Hi,
I just discovered a bug in the "56bit cipher handling patch" Version B.03.
It was just introduced with B.03: The cipher name matching was incorrect,
because strncmp(pattern,ciphername,patternlen) will match ok for pattern="ADH"
with patternlen obviously =3 and all ciphernames beginning with "ADH", e.g.
"ADH-DES-CBC-SHA". The length must also be checked.
Please find attached the fixed version B.04.
Best regards,
Lutz Jaenicke
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
-snip--snip--snip--snip--snip--snip--snip--snip--snip--snip--snip--snip--snip-
OpenSSL 56bit cipher handling patch:
====================================
Filename: cipher56-patch.X.xx
Reason:
=======
This patch enhances the SSL/TLS cipher mechanism to correctly handle
the TLS 56bit ciphers. Without this patch the 56bit ciphers can be enabled,
but the sorting is wrong (visible in client mode, since the first cipher
the client lists and that is available on the server will be used).
It also enhances the the cipher-list commands by a sorting by strength-bits
(as of version B.02) and it fixes a bug in the cipher-command parser
(possible endless loop) (as of version B.03).
This patch also works against openssl-0.9.4 (I use it this way...).
Testplatform was HP-UX 10.20 with HP-cc.
Changes:
========
After applying the patch, 56bit ciphers are automatically activated.
This patch does not realize the ciphers itself, they are already included
in OpenSSL.
When supplying a cipher command string with an "undefined" symbol (neither
command nor alphanumeric [A-Za-z0-9], ssl_set_cipher_list will hang in
an endless loop (try "openssl s_server -cipher DEFAULT:=RSA"). With this
patch, an error is flagged.
The patch also corrects a problem with round-off when calculating the number
of bits (actually by hardcoding the values into the tables).
Please understand that I am no expert on the ciphers themselve, so somebody
should go over the hardcoded values I have collected from mod_ssl and/or
Apache+SSL.
Interface changes:
==================
The syntax for the cipher sorting has been extended to support sorting
by cipher-strength (using the strength_bits hard coded in the tables).
The new command is "@STRENGTH" (see also doc/ssl_ciph).
Remark:
=======
Due to the strength-sorting extension, the code of the ssl_create_cipher_list()
function was completely rearranged. I hope that the readability was also
increased :-)
Side-effects:
=============
After applying this patch, data structures (SSL_CIPHER) have changed;
typically you only use pointers to the SSL_CIPHER structure, so you might
come away without recompiling your application.
When using Apache+SSL, you will not receive suitable CIPHER information
for the new ciphers, because these are not taken from openssl but from
an internal table within Apache+SSL _not_ containing the 56bit ciphers.
This internal table will be obsolet after applying this patch, please change
lines 712-718 in Apache+SSL 1.39/1.37 to
secretkeysize = SSL_CIPHER_get_bits(
SSL_get_current_cipher(r->connection->client->ssl), &keysize);
Things still to be considered:
==============================
- removal of the TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES conditional compilation
option and full inclusion of the 56bit ciphers
- Correctness of bit values for the ciphers.
- Check the return values of SSL_[CTX_]_set_cipher_list in the example code
like s_server, s_client... Errors are ignored unnoticed.
References/History:
===================
I have been in private conversation with Ben Laurie during the development
of this patch.
- The "A" series included only the corrected sorting.
- The "B" series was inspired by Ben's proposal for an additional strength
sorting.
- B.03 fixed the endless loop problem for unknown chars in the cipher string.
- B.04 fixed a but introduced in B.03, the expressions were incorrectly matched
by strncmp(), because the length of the cipher name is not checked and so
ADH and ADH-CIPHER-NAME were incorrectly mixed up.
19 Jan 2000, [EMAIL PROTECTED]
--- openssl-SNAP-20000103-vanilla/doc/ssl_ciph Tue Jan 4 15:19:21 2000
+++ openssl-SNAP-20000103/doc/ssl_ciph Tue Jan 4 15:17:47 2000
@@ -0,0 +1,87 @@
+NAME
+ ssl_create_cipher_list - create list of ciphers by control string
+
+SYNOPSIS
+ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(
+ const SSL_METHOD *ssl_method,
+ STACK_OF(SSL_CIPHER) **cipher_list,
+ STACK_OF(SSL_CIPHER) **cipher_list_by_id,
+ const char *rule_str)
+DESCRIPTION
+ ssl_create_cipher_list access the table of built-in ciphers and
+ collects selected ciphers to a sorted list. The selection and
+ sorting is controled by the contents of the string "str".
+
+ The built-in ciphers are obtained only for the protocol chosen
+ by ssl_method (SSLv2/SSLv3/TLSv1). The memory for the new list
+ will be obtained from malloc().
+ A pointer to the same memory will be returned in cipher_list,
+ a pointer to ancopy of the list will be returned in cipher_list_by_id.
+ Memory, to which pointers were passed in cipher_list and
+ cipher_list_by_id will be free()'d.
+
+ If str is NULL, nothing will be done.
+ If cipher_list and/or cipher_list_by_id are NULL, the sorting will be
+ performed, but the result will be discarded afterwards. The pointer
+ returned in cipher_list is invalid.
+
+ Control string:
+ The control string contains a list of commands seperated by ':', no
+ blank space allowed. Matching is case sensitive.
+ The entries are of the form
+ SELECTION -> Add ciphers meeting SELECTION criterion to the list
+ !SELECTION -> Remove ciphers meeting SELECTION criterion from
+ the list
+ +SELECTION -> Move ciphers meeting SELECTION criterion to the end
+ of the list
+ SEL_A+SEL_B -> Move ciphers meeting combined criteria (logical AND)
+ to the end of the list; additional criteria can be
+ added SEL_A+SEL_B+SEL_C...
+ @STRENGTH -> Sort descending by cipher strength, criterion is the
+ number of bits actually used. Can not be combined
+ with other criteria (logical AND) as shown above.
+
+ The selection criteria are:
+ DEFAULT -> Apply the default rule when first entry
+ ALL -> All ciphers
+ RC4, RC2, IDEA, DES, 3DES, eFZA -> Encryption
+ MD5, SHA, SHA1 -> Mac
+ aRSA, aDSS, DSS, aDH, aFZA, aNULL -> Authentication
+ kRSA, kDHr, kDHd, kEDH, kFZA -> MKEY
+ RSA, DH, ADH, EDH, FZA -> combinations
+ SSLv1, SSLv2, TLSv1 -> Respective protocols
+ HIGH, MEDIUM, LOW -> Not export grade ciphers
+ EXPORT56, EXPORT40 -> Export grade ciphers
+ AAA-BBB-CCC -> Any specific cipher
+
+ The default selection string is (when compiled with RSA enabled):
+ "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
+ old versions had
+ "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXPORT56:+EXPORT40"
+
+ Without RSA support compiled in:
+ "ALL:ADH+3DES:ADH+RC4:ADH+DES:@STRENGTH"
+
+RETURN VALUE
+ In the case of success, ssl_create_cipher_list() returns a pointer
+ to a STACK_OF(SSL_CIPHER) which has been allocated.
+ I case of failure, the NULL pointer is returned.
+
+EXAMPLES
+ The default selection string will yield:
+ "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
+ First add all ciphers, then remove anonymous DH. Move RC4/RSA
+ entries to the end of the list, then SSLv2 and finally sort by
+ descending strength.
+ The result is that the ciphers with the smallest strength are last
+ in the list, before them the stronger ones and the strongest first.
+ Within the same strength, SSLv2 has least priority behind TLSv1/SSLv3.
+ Within these groups, RC4/RSA ciphers come behind DH...
+
+KNOWN BUGS
+ If a part of the control string is buggy or a selection/sorting rule
+ does not match any criterion, this part is silently ignored until
+ the next colon or the end of the string is reached.
