提交 52b8dad8 编写于 作者: B Bodo Möller

Reorganize the data used for SSL ciphersuite pattern matching.

This change resolves a number of problems and obviates multiple kludges.
A new feature is that you can now say "AES256" or "AES128" (not just
"AES", which enables both).

In some cases the ciphersuite list generated from a given string is
affected by this change.  I hope this is just in those cases where the
previous behaviour did not make sense.
上级 cc684e33
......@@ -4,6 +4,28 @@
Changes between 0.9.8e and 0.9.9 [xx XXX xxxx]
*) Split the SSL/TLS algorithm mask (as used for ciphersuite string
processing) into multiple integers instead of setting
"SSL_MKEY_MASK" bits, "SSL_AUTH_MASK" bits, "SSL_ENC_MASK",
"SSL_MAC_MASK", and "SSL_SSL_MASK" bits all in a single integer.
(These masks as well as the individual bit definitions are hidden
away into the non-exported interface ssl/ssl_locl.h, so this
change to the definition of the SSL_CIPHER structure shouldn't
affect applications.) This give us more bits for each of these
categories, so there is no longer a need to coagulate AES128 and
AES256 into a single algorithm bit, and to coagulate Camellia128
and Camellia256 into a single algorithm bit, which has led to all
kinds of kludges.
Thus, among other things, the kludge introduced in 0.9.7m and
0.9.8e for masking out AES256 independently of AES128 or masking
out Camellia256 independently of AES256 is not needed here in 0.9.9.
With the change, we also introduce new ciphersuite aliases that
so far were missing: "AES128", "AES256", "CAMELLIA128", and
"CAMELLIA256".
[Bodo Moeller]
*) Add support for dsa-with-SHA224 and dsa-with-SHA256.
Use the leftmost N bytes of the signature input if the input is
larger than the prime q (with N being the size in bytes of q).
......@@ -430,6 +452,13 @@
Changes between 0.9.8d and 0.9.8e [XX xxx XXXX]
*) Since AES128 and AES256 (and similarly Camellia128 and
Camellia256) share a single mask bit in the logic of
ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
kludge to work properly if AES128 is available and AES256 isn't
(or if Camellia128 is available and Camellia256 isn't).
[Victor Duchovni]
*) Fix the BIT STRING encoding generated by crypto/ec/ec_asn1.c
(within i2d_ECPrivateKey, i2d_ECPKParameters, i2d_ECParameters):
When a point or a seed is encoded in a BIT STRING, we need to
......@@ -1459,6 +1488,11 @@
Changes between 0.9.7l and 0.9.7m [xx XXX xxxx]
*) Since AES128 and AES256 share a single mask bit in the logic of
ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
kludge to work properly if AES128 is available and AES256 isn't.
[Victor Duchovni]
*) Have SSL/TLS server implementation tolerate "mismatched" record
protocol version while receiving ClientHello even if the
ClientHello is fragmented. (The server can't insist on the
......
......@@ -12,7 +12,7 @@
---------------
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......
OpenSSL 0.9.9-dev XX xxx XXXX
Copyright (c) 1998-2005 The OpenSSL Project
Copyright (c) 1998-2007 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.
......
......@@ -83,7 +83,7 @@
* should only keep the versions that are binary compatible with the current.
*/
#define SHLIB_VERSION_HISTORY ""
#define SHLIB_VERSION_NUMBER "0.9.8"
#define SHLIB_VERSION_NUMBER "0.9.9"
#endif /* HEADER_OPENSSLV_H */
......@@ -4,7 +4,7 @@
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
*/
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -274,7 +274,7 @@ int dtls1_connect(SSL *s)
case SSL3_ST_CR_CERT_A:
case SSL3_ST_CR_CERT_B:
/* Check if it is anon DH */
if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL))
{
ret=ssl3_get_server_certificate(s);
if (ret <= 0) goto end;
......@@ -335,7 +335,6 @@ int dtls1_connect(SSL *s)
case SSL3_ST_CW_KEY_EXCH_B:
ret=dtls1_send_client_key_exchange(s);
if (ret <= 0) goto end;
l=s->s3->tmp.new_cipher->algorithms;
/* EAY EAY EAY need to check for DH fix cert
* sent back */
/* For TLS, cert_req is set to 2, so a cert chain
......@@ -684,7 +683,7 @@ int dtls1_send_client_key_exchange(SSL *s)
{
unsigned char *p,*d;
int n;
unsigned long l;
unsigned long alg_k;
#ifndef OPENSSL_NO_RSA
unsigned char *q;
EVP_PKEY *pkey=NULL;
......@@ -698,12 +697,12 @@ int dtls1_send_client_key_exchange(SSL *s)
d=(unsigned char *)s->init_buf->data;
p= &(d[DTLS1_HM_HEADER_LENGTH]);
l=s->s3->tmp.new_cipher->algorithms;
alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
/* Fool emacs indentation */
if (0) {}
#ifndef OPENSSL_NO_RSA
else if (l & SSL_kRSA)
else if (alg_k & SSL_kRSA)
{
RSA *rsa;
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
......@@ -762,7 +761,7 @@ int dtls1_send_client_key_exchange(SSL *s)
}
#endif
#ifndef OPENSSL_NO_KRB5
else if (l & SSL_kKRB5)
else if (alg_k & SSL_kKRB5)
{
krb5_error_code krb5rc;
KSSL_CTX *kssl_ctx = s->kssl_ctx;
......@@ -781,7 +780,7 @@ int dtls1_send_client_key_exchange(SSL *s)
#ifdef KSSL_DEBUG
printf("ssl3_send_client_key_exchange(%lx & %lx)\n",
l, SSL_kKRB5);
alg_k, SSL_kKRB5);
#endif /* KSSL_DEBUG */
authp = NULL;
......@@ -894,7 +893,7 @@ int dtls1_send_client_key_exchange(SSL *s)
}
#endif
#ifndef OPENSSL_NO_DH
else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
{
DH *dh_srvr,*dh_clnt;
......
