1d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * All rights reserved. 3d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 4d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * This package is an SSL implementation written 5d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * by Eric Young (eay@cryptsoft.com). 6d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * The implementation was written so as to conform with Netscapes SSL. 7d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 8d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * This library is free for commercial and non-commercial use as long as 9d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * the following conditions are aheared to. The following conditions 10d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * apply to all code found in this distribution, be it the RC4, RSA, 11d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * included with this distribution is covered by the same copyright terms 13d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 15d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Copyright remains Eric Young's, and as such any Copyright notices in 16d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * the code are not to be removed. 17d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * If this package is used in a product, Eric Young should be given attribution 18d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * as the author of the parts of the library used. 19d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * This can be in the form of a textual message at program startup or 20d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * in documentation (online or textual) provided with the package. 21d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 22d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Redistribution and use in source and binary forms, with or without 23d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * modification, are permitted provided that the following conditions 24d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * are met: 25d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 1. Redistributions of source code must retain the copyright 26d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * notice, this list of conditions and the following disclaimer. 27d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 2. Redistributions in binary form must reproduce the above copyright 28d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * notice, this list of conditions and the following disclaimer in the 29d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * documentation and/or other materials provided with the distribution. 30d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 3. All advertising materials mentioning features or use of this software 31d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * must display the following acknowledgement: 32d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * "This product includes cryptographic software written by 33d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Eric Young (eay@cryptsoft.com)" 34d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * The word 'cryptographic' can be left out if the rouines from the library 35d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * being used are not cryptographic related :-). 36d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 4. If you include any Windows specific code (or a derivative thereof) from 37d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * the apps directory (application code) you must include an acknowledgement: 38d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 40d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * SUCH DAMAGE. 51d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 52d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * The licence and distribution terms for any publically available version or 53d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * derivative of this code cannot be changed. i.e. this code cannot simply be 54d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * copied and put under another distribution licence 55d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * [including the GNU Public Licence.] 56d9e397b599b13d642138480a28c14db7a136bf0Adam Langley */ 57d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* ==================================================================== 58d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 59d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 60d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Redistribution and use in source and binary forms, with or without 61d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * modification, are permitted provided that the following conditions 62d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * are met: 63d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 64d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 1. Redistributions of source code must retain the above copyright 65d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * notice, this list of conditions and the following disclaimer. 66d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 67d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 2. Redistributions in binary form must reproduce the above copyright 68d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * notice, this list of conditions and the following disclaimer in 69d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * the documentation and/or other materials provided with the 70d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * distribution. 71d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 72d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 3. All advertising materials mentioning features or use of this 73d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * software must display the following acknowledgment: 74d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * "This product includes software developed by the OpenSSL Project 75d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 76d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 77d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 78d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * endorse or promote products derived from this software without 79d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * prior written permission. For written permission, please contact 80d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * openssl-core@openssl.org. 81d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 82d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 5. Products derived from this software may not be called "OpenSSL" 83d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * nor may "OpenSSL" appear in their names without prior written 84d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * permission of the OpenSSL Project. 85d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 86d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 6. Redistributions of any form whatsoever must retain the following 87d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * acknowledgment: 88d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * "This product includes software developed by the OpenSSL Project 89d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 90d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 91d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 92d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 93d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 94d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 95d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 96d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 97d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 98d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 99d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 100d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 101d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 102d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * OF THE POSSIBILITY OF SUCH DAMAGE. 