1); 3796 } 3797 3798 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { 3799 s->shutdown |= SSL_SENT_SHUTDOWN; 3800 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); 3801 /* 3802 * our shutdown alert has been sent now, and if it still needs to be 3803 * written, s->s3->alert_dispatch will be true 3804 */ 3805 if (s->s3->alert_dispatch) 3806 return (-1); /* return WANT_WRITE */ 3807 } else if (s->s3->alert_dispatch) { 3808 /* resend it if not sent */ 3809 ret = s->method->ssl_dispatch_alert(s); 3810 if (ret == -1) { 3811 /* 3812 * we only get to return -1 here the 2nd/Nth invocation, we must 3813 * have already signalled return 0 upon a previous invocation, 3814 * return WANT_WRITE 3815 */ 3816 return (ret); 3817 } 3818 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 3819 /* 3820 * If we are waiting for a close from our peer, we are closed 3821 */ 3822 s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0); 3823 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 3824 return (-1); /* return WANT_READ */ 3825 } 3826 } 3827 3828 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) && 3829 !s->s3->alert_dispatch) 3830 return (1); 3831 else 3832 return (0); 3833 } 3834 3835 int ssl3_write(SSL *s, const void *buf, int len) 3836 { 3837 clear_sys_error(); 3838 if (s->s3->renegotiate) 3839 ssl3_renegotiate_check(s); 3840 3841 return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len); 3842 } 3843 3844 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) 3845 { 3846 int ret; 3847 3848 clear_sys_error(); 3849 if (s->s3->renegotiate) 3850 ssl3_renegotiate_check(s); 3851 s->s3->in_read_app_data = 1; 3852 ret = 3853 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len, 3854 peek); 3855 if ((ret == -1) && (s->s3->in_read_app_data == 2)) { 3856 /* 3857 * ssl3_read_bytes decided to call s->handshake_func, which called 3858 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes 3859 * actually found application data and thinks that application data 3860 * makes sense here; so disable handshake processing and try to read 3861 * application data again. 3862 */ 3863 ossl_statem_set_in_handshake(s, 1); 3864 ret = 3865 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, 3866 len, peek); 3867 ossl_statem_set_in_handshake(s, 0); 3868 } else 3869 s->s3->in_read_app_data = 0; 3870 3871 return (ret); 3872 } 3873 3874 int ssl3_read(SSL *s, void *buf, int len) 3875 { 3876 return ssl3_read_internal(s, buf, len, 0); 3877 } 3878 3879 int ssl3_peek(SSL *s, void *buf, int len) 3880 { 3881 return ssl3_read_internal(s, buf, len, 1); 3882 } 3883 3884 int ssl3_renegotiate(SSL *s) 3885 { 3886 if (s->handshake_func == NULL) 3887 return (1); 3888 3889 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) 3890 return (0); 3891 3892 s->s3->renegotiate = 1; 3893 return (1); 3894 } 3895 3896 int ssl3_renegotiate_check(SSL *s) 3897 { 3898 int ret = 0; 3899 3900 if (s->s3->renegotiate) { 3901 if (!RECORD_LAYER_read_pending(&s->rlayer) 3902 && !RECORD_LAYER_write_pending(&s->rlayer) 3903 && !SSL_in_init(s)) { 3904 /* 3905 * if we are the server, and we have sent a 'RENEGOTIATE' 3906 * message, we need to set the state machine into the renegotiate 3907 * state. 3908 */ 3909 ossl_statem_set_renegotiate(s); 3910 s->s3->renegotiate = 0; 3911 s->s3->num_renegotiations++; 3912 s->s3->total_renegotiations++; 3913 ret = 1; 3914 } 3915 } 3916 return (ret); 3917 } 3918 3919 /* 3920 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and 3921 * handshake macs if required. 3922 * 3923 * If PSK and using SHA384 for TLS < 1.2 switch to default. 3924 */ 3925 long ssl_get_algorithm2(SSL *s) 3926 { 3927 long alg2; 3928 if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL) 3929 return -1; 3930 alg2 = s->s3->tmp.new_cipher->algorithm2; 3931 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) { 3932 if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF)) 3933 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 3934 } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) { 3935 if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384)) 3936 return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF; 3937 } 3938 return alg2; 3939 } 3940 3941 /* 3942 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on 3943 * failure, 1 on success. 