......@@ -4,7 +4,7 @@
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
*/
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -148,6 +148,7 @@ int dtls1_accept(SSL *s)
unsigned long l,Time=(unsigned long)time(NULL);
void (*cb)(const SSL *ssl,int type,int val)=NULL;
long num1;
unsigned long alg_k;
int ret= -1;
int new_state,state,skip=0;
......@@ -270,7 +271,7 @@ int dtls1_accept(SSL *s)
if (ret <= 0) goto end;
s->new_session = 2;
if ( s->d1->send_cookie)
if (s->d1->send_cookie)
s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
else
s->state = SSL3_ST_SW_SRVR_HELLO_A;
......@@ -303,7 +304,7 @@ int dtls1_accept(SSL *s)
case SSL3_ST_SW_CERT_A:
case SSL3_ST_SW_CERT_B:
/* Check if it is anon DH */
if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL))
{
ret=dtls1_send_server_certificate(s);
if (ret <= 0) goto end;
......@@ -316,13 +317,13 @@ int dtls1_accept(SSL *s)
case SSL3_ST_SW_KEY_EXCH_A:
case SSL3_ST_SW_KEY_EXCH_B:
l=s->s3->tmp.new_cipher->algorithms;
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
/* clear this, it may get reset by
* send_server_key_exchange */
if ((s->options & SSL_OP_EPHEMERAL_RSA)
#ifndef OPENSSL_NO_KRB5
&& !(l & SSL_KRB5)
&& !(alg_k & SSL_kKRB5)
#endif /* OPENSSL_NO_KRB5 */
)
/* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
......@@ -336,8 +337,8 @@ int dtls1_accept(SSL *s)
/* only send if a DH key exchange or
* RSA but we have a sign only certificate */
if (s->s3->tmp.use_rsa_tmp
|| (l & SSL_DH)
|| ((l & SSL_kRSA)
|| (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
|| ((alg_k & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
|| (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
&& EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
......@@ -367,12 +368,12 @@ int dtls1_accept(SSL *s)
/* never request cert in anonymous ciphersuites
* (see section "Certificate request" in SSL 3 drafts
* and in RFC 2246): */
((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
/* ... except when the application insists on verification
* (against the specs, but s3_clnt.c accepts this for SSL 3) */
!(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
/* never request cert in Kerberos ciphersuites */
(s->s3->tmp.new_cipher->algorithms & SSL_aKRB5))
(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
{
/* no cert request */
skip=1;
......@@ -625,7 +626,7 @@ int dtls1_send_hello_verify_request(SSL *s)
*(p++) = s->version & 0xFF;
*(p++) = (unsigned char) s->d1->cookie_len;
if ( s->ctx->app_gen_cookie_cb != NULL &&
if (s->ctx->app_gen_cookie_cb != NULL &&
s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
&(s->d1->cookie_len)) == 0)
{
......@@ -784,7 +785,7 @@ int dtls1_send_server_key_exchange(SSL *s)
EVP_MD_CTX_init(&md_ctx);
if (s->state == SSL3_ST_SW_KEY_EXCH_A)
{
type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
type=s->s3->tmp.new_cipher->algorithm_mkey;
cert=s->cert;
buf=s->init_buf;
......@@ -889,7 +890,7 @@ int dtls1_send_server_key_exchange(SSL *s)
n+=2+nr[i];
}
if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL))
{
if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
== NULL)
......@@ -1107,15 +1108,16 @@ int dtls1_send_server_certificate(SSL *s)
if (s->state == SSL3_ST_SW_CERT_A)
{
x=ssl_get_server_send_cert(s);
if (x == NULL &&
if (x == NULL)
{
/* VRS: allow null cert if auth == KRB5 */
(s->s3->tmp.new_cipher->algorithms
& (SSL_MKEY_MASK|SSL_AUTH_MASK))
!= (SSL_aKRB5|SSL_kKRB5))
if ((s->s3->tmp.new_cipher->algorithm_mkey != SSL_kKRB5) ||
(s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5))
{
SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
return(0);
}
}
l=dtls1_output_cert_chain(s,x);
s->state=SSL3_ST_SW_CERT_B;
......
......@@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include "ssl_locl.h"
#ifndef OPENSSL_NO_SSL2
......@@ -69,131 +122,158 @@ const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT;
/* list of available SSLv2 ciphers (sorted by id) */
OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
/* NULL_WITH_MD5 v3 */
#if 0
/* NULL_WITH_MD5 v3 */
{
1,
SSL2_TXT_NULL_WITH_MD5,
SSL2_CK_NULL_WITH_MD5,
SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_SSLV2,
SSL_kRSA,
SSL_aRSA,
SSL_eNULL,
SSL_MD5,
SSL_SSLV2,
SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE,
0,
0,
0,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
#endif
/* RC4_128_WITH_MD5 */
{
1,
SSL2_TXT_RC4_128_WITH_MD5,
SSL2_CK_RC4_128_WITH_MD5,
SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
SSL_kRSA,
SSL_aRSA,
SSL_RC4,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* RC4_128_EXPORT40_WITH_MD5 */
{
1,
SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
SSL_kRSA,
SSL_aRSA,
SSL_RC4,
SSL_MD5,
SSL_SSLV2,
SSL_EXPORT|SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
40,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* RC2_128_CBC_WITH_MD5 */
{
1,
SSL2_TXT_RC2_128_CBC_WITH_MD5,
SSL2_CK_RC2_128_CBC_WITH_MD5,
SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
SSL_kRSA,
SSL_aRSA,
SSL_RC2,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* RC2_128_CBC_EXPORT40_WITH_MD5 */
{
1,
SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_SSLV2,
SSL_kRSA,
SSL_aRSA,
SSL_RC2,
SSL_MD5,
SSL_SSLV2,
SSL_EXPORT|SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
40,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* IDEA_128_CBC_WITH_MD5 */
#ifndef OPENSSL_NO_IDEA
/* IDEA_128_CBC_WITH_MD5 */
{
1,
SSL2_TXT_IDEA_128_CBC_WITH_MD5,
SSL2_CK_IDEA_128_CBC_WITH_MD5,
SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_SSLV2,
SSL_kRSA,
SSL_aRSA,
SSL_IDEA,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
#endif
/* DES_64_CBC_WITH_MD5 */
{
1,
SSL2_TXT_DES_64_CBC_WITH_MD5,
SSL2_CK_DES_64_CBC_WITH_MD5,
SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_SSLV2,
SSL_kRSA,
SSL_aRSA,
SSL_DES,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP|SSL_LOW,
0,
56,
56,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* DES_192_EDE3_CBC_WITH_MD5 */
{
1,
SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_SSLV2,
SSL_kRSA,
SSL_aRSA,
SSL_3DES,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP|SSL_HIGH,
0,
168,
168,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
/* RC4_64_WITH_MD5 */
#if 0
/* RC4_64_WITH_MD5 */
{
1,
SSL2_TXT_RC4_64_WITH_MD5,
SSL2_CK_RC4_64_WITH_MD5,
SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2,
SSL_kRSA,
SSL_aRSA,
SSL_RC4,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP|SSL_LOW,
SSL2_CF_8_BYTE_ENC,
64,
64,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
#endif
/* NULL SSLeay (testing) */
#if 0
/* NULL SSLeay (testing) */
{
0,
SSL2_TXT_NULL,
......@@ -203,8 +283,6 @@ OPENSSL_GLOBAL SSL_CIPHER ssl2_ciphers[]={
0,
0,
0,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
#endif
......