103d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ==================================================================== 104d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 105d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * This product includes cryptographic software written by Eric Young 106d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * (eay@cryptsoft.com). This product includes software written by Tim 107d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Hudson (tjh@cryptsoft.com). 108d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 109d9e397b599b13d642138480a28c14db7a136bf0Adam Langley */ 110d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* ==================================================================== 111d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 112d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 113d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Portions of the attached software ("Contribution") are developed by 114d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 115d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 116d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * The Contribution is licensed pursuant to the OpenSSL open source 117d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * license provided above. 118d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 119d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ECC cipher suite support in OpenSSL originally written by 120d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. 121d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 122d9e397b599b13d642138480a28c14db7a136bf0Adam Langley */ 123d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* ==================================================================== 124d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Copyright 2005 Nokia. All rights reserved. 125d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 126d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * The portions of the attached software ("Contribution") is developed by 127d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Nokia Corporation and is licensed pursuant to the OpenSSL open source 128d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * license. 129d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 130d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * The Contribution, originally written by Mika Kousa and Pasi Eronen of 131d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 132d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * support (see RFC 4279) to OpenSSL. 133d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 134d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * No patent licenses or other rights except those expressly stated in 135d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * the OpenSSL open source license shall be deemed granted or received 136d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * expressly, by implication, estoppel, or otherwise. 137d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 138d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * No assurances are provided by Nokia that the Contribution does not 139d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * infringe the patent or other intellectual property rights of any third 140d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * party or that the license provides you with all the necessary rights 141d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * to make use of the Contribution. 142d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 143d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 144d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 145d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 146d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 147d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * OTHERWISE. */ 148d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 149d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <assert.h> 150d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <stdio.h> 151e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley#include <string.h> 152d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 153d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/buf.h> 154d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/dh.h> 155e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley#include <openssl/err.h> 156d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/md5.h> 157d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/mem.h> 158d9e397b599b13d642138480a28c14db7a136bf0Adam Langley#include <openssl/obj.h> 159d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 160e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley#include "internal.h" 161d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 162d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 163d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyconst SSL3_ENC_METHOD SSLv3_enc_data = { 164d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ssl3_prf, 165d9e397b599b13d642138480a28c14db7a136bf0Adam Langley tls1_setup_key_block, 166d9e397b599b13d642138480a28c14db7a136bf0Adam Langley tls1_generate_master_secret, 167d9e397b599b13d642138480a28c14db7a136bf0Adam Langley tls1_change_cipher_state, 168d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ssl3_final_finish_mac, 169d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ssl3_cert_verify_mac, 170d9e397b599b13d642138480a28c14db7a136bf0Adam Langley SSL3_MD_CLIENT_FINISHED_CONST, 4, 171d9e397b599b13d642138480a28c14db7a136bf0Adam Langley SSL3_MD_SERVER_FINISHED_CONST, 4, 172d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ssl3_alert_code, 173e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley tls1_export_keying_material, 174d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 0, 175d9e397b599b13d642138480a28c14db7a136bf0Adam Langley}; 176d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 17753b272a2813a0b11f107d77100ff8805ada8fbd2Adam Langleyint ssl3_supports_cipher(const SSL_CIPHER *cipher) { 17853b272a2813a0b11f107d77100ff8805ada8fbd2Adam Langley return 1; 179d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 180d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 181e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) { 182d9e397b599b13d642138480a28c14db7a136bf0Adam Langley uint8_t *p = (uint8_t *)s->init_buf->data; 183d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *(p++) = htype; 184d9e397b599b13d642138480a28c14db7a136bf0Adam Langley l2n3(len, p); 185d9e397b599b13d642138480a28c14db7a136bf0Adam Langley s->init_num = (int)len + SSL3_HM_HEADER_LENGTH; 186d9e397b599b13d642138480a28c14db7a136bf0Adam Langley s->init_off = 0; 187d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 188d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* Add the message to the handshake hash. */ 189e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return ssl3_finish_mac(s, (uint8_t *)s->init_buf->data, s->init_num); 190d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 191d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 192d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint ssl3_handshake_write(SSL *s) { return ssl3_do_write(s, SSL3_RT_HANDSHAKE); } 193d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 194d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint ssl3_new(SSL *s) { 195d9e397b599b13d642138480a28c14db7a136bf0Adam Langley SSL3_STATE *s3; 196d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 197d9e397b599b13d642138480a28c14db7a136bf0Adam Langley s3 = OPENSSL_malloc(sizeof *s3); 198d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s3 == NULL) { 199d9e397b599b13d642138480a28c14db7a136bf0Adam Langley goto err; 200d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 201d9e397b599b13d642138480a28c14db7a136bf0Adam Langley memset(s3, 0, sizeof *s3); 202d9e397b599b13d642138480a28c14db7a136bf0Adam Langley memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); 203d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 204d9e397b599b13d642138480a28c14db7a136bf0Adam Langley s->s3 = s3; 205d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 206d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* Set the version to the highest supported version for TLS. This controls the 207d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * initial state of |s->enc_method| and what the API reports as the version 208d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * prior to negotiation. 