+ When a wrong special command is given, the selection fails, as well
+ as in case of memory allocation failures. These failures are sometimes
+ not caught from the calling routine.
--- openssl-SNAP-20000103-vanilla/ssl/ssl.h Tue Nov 30 00:00:30 1999
+++ openssl-SNAP-20000103/ssl/ssl.h Tue Jan 4 13:27:50 2000
@@ -123,8 +123,9 @@
#define SSL_TXT_MD5 "MD5"
#define SSL_TXT_SHA1 "SHA1"
#define SSL_TXT_SHA "SHA"
-#define SSL_TXT_EXP40 "EXP"
+#define SSL_TXT_EXP "EXP"
#define SSL_TXT_EXPORT "EXPORT"
+#define SSL_TXT_EXP40 "EXPORT40"
#define SSL_TXT_EXP56 "EXPORT56"
#define SSL_TXT_SSLV2 "SSLv2"
#define SSL_TXT_SSLV3 "SSLv3"
@@ -134,10 +135,10 @@
/* 'DEFAULT' at the start of the cipher list insert the following string
* in addition to this being the default cipher string */
#ifndef NO_RSA
-#define SSL_DEFAULT_CIPHER_LIST
"ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
+#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
#else
#define SSL_ALLOW_ADH
-#define SSL_DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:ADH+3DES:ADH+RC4:ADH+DES:+EXP"
+#define SSL_DEFAULT_CIPHER_LIST "ALL:ADH+3DES:ADH+RC4:ADH+DES:@STRENGTH"
#endif
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
@@ -166,8 +167,12 @@
const char *name; /* text name */
unsigned long id; /* id, 4 bytes, first is version */
unsigned long algorithms; /* what ciphers are used */
+ unsigned long algo_strength; /* strength and export flags */
unsigned long algorithm2; /* Extra flags */
+ int strength_bits; /* Number of bits really used */
+ int alg_bits; /* Number of bits for algorithm */
unsigned long mask; /* used for matching */
+ unsigned long mask_strength; /* also used for matching */
} SSL_CIPHER;
DECLARE_STACK_OF(SSL_CIPHER)
@@ -878,7 +883,7 @@
#endif
-int SSL_CTX_set_cipher_list(SSL_CTX *,char *str);
+int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
void SSL_CTX_free(SSL_CTX *);
long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
@@ -910,7 +915,7 @@
BIO * SSL_get_rbio(SSL *s);
BIO * SSL_get_wbio(SSL *s);
#endif
-int SSL_set_cipher_list(SSL *s, char *str);
+int SSL_set_cipher_list(SSL *s, const char *str);
void SSL_set_read_ahead(SSL *s, int yes);
int SSL_get_verify_mode(SSL *s);
int SSL_get_verify_depth(SSL *s);
@@ -1235,6 +1240,8 @@
#define SSL_F_SSL_CERT_INST 222
#define SSL_F_SSL_CERT_INSTANTIATE 214
#define SSL_F_SSL_CERT_NEW 162
+#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
+#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
#define SSL_F_SSL_CLEAR 164
#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
@@ -1339,6 +1346,7 @@
#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
+#define SSL_R_CIPHER_WRONG_COMMAND 1091
#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
#define SSL_R_COMPRESSION_FAILURE 141
#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
--- openssl-SNAP-20000103-vanilla/ssl/ssl_locl.h Wed Jun 9 19:00:32 1999
+++ openssl-SNAP-20000103/ssl/ssl_locl.h Tue Jan 4 13:27:50 2000
@@ -155,6 +155,19 @@
#define DEC32(a) ((a)=((a)-1)&0xffffffffL)
#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */
+/*
+ * Define the Bitmasks for SSL_CIPHER.algorithms.
+ * This bits are used packed as dense as possible. If new methods/ciphers
+ * etc will be added, the bits a likely to change, so this information
+ * is for internal library use only, even though SSL_CIPHER.algorithms
+ * can be publicly accessed.
+ * Use the according functions for cipher management instead.
+ *
+ * The bit mask hendling in the selection and sorting scheme in
+ * ssl_create_cipher_list() has only limited capabilities, reflecting
+ * that the different entities within are mutually exclusiv:
+ * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
+ */
#define SSL_MKEY_MASK 0x0000001FL
#define SSL_kRSA 0x00000001L /* RSA key exchange */
#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
@@ -191,36 +204,75 @@
#define SSL_SHA1 0x00040000L
#define SSL_SHA (SSL_SHA1)
-#define SSL_EXP_MASK 0x00300000L
-#define SSL_EXP40 0x00100000L
-#define SSL_NOT_EXP 0x00200000L
-#define SSL_EXP56 0x00300000L
-#define SSL_IS_EXPORT(a) ((a)&SSL_EXP40)
-#define SSL_IS_EXPORT56(a) (((a)&SSL_EXP_MASK) == SSL_EXP56)
-#define SSL_IS_EXPORT40(a) (((a)&SSL_EXP_MASK) == SSL_EXP40)
-#define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algorithms)
-#define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algorithms)
-#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algorithms)
-#define SSL_EXPORT_KEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 5 : \
+#define SSL_SSL_MASK 0x00180000L
+#define SSL_SSLV2 0x00080000L
+#define SSL_SSLV3 0x00100000L
+#define SSL_TLSV1 SSL_SSLV3 /* for now */
+
+/* we have used 001fffff - 11 bits left to go */
+
+/*
+ * Export and cipher strenght information. For each cipher we have to decide
+ * whether it is exportable or not. This information is likely to change
+ * over time, since the export control rules are no static technical issue.
+ *
+ * Independent of the export flag the cipher strength is sorted into classes.
+ * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
+ * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
+ * againg (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
+ * since SSL_EXP64 could be similar to SSL_LOW.
+ * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
+ * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
+ * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
+ * be possible.
+ */
+#define SSL_EXP_MASK 0x00000003L
+#define SSL_NOT_EXP 0x00000001L
+#define SSL_EXPORT 0x00000002L
+
+#define SSL_STRONG_MASK 0x0000007cL
+#define SSL_EXP40 0x00000004L
+#define SSL_MICRO (SSL_EXP40)
+#define SSL_EXP56 0x00000008L
+#define SSL_MINI (SSL_EXP56)
+#define SSL_LOW 0x00000010L
+#define SSL_MEDIUM 0x00000020L
+#define SSL_HIGH 0x00000040L
+
+/* we have used 0000007f - 25 bits left to go */
+
+/*
+ * Macros to check the export status and cipher strength for export ciphers.
+ * Even though the macros for EXPORT and EXPORT40/56 have similar names,
+ * their meaning is different:
+ * *_EXPORT macros check the 'exportable' status.
+ * *_EXPORT40/56 macros are used to check whether a certain cipher strength
+ * is given.
+ * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
+ * algorithm structure element to be passed (algorithms, algo_strength) and no
+ * typechecking can be done as they are all of type unsigned long, their
+ * direct usage is discouraged.
+ * Use the SSL_C_* macros instead.
+ */
+#define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT)
+#define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56)
+#define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40)
+#define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength)
+#define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength)
+#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
+
+#define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
-#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms)
-#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algorithms)
+#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms, \
+ (c)->algo_strength)
+#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
-#define SSL_SSL_MASK 0x00c00000L
-#define SSL_SSLV2 0x00400000L
-#define SSL_SSLV3 0x00800000L
-#define SSL_TLSV1 SSL_SSLV3 /* for now */
-
-#define SSL_STRONG_MASK 0x07000000L
-#define SSL_LOW 0x01000000L
-#define SSL_MEDIUM 0x02000000L
-#define SSL_HIGH 0x04000000L
-/* we have used 0fffffff - 4 bits left to go */
#define SSL_ALL 0xffffffffL
#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
- SSL_MAC_MASK|SSL_EXP_MASK)
+ SSL_MAC_MASK)
+#define SSL_ALL_STRENGTHS (SSL_EXP_MASK|SSL_STRONG_MASK)
/* Mostly for SSLv3 */
#define SSL_PKEY_RSA_ENC 0
@@ -256,7 +308,7 @@
CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
* Probably it would make more sense to store
* an index, not a pointer. */
-
+
/* The following masks are for the key and auth
* algorithms that are supported by the certs below */
int valid;
@@ -376,10 +428,10 @@
STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
STACK_OF(SSL_CIPHER) **skp);
int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_METHOD *meth,
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
STACK_OF(SSL_CIPHER) **pref,
STACK_OF(SSL_CIPHER) **sorted,
- char *str);
+ const char *rule_str);
void ssl_update_cache(SSL *s, int mode);
int ssl_cipher_get_evp(SSL_SESSION *s,const EVP_CIPHER **enc,const EVP_MD **md,
SSL_COMP **comp);
--- openssl-SNAP-20000103-vanilla/ssl/tls1.h Sat Jun 5 00:00:45 1999
+++ openssl-SNAP-20000103/ssl/tls1.h Tue Jan 4 13:27:50 2000
@@ -65,7 +65,7 @@
extern "C" {
#endif
-#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
+#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1
#define TLS1_VERSION 0x0301
#define TLS1_VERSION_MAJOR 0x03
--- openssl-SNAP-20000103-vanilla/ssl/s2_lib.c Sat Jun 5 00:00:45 1999
+++ openssl-SNAP-20000103/ssl/s2_lib.c Tue Jan 4 13:27:50 2000
@@ -75,9 +75,12 @@
1,
SSL2_TXT_NULL_WITH_MD5,
SSL2_CK_NULL_WITH_MD5,
- SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_EXP40|SSL_SSLV2,
+ SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
+ SSL_EXPORT|SSL_EXP40,
+ 0,
0,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
#endif
/* RC4_128_EXPORT40_WITH_MD5 */
@@ -85,63 +88,91 @@
1,
SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP40|SSL_SSLV2,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
+ SSL_EXPORT|SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
+ 40,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* RC4_128_WITH_MD5 */
{
1,
SSL2_TXT_RC4_128_WITH_MD5,
SSL2_CK_RC4_128_WITH_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
+ 128,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* RC2_128_CBC_EXPORT40_WITH_MD5 */
{
1,
SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP40|SSL_SSLV2,
+ SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
+ SSL_EXPORT|SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
+ 40,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* RC2_128_CBC_WITH_MD5 */
{
1,
SSL2_TXT_RC2_128_CBC_WITH_MD5,
SSL2_CK_RC2_128_CBC_WITH_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+ SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
+ 128,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* IDEA_128_CBC_WITH_MD5 */
{
1,
SSL2_TXT_IDEA_128_CBC_WITH_MD5,
SSL2_CK_IDEA_128_CBC_WITH_MD5,
- SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+ SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_SSLV2,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
+ 128,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* DES_64_CBC_WITH_MD5 */
{
1,
SSL2_TXT_DES_64_CBC_WITH_MD5,
SSL2_CK_DES_64_CBC_WITH_MD5,
- SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW,
+ SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2,
+ SSL_NOT_EXP|SSL_LOW,
0,
+ 56,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* DES_192_EDE3_CBC_WITH_MD5 */
{
1,
SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
- SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH,
+ SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2,
+ SSL_NOT_EXP|SSL_HIGH,
0,
+ 168,
+ 168,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* RC4_64_WITH_MD5 */
#if 1
@@ -149,9 +180,13 @@
1,
SSL2_TXT_RC4_64_WITH_MD5,
SSL2_CK_RC4_64_WITH_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2|SSL_LOW,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
+ SSL_NOT_EXP|SSL_LOW,
SSL2_CF_8_BYTE_ENC,
+ 64,
+ 64,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
#endif
/* NULL SSLeay (testing) */
@@ -161,7 +196,11 @@
SSL2_TXT_NULL,
SSL2_CK_NULL,
0,
+ 0,
+ 0,
+ 0,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
#endif
--- openssl-SNAP-20000103-vanilla/ssl/s3_clnt.c Fri Sep 24 22:02:39 1999
+++ openssl-SNAP-20000103/ssl/s3_clnt.c Tue Jan 4 13:27:50 2000
@@ -1687,13 +1687,13 @@
#endif
#endif
- if (SSL_IS_EXPORT(algs) && !has_bits(i,EVP_PKT_EXP))
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
{
#ifndef NO_RSA
if (algs & SSL_kRSA)
{
if (rsa == NULL
- || RSA_size(rsa) > SSL_EXPORT_PKEYLENGTH(algs))
+ || RSA_size(rsa) >
+SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
goto f_err;
@@ -1705,7 +1705,7 @@
if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
{
if (dh == NULL
- || DH_size(dh) > SSL_EXPORT_PKEYLENGTH(algs))
+ || DH_size(dh) >
+SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
goto f_err;
--- openssl-SNAP-20000103-vanilla/ssl/s3_lib.c Thu Sep 30 01:00:36 1999
+++ openssl-SNAP-20000103/ssl/s3_lib.c Tue Jan 4 13:27:50 2000
@@ -75,18 +75,26 @@
1,
SSL3_TXT_RSA_NULL_MD5,
SSL3_CK_RSA_NULL_MD5,
- SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
+ SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3,
+ SSL_NOT_EXP,
+ 0,
+ 0,
0,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 02 */
{
1,
SSL3_TXT_RSA_NULL_SHA,
SSL3_CK_RSA_NULL_SHA,
- SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP,
+ 0,
+ 0,
0,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* anon DH */
@@ -95,45 +103,65 @@
1,
SSL3_TXT_ADH_RC4_40_MD5,
SSL3_CK_ADH_RC4_40_MD5,
- SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_EXP40|SSL_SSLV3,
+ SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
+ SSL_EXPORT|SSL_EXP40,
0,
+ 40,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 18 */
{
1,
SSL3_TXT_ADH_RC4_128_MD5,
SSL3_CK_ADH_RC4_128_MD5,
- SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
+ SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
+ SSL_NOT_EXP,
0,
+ 128,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 19 */
{
1,
SSL3_TXT_ADH_DES_40_CBC_SHA,
SSL3_CK_ADH_DES_40_CBC_SHA,
- SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
+ SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
+ SSL_EXPORT|SSL_EXP40,
0,
+ 40,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 1A */
{
1,
SSL3_TXT_ADH_DES_64_CBC_SHA,
SSL3_CK_ADH_DES_64_CBC_SHA,
- SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP,
0,
+ 56,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 1B */
{
1,
SSL3_TXT_ADH_DES_192_CBC_SHA,
SSL3_CK_ADH_DES_192_CBC_SHA,
- SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP,
0,
+ 168,
+ 168,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* RSA again */
@@ -142,72 +170,104 @@
1,
SSL3_TXT_RSA_RC4_40_MD5,
SSL3_CK_RSA_RC4_40_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_EXP40|SSL_SSLV3,
+ SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_SSLV3,
+ SSL_EXPORT|SSL_EXP40,
0,
+ 40,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 04 */
{
1,
SSL3_TXT_RSA_RC4_128_MD5,
SSL3_CK_RSA_RC4_128_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
+ SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
+ 128,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 05 */
{
1,
SSL3_TXT_RSA_RC4_128_SHA,
SSL3_CK_RSA_RC4_128_SHA,
- SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
+ SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
+ 128,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 06 */
{
1,
SSL3_TXT_RSA_RC2_40_MD5,
SSL3_CK_RSA_RC2_40_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_EXP40|SSL_SSLV3,
+ SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_SSLV3,
+ SSL_EXPORT|SSL_EXP40,
0,
+ 40,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 07 */
{
1,
SSL3_TXT_RSA_IDEA_128_SHA,
SSL3_CK_RSA_IDEA_128_SHA,
- SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
+ SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
+ 128,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 08 */
{
1,
SSL3_TXT_RSA_DES_40_CBC_SHA,
SSL3_CK_RSA_DES_40_CBC_SHA,
- SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
+ SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
+ SSL_EXPORT|SSL_EXP40,
0,
+ 40,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 09 */
{
1,
SSL3_TXT_RSA_DES_64_CBC_SHA,
SSL3_CK_RSA_DES_64_CBC_SHA,
- SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_LOW,
0,
+ 56,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 0A */
{
1,
SSL3_TXT_RSA_DES_192_CBC3_SHA,
SSL3_CK_RSA_DES_192_CBC3_SHA,
- SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_HIGH,
0,
+ 168,
+ 168,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* The DH ciphers */
@@ -216,54 +276,78 @@
0,
SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
SSL3_CK_DH_DSS_DES_40_CBC_SHA,
- SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
+ SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
+ SSL_EXPORT|SSL_EXP40,
0,
+ 40,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 0C */
{
0,
SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
SSL3_CK_DH_DSS_DES_64_CBC_SHA,
- SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_LOW,
0,
+ 56,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 0D */
{
0,
SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
- SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_HIGH,
0,
+ 168,
+ 168,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 0E */
{
0,
SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
SSL3_CK_DH_RSA_DES_40_CBC_SHA,
- SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
+ SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
+ SSL_EXPORT|SSL_EXP40,
0,
+ 40,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 0F */
{
0,
SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
SSL3_CK_DH_RSA_DES_64_CBC_SHA,
- SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_LOW,
0,
+ 56,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 10 */
{
0,
SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
- SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_HIGH,
0,
+ 168,
+ 168,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* The Ephemeral DH ciphers */
@@ -272,54 +356,78 @@
1,
SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
- SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
+ SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
+ SSL_EXPORT|SSL_EXP40,
0,
+ 40,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 12 */
{
1,
SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
- SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_LOW,
0,
+ 56,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 13 */
{
1,
SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
- SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_HIGH,
0,
+ 168,
+ 168,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 14 */
{
1,
SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
- SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3,
+ SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
+ SSL_EXPORT|SSL_EXP40,
0,
+ 40,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 15 */
{
1,
SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
- SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_LOW,
0,
+ 56,
+ 56,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 16 */
{
1,
SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
- SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP|SSL_HIGH,
0,
+ 168,
+ 168,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Fortezza */
@@ -328,9 +436,13 @@
0,
SSL3_TXT_FZA_DMS_NULL_SHA,
SSL3_CK_FZA_DMS_NULL_SHA,
- SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP,
+ 0,
+ 0,
0,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 1D */
@@ -338,9 +450,13 @@
0,
SSL3_TXT_FZA_DMS_FZA_SHA,
SSL3_CK_FZA_DMS_FZA_SHA,
- SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP,
+ 0,
+ 0,
0,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 1E */
@@ -348,9 +464,13 @@
0,
SSL3_TXT_FZA_DMS_RC4_SHA,
SSL3_CK_FZA_DMS_RC4_SHA,
- SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_SSLV3,
+ SSL_NOT_EXP,
0,
+ 128,
+ 128,
SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
@@ -360,54 +480,78 @@
1,
TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP56|SSL_TLSV1,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1,
+ SSL_EXPORT|SSL_EXP56,
0,
- SSL_ALL_CIPHERS
+ 56,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 61 */
{
1,
TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
- SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP56|SSL_TLSV1,
+ SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1,
+ SSL_EXPORT|SSL_EXP56,
0,
- SSL_ALL_CIPHERS
+ 56,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 62 */
{
1,
TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
- SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_EXP56|SSL_TLSV1,
+ SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
+ SSL_EXPORT|SSL_EXP56,
0,
- SSL_ALL_CIPHERS
+ 56,
+ 56,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 63 */
{
1,
TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
- SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_EXP56|SSL_TLSV1,
+ SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
+ SSL_EXPORT|SSL_EXP56,
0,
- SSL_ALL_CIPHERS
+ 56,
+ 56,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 64 */
{
1,
TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
- SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_EXP56|SSL_TLSV1,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
+ SSL_EXPORT|SSL_EXP56,
0,
- SSL_ALL_CIPHERS
+ 56,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 65 */
{
1,
TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
- SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_EXP56|SSL_TLSV1,
+ SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
+ SSL_EXPORT|SSL_EXP56,
0,
- SSL_ALL_CIPHERS
+ 56,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
},
/* Cipher 66 */
{
@@ -415,8 +559,12 @@
TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1,
+ SSL_NOT_EXP,
0,
- SSL_ALL_CIPHERS
+ 128,
+ 128,
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS
},
#endif
@@ -865,7 +1013,7 @@
emask=cert->export_mask;
alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
- if (SSL_IS_EXPORT(c->algorithms))
+ if (SSL_C_IS_EXPORT(c))
{
ok=((alg & emask) == alg)?1:0;
#ifdef CIPHER_DEBUG
--- openssl-SNAP-20000103-vanilla/ssl/s3_srvr.c Sun Jan 2 20:00:25 2000
+++ openssl-SNAP-20000103/ssl/s3_srvr.c Tue Jan 4 13:27:50 2000
@@ -270,8 +270,8 @@
|| (l & (SSL_DH|SSL_kFZA))
|| ((l & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
- || (SSL_IS_EXPORT(l)
- &&
EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_EXPORT_PKEYLENGTH(l)
+ || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
+ &&
+EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 >
+SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
)
)
)
--- openssl-SNAP-20000103-vanilla/ssl/ssl_ciph.c Mon Jun 7 23:00:56 1999
+++ openssl-SNAP-20000103/ssl/ssl_ciph.c Wed Jan 19 11:37:43 2000
@@ -83,24 +83,11 @@
NULL,NULL,
};
-typedef struct cipher_sort_st
- {
- SSL_CIPHER *cipher;
- int pref;
- } CIPHER_SORT;
-
#define CIPHER_ADD 1
#define CIPHER_KILL 2
#define CIPHER_DEL 3
#define CIPHER_ORD 4
-
-typedef struct cipher_choice_st
- {
- int type;
- unsigned long algorithms;
- unsigned long mask;
- long top;
- } CIPHER_CHOICE;
+#define CIPHER_SPECIAL 5
typedef struct cipher_order_st
{
@@ -110,56 +97,57 @@
struct cipher_order_st *next,*prev;
} CIPHER_ORDER;
-static SSL_CIPHER cipher_aliases[]={
+static const SSL_CIPHER cipher_aliases[]={
/* Don't include eNULL unless specifically enabled */
- {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, 0,SSL_ALL}, /* must be first */
- {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,SSL_MKEY_MASK},
- {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,SSL_MKEY_MASK},
- {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,SSL_MKEY_MASK},
- {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,SSL_MKEY_MASK},
- {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,SSL_MKEY_MASK},
- {0,SSL_TXT_DH, 0,SSL_DH, 0,SSL_MKEY_MASK},
- {0,SSL_TXT_EDH, 0,SSL_EDH, 0,SSL_MKEY_MASK|SSL_AUTH_MASK},
-
- {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,SSL_AUTH_MASK},
- {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,SSL_AUTH_MASK},
- {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,SSL_AUTH_MASK},
- {0,SSL_TXT_aNULL,0,SSL_aNULL,0,SSL_AUTH_MASK},
- {0,SSL_TXT_aDH, 0,SSL_aDH, 0,SSL_AUTH_MASK},
- {0,SSL_TXT_DSS, 0,SSL_DSS, 0,SSL_AUTH_MASK},
-
- {0,SSL_TXT_DES, 0,SSL_DES, 0,SSL_ENC_MASK},
- {0,SSL_TXT_3DES,0,SSL_3DES, 0,SSL_ENC_MASK},
- {0,SSL_TXT_RC4, 0,SSL_RC4, 0,SSL_ENC_MASK},
- {0,SSL_TXT_RC2, 0,SSL_RC2, 0,SSL_ENC_MASK},
- {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,SSL_ENC_MASK},
- {0,SSL_TXT_eNULL,0,SSL_eNULL,0,SSL_ENC_MASK},
- {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,SSL_ENC_MASK},
-
- {0,SSL_TXT_MD5, 0,SSL_MD5, 0,SSL_MAC_MASK},
- {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,SSL_MAC_MASK},
- {0,SSL_TXT_SHA, 0,SSL_SHA, 0,SSL_MAC_MASK},
-
- {0,SSL_TXT_NULL,0,SSL_NULL, 0,SSL_ENC_MASK},
- {0,SSL_TXT_RSA, 0,SSL_RSA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK},
- {0,SSL_TXT_ADH, 0,SSL_ADH, 0,SSL_AUTH_MASK|SSL_MKEY_MASK},
- {0,SSL_TXT_FZA, 0,SSL_FZA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK},
-
- {0,SSL_TXT_EXP40, 0,SSL_EXP40, 0,SSL_EXP_MASK},
- {0,SSL_TXT_EXPORT,0,SSL_EXP40, 0,SSL_EXP_MASK},
- {0,SSL_TXT_EXP56, 0,SSL_EXP56, 0,SSL_EXP_MASK},
- {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,SSL_SSL_MASK},
- {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,SSL_SSL_MASK},
- {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,SSL_SSL_MASK},
- {0,SSL_TXT_LOW, 0,SSL_LOW, 0,SSL_STRONG_MASK},
- {0,SSL_TXT_MEDIUM,0,SSL_MEDIUM,0,SSL_STRONG_MASK},
- {0,SSL_TXT_HIGH, 0,SSL_HIGH, 0,SSL_STRONG_MASK},
+ {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /*
+must be first */
+ {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0},
+ {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0},
+ {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0},
+ {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0},
+ {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0},
+ {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0},
+ {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0},
+
+ {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0},
+ {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0},
+ {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0},
+ {0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0},
+ {0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0},
+ {0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0},
+
+ {0,SSL_TXT_DES, 0,SSL_DES, 0,0,0,0,SSL_ENC_MASK,0},
+ {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0},
+ {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0},
+ {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0},
+ {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0},
+ {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0},
+ {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0},
+
+ {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0},
+ {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0},
+ {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0},
+
+ {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0},
+ {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
+ {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0},
+ {0,SSL_TXT_FZA, 0,SSL_FZA,
+0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0},
+
+ {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0},
+ {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0},
+ {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0},
+
+ {0,SSL_TXT_EXP ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
+ {0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK},
+ {0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK},
+ {0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK},
+ {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK},
+ {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK},
+ {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK},
};
static int init_ciphers=1;
-static void load_ciphers();
-static int cmp_by_name(SSL_CIPHER **a, SSL_CIPHER **b)
+static int cmp_by_name(const SSL_CIPHER **a, const SSL_CIPHER **b)
{
return(strcmp((*a)->name,(*b)->name));
}
@@ -294,170 +282,321 @@
*tail=curr;
}
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_METHOD *ssl_method,
- STACK_OF(SSL_CIPHER) **cipher_list,
- STACK_OF(SSL_CIPHER) **cipher_list_by_id,
- char *str)
+static unsigned long ssl_cipher_get_disabled(void)
{
- SSL_CIPHER *c;
- char *l;
- STACK_OF(SSL_CIPHER) *ret=NULL,*ok=NULL;
-#define CL_BUF 40
- char buf[CL_BUF];
- char *tmp_str=NULL;
- unsigned long mask,algorithms,ma;
- char *start;
- int i,j,k,num=0,ch,multi;
- unsigned long al;
- STACK *ca_list=NULL;
- int current_x,num_x;
- CIPHER_CHOICE *ops=NULL;
- CIPHER_ORDER *list=NULL,*head=NULL,*tail=NULL,*curr,*tail2,*curr2;
- int list_num;
- int type;
- SSL_CIPHER c_tmp,*cp;
-
- if (str == NULL) return(NULL);
-
- if (strncmp(str,"DEFAULT",7) == 0)
- {
- i=strlen(str)+2+strlen(SSL_DEFAULT_CIPHER_LIST);
- if ((tmp_str=Malloc(i)) == NULL)
- {
- SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- strcpy(tmp_str,SSL_DEFAULT_CIPHER_LIST);
- strcat(tmp_str,":");
- strcat(tmp_str,&(str[7]));
- str=tmp_str;
- }
- if (init_ciphers) load_ciphers();
-
- num=ssl_method->num_ciphers();
-
- if ((ret=sk_SSL_CIPHER_new(NULL)) == NULL) goto err;
- if ((ca_list=(STACK *)sk_new(cmp_by_name)) == NULL) goto err;
+ unsigned long mask;
- mask =SSL_kFZA;
+ mask = SSL_kFZA;
#ifdef NO_RSA
- mask|=SSL_aRSA|SSL_kRSA;
+ mask |= SSL_aRSA|SSL_kRSA;
#endif
#ifdef NO_DSA
- mask|=SSL_aDSS;
+ mask |= SSL_aDSS;
#endif
#ifdef NO_DH
- mask|=SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
+ mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
#endif
#ifdef SSL_FORBID_ENULL
- mask|=SSL_eNULL;
+ mask |= SSL_eNULL;
#endif
- mask|=(ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL)?SSL_DES :0;
- mask|=(ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL)?SSL_3DES:0;
- mask|=(ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL)?SSL_RC4 :0;
- mask|=(ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL)?SSL_RC2 :0;
- mask|=(ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL)?SSL_IDEA:0;
- mask|=(ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL)?SSL_eFZA:0;
+ mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0;
+ mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0;
+ mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0;
+ mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0;
+ mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0;
+ mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0;
- mask|=(ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL)?SSL_MD5 :0;
- mask|=(ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL)?SSL_SHA1:0;
+ mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0;
+ mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0;
- if ((list=(CIPHER_ORDER *)Malloc(sizeof(CIPHER_ORDER)*num)) == NULL)
- goto err;
+ return(mask);
+ }
+
+static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
+ int num_of_ciphers, unsigned long mask, CIPHER_ORDER *list,
+ CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
+ {
+ unsigned int i, list_num;
+ SSL_CIPHER *c;
+
+ /*
+ * We have num_of_ciphers descriptions compiled in, depending on the
+ * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
+ * These will later be sorted in a linked list with at most num
+ * entries.
+ */
/* Get the initial list of ciphers */
- list_num=0;
- for (i=0; i<num; i++)
+ list_num = 0; /* actual count of ciphers */
+ for (i = 0; i < num_of_ciphers; i++)
{
- c=ssl_method->get_cipher((unsigned int)i);
+ c = ssl_method->get_cipher(i);
/* drop those that use any of that is not available */
if ((c != NULL) && c->valid && !(c->algorithms & mask))
{
- list[list_num].cipher=c;
- list[list_num].next=NULL;
- list[list_num].prev=NULL;
- list[list_num].active=0;
+ list[list_num].cipher = c;
+ list[list_num].next = NULL;
+ list[list_num].prev = NULL;
+ list[list_num].active = 0;
list_num++;
+ /*
if (!sk_push(ca_list,(char *)c)) goto err;
+ */
}
}
-
- for (i=1; i<list_num-1; i++)
+
+ /*
+ * Prepare linked list from list entries
+ */
+ for (i = 1; i < list_num - 1; i++)
{
- list[i].prev= &(list[i-1]);
- list[i].next= &(list[i+1]);
+ list[i].prev = &(list[i-1]);
+ list[i].next = &(list[i+1]);
}
if (list_num > 0)
{
- head= &(list[0]);
- head->prev=NULL;
- head->next= &(list[1]);
- tail= &(list[list_num-1]);
- tail->prev= &(list[list_num-2]);
- tail->next=NULL;
- }
-
- /* special case */
- cipher_aliases[0].algorithms &= ~mask;
-
- /* get the aliases */
- k=sizeof(cipher_aliases)/sizeof(SSL_CIPHER);
- for (j=0; j<k; j++)
- {
- al=cipher_aliases[j].algorithms;
- /* Drop those that are not relevent */
- if ((al & mask) == al) continue;
- if (!sk_push(ca_list,(char *)&(cipher_aliases[j]))) goto err;
- }
-
- /* ca_list now holds a 'stack' of SSL_CIPHERS, some real, some
- * 'aliases' */
-
- /* how many parameters are there? */
- num=1;
- for (l=str; *l; l++)
- if (ITEM_SEP(*l))
- num++;
- ops=(CIPHER_CHOICE *)Malloc(sizeof(CIPHER_CHOICE)*num);
- if (ops == NULL) goto err;
- memset(ops,0,sizeof(CIPHER_CHOICE)*num);
-
- /* we now parse the input string and create our operations */
- l=str;
- i=0;
- current_x=0;
+ (*head_p) = &(list[0]);
+ (*head_p)->prev = NULL;
+ (*head_p)->next = &(list[1]);
+ (*tail_p) = &(list[list_num - 1]);
+ (*tail_p)->prev = &(list[list_num - 2]);
+ (*tail_p)->next = NULL;
+ }
+ }
+
+static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list,
+ int num_of_group_aliases, unsigned long mask,
+ CIPHER_ORDER *head)
+ {
+ CIPHER_ORDER *ciph_curr;
+ SSL_CIPHER **ca_curr;
+ int i;
+
+ /*
+ * First, add the real ciphers as already collected
+ */
+ ciph_curr = head;
+ ca_curr = ca_list;
+ while (ciph_curr != NULL)
+ {
+ *ca_curr = ciph_curr->cipher;
+ ca_curr++;
+ ciph_curr = ciph_curr->next;
+ }
+
+ /*
+ * Now we add the available ones from the cipher_aliases[] table.
+ * They represent either an algorithm, that must be fully
+ * supported (not match any bit in mask) or represent a cipher
+ * strength value (will be added in any case because algorithms=0).
+ */
+ for (i = 0; i < num_of_group_aliases; i++)
+ {
+ if ((i == 0) || /* always fetch "ALL" */
+ !(cipher_aliases[i].algorithms & mask))
+ {
+ *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
+ ca_curr++;
+ }
+ }
+
+ *ca_curr = NULL; /* end of list */
+ }
+static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask,
+ unsigned long algo_strength, unsigned long mask_strength,
+ int rule, int strength_bits, CIPHER_ORDER *list,
+ CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
+ {
+ CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2;
+ SSL_CIPHER *cp;
+ unsigned long ma, ma_s;
+
+#ifdef CIPHER_DEBUG
+ printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n",
+ rule, algorithms, mask, algo_strength, mask_strength,
+ strength_bits);
+#endif
+
+ curr = head = *head_p;
+ curr2 = head;
+ tail2 = tail = *tail_p;
for (;;)
{
- ch= *l;
+ if ((curr == NULL) || (curr == tail2)) break;
+ curr = curr2;
+ curr2 = curr->next;
+
+ cp = curr->cipher;
+
+ /*
+ * Selection criteria is either the number of strength_bits
+ * or the algorithm used.
+ */
+ if (strength_bits == -1)
+ {
+ ma = mask & cp->algorithms;
+ ma_s = mask_strength & cp->algo_strength;
+
+#ifdef CIPHER_DEBUG
+ printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask
+= %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask,
+mask_strength);
+ printf("ma = %08lx ma_s %08lx, ma&algo=%08lx,
+ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength);
+#endif
+ /*
+ * Select: if none of the mask bit was met from the
+ * cipher or not all of the bits were met, the
+ * selection does not apply.
+ */
+ if (((ma == 0) && (ma_s == 0)) ||
+ ((ma & algorithms) != ma) ||
+ ((ma_s & algo_strength) != ma_s))
+ continue; /* does not apply */
+ }
+ else if (strength_bits != cp->strength_bits)
+ continue; /* does not apply */
+
+#ifdef CIPHER_DEBUG
+ printf("Action = %d\n", rule);
+#endif
+
+ /* add the cipher if it has not been added yet. */
+ if (rule == CIPHER_ADD)
+ {
+ if (!curr->active)
+ {
+ ll_append_tail(&head, curr, &tail);
+ curr->active = 1;
+ }
+ }
+ /* Move the added cipher to this location */
+ else if (rule == CIPHER_ORD)
+ {
+ if (curr->active)
+ {
+ ll_append_tail(&head, curr, &tail);
+ }
+ }
+ else if (rule == CIPHER_DEL)
+ curr->active = 0;
+ else if (rule == CIPHER_KILL)
+ {
+ if (head == curr)
+ head = curr->next;
+ else
+ curr->prev->next = curr->next;
+ if (tail == curr)
+ tail = curr->prev;
+ curr->active = 0;
+ if (curr->next != NULL)
+ curr->next->prev = curr->prev;
+ if (curr->prev != NULL)
+ curr->prev->next = curr->next;
+ curr->next = NULL;
+ curr->prev = NULL;
+ }
+ }
+
+ *head_p = head;
+ *tail_p = tail;
+ }
+
+static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p,
+ CIPHER_ORDER **tail_p)
+ {
+ int max_strength_bits, i, *number_uses;
+ CIPHER_ORDER *curr;
+
+ /*
+ * This routine sorts the ciphers with descending strength. The sorting
+ * must keep the pre-sorted sequence, so we apply the normal sorting
+ * routine as '+' movement to the end of the list.
+ */
+ max_strength_bits = 0;
+ curr = *head_p;
+ while (curr != NULL)
+ {
+ if (curr->active &&
+ (curr->cipher->strength_bits > max_strength_bits))
+ max_strength_bits = curr->cipher->strength_bits;
+ curr = curr->next;
+ }
+
+ number_uses = Malloc((max_strength_bits + 1) * sizeof(int));
+ if (!number_uses)
+ {
+ SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
+
+ /*
+ * Now find the strength_bits values actually used
+ */
+ curr = *head_p;
+ while (curr != NULL)
+ {
+ if (curr->active)
+ number_uses[curr->cipher->strength_bits]++;
+ curr = curr->next;
+ }
+
+ /*
+ * Go through the list of used strength_bits values in descending
+ * order, omit strength_bits "0".
+ */
+ for (i = max_strength_bits; i > 0; i--)
+ if (number_uses[i] > 0)
+ ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i,
+ list, head_p, tail_p);
+
+ Free(number_uses);
+ return(1);
+ }
- if (ch == '\0') break;
+static int ssl_cipher_process_rulestr(const char *rule_str,
+ CIPHER_ORDER *list, CIPHER_ORDER **head_p,
+ CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list)
+ {
+ unsigned long algorithms, mask, algo_strength, mask_strength;
+ const char *l, *start, *buf;
+ int j, multi, found, rule, retval, ok, buflen;
+ char ch;
+ retval = 1;
+ l = rule_str;
+ for (;;)
+ {
+ ch = *l;
+
+ if (ch == '\0')
+ break; /* done */
if (ch == '-')
- { j=CIPHER_DEL; l++; }
+ { rule = CIPHER_DEL; l++; }
else if (ch == '+')
- { j=CIPHER_ORD; l++; }
+ { rule = CIPHER_ORD; l++; }
else if (ch == '!')
- { j=CIPHER_KILL; l++; }
- else
- { j=CIPHER_ADD; }
+ { rule = CIPHER_KILL; l++; }
+ else if (ch == '@')
+ { rule = CIPHER_SPECIAL; l++; }
+ else
+ { rule = CIPHER_ADD; }
if (ITEM_SEP(ch))
{
l++;
continue;
}
- ops[current_x].type=j;
- ops[current_x].algorithms=0;
- ops[current_x].mask=0;
+
+ algorithms = mask = algo_strength = mask_strength = 0;
start=l;
for (;;)
{
- ch= *l;
- i=0;
+ ch = *l;
+ buf = l;
+ buflen = 0;
#ifndef CHARSET_EBCDIC
while ( ((ch >= 'A') && (ch <= 'Z')) ||
((ch >= '0') && (ch <= '9')) ||
@@ -467,12 +606,28 @@
while ( isalnum(ch) || (ch == '-'))
#endif
{
- buf[i]=ch;
- ch= *(++l);
- i++;
- if (i >= (CL_BUF-2)) break;
+ ch = *(++l);
+ buflen++;
}
- buf[i]='\0';
+
+ if (buflen == 0)
+ {
+ /*
+ * We hit something, we cannot deal with,
+ * it is no command or seperator nor
+ * alphanumeric, so we call this an error.
+ */
+ SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
+ SSL_R_CIPHER_WRONG_COMMAND);
+ retval = found = 0;
+ l++;
+ break;
+ }
+
+ if (rule == CIPHER_SPECIAL)
+ {
+ break; /* special treatment */
+ }
/* check for multi-part specification */
if (ch == '+')
@@ -483,133 +638,236 @@
else
multi=0;
- c_tmp.name=buf;
- j=sk_find(ca_list,(char *)&c_tmp);
- if (j < 0)
- goto end_loop;
-
- cp=(SSL_CIPHER *)sk_value(ca_list,j);
- ops[current_x].algorithms|=cp->algorithms;
- /* We add the SSL_SSL_MASK so we can match the
- * SSLv2 and SSLv3 versions of RC4-MD5 */
- ops[current_x].mask|=cp->mask;
- if (!multi) break;
- }
- current_x++;
- if (ch == '\0') break;
-end_loop:
- /* Make sure we scan until the next valid start point */
- while ((*l != '\0') && ITEM_SEP(*l))
- l++;
- }
-
- num_x=current_x;
- current_x=0;
-
- /* We will now process the list of ciphers, once for each category, to
- * decide what we should do with it. */
- for (j=0; j<num_x; j++)
- {
- algorithms=ops[j].algorithms;
- type=ops[j].type;
- mask=ops[j].mask;
-
- curr=head;
- curr2=head;
- tail2=tail;
- for (;;)
- {
- if ((curr == NULL) || (curr == tail2)) break;
- curr=curr2;
- curr2=curr->next;
-
- cp=curr->cipher;
- ma=mask & cp->algorithms;
- if ((ma == 0) || ((ma & algorithms) != ma))
- {
- /* does not apply */
- continue;
- }
-
- /* add the cipher if it has not been added yet. */
- if (type == CIPHER_ADD)
+ /*
+ * Now search for the name in the ca_list. Be carefule
+ * with the strncmp, because the "buflen" limitation
+ * will make the rule "ADH:SOME" and the cipher
+ * "ADH-MY-CIPHER" look like a match for buflen=3.
+ * So additionally check, whether the cipher name found
+ * has the correct length. We can save a strlen() call,
+ * just checking for the '\0' at the right place is
+ * sufficient, we have to strncmp() anyway.
+ */
+ j = found = 0;
+ while (ca_list[j])
{
- if (!curr->active)
+ if ((ca_list[j]->name[buflen] == '\0') &&
+ !strncmp(buf, ca_list[j]->name, buflen))
{
- ll_append_tail(&head,curr,&tail);
- curr->active=1;
+ found = 1;
+ break;
}
+ else
+ j++;
}
- /* Move the added cipher to this location */
- else if (type == CIPHER_ORD)
+ if (!found)
+ break; /* ignore this entry */
+
+ algorithms |= ca_list[j]->algorithms;
+ mask |= ca_list[j]->mask;
+ algo_strength |= ca_list[j]->algo_strength;
+ mask_strength |= ca_list[j]->mask_strength;
+
+ if (!multi) break;
+ }
+
+ /*
+ * Ok, we have the rule, now apply it
+ */
+ if (rule == CIPHER_SPECIAL)
+ { /* special command */
+ ok = 0;
+ if (!strncmp(buf, "STRENGTH", buflen))
+ ok = ssl_cipher_strength_sort(list,
+ head_p, tail_p);
+ else
+ SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
+ SSL_R_CIPHER_WRONG_COMMAND);
+ if (ok == 0)
+ retval = 0;
+ /*
+ * We do not support any "multi" options
+ * together with "@", so through away the
+ * rest of the command, if any left, until
+ * end or ':' is found.
+ */
+ while ((*l != '\0') && ITEM_SEP(*l))
+ l++;
+ }
+ else if (found)
{
- if (curr->active)
- {
- ll_append_tail(&head,curr,&tail);
- }
+ ssl_cipher_apply_rule(algorithms, mask,
+ algo_strength, mask_strength, rule, -1,
+ list, head_p, tail_p);
}
- else if (type == CIPHER_DEL)
- curr->active=0;
- if (type == CIPHER_KILL)
+ else
{
- if (head == curr)
- head=curr->next;
- else
- curr->prev->next=curr->next;
- if (tail == curr)
- tail=curr->prev;
- curr->active=0;
- if (curr->next != NULL)
- curr->next->prev=curr->prev;
- if (curr->prev != NULL)
- curr->prev->next=curr->next;
- curr->next=NULL;
- curr->prev=NULL;
+ while ((*l != '\0') && ITEM_SEP(*l))
+ l++;
}
- }
+ if (*l == '\0') break; /* done */
}
- for (curr=head; curr != NULL; curr=curr->next)
+ return(retval);
+ }
+
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
+ STACK_OF(SSL_CIPHER) **cipher_list,
+ STACK_OF(SSL_CIPHER) **cipher_list_by_id,
+ const char *rule_str)
+ {
+ int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
+ unsigned long disabled_mask;
+ STACK_OF(SSL_CIPHER) *cipherstack;
+ const char *rule_p;
+ CIPHER_ORDER *list = NULL, *head = NULL, *tail = NULL, *curr;
+ SSL_CIPHER **ca_list = NULL;
+
+ /*
+ * Return with error if nothing to do.
+ */
+ if (rule_str == NULL) return(NULL);
+
+ if (init_ciphers) load_ciphers();
+
+ /*
+ * To reduce the work to do we only want to process the compiled
+ * in algorithms, so we first get the mask of disabled ciphers.
+ */
+ disabled_mask = ssl_cipher_get_disabled();
+
+ /*
+ * Now we have to collect the available ciphers from the compiled
+ * in ciphers. We cannot get more than the number compiled in, so
+ * it is used for allocation.
+ */
+ num_of_ciphers = ssl_method->num_ciphers();
+ list = (CIPHER_ORDER *)Malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
+ if (list == NULL)
+ {
+ SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+ return(NULL); /* Failure */
+ }
+
+ ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask,
+ list, &head, &tail);
+
+ /*
+ * We also need cipher aliases for selecting based on the rule_str.
+ * There might be two types of entries in the rule_str: 1) names
+ * of ciphers themselves 2) aliases for groups of ciphers.
+ * For 1) we need the available ciphers and for 2) the cipher
+ * groups of cipher_aliases added togehter in one list (otherwise
+ * we would be happy with just the cipher_aliases table).
+ */
+ num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
+ num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
+ ca_list =
+ (SSL_CIPHER **)Malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
+ if (ca_list == NULL)
+ {
+ Free(list);
+ SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+ return(NULL); /* Failure */
+ }
+ ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask,
+ head);
+
+ /*
+ * If the rule_string begins with DEFAULT, apply the default rule
+ * before using the (possibly available) additional rules.
+ */
+ ok = 1;
+ rule_p = rule_str;
+ if (strncmp(rule_str,"DEFAULT",7) == 0)
+ {
+ ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
+ list, &head, &tail, ca_list);
+ rule_p += 7;
+ if (*rule_p == ':')
+ rule_p++;
+ }
+
+ if (ok && (strlen(rule_p) > 0))
+ ok = ssl_cipher_process_rulestr(rule_p, list, &head, &tail,
+ ca_list);
+
+ Free(ca_list); /* Not needed anymore */
+
+ if (!ok)
+ { /* Rule processing failure */
+ Free(list);
+ return(NULL);
+ }
+ /*
+ * Allocate new "cipherstack" for the result, return with error
+ * if we cannot get one.
+ */
+ if ((cipherstack = sk_SSL_CIPHER_new(NULL)) == NULL)
+ {
+ Free(list);
+ return(NULL);
+ }
+
+ /*
+ * The cipher selection for the list is done. The ciphers are added
+ * to the resulting precedence to the STACK_OF(SSL_CIPHER).
+ */
+ for (curr = head; curr != NULL; curr = curr->next)
{
if (curr->active)
{
- sk_SSL_CIPHER_push(ret,curr->cipher);
+ sk_SSL_CIPHER_push(cipherstack, curr->cipher);
#ifdef CIPHER_DEBUG
printf("<%s>\n",curr->cipher->name);
#endif
}
}
+ Free(list); /* Not needed any longer */
+ /*
+ * The following passage is a little bit odd. If pointer variables
+ * were supplied to hold STACK_OF(SSL_CIPHER) return information,
+ * the old memory pointed to is free()ed. Then, however, the
+ * cipher_list entry will be assigned just a copy of the returned
+ * cipher stack. For cipher_list_by_id a copy of the cipher stack
+ * will be created. See next comment...
+ */
if (cipher_list != NULL)
{
if (*cipher_list != NULL)
sk_SSL_CIPHER_free(*cipher_list);
- *cipher_list=ret;
+ *cipher_list = cipherstack;
}
if (cipher_list_by_id != NULL)
{
if (*cipher_list_by_id != NULL)
sk_SSL_CIPHER_free(*cipher_list_by_id);
- *cipher_list_by_id=sk_SSL_CIPHER_dup(ret);
+ *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack);
}
+ /*
+ * Now it is getting really strange. If something failed during
+ * the previous pointer assignement or if one of the pointers was
+ * not requested, the error condition is met. That might be
+ * discussable. The strange thing is however that in this case
+ * the memory "ret" pointed to is "free()ed" and hence the pointer
+ * cipher_list becomes wild. The memory reserved for
+ * cipher_list_by_id however is not "free()ed" and stays intact.
+ */
if ( (cipher_list_by_id == NULL) ||
(*cipher_list_by_id == NULL) ||
(cipher_list == NULL) ||
(*cipher_list == NULL))
- goto err;
+ {
+ sk_SSL_CIPHER_free(cipherstack);
+ return(NULL);
+ }
+
sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
- ok=ret;
- ret=NULL;
-err:
- if (tmp_str) Free(tmp_str);
- if (ops != NULL) Free(ops);
- if (ret != NULL) sk_SSL_CIPHER_free(ret);
- if (ca_list != NULL) sk_free(ca_list);
- if (list != NULL) Free(list);
- return(ok);
+ return(cipherstack);
}
char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
@@ -617,15 +875,16 @@
int is_export,pkl,kl;
char *ver,*exp;
char *kx,*au,*enc,*mac;
- unsigned long alg,alg2;
+ unsigned long alg,alg2,alg_s;
static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
alg=cipher->algorithms;
+ alg_s=cipher->algo_strength;
alg2=cipher->algorithm2;
- is_export=SSL_IS_EXPORT(alg);
- pkl=SSL_EXPORT_PKEYLENGTH(alg);
- kl=SSL_EXPORT_KEYLENGTH(alg);
+ is_export=SSL_C_IS_EXPORT(cipher);
+ pkl=SSL_C_EXPORT_PKEYLENGTH(cipher);
+ kl=SSL_C_EXPORT_KEYLENGTH(cipher);
exp=is_export?" export":"";
if (alg & SSL_SSLV2)
@@ -755,34 +1014,13 @@
/* number of bits for symetric cipher */
int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits)
{
- int ret=0,a=0;
- const EVP_CIPHER *enc;
- const EVP_MD *md;
- SSL_SESSION ss;
+ int ret=0;
if (c != NULL)
{
- ss.cipher=c;
- if (!ssl_cipher_get_evp(&ss,&enc,&md,NULL))
- return(0);
-
- a=EVP_CIPHER_key_length(enc)*8;
-
- if (SSL_C_IS_EXPORT(c))
- {
- ret=SSL_C_EXPORT_KEYLENGTH(c)*8;
- }
- else
- {
- if (c->algorithm2 & SSL2_CF_8_BYTE_ENC)
- ret=64;
- else
- ret=a;
- }
+ if (alg_bits != NULL) *alg_bits = c->alg_bits;
+ ret = c->strength_bits;
}
-
- if (alg_bits != NULL) *alg_bits=a;
-
return(ret);
}
--- openssl-SNAP-20000103-vanilla/ssl/ssl_lib.c Thu Dec 2 04:00:27 1999
+++ openssl-SNAP-20000103/ssl/ssl_lib.c Tue Jan 4 13:27:50 2000
@@ -878,7 +878,7 @@
}
/** specify the ciphers to be used by defaut by the SSL_CTX */
-int SSL_CTX_set_cipher_list(SSL_CTX *ctx,char *str)
+int SSL_CTX_set_cipher_list(SSL_CTX *ctx,const char *str)
{
STACK_OF(SSL_CIPHER) *sk;
@@ -889,7 +889,7 @@
}
/** specify the ciphers to be used by the SSL */
-int SSL_set_cipher_list(SSL *s,char *str)
+int SSL_set_cipher_list(SSL *s,const char *str)
{
STACK_OF(SSL_CIPHER) *sk;
@@ -1317,7 +1317,7 @@
c=s->cert;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
alg=s->s3->tmp.new_cipher->algorithms;
- is_export=SSL_IS_EXPORT(alg);
+ is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
mask=is_export?c->export_mask:c->mask;
kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: YB3ubhoVyOJRICgoL7r38chlQE4InwpK
iQCVAwUAOIWVNXiZOxScWKZtAQHJ1QQA0kNfZc5FQa4wiA6JOd2F6xfFw/d+toHH
oFG1vHCRUAuYw+IOx+56YBFu+wX6GZWW8g61bubd3DJXNOB1UquXTENIdqztfGQb
/SDMYSQWskaO2FdYfMi+ZZOC4XzrgGWwuRDP5TqCFAYsB3hRndLVdM+je5Ff2nQM
5PTpFjksFRY=
=aKCz
-----END PGP SIGNATURE-----