......@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -180,7 +180,7 @@ IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
int ssl3_connect(SSL *s)
{
BUF_MEM *buf=NULL;
unsigned long Time=(unsigned long)time(NULL),l;
unsigned long Time=(unsigned long)time(NULL);
long num1;
void (*cb)(const SSL *ssl,int type,int val)=NULL;
int ret= -1;
......@@ -288,8 +288,8 @@ int ssl3_connect(SSL *s)
case SSL3_ST_CR_CERT_B:
/* Check if it is anon DH/ECDH */
/* or PSK */
if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithms & SSL_kPSK))
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
!(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
{
ret=ssl3_get_server_certificate(s);
if (ret <= 0) goto end;
......@@ -350,7 +350,6 @@ int ssl3_connect(SSL *s)
case SSL3_ST_CW_KEY_EXCH_B:
ret=ssl3_send_client_key_exchange(s);
if (ret <= 0) goto end;
l=s->s3->tmp.new_cipher->algorithms;
/* EAY EAY EAY need to check for DH fix cert
* sent back */
/* For TLS, cert_req is set to 2, so a cert chain
......@@ -940,8 +939,8 @@ int ssl3_get_server_certificate(SSL *s)
i=ssl_verify_cert_chain(s,sk);
if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)
#ifndef OPENSSL_NO_KRB5
&& (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK))
!= (SSL_aKRB5|SSL_kKRB5)
&& !((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
#endif /* OPENSSL_NO_KRB5 */
)
{
......@@ -967,15 +966,15 @@ int ssl3_get_server_certificate(SSL *s)
pkey=X509_get_pubkey(x);
/* VRS: allow null cert if auth == KRB5 */
need_cert = ((s->s3->tmp.new_cipher->algorithms
& (SSL_MKEY_MASK|SSL_AUTH_MASK))
== (SSL_aKRB5|SSL_kKRB5))? 0: 1;
need_cert = ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
? 0 : 1;
#ifdef KSSL_DEBUG
printf("pkey,x = %p, %p\n", pkey,x);
printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey));
printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name,
s->s3->tmp.new_cipher->algorithms, need_cert);
printf("cipher, alg, nc = %s, %lx, %lx, %d\n", s->s3->tmp.new_cipher->name,
s->s3->tmp.new_cipher->algorithm_mkey, s->s3->tmp.new_cipher->algorithm_auth, need_cert);
#endif /* KSSL_DEBUG */
if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)))
......@@ -1047,7 +1046,7 @@ int ssl3_get_key_exchange(SSL *s)
EVP_MD_CTX md_ctx;
unsigned char *param,*p;
int al,i,j,param_len,ok;
long n,alg;
long n,alg_k,alg_a;
EVP_PKEY *pkey=NULL;
#ifndef OPENSSL_NO_RSA
RSA *rsa=NULL;
......@@ -1080,7 +1079,7 @@ int ssl3_get_key_exchange(SSL *s)
omitted if no identity hint is sent. Set
session->sess_cert anyway to avoid problems
later.*/
if (s->s3->tmp.new_cipher->algorithms & SSL_kPSK)
if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)
{
s->session->sess_cert=ssl_sess_cert_new();
if (s->ctx->psk_identity_hint)
......@@ -1123,11 +1122,12 @@ int ssl3_get_key_exchange(SSL *s)
}
param_len=0;
alg=s->s3->tmp.new_cipher->algorithms;
alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
alg_a=s->s3->tmp.new_cipher->algorithm_auth;
EVP_MD_CTX_init(&md_ctx);
#ifndef OPENSSL_NO_PSK
if (alg & SSL_kPSK)
if (alg_k & SSL_kPSK)
{
char tmp_id_hint[PSK_MAX_IDENTITY_LEN+1];
......@@ -1172,7 +1172,7 @@ int ssl3_get_key_exchange(SSL *s)
else
#endif /* !OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_RSA
if (alg & SSL_kRSA)
if (alg_k & SSL_kRSA)
{
if ((rsa=RSA_new()) == NULL)
{
......@@ -1211,7 +1211,7 @@ int ssl3_get_key_exchange(SSL *s)
n-=param_len;
/* this should be because we are using an export cipher */
if (alg & SSL_aRSA)
if (alg_a & SSL_aRSA)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
else
{
......@@ -1226,7 +1226,7 @@ int ssl3_get_key_exchange(SSL *s)
;
#endif
#ifndef OPENSSL_NO_DH
else if (alg & SSL_kEDH)
else if (alg_k & SSL_kEDH)
{
if ((dh=DH_new()) == NULL)
{
......@@ -1280,14 +1280,14 @@ int ssl3_get_key_exchange(SSL *s)
n-=param_len;
#ifndef OPENSSL_NO_RSA
if (alg & SSL_aRSA)
if (alg_a & SSL_aRSA)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
#else
if (0)
;
#endif
#ifndef OPENSSL_NO_DSA
else if (alg & SSL_aDSS)
else if (alg_a & SSL_aDSS)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
#endif
/* else anonymous DH, so no certificate or pkey. */
......@@ -1295,7 +1295,7 @@ int ssl3_get_key_exchange(SSL *s)
s->session->sess_cert->peer_dh_tmp=dh;
dh=NULL;
}
else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd))
{
al=SSL_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
......@@ -1304,7 +1304,7 @@ int ssl3_get_key_exchange(SSL *s)
#endif /* !OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
else if (alg & SSL_kEECDH)
else if (alg_k & SSL_kEECDH)
{
EC_GROUP *ngroup;
const EC_GROUP *group;
......@@ -1388,11 +1388,11 @@ int ssl3_get_key_exchange(SSL *s)
*/
if (0) ;
#ifndef OPENSSL_NO_RSA
else if (alg & SSL_aRSA)
else if (alg_a & SSL_aRSA)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
#endif
#ifndef OPENSSL_NO_ECDSA
else if (alg & SSL_aECDSA)
else if (alg_a & SSL_aECDSA)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
#endif
/* else anonymous ECDH, so no certificate or pkey. */
......@@ -1403,7 +1403,7 @@ int ssl3_get_key_exchange(SSL *s)
EC_POINT_free(srvr_ecpoint);
srvr_ecpoint = NULL;
}
else if (alg)
else if (alg_k)
{
al=SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE);
......@@ -1508,7 +1508,7 @@ int ssl3_get_key_exchange(SSL *s)
}
else
{
if (!(alg & SSL_aNULL) && !(alg & SSL_kPSK))
if (!(alg_a & SSL_aNULL) && !(alg_k & SSL_kPSK))
/* aNULL or kPSK do not need public keys */
{
SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_INTERNAL_ERROR);
......@@ -1584,8 +1584,7 @@ int ssl3_get_certificate_request(SSL *s)
/* TLS does not like anon-DH with client cert */
if (s->version > SSL3_VERSION)
{
l=s->s3->tmp.new_cipher->algorithms;
if (l & SSL_aNULL)
if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
{
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
......@@ -1724,7 +1723,7 @@ int ssl3_send_client_key_exchange(SSL *s)
{
unsigned char *p,*d;
int n;
unsigned long l;
unsigned long alg_k;
#ifndef OPENSSL_NO_RSA
unsigned char *q;
EVP_PKEY *pkey=NULL;
......@@ -1746,12 +1745,12 @@ int ssl3_send_client_key_exchange(SSL *s)
d=(unsigned char *)s->init_buf->data;
p= &(d[4]);
l=s->s3->tmp.new_cipher->algorithms;
alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
/* Fool emacs indentation */
if (0) {}
#ifndef OPENSSL_NO_RSA
else if (l & SSL_kRSA)
else if (alg_k & SSL_kRSA)
{
RSA *rsa;
unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
......@@ -1810,7 +1809,7 @@ int ssl3_send_client_key_exchange(SSL *s)
}
#endif
#ifndef OPENSSL_NO_KRB5
else if (l & SSL_kKRB5)
else if (alg_k & SSL_kKRB5)
{
krb5_error_code krb5rc;
KSSL_CTX *kssl_ctx = s->kssl_ctx;
......@@ -1944,7 +1943,7 @@ int ssl3_send_client_key_exchange(SSL *s)
}
#endif
#ifndef OPENSSL_NO_DH
else if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
{
DH *dh_srvr,*dh_clnt;
......@@ -2001,7 +2000,7 @@ int ssl3_send_client_key_exchange(SSL *s)
#endif
#ifndef OPENSSL_NO_ECDH
else if ((l & SSL_kECDH) || (l & SSL_kEECDH))
else if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe))
{
const EC_GROUP *srvr_group = NULL;
EC_KEY *tkey;
......@@ -2013,7 +2012,7 @@ int ssl3_send_client_key_exchange(SSL *s)
* computation as part of client certificate?