209d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * 210d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * TODO(davidben): This is fragile and confusing. */ 211d9e397b599b13d642138480a28c14db7a136bf0Adam Langley s->version = TLS1_2_VERSION; 212d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 213d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyerr: 214d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 215d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 216d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 217d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyvoid ssl3_free(SSL *s) { 218d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s == NULL || s->s3 == NULL) { 219d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return; 220d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 221d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 222e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley BUF_MEM_free(s->s3->sniff_buffer); 223d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ssl3_cleanup_key_block(s); 224e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl3_release_read_buffer(s); 225e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl3_release_write_buffer(s); 226e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley DH_free(s->s3->tmp.dh); 227e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley EC_KEY_free(s->s3->tmp.ecdh); 228e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley 229e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); 230e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_free(s->s3->tmp.certificate_types); 231e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_free(s->s3->tmp.peer_ecpointformatlist); 232e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_free(s->s3->tmp.peer_ellipticcurvelist); 233e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_free(s->s3->tmp.peer_psk_identity_hint); 234e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley BIO_free(s->s3->handshake_buffer); 235e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl3_free_digest_list(s); 236e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_free(s->s3->alpn_selected); 237d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 238d9e397b599b13d642138480a28c14db7a136bf0Adam Langley OPENSSL_cleanse(s->s3, sizeof *s->s3); 239d9e397b599b13d642138480a28c14db7a136bf0Adam Langley OPENSSL_free(s->s3); 240d9e397b599b13d642138480a28c14db7a136bf0Adam Langley s->s3 = NULL; 241d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 242d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 243d9e397b599b13d642138480a28c14db7a136bf0Adam Langleystatic int ssl3_set_req_cert_type(CERT *c, const uint8_t *p, size_t len); 244d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 245e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_session_reused(const SSL *ssl) { 246e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return ssl->hit; 247e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 248d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 249e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_total_renegotiations(const SSL *ssl) { 250e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return ssl->s3->total_renegotiations; 251e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 252d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 253e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_num_renegotiations(const SSL *ssl) { 254e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return SSL_total_renegotiations(ssl); 255e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 256d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 257e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_CTX_need_tmp_RSA(const SSL_CTX *ctx) { 258e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 259e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 260d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 261e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_need_rsa(const SSL *ssl) { 262e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 263e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 264d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 265e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, const RSA *rsa) { 266e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 267e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 268d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 269e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_set_tmp_rsa(SSL *ssl, const RSA *rsa) { 270e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 271e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 272d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 273e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_CTX_set_tmp_dh(SSL_CTX *ctx, const DH *dh) { 274e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley DH_free(ctx->cert->dh_tmp); 275e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ctx->cert->dh_tmp = DHparams_dup(dh); 276e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (ctx->cert->dh_tmp == NULL) { 277e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_PUT_ERROR(SSL, SSL_CTX_set_tmp_dh, ERR_R_DH_LIB); 278e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 279e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 280e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 281e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 282d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 283e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_set_tmp_dh(SSL *ssl, const DH *dh) { 284e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley DH_free(ssl->cert->dh_tmp); 285e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl->cert->dh_tmp = DHparams_dup(dh); 286e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (ssl->cert->dh_tmp == NULL) { 287e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_PUT_ERROR(SSL, SSL_set_tmp_dh, ERR_R_DH_LIB); 288e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 289e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 290e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 291e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 292d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 293e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key) { 294e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (ec_key == NULL || EC_KEY_get0_group(ec_key) == NULL) { 295e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_PUT_ERROR(SSL, SSL_CTX_set_tmp_ecdh, ERR_R_PASSED_NULL_PARAMETER); 296e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 297e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 298e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ctx->cert->ecdh_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec_key)); 299e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 300e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 301d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 302e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key) { 303e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (ec_key == NULL || EC_KEY_get0_group(ec_key) == NULL) { 304e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_PUT_ERROR(SSL, SSL_set_tmp_ecdh, ERR_R_PASSED_NULL_PARAMETER); 305e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 306e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 307e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl->cert->ecdh_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec_key)); 308e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 309e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 310d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 311e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx) { 312e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ctx->tlsext_channel_id_enabled = 1; 313e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 314e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 315d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 316e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_enable_tls_channel_id(SSL *ssl) { 317e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl->tlsext_channel_id_enabled = 1; 318e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 319e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 320d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 321e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, EVP_PKEY *private_key) { 322e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ctx->tlsext_channel_id_enabled = 1; 323e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (EVP_PKEY_id(private_key) != EVP_PKEY_EC || 324e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley EVP_PKEY_bits(private_key) != 256) { 325e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_PUT_ERROR(SSL, SSL_CTX_set1_tls_channel_id, 326e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley SSL_R_CHANNEL_ID_NOT_P256); 327e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 328e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 329e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley EVP_PKEY_free(ctx->tlsext_channel_id_private); 330e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ctx->tlsext_channel_id_private = EVP_PKEY_up_ref(private_key); 331e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 332e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 333d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 334e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key) { 335e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl->tlsext_channel_id_enabled = 1; 336e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (EVP_PKEY_id(private_key) != EVP_PKEY_EC || 337e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley EVP_PKEY_bits(private_key) != 256) { 338e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_PUT_ERROR(SSL, SSL_set1_tls_channel_id, SSL_R_CHANNEL_ID_NOT_P256); 339e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 340e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 341e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley EVP_PKEY_free(ssl->tlsext_channel_id_private); 342e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl->tlsext_channel_id_private = EVP_PKEY_up_ref(private_key); 343e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 344e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 345d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 346e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleysize_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out, size_t max_out) { 347e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (!ssl->s3->tlsext_channel_id_valid) { 348e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 349e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 350e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley memcpy(out, ssl->s3->tlsext_channel_id, (max_out < 64) ? max_out : 64); 351e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 64; 352e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 353d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 354e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_set_tlsext_host_name(SSL *ssl, const char *name) { 355e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_free(ssl->tlsext_hostname); 356e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl->tlsext_hostname = NULL; 357d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 358e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (name == NULL) { 359e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 360e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 361e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (strlen(name) > TLSEXT_MAXLEN_host_name) { 362e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_PUT_ERROR(SSL, SSL_set_tlsext_host_name, 363e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley SSL_R_SSL3_EXT_INVALID_SERVERNAME); 364e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 365e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 366e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ssl->tlsext_hostname = BUF_strdup(name); 367e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley if (ssl->tlsext_hostname == NULL) { 368e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_PUT_ERROR(SSL, SSL_set_tlsext_host_name, ERR_R_MALLOC_FAILURE); 369e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 0; 370e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley } 371e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 372e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 373d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 374e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleylong ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) { 375e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley int ret = 0; 376d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 377e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley switch (cmd) { 378d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_CHAIN: 379d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (larg) { 380d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_set1_chain(s->cert, (STACK_OF(X509) *)parg); 381d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 382d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_set0_chain(s->cert, (STACK_OF(X509) *)parg); 383d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 384d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 385d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_CHAIN_CERT: 386d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (larg) { 387d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg); 388d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 389d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg); 390d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 391d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 392d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_GET_CHAIN_CERTS: 393d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *(STACK_OF(X509) **)parg = s->cert->key->chain; 3947a759c7828289d9ba48d980baf1db32372e17e82Adam Langley ret = 1; 395d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 396d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 397d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SELECT_CURRENT_CERT: 398d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_select_current(s->cert, (X509 *)parg); 399d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 400d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_GET_CURVES: { 401d9e397b599b13d642138480a28c14db7a136bf0Adam Langley const uint16_t *clist = s->s3->tmp.peer_ellipticcurvelist; 402d9e397b599b13d642138480a28c14db7a136bf0Adam Langley size_t clistlen = s->s3->tmp.peer_ellipticcurvelist_length; 403d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (parg) { 404d9e397b599b13d642138480a28c14db7a136bf0Adam Langley size_t i; 405d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int *cptr = parg; 406d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int nid; 407d9e397b599b13d642138480a28c14db7a136bf0Adam Langley for (i = 0; i < clistlen; i++) { 408d9e397b599b13d642138480a28c14db7a136bf0Adam Langley nid = tls1_ec_curve_id2nid(clist[i]); 409d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (nid != NID_undef) { 410d9e397b599b13d642138480a28c14db7a136bf0Adam Langley cptr[i] = nid; 411d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 412d9e397b599b13d642138480a28c14db7a136bf0Adam Langley cptr[i] = TLSEXT_nid_unknown | clist[i]; 413d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 414d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 415d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 416d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return (int)clistlen; 417d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 418d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 419d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_CURVES: 420d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return tls1_set_curves(&s->tlsext_ellipticcurvelist, 421d9e397b599b13d642138480a28c14db7a136bf0Adam Langley &s->tlsext_ellipticcurvelist_length, parg, larg); 422d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 423d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_SIGALGS: 424d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return tls1_set_sigalgs(s->cert, parg, larg, 0); 425d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 426d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_CLIENT_SIGALGS: 427d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return tls1_set_sigalgs(s->cert, parg, larg, 1); 428d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 429d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_GET_CLIENT_CERT_TYPES: { 430d9e397b599b13d642138480a28c14db7a136bf0Adam Langley const uint8_t **pctype = parg; 431d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s->server || !s->s3->tmp.cert_req) { 432d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 433d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 434d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (pctype) { 435d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *pctype = s->s3->tmp.certificate_types; 436d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 437d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return (int)s->s3->tmp.num_certificate_types; 438d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 439d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 440d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_CLIENT_CERT_TYPES: 441d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (!s->server) { 442d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 443d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 444d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl3_set_req_cert_type(s->cert, parg, larg); 445d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 446d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_BUILD_CERT_CHAIN: 447d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg); 448d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 449d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_VERIFY_CERT_STORE: 450d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_set_cert_store(s->cert, parg, 0, larg); 451d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 452d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_CHAIN_CERT_STORE: 453d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_set_cert_store(s->cert, parg, 1, larg); 454d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 455d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_GET_SERVER_TMP_KEY: 456d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s->server || !s->session || !s->session->sess_cert) { 457d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 458d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 459d9e397b599b13d642138480a28c14db7a136bf0Adam Langley SESS_CERT *sc; 460d9e397b599b13d642138480a28c14db7a136bf0Adam Langley EVP_PKEY *ptmp; 461d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int rv = 0; 462d9e397b599b13d642138480a28c14db7a136bf0Adam Langley sc = s->session->sess_cert; 463d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (!sc->peer_dh_tmp && !sc->peer_ecdh_tmp) { 464d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 465d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 466d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ptmp = EVP_PKEY_new(); 467d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (!ptmp) { 468d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 469d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 470d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (sc->peer_dh_tmp) { 471d9e397b599b13d642138480a28c14db7a136bf0Adam Langley rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp); 472d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else if (sc->peer_ecdh_tmp) { 473d9e397b599b13d642138480a28c14db7a136bf0Adam Langley rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp); 474d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 475d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (rv) { 476d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *(EVP_PKEY **)parg = ptmp; 477d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 478d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 479d9e397b599b13d642138480a28c14db7a136bf0Adam Langley EVP_PKEY_free(ptmp); 480d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 481d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 482d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 483d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_GET_EC_POINT_FORMATS: { 484d9e397b599b13d642138480a28c14db7a136bf0Adam Langley const uint8_t **pformat = parg; 485d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (!s->s3->tmp.peer_ecpointformatlist) { 486d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 487d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 488d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *pformat = s->s3->tmp.peer_ecpointformatlist; 489d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return (int)s->s3->tmp.peer_ecpointformatlist_length; 490d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 491d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 492d9e397b599b13d642138480a28c14db7a136bf0Adam Langley default: 493d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 494d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 495d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 496d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ret; 497d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 498d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 499d9e397b599b13d642138480a28c14db7a136bf0Adam Langleylong ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) { 500d9e397b599b13d642138480a28c14db7a136bf0Adam Langley switch (cmd) { 501d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 502d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: { 503d9e397b599b13d642138480a28c14db7a136bf0Adam Langley uint8_t *keys = parg; 504d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (!keys) { 505d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 48; 506d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 507d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (larg != 48) { 508d9e397b599b13d642138480a28c14db7a136bf0Adam Langley OPENSSL_PUT_ERROR(SSL, ssl3_ctx_ctrl, SSL_R_INVALID_TICKET_KEYS_LENGTH); 509d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 510d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 511d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 512d9e397b599b13d642138480a28c14db7a136bf0Adam Langley memcpy(ctx->tlsext_tick_key_name, keys, 16); 513d9e397b599b13d642138480a28c14db7a136bf0Adam Langley memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16); 514d9e397b599b13d642138480a28c14db7a136bf0Adam Langley memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16); 515d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 516d9e397b599b13d642138480a28c14db7a136bf0Adam Langley memcpy(keys, ctx->tlsext_tick_key_name, 16); 517d9e397b599b13d642138480a28c14db7a136bf0Adam Langley memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16); 518d9e397b599b13d642138480a28c14db7a136bf0Adam Langley memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16); 519d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 520d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 521d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 522d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 523d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_CURVES: 524d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return tls1_set_curves(&ctx->tlsext_ellipticcurvelist, 525d9e397b599b13d642138480a28c14db7a136bf0Adam Langley &ctx->tlsext_ellipticcurvelist_length, parg, larg); 526d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 527d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_SIGALGS: 528d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return tls1_set_sigalgs(ctx->cert, parg, larg, 0); 529d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 530d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_CLIENT_SIGALGS: 531d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return tls1_set_sigalgs(ctx->cert, parg, larg, 1); 532d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 533d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_CLIENT_CERT_TYPES: 534d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl3_set_req_cert_type(ctx->cert, parg, larg); 535d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 536d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_BUILD_CERT_CHAIN: 537d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg); 538d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 539d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_VERIFY_CERT_STORE: 540d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg); 541d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 542d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SET_CHAIN_CERT_STORE: 543d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg); 544d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 545d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_EXTRA_CHAIN_CERT: 546d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (ctx->extra_certs == NULL) { 547d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ctx->extra_certs = sk_X509_new_null(); 548d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (ctx->extra_certs == NULL) { 549d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 550d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 551d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 552d9e397b599b13d642138480a28c14db7a136bf0Adam Langley sk_X509_push(ctx->extra_certs, (X509 *)parg); 553d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 554d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 555d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 556d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (ctx->extra_certs == NULL && larg == 0) { 557d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 558d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 559d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *(STACK_OF(X509) **)parg = ctx->extra_certs; 560d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 561d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 562d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 563d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 564e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley sk_X509_pop_free(ctx->extra_certs, X509_free); 565e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ctx->extra_certs = NULL; 566d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 567d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 568d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_CHAIN: 569d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (larg) { 570d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_set1_chain(ctx->cert, (STACK_OF(X509) *)parg); 571d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 572d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_set0_chain(ctx->cert, (STACK_OF(X509) *)parg); 573d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 574d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 575d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_CHAIN_CERT: 576d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (larg) { 577d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg); 578d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 579d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg); 580d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 581d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 582d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_GET_CHAIN_CERTS: 583d9e397b599b13d642138480a28c14db7a136bf0Adam Langley *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 584d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 585d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 586d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case SSL_CTRL_SELECT_CURRENT_CERT: 587d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ssl_cert_select_current(ctx->cert, (X509 *)parg); 588d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 589d9e397b599b13d642138480a28c14db7a136bf0Adam Langley default: 590d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 591d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 592d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 593d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 594d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 595d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 596e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_CTX_set_tlsext_servername_callback( 597e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley SSL_CTX *ctx, int (*callback)(SSL *ssl, int *out_alert, void *arg)) { 598e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ctx->tlsext_servername_callback = callback; 599e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 600e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 601d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 602e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg) { 603e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ctx->tlsext_servername_arg = arg; 604e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley return 1; 605e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley} 606d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 607e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyint SSL_CTX_set_tlsext_ticket_key_cb( 608e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley SSL_CTX *ctx, int (*callback)(SSL *ssl, uint8_t *key_name, uint8_t *iv, 609e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx, 610e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley int encrypt)) { 611e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley ctx->tlsext_ticket_key_cb = callback; 612d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 613d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 614d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 615d9e397b599b13d642138480a28c14db7a136bf0Adam Langleystruct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(SSL *s) { 616d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s->cipher_list != NULL) { 617d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return s->cipher_list; 618d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 619d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 620d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s->version >= TLS1_1_VERSION && s->ctx != NULL && 621d9e397b599b13d642138480a28c14db7a136bf0Adam Langley s->ctx->cipher_list_tls11 != NULL) { 622d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return s->ctx->cipher_list_tls11; 623d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 624d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 625d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s->ctx != NULL && s->ctx->cipher_list != NULL) { 626d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return s->ctx->cipher_list; 627d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 628d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 629d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return NULL; 630d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 631d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 632d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyconst SSL_CIPHER *ssl3_choose_cipher( 633e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley SSL *s, STACK_OF(SSL_CIPHER) *clnt, 634d9e397b599b13d642138480a28c14db7a136bf0Adam Langley struct ssl_cipher_preference_list_st *server_pref) { 635d9e397b599b13d642138480a28c14db7a136bf0Adam Langley const SSL_CIPHER *c, *ret = NULL; 636d9e397b599b13d642138480a28c14db7a136bf0Adam Langley STACK_OF(SSL_CIPHER) *srvr = server_pref->ciphers, *prio, *allow; 637d9e397b599b13d642138480a28c14db7a136bf0Adam Langley size_t i; 638d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int ok; 639d9e397b599b13d642138480a28c14db7a136bf0Adam Langley size_t cipher_index; 640e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley uint32_t alg_k, alg_a, mask_k, mask_a; 641d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* in_group_flags will either be NULL, or will point to an array of bytes 642d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * which indicate equal-preference groups in the |prio| stack. See the 643d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * comment about |in_group_flags| in the |ssl_cipher_preference_list_st| 644d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * struct. */ 645d9e397b599b13d642138480a28c14db7a136bf0Adam Langley const uint8_t *in_group_flags; 646d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* group_min contains the minimal index so far found in a group, or -1 if no 647d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * such value exists yet. */ 648d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int group_min = -1; 649d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 650d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) { 651d9e397b599b13d642138480a28c14db7a136bf0Adam Langley prio = srvr; 652d9e397b599b13d642138480a28c14db7a136bf0Adam Langley in_group_flags = server_pref->in_group_flags; 653d9e397b599b13d642138480a28c14db7a136bf0Adam Langley allow = clnt; 654d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 655d9e397b599b13d642138480a28c14db7a136bf0Adam Langley prio = clnt; 656d9e397b599b13d642138480a28c14db7a136bf0Adam Langley in_group_flags = NULL; 657d9e397b599b13d642138480a28c14db7a136bf0Adam Langley allow = srvr; 658d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 659d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 660d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ssl_get_compatible_server_ciphers(s, &mask_k, &mask_a); 661d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 662d9e397b599b13d642138480a28c14db7a136bf0Adam Langley for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) { 663d9e397b599b13d642138480a28c14db7a136bf0Adam Langley c = sk_SSL_CIPHER_value(prio, i); 664d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 665d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ok = 1; 666d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 667d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* Skip TLS v1.2 only ciphersuites if not supported */ 668d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s)) { 669d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ok = 0; 670d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 671d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 672d9e397b599b13d642138480a28c14db7a136bf0Adam Langley alg_k = c->algorithm_mkey; 673d9e397b599b13d642138480a28c14db7a136bf0Adam Langley alg_a = c->algorithm_auth; 674d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 675d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ok = ok && (alg_k & mask_k) && (alg_a & mask_a); 676d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 677d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (ok && sk_SSL_CIPHER_find(allow, &cipher_index, c)) { 678d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (in_group_flags != NULL && in_group_flags[i] == 1) { 679d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* This element of |prio| is in a group. Update the minimum index found 680d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * so far and continue looking. */ 681d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (group_min == -1 || (size_t)group_min > cipher_index) { 682d9e397b599b13d642138480a28c14db7a136bf0Adam Langley group_min = cipher_index; 683d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 684d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } else { 685d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (group_min != -1 && (size_t)group_min < cipher_index) { 686d9e397b599b13d642138480a28c14db7a136bf0Adam Langley cipher_index = group_min; 687d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 688d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ret = sk_SSL_CIPHER_value(allow, cipher_index); 689d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 690d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 691d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 692d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 693d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (in_group_flags != NULL && in_group_flags[i] == 0 && group_min != -1) { 694d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* We are about to leave a group, but we found a match in it, so that's 695d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * our answer. */ 696d9e397b599b13d642138480a28c14db7a136bf0Adam Langley ret = sk_SSL_CIPHER_value(allow, group_min); 697d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 698d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 699d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 700d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 701d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ret; 702d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 703d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 704d9e397b599b13d642138480a28c14db7a136bf0Adam Langleyint ssl3_get_req_cert_type(SSL *s, uint8_t *p) { 705d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int ret = 0; 706d9e397b599b13d642138480a28c14db7a136bf0Adam Langley const uint8_t *sig; 707d9e397b599b13d642138480a28c14db7a136bf0Adam Langley size_t i, siglen; 708d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int have_rsa_sign = 0; 709d9e397b599b13d642138480a28c14db7a136bf0Adam Langley int have_ecdsa_sign = 0; 710d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 711d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* If we have custom certificate types set, use them */ 712d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s->cert->client_certificate_types) { 713d9e397b599b13d642138480a28c14db7a136bf0Adam Langley memcