Hi,
after stumbling over another cipher-handling bug, I have updated my
"cipher handling patch", which reorganizes the construction of the cipher
list.
Bug Description: When running into an "unexpected" symbol in the cipher
selection string, the selection routine runs into an endless loop.
Reproduce with "openssl s_server -cipher DEFAULT:=aRSA".
I have appended the README for the complete patch and attached the patch
itself and its PGP signature file.
Regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
-snip--snip--snip--snip--snip--snip--snip--snip--snip--snip--snip--snip--snip-
OpenSSL 56bit cipher handling patch:
Filename: cipher56-patch.X.xx
Reason:
===
This patch enhances the SSL/TLS cipher mechanism to correctly handle
the TLS 56bit ciphers. Without this patch the 56bit ciphers can be enabled,
but the sorting is wrong (visible in client mode, since the first cipher
the client lists and that is available on the server will be used).
It also enhances the the cipher-list commands by a sorting by strength-bits
(as of version B.02) and it fixes a bug in the cipher-command parser
(possible endless loop) (as of version B.03).
This patch also works against openssl-0.9.4 (I use it this way...).
Testplatform was HP-UX 10.20 with HP-cc.
Changes:
After applying the patch, 56bit ciphers are automatically activated.
This patch does not realize the ciphers itself, they are already included
in OpenSSL.
When supplying a cipher command string with an "undefined" symbol (neither
command nor alphanumeric [A-Za-z0-9], ssl_set_cipher_list will hang in
an endless loop (try "openssl s_server -cipher DEFAULT:=RSA"). With this
patch, an error is flagged.
The patch also corrects a problem with round-off when calculating the number
of bits (actually by hardcoding the values into the tables).
Please understand that I am no expert on the ciphers themselve, so somebody
should go over the hardcoded values I have collected from mod_ssl and/or
Apache+SSL.
Interface changes:
==
The syntax for the cipher sorting has been extended to support sorting
by cipher-strength (using the strength_bits hard coded in the tables).
The new command is "@STRENGTH" (see also doc/ssl_ciph).
Remark:
===
Due to the strength-sorting extension, the code of the ssl_create_cipher_list()
function was completely rearranged. I hope that the readability was also
increased :-)
Side-effects:
=
After applying this patch, data structures (SSL_CIPHER) have changed;
typically you only use pointers to the SSL_CIPHER structure, so you might
come away without recompiling your application.
When using Apache+SSL, you will not receive suitable CIPHER information
for the new ciphers, because these are not taken from openssl but from
an internal table within Apache+SSL _not_ containing the 56bit ciphers.
This internal table will be obsolet after applying this patch, please change
lines 712-718 in Apache+SSL 1.39/1.37 to
secretkeysize = SSL_CIPHER_get_bits(
SSL_get_current_cipher(r-connection-client-ssl), keysize);
Things still to be considered:
==
- removal of the TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES conditional compilation
option and full inclusion of the 56bit ciphers
- Correctness of bit values for the ciphers.
- Check the return values of SSL_[CTX_]_set_cipher_list in the example code
like s_server, s_client... Errors are ignored unnoticed.
References/History:
===
I have been in private conversation with Ben Laurie during the development
of this patch.
- The "A" series included only the corrected sorting.
- The "B" series was inspired by Ben's proposal for an additional strength
sorting.
04 Jan 2000, [EMAIL PROTECTED]
cipher56-patch.B.03.gz
-BEGIN PGP SIGNATURE-
Version: PGPfreeware 5.0i for non-commercial use
MessageID: h7eSJs8WowAUish0XAqL/xLtcnH0h7zm
iQCVAwUAOHIdUniZOxScWKZtAQEerAP/awTed/2oMEL1132+QhcYolRRuNm9Z6OP
QWkd6mPVDWzmuDERjdeg2ln+rvjX50bWnLO1FRrW3lXYqNuAsd1I1+uIwqzCKf/8
kabGVW5+JBfsVzDnYj2kc6UMtfY2HjKyo5BM9b1C05zf/sEbC3+iSmBznd/KvMj7
rkNmvVkAAXY=
=qBsT
-END PGP SIGNATURE-