* If so, set ecdh_clnt_cert to 1.
*/
if ((l & SSL_kECDH) && (s->cert != NULL))
if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->cert != NULL))
{
/* XXX: For now, we do not support client
* authentication using ECDH certificates.
......@@ -2186,7 +2185,7 @@ int ssl3_send_client_key_exchange(SSL *s)
}
#endif /* !OPENSSL_NO_ECDH */
#ifndef OPENSSL_NO_PSK
else if (l & SSL_kPSK)
else if (alg_k & SSL_kPSK)
{
char identity[PSK_MAX_IDENTITY_LEN];
unsigned char *t = NULL;
......@@ -2468,7 +2467,7 @@ int ssl3_send_client_certificate(SSL *s)
int ssl3_check_cert_and_algorithm(SSL *s)
{
int i,idx;
long algs;
long alg_k,alg_a;
EVP_PKEY *pkey=NULL;
SESS_CERT *sc;
#ifndef OPENSSL_NO_RSA
......@@ -2485,10 +2484,11 @@ int ssl3_check_cert_and_algorithm(SSL *s)
goto err;
}
algs=s->s3->tmp.new_cipher->algorithms;
alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
alg_a=s->s3->tmp.new_cipher->algorithm_auth;
/* we don't have a certificate */
if (algs & (SSL_aDH|SSL_aNULL|SSL_aKRB5|SSL_kPSK))
if ((alg_a & (SSL_aDH|SSL_aNULL|SSL_aKRB5)) || (alg_k & SSL_kPSK))
return(1);
#ifndef OPENSSL_NO_RSA
......@@ -2522,20 +2522,20 @@ int ssl3_check_cert_and_algorithm(SSL *s)
/* Check that we have a certificate if we require one */
if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
if ((alg_a & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
goto f_err;
}
#ifndef OPENSSL_NO_DSA
else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
else if ((alg_a & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
goto f_err;
}
#endif
#ifndef OPENSSL_NO_RSA
if ((algs & SSL_kRSA) &&
if ((alg_k & SSL_kRSA) &&
!(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
......@@ -2543,19 +2543,19 @@ int ssl3_check_cert_and_algorithm(SSL *s)
}
#endif
#ifndef OPENSSL_NO_DH
if ((algs & SSL_kEDH) &&
if ((alg_k & SSL_kEDH) &&
!(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
goto f_err;
}
else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
else if ((alg_k & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
goto f_err;
}
#ifndef OPENSSL_NO_DSA
else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
else if ((alg_k & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
goto f_err;
......@@ -2566,7 +2566,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP))
{
#ifndef OPENSSL_NO_RSA
if (algs & SSL_kRSA)
if (alg_k & SSL_kRSA)
{
if (rsa == NULL
|| RSA_size(rsa)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
......@@ -2578,7 +2578,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
else
#endif
#ifndef OPENSSL_NO_DH
if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
{
if (dh == NULL
|| DH_size(dh)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher))
......
......@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -430,11 +430,11 @@ int ssl3_setup_key_block(SSL *s)
if (s->session->cipher != NULL)
{
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3->need_empty_fragments = 0;
#ifndef OPENSSL_NO_RC4
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3->need_empty_fragments = 0;
#endif
}
......
此差异已折叠。
......@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -186,7 +186,7 @@ IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
int ssl3_accept(SSL *s)
{
BUF_MEM *buf;
unsigned long l,Time=(unsigned long)time(NULL);
unsigned long alg_k,Time=(unsigned long)time(NULL);
void (*cb)(const SSL *ssl,int type,int val)=NULL;
long num1;
int ret= -1;
......@@ -325,9 +325,9 @@ int ssl3_accept(SSL *s)
case SSL3_ST_SW_CERT_B:
/* Check if it is anon DH or anon ECDH, */
/* normal PSK or KRB5 */
if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithms & SSL_kPSK)
&& !(s->s3->tmp.new_cipher->algorithms & SSL_aKRB5))
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)
&& !(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
{
ret=ssl3_send_server_certificate(s);
if (ret <= 0) goto end;
......@@ -340,13 +340,13 @@ int ssl3_accept(SSL *s)
case SSL3_ST_SW_KEY_EXCH_A:
case SSL3_ST_SW_KEY_EXCH_B:
l=s->s3->tmp.new_cipher->algorithms;
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
/* clear this, it may get reset by
* send_server_key_exchange */
if ((s->options & SSL_OP_EPHEMERAL_RSA)
#ifndef OPENSSL_NO_KRB5
&& !(l & SSL_KRB5)
&& !(alg_k & SSL_kKRB5)
#endif /* OPENSSL_NO_KRB5 */
)
/* option SSL_OP_EPHEMERAL_RSA sends temporary RSA key
......@@ -373,11 +373,11 @@ int ssl3_accept(SSL *s)
/* PSK: send ServerKeyExchange if PSK identity
* hint if provided */
#ifndef OPENSSL_NO_PSK
|| ((l & SSL_kPSK) && s->ctx->psk_identity_hint)
|| ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
#endif
|| (l & SSL_DH)
|| (l & SSL_kEECDH)
|| ((l & SSL_kRSA)
|| (alg_k & (SSL_kDHr|SSL_kDHd|SSL_kEDH))
|| (alg_k & SSL_kEECDH)
|| ((alg_k & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
|| (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
&& EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
......@@ -407,15 +407,15 @@ int ssl3_accept(SSL *s)
/* never request cert in anonymous ciphersuites
* (see section "Certificate request" in SSL 3 drafts
* and in RFC 2246): */
((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) &&
((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
/* ... except when the application insists on verification
* (against the specs, but s3_clnt.c accepts this for SSL 3) */
!(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
/* never request cert in Kerberos ciphersuites */
(s->s3->tmp.new_cipher->algorithms & SSL_aKRB5)
(s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)
/* With normal PSK Certificates and
* Certificate Requests are omitted */
|| (s->s3->tmp.new_cipher->algorithms & SSL_kPSK))
|| (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
{
/* no cert request */
skip=1;
......@@ -1025,7 +1025,7 @@ int ssl3_get_client_hello(SSL *s)
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
c=sk_SSL_CIPHER_value(sk,i);
if (c->algorithms & SSL_eNULL)
if (c->algorithm_enc & SSL_eNULL)
nc=c;
if (SSL_C_IS_EXPORT(c))
ec=c;
......@@ -1209,7 +1209,7 @@ int ssl3_send_server_key_exchange(SSL *s)
EVP_MD_CTX_init(&md_ctx);
if (s->state == SSL3_ST_SW_KEY_EXCH_A)
{
type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
type=s->s3->tmp.new_cipher->algorithm_mkey;
cert=s->cert;
buf=s->init_buf;
......@@ -1450,8 +1450,8 @@ int ssl3_send_server_key_exchange(SSL *s)
n+=2+nr[i];
}
if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithms & SSL_kPSK))
if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
{
if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
== NULL)
......@@ -1712,7 +1712,7 @@ int ssl3_get_client_key_exchange(SSL *s)
{
int i,al,ok;
long n;
unsigned long l;
unsigned long alg_k;
unsigned char *p;
#ifndef OPENSSL_NO_RSA
RSA *rsa=NULL;
......@@ -1743,10 +1743,10 @@ int ssl3_get_client_key_exchange(SSL *s)
if (!ok) return((int)n);
p=(unsigned char *)s->init_msg;
l=s->s3->tmp.new_cipher->algorithms;
alg_k=s->s3->tmp.new_cipher->algorithm_mkey;
#ifndef OPENSSL_NO_RSA
if (l & SSL_kRSA)
if (alg_k & SSL_kRSA)
{
/* FIX THIS UP EAY EAY EAY EAY */
if (s->s3->tmp.use_rsa_tmp)
......@@ -1852,7 +1852,7 @@ int ssl3_get_client_key_exchange(SSL *s)
else
#endif
#ifndef OPENSSL_NO_DH
if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
{
n2s(p,i);
if (n != i+2)
......@@ -1915,7 +1915,7 @@ int ssl3_get_client_key_exchange(SSL *s)
else
#endif
#ifndef OPENSSL_NO_KRB5
if (l & SSL_kKRB5)
if (alg_k & SSL_kKRB5)
{
krb5_error_code krb5rc;
krb5_data enc_ticket;
......@@ -2109,7 +2109,7 @@ int ssl3_get_client_key_exchange(SSL *s)
#endif /* OPENSSL_NO_KRB5 */
#ifndef OPENSSL_NO_ECDH
if ((l & SSL_kECDH) || (l & SSL_kEECDH))
if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe))
{
int ret = 1;
int field_size = 0;
......@@ -2126,7 +2126,7 @@ int ssl3_get_client_key_exchange(SSL *s)
}
/* Let's get server private key and group information */
if (l & SSL_kECDH)
if (alg_k & (SSL_kECDHr|SSL_kECDHe))
{
/* use the certificate */
tkey = s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec;
......@@ -2162,7 +2162,7 @@ int ssl3_get_client_key_exchange(SSL *s)
{
/* Client Publickey was in Client Certificate */
if (l & SSL_kEECDH)
if (alg_k & SSL_kEECDH)
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_ECDH_KEY);
......@@ -2258,7 +2258,7 @@ int ssl3_get_client_key_exchange(SSL *s)
else
#endif
#ifndef OPENSSL_NO_PSK
if (l & SSL_kPSK)
if (alg_k & SSL_kPSK)
{
unsigned char *t = NULL;
unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN*2+4];
......@@ -2694,15 +2694,16 @@ int ssl3_send_server_certificate(SSL *s)
if (s->state == SSL3_ST_SW_CERT_A)
{
x=ssl_get_server_send_cert(s);
if (x == NULL &&
if (x == NULL)
{
/* VRS: allow null cert if auth == KRB5 */
(s->s3->tmp.new_cipher->algorithms
& (SSL_MKEY_MASK|SSL_AUTH_MASK))
!= (SSL_aKRB5|SSL_kKRB5))
if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5))
{
SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
return(0);
}
}
l=ssl3_output_cert_chain(s,x);
s->state=SSL3_ST_SW_CERT_B;
......
......@@ -56,60 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -273,10 +220,15 @@ extern "C" {
#define SSL_MAX_KEY_ARG_LENGTH 8
#define SSL_MAX_MASTER_KEY_LENGTH 48
/* These are used to specify which ciphers to use and not to use */
#define SSL_TXT_EXP40 "EXPORT40"
#define SSL_TXT_EXP56 "EXPORT56"
#define SSL_TXT_LOW "LOW"
#define SSL_TXT_MEDIUM "MEDIUM"
#define SSL_TXT_HIGH "HIGH"
#define SSL_TXT_kFZA "kFZA" /* unused! */
#define SSL_TXT_aFZA "aFZA" /* unused! */
#define SSL_TXT_eFZA "eFZA" /* unused! */
......@@ -289,6 +241,7 @@ extern "C" {
#define SSL_TXT_kRSA "kRSA"
#define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */
#define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */
#define SSL_TXT_kDH "kDH" /* no such ciphersuites supported! */
#define SSL_TXT_kEDH "kEDH"
#define SSL_TXT_kKRB5 "kKRB5"
#define SSL_TXT_kECDHr "kECDHr"
......@@ -314,25 +267,31 @@ extern "C" {
#define SSL_TXT_EECDH "EECDH" /* same as "kEECDH:-AECDH" */
#define SSL_TXT_AECDH "AECDH"
#define SSL_TXT_ECDSA "ECDSA"
#define SSL_TXT_KRB5 "KRB5"
#define SSL_TXT_PSK "PSK"
#define SSL_TXT_DES "DES"
#define SSL_TXT_3DES "3DES"
#define SSL_TXT_RC4 "RC4"
#define SSL_TXT_RC2 "RC2"
#define SSL_TXT_IDEA "IDEA"
#define SSL_TXT_AES128 "AES128"
#define SSL_TXT_AES256 "AES256"
#define SSL_TXT_AES "AES"
#define SSL_TXT_CAMELLIA128 "CAMELLIA128"
#define SSL_TXT_CAMELLIA256 "CAMELLIA256"
#define SSL_TXT_CAMELLIA "CAMELLIA"
#define SSL_TXT_MD5 "MD5"
#define SSL_TXT_SHA1 "SHA1"
#define SSL_TXT_SHA "SHA"
#define SSL_TXT_EXP "EXP"
#define SSL_TXT_EXPORT "EXPORT"
#define SSL_TXT_EXP40 "EXPORT40"
#define SSL_TXT_EXP56 "EXPORT56"
#define SSL_TXT_SHA "SHA" /* same as "SHA1" */
#define SSL_TXT_SSLV2 "SSLv2"
#define SSL_TXT_SSLV3 "SSLv3"
#define SSL_TXT_TLSV1 "TLSv1"
#define SSL_TXT_KRB5 "KRB5"
#define SSL_TXT_PSK "PSK"
#define SSL_TXT_EXP "EXP"
#define SSL_TXT_EXPORT "EXPORT"
#define SSL_TXT_ALL "ALL"
......@@ -389,13 +348,18 @@ typedef struct ssl_cipher_st
int valid;
const char *name; /* text name */
unsigned long id; /* id, 4 bytes, first is version */
unsigned long algorithms; /* what ciphers are used */
/* changed in 0.9.9: these four used to be portions of a single value 'algorithms' */
unsigned long algorithm_mkey; /* key exchange algorithm */
unsigned long algorithm_auth; /* server authentication */
unsigned long algorithm_enc; /* symmetric encryption */
unsigned long algorithm_mac; /* symmetric authentication */
unsigned long algorithm_ssl; /* (major) protocol version */
unsigned long algo_strength; /* strength and export flags */
unsigned long algorithm2; /* Extra flags */
int strength_bits; /* Number of bits really used */
int alg_bits; /* Number of bits for algorithm */
unsigned long mask; /* used for matching */
unsigned long mask_strength; /* also used for matching */
} SSL_CIPHER;
DECLARE_STACK_OF(SSL_CIPHER)
......
......@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -197,8 +197,10 @@ CERT *ssl_cert_dup(CERT *cert)
* if you find that more readable */
ret->valid = cert->valid;
ret->mask = cert->mask;
ret->export_mask = cert->export_mask;
ret->mask_k = cert->mask_k;
ret->mask_a = cert->mask_a;
ret->export_mask_k = cert->export_mask_k;
ret->export_mask_a = cert->export_mask_a;
#ifndef OPENSSL_NO_RSA
if (cert->rsa_tmp != NULL)
......
此差异已折叠。
......@@ -58,7 +58,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -1303,12 +1303,14 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
{
c=sk_SSL_CIPHER_value(sk,i);
#ifndef OPENSSL_NO_KRB5
if ((c->algorithms & SSL_KRB5) && nokrb5)
if (((c->algorithm_mkey & SSL_kKRB5) || (c->algorithm_auth & SSL_aKRB5)) &&
nokrb5)
continue;
#endif /* OPENSSL_NO_KRB5 */
#ifndef OPENSSL_NO_PSK
/* with PSK there must be client callback set */
if ((c->algorithms & SSL_PSK) && s->psk_client_callback == NULL)
if (((c->algorithm_mkey & SSL_kPSK) || (c->algorithm_auth & SSL_aPSK)) &&
s->psk_client_callback == NULL)
continue;
#endif /* OPENSSL_NO_PSK */
j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
......@@ -1656,7 +1658,7 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
int rsa_enc_export,dh_rsa_export,dh_dsa_export;
int rsa_tmp_export,dh_tmp_export,kl;
unsigned long mask,emask;
unsigned long mask_k,mask_a,emask_k,emask_a;
int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
#ifndef OPENSSL_NO_ECDH
int have_ecdh_tmp;
......@@ -1703,8 +1705,10 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
cpk= &(c->pkeys[SSL_PKEY_ECC]);
have_ecc_cert= (cpk->x509 != NULL && cpk->privatekey != NULL);
mask=0;
emask=0;
mask_k=0;
mask_a=0;
emask_k=0;
emask_a=0;
#ifdef CIPHER_DEBUG
printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
......@@ -1713,50 +1717,52 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
#endif
if (rsa_enc || (rsa_tmp && rsa_sign))
mask|=SSL_kRSA;
mask_k|=SSL_kRSA;
if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
emask|=SSL_kRSA;
emask_k|=SSL_kRSA;
#if 0
/* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
if ( (dh_tmp || dh_rsa || dh_dsa) &&
(rsa_enc || rsa_sign || dsa_sign))
mask|=SSL_kEDH;
mask_k|=SSL_kEDH;
if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
(rsa_enc || rsa_sign || dsa_sign))
emask|=SSL_kEDH;
emask_k|=SSL_kEDH;
#endif
if (dh_tmp_export)
emask|=SSL_kEDH;
emask_k|=SSL_kEDH;
if (dh_tmp)
mask|=SSL_kEDH;
mask_k|=SSL_kEDH;
if (dh_rsa) mask|=SSL_kDHr;
if (dh_rsa_export) emask|=SSL_kDHr;
if (dh_rsa) mask_k|=SSL_kDHr;
if (dh_rsa_export) emask_k|=SSL_kDHr;
if (dh_dsa) mask|=SSL_kDHd;
if (dh_dsa_export) emask|=SSL_kDHd;
if (dh_dsa) mask_k|=SSL_kDHd;
if (dh_dsa_export) emask_k|=SSL_kDHd;
if (rsa_enc || rsa_sign)
{
mask|=SSL_aRSA;
emask|=SSL_aRSA;
mask_a|=SSL_aRSA;
emask_a|=SSL_aRSA;
}
if (dsa_sign)
{
mask|=SSL_aDSS;
emask|=SSL_aDSS;
mask_a|=SSL_aDSS;
emask_a|=SSL_aDSS;
}
mask|=SSL_aNULL;
emask|=SSL_aNULL;
mask_a|=SSL_aNULL;
emask_a|=SSL_aNULL;
#ifndef OPENSSL_NO_KRB5
mask|=SSL_kKRB5|SSL_aKRB5;
emask|=SSL_kKRB5|SSL_aKRB5;
mask_k|=SSL_kKRB5;
mask_a|=SSL_aKRB5;
emask_k|=SSL_kKRB5;
emask_a|=SSL_aKRB5;
#endif
/* An ECC certificate may be usable for ECDH and/or
......@@ -1789,24 +1795,32 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
if (strstr(sig, "WithRSA"))
{
mask|=SSL_kECDHr|SSL_aECDH;
mask_k|=SSL_kECDHr;
mask_a|=SSL_aECDH;
if (ecc_pkey_size <= 163)
emask|=SSL_kECDHr|SSL_aECDH;
{
emask_k|=SSL_kECDHr;
emask_a|=SSL_aECDH;
}
}
if (signature_nid == NID_ecdsa_with_SHA1)
{
mask|=SSL_kECDHe|SSL_aECDH;
mask_k|=SSL_kECDHe;
mask_a|=SSL_aECDH;
if (ecc_pkey_size <= 163)
emask|=SSL_kECDHe|SSL_aECDH;
{
emask_k|=SSL_kECDHe;
emask_a|=SSL_aECDH;
}
}
}
#endif
#ifndef OPENSSL_NO_ECDSA
if (ecdsa_ok)
{
mask|=SSL_aECDSA;
emask|=SSL_aECDSA;
mask_a|=SSL_aECDSA;
emask_a|=SSL_aECDSA;
}
#endif
}
......@@ -1814,18 +1828,22 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
#ifndef OPENSSL_NO_ECDH
if (have_ecdh_tmp)
{
mask|=SSL_kEECDH;
emask|=SSL_kEECDH;
mask_k|=SSL_kEECDH;
emask_k|=SSL_kEECDH;
}
#endif
#ifndef OPENSSL_NO_PSK
mask |= SSL_kPSK | SSL_aPSK;
emask |= SSL_kPSK | SSL_aPSK;
mask_k |= SSL_kPSK;
mask_a |= SSL_aPSK;
emask_k |= SSL_kPSK;
emask_a |= SSL_aPSK;
#endif
c->mask=mask;
c->export_mask=emask;
c->mask_k=mask_k;
c->mask_a=mask_a;
c->export_mask_k=emask_k;
c->export_mask_a=emask_a;
c->valid=1;
}
......@@ -1835,11 +1853,14 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
{
unsigned long alg = cs->algorithms;
unsigned long alg_k, alg_a;
EVP_PKEY *pkey = NULL;
int keysize = 0;
int signature_nid = 0;
alg_k = cs->algorithm_mkey;
alg_a = cs->algorithm_auth;
if (SSL_C_IS_EXPORT(cs))
{
/* ECDH key length in export ciphers must be <= 163 bits */
......@@ -1854,7 +1875,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
X509_check_purpose(x, -1, 0);
if ((x->sig_alg) && (x->sig_alg->algorithm))
signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
if (alg & SSL_kECDHe || alg & SSL_kECDHr)
if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr)
{
/* key usage, if present, must allow key agreement */
if (ku_reject(x, X509v3_KU_KEY_AGREEMENT))
......@@ -1862,7 +1883,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
return 0;
}
if (alg & SSL_kECDHe)
if (alg_k & SSL_kECDHe)
{
/* signature alg must be ECDSA */
if (signature_nid != NID_ecdsa_with_SHA1)
......@@ -1871,7 +1892,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
return 0;
}
}
if (alg & SSL_kECDHr)
if (alg_k & SSL_kECDHr)
{
/* signature alg must be RSA */
......@@ -1888,7 +1909,7 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
}
}
}
if (alg & SSL_aECDSA)
if (alg_a & SSL_aECDSA)
{
/* key usage, if present, must allow signing */
if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))
......@@ -1904,18 +1925,28 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
/* THIS NEEDS CLEANING UP */
X509 *ssl_get_server_send_cert(SSL *s)
{
unsigned long alg,mask,kalg;
unsigned long alg_k,alg_a,mask_k,mask_a;
CERT *c;
int i,is_export;
c=s->cert;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
alg=s->s3->tmp.new_cipher->algorithms;
is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
mask=is_export?c->export_mask:c->mask;
kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
if (is_export)
{
mask_k = c->export_mask_k;
mask_a = c->export_mask_a;
}
else
{
mask_k = c->mask_k;
mask_a = c->mask_a;
}
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
alg_a = s->s3->tmp.new_cipher->algorithm_auth;
if (kalg & SSL_kECDH)
if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe))
{
/* we don't need to look at SSL_kEECDH
* since no certificate is needed for
......@@ -1930,29 +1961,29 @@ X509 *ssl_get_server_send_cert(SSL *s)
*/
i=SSL_PKEY_ECC;
}
else if (kalg & SSL_aECDSA)
else if (alg_a & SSL_aECDSA)
{
i=SSL_PKEY_ECC;
}
else if (kalg & SSL_kDHr)
else if (alg_k & SSL_kDHr)
i=SSL_PKEY_DH_RSA;
else if (kalg & SSL_kDHd)
else if (alg_k & SSL_kDHd)
i=SSL_PKEY_DH_DSA;
else if (kalg & SSL_aDSS)
else if (alg_a & SSL_aDSS)
i=SSL_PKEY_DSA_SIGN;
else if (kalg & SSL_aRSA)
else if (alg_a & SSL_aRSA)
{
if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
i=SSL_PKEY_RSA_SIGN;
else
i=SSL_PKEY_RSA_ENC;
}
else if (kalg & SSL_aKRB5)
else if (alg_a & SSL_aKRB5)
{
/* VRS something else here? */
return(NULL);
}
else /* if (kalg & SSL_aNULL) */
else /* if (alg_a & SSL_aNULL) */
{
SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
return(NULL);
......@@ -1964,16 +1995,16 @@ X509 *ssl_get_server_send_cert(SSL *s)
EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
{
unsigned long alg;
unsigned long alg_a;
CERT *c;
alg=cipher->algorithms;
alg_a = cipher->algorithm_auth;
c=s->cert;
if ((alg & SSL_aDSS) &&
if ((alg_a & SSL_aDSS) &&
(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
else if (alg & SSL_aRSA)
else if (alg_a & SSL_aRSA)
{
if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
......@@ -1982,10 +2013,10 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
else
return(NULL);
}
else if ((alg & SSL_aECDSA) &&
else if ((alg_a & SSL_aECDSA) &&
(c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
return(c->pkeys[SSL_PKEY_ECC].privatekey);
else /* if (alg & SSL_aNULL) */
else /* if (alg_a & SSL_aNULL) */
{
SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
return(NULL);
......
......@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -275,62 +275,56 @@
* that the different entities within are mutually exclusive:
* ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
*/
#define SSL_MKEY_MASK 0x200000FFL
/* Bits for algorithm_mkey (key exchange algorithm) */
#define SSL_kRSA 0x00000001L /* RSA key exchange */
#define SSL_kDHr 0x00000002L /* DH cert, RSA CA cert */ /* no such ciphersuites supported! */
#define SSL_kDHd 0x00000004L /* DH cert, DSA CA cert */ /* no such ciphersuite supported! */
#define SSL_kEDH 0x00000008L /* tmp DH key no DH cert */
#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
#define SSL_kKRB5 0x00000010L /* Kerberos5 key exchange */
#define SSL_kECDHr 0x00000020L /* ECDH cert, RSA CA cert */
#define SSL_kECDHe 0x00000040L /* ECDH cert, ECDSA CA cert */
#define SSL_kECDH (SSL_kECDHr|SSL_kECDHe)
#define SSL_kEECDH 0x00000080L /* ephemeral ECDH */
#define SSL_EECDH (SSL_kEECDH|(SSL_AUTH_MASK^SSL_aNULL))
#define SSL_kPSK 0x20000000L /* PSK */
#define SSL_AUTH_MASK 0x10007f00L
#define SSL_aRSA 0x00000100L /* RSA auth */
#define SSL_aDSS 0x00000200L /* DSS auth */
#define SSL_DSS SSL_aDSS
#define SSL_aNULL 0x00000400L /* no auth (i.e. use ADH or AECDH) */
#define SSL_aDH 0x00000800L /* Fixed DH auth (kDHd or kDHr) */ /* no such ciphersuites supported! */
#define SSL_aECDH 0x00001000L /* Fixed ECDH auth (kECDHe or kECDHr) */
#define SSL_aKRB5 0x00002000L /* KRB5 auth */
#define SSL_aECDSA 0x00004000L /* ECDSA auth*/
#define SSL_ECDSA SSL_aECDSA
#define SSL_aPSK 0x10000000L /* PSK auth */
#define SSL_NULL (SSL_eNULL)
#define SSL_RSA (SSL_kRSA|SSL_aRSA)
#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
#define SSL_ADH (SSL_kEDH|SSL_aNULL)
#define SSL_ECDH (SSL_kECDH|SSL_kEECDH)
#define SSL_AECDH (SSL_kEECDH|SSL_aNULL)
#define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5)
#define SSL_PSK (SSL_kPSK|SSL_aPSK)
#define SSL_ENC_MASK 0x0C3F8000L
#define SSL_DES 0x00008000L
#define SSL_3DES 0x00010000L
#define SSL_RC4 0x00020000L
#define SSL_RC2 0x00040000L
#define SSL_IDEA 0x00080000L
#define SSL_eNULL 0x00200000L
#define SSL_AES 0x04000000L
#define SSL_CAMELLIA 0x08000000L
#define SSL_MAC_MASK 0x00c00000L
#define SSL_MD5 0x00400000L
#define SSL_SHA1 0x00800000L
#define SSL_SHA (SSL_SHA1)
#define SSL_SSL_MASK 0x03000000L
#define SSL_SSLV2 0x01000000L
#define SSL_SSLV3 0x02000000L
#define SSL_kPSK 0x00000100L /* PSK */
/* Bits for algorithm_auth (server authentication) */
#define SSL_aRSA 0x00000001L /* RSA auth */
#define SSL_aDSS 0x00000002L /* DSS auth */
#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */
#define SSL_aDH 0x00000008L /* Fixed DH auth (kDHd or kDHr) */ /* no such ciphersuites supported! */
#define SSL_aECDH 0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
#define SSL_aKRB5 0x00000020L /* KRB5 auth */
#define SSL_aECDSA 0x00000040L /* ECDSA auth*/
#define SSL_aPSK 0x00000080L /* PSK auth */
/* Bits for algorithm_enc (symmetric encryption) */
#define SSL_DES 0x00000001L
#define SSL_3DES 0x00000002L
#define SSL_RC4 0x00000004L
#define SSL_RC2 0x00000008L
#define SSL_IDEA 0x00000010L
#define SSL_eNULL 0x00000020L
#define SSL_AES128 0x00000040L
#define SSL_AES256 0x00000080L
#define SSL_CAMELLIA128 0x00000100L
#define SSL_CAMELLIA256 0x00000200L
#define SSL_AES (SSL_AES128|SSL_AES256)
#define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
/* Bits for algorithm_mac (symmetric authentication) */
#define SSL_MD5 0x00000001L
#define SSL_SHA1 0x00000002L
/* Bits for algorithm_ssl (protocol version) */
#define SSL_SSLV2 0x00000001L
#define SSL_SSLV3 0x00000002L
#define SSL_TLSV1 SSL_SSLV3 /* for now */
/* we have used 3fffffff - 2 bits left to go. */
/*
* Export and cipher strength information. For each cipher we have to decide
......@@ -348,10 +342,11 @@
* be possible.
*/
#define SSL_EXP_MASK 0x00000003L
#define SSL_STRONG_MASK 0x000000fcL
#define SSL_NOT_EXP 0x00000001L
#define SSL_EXPORT 0x00000002L
#define SSL_STRONG_MASK 0x000000fcL
#define SSL_STRONG_NONE 0x00000004L
#define SSL_EXP40 0x00000008L
#define SSL_MICRO (SSL_EXP40)
......@@ -384,17 +379,14 @@
#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
#define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7)
(a) == SSL_DES ? 8 : 7)
#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms, \
#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \
(c)->algo_strength)
#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
#define SSL_ALL 0xffffffffL
#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
SSL_MAC_MASK)
#define SSL_ALL_STRENGTHS (SSL_EXP_MASK|SSL_STRONG_MASK)
/* Mostly for SSLv3 */
#define SSL_PKEY_RSA_ENC 0
......@@ -444,8 +436,10 @@ typedef struct cert_st
/* The following masks are for the key and auth
* algorithms that are supported by the certs below */
int valid;
unsigned long mask;
unsigned long export_mask;
unsigned long mask_k;
unsigned long mask_a;
unsigned long export_mask_k;
unsigned long export_mask_a;
#ifndef OPENSSL_NO_RSA
RSA *rsa_tmp;
RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize);
......
......@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -274,7 +274,9 @@ int tls1_change_cipher_state(SSL *s, int which)
#ifdef KSSL_DEBUG
printf("tls1_change_cipher_state(which= %d) w/\n", which);
printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms,
printf("\talg= %ld/%ld, comp= %p\n",
s->s3->tmp.new_cipher->algorithm_mkey,
s->s3->tmp.new_cipher->algorithm_auth,
comp);
printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
......@@ -531,11 +533,11 @@ printf("\nkey block\n");
if (s->session->cipher != NULL)
{
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL)
if (s->session->cipher->algorithm_enc == SSL_eNULL)
s->s3->need_empty_fragments = 0;
#ifndef OPENSSL_NO_RC4
if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3->need_empty_fragments = 0;
#endif
}
......
......@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -248,7 +248,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
s2n(extdatalen,p);
return ret;
}
}
unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
{
......@@ -294,7 +294,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
s2n(extdatalen,p);
return ret;
}
}
int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
{
......@@ -477,7 +477,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
*p = data;
return 1;
}
}
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
{
......@@ -572,7 +572,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
*p = data;
return 1;
}
}
#ifndef OPENSSL_NO_EC
static int nid_list[] =
......@@ -681,17 +681,20 @@ int ssl_prepare_clienthello_tlsext(SSL *s)
int using_ecc = 0;
int i;
unsigned char *j;
int algs;
unsigned long alg_k, alg_a;
STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(s);
for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++)
{
algs = (sk_SSL_CIPHER_value(cipher_stack, i))->algorithms;
if ((algs & SSL_kECDH) || (algs & SSL_kEECDH) || (algs & SSL_aECDSA))
SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
alg_k = c->algorithm_mkey;
alg_a = c->algorithm_auth;
if ((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe) || (alg_a & SSL_aECDSA)))
{
using_ecc = 1;
break;
}
}
using_ecc = using_ecc && (s->version == TLS1_VERSION);
if (using_ecc)
......@@ -721,7 +724,7 @@ int ssl_prepare_clienthello_tlsext(SSL *s)
}
#endif /* OPENSSL_NO_EC */
return 1;
}
}
int ssl_prepare_serverhello_tlsext(SSL *s)
{
......@@ -730,8 +733,10 @@ int ssl_prepare_serverhello_tlsext(SSL *s)
* if the client sent us an ECPointsFormat extension. Note that the server is not
* supposed to send an EllipticCurves extension.
*/
int algs = s->s3->tmp.new_cipher->algorithms;
int using_ecc = (algs & SSL_kECDH) || (algs & SSL_kEECDH) || (algs & SSL_aECDSA);
unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
int using_ecc = (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA);
using_ecc = using_ecc && (s->session->tlsext_ecpointformatlist != NULL);
if (using_ecc)
......@@ -749,7 +754,7 @@ int ssl_prepare_serverhello_tlsext(SSL *s)
}
#endif /* OPENSSL_NO_EC */
return 1;
}
}
int ssl_check_clienthello_tlsext(SSL *s)
{
......@@ -770,7 +775,8 @@ int ssl_check_clienthello_tlsext(SSL *s)
else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)
ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
switch (ret) {
switch (ret)
{
case SSL_TLSEXT_ERR_ALERT_FATAL:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
return -1;
......@@ -784,7 +790,7 @@ int ssl_check_clienthello_tlsext(SSL *s)
default:
return 1;
}
}
}
int ssl_check_serverhello_tlsext(SSL *s)
{
......@@ -795,9 +801,10 @@ int ssl_check_serverhello_tlsext(SSL *s)
/* If we are client and using an elliptic curve cryptography cipher suite, then server
* must return a an EC point formats lists containing uncompressed.
*/
int algs = s->s3->tmp.new_cipher->algorithms;
unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
if ((s->tlsext_ecpointformatlist != NULL) && (s->tlsext_ecpointformatlist_length > 0) &&
((algs & SSL_kECDH) || (algs & SSL_kEECDH) || (algs & SSL_aECDSA)))
((alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA)))
{
/* we are using an ECC cipher */
size_t i;
......@@ -831,7 +838,8 @@ int ssl_check_serverhello_tlsext(SSL *s)
else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)
ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
switch (ret) {
switch (ret)
{
case SSL_TLSEXT_ERR_ALERT_FATAL:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
return -1;
......@@ -845,6 +853,6 @@ int ssl_check_serverhello_tlsext(SSL *s)
default:
return 1;
}
}
}
#endif
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册