3944 */ 3945 int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len) 3946 { 3947 int send_time = 0; 3948 3949 if (len < 4) 3950 return 0; 3951 if (server) 3952 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0; 3953 else 3954 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0; 3955 if (send_time) { 3956 unsigned long Time = (unsigned long)time(NULL); 3957 unsigned char *p = result; 3958 l2n(Time, p); 3959 return RAND_bytes(p, len - 4); 3960 } else 3961 return RAND_bytes(result, len); 3962 } 3963 3964 int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen, 3965 int free_pms) 3966 { 3967 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 3968 if (alg_k & SSL_PSK) { 3969 #ifndef OPENSSL_NO_PSK 3970 unsigned char *pskpms, *t; 3971 size_t psklen = s->s3->tmp.psklen; 3972 size_t pskpmslen; 3973 3974 /* create PSK premaster_secret */ 3975 3976 /* For plain PSK "other_secret" is psklen zeroes */ 3977 if (alg_k & SSL_kPSK) 3978 pmslen = psklen; 3979 3980 pskpmslen = 4 + pmslen + psklen; 3981 pskpms = OPENSSL_malloc(pskpmslen); 3982 if (pskpms == NULL) { 3983 s->session->master_key_length = 0; 3984 goto err; 3985 } 3986 t = pskpms; 3987 s2n(pmslen, t); 3988 if (alg_k & SSL_kPSK) 3989 memset(t, 0, pmslen); 3990 else 3991 memcpy(t, pms, pmslen); 3992 t += pmslen; 3993 s2n(psklen, t); 3994 memcpy(t, s->s3->tmp.psk, psklen); 3995 3996 OPENSSL_clear_free(s->s3->tmp.psk, psklen); 3997 s->s3->tmp.psk = NULL; 3998 s->session->master_key_length = 3999 s->method->ssl3_enc->generate_master_secret(s, 4000 s->session->master_key, 4001 pskpms, pskpmslen); 4002 OPENSSL_clear_free(pskpms, pskpmslen); 4003 #else 4004 /* Should never happen */ 4005 s->session->master_key_length = 0; 4006 goto err; 4007 #endif 4008 } else { 4009 s->session->master_key_length = 4010 s->method->ssl3_enc->generate_master_secret(s, 4011 s->session->master_key, 4012 pms, pmslen); 4013 } 4014 4015 err: 4016 if (pms) { 4017 if (free_pms) 4018 OPENSSL_clear_free(pms, pmslen); 4019 else 4020 OPENSSL_cleanse(pms, pmslen); 4021 } 4022 if (s->server == 0) 4023 s->s3->tmp.pms = NULL; 4024 return s->session->master_key_length >= 0; 4025 } 4026 4027 /* Generate a private key from parameters */ 4028 EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm) 4029 { 4030 EVP_PKEY_CTX *pctx = NULL; 4031 EVP_PKEY *pkey = NULL; 4032 4033 if (pm == NULL) 4034 return NULL; 4035 pctx = EVP_PKEY_CTX_new(pm, NULL); 4036 if (pctx == NULL) 4037 goto err; 4038 if (EVP_PKEY_keygen_init(pctx) <= 0) 4039 goto err; 4040 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) { 4041 EVP_PKEY_free(pkey); 4042 pkey = NULL; 4043 } 4044 4045 err: 4046 EVP_PKEY_CTX_free(pctx); 4047 return pkey; 4048 } 4049 #ifndef OPENSSL_NO_EC 4050 /* Generate a private key a curve ID */ 4051 EVP_PKEY *ssl_generate_pkey_curve(int id) 4052 { 4053 EVP_PKEY_CTX *pctx = NULL; 4054 EVP_PKEY *pkey = NULL; 4055 unsigned int curve_flags; 4056 int nid = tls1_ec_curve_id2nid(id, &curve_flags); 4057 4058 if (nid == 0) 4059 goto err; 4060 if ((curve_flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) { 4061 pctx = EVP_PKEY_CTX_new_id(nid, NULL); 4062 nid = 0; 4063 } else { 4064 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); 4065 } 4066 if (pctx == NULL) 4067 goto err; 4068 if (EVP_PKEY_keygen_init(pctx) <= 0) 4069 goto err; 4070 if (nid != 0 && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, nid) <= 0) 4071 goto err; 4072 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) { 4073 EVP_PKEY_free(pkey); 4074 pkey = NULL; 4075 } 4076 4077 err: 4078 EVP_PKEY_CTX_free(pctx); 4079 return pkey; 4080 } 4081 #endif 4082 4083 /* Derive premaster or master secret for ECDH/DH */ 4084 int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey) 4085 { 4086 int rv = 0; 4087 unsigned char *pms = NULL; 4088 size_t pmslen = 0; 4089 EVP_PKEY_CTX *pctx; 4090 4091 if (privkey == NULL || pubkey == NULL) 4092 return 0; 4093 4094 pctx = EVP_PKEY_CTX_new(privkey, NULL); 4095 4096 if (EVP_PKEY_derive_init(pctx) <= 0 4097 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0 4098 || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) { 4099 goto err; 4100 } 4101 4102 pms = OPENSSL_malloc(pmslen); 4103 if (pms == NULL) 4104 goto err; 4105 4106 if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) 4107 goto err; 4108 4109 if (s->server) { 4110 /* For server generate master secret and discard premaster */ 4111 rv = ssl_generate_master_secret(s, pms, pmslen, 1); 4112 pms = NULL; 4113 } else { 4114 /* For client just save premaster secret */ 4115 s->s3->tmp.pms = pms; 4116 s->s3->tmp.pmslen = pmslen; 4117 pms = NULL; 4118 rv = 1; 4119 } 4120 4121 err: 4122 OPENSSL_clear_free(pms, pmslen); 4123 EVP_PKEY_CTX_free(pctx); 4124 return rv; 4125 } 4126 4127 #ifndef OPENSSL_NO_DH 4128 EVP_PKEY *ssl_dh_to_pkey(DH *dh) 4129 { 4130 EVP_PKEY *ret; 4131 if (dh == NULL) 4132 return NULL; 4133 ret = EVP_PKEY_new(); 4134 if (EVP_PKEY_set1_DH(ret, dh) <= 0) { 4135 EVP_PKEY_free(ret); 4136 return NULL; 4137 } 4138 return ret; 4139 } 4140 #endif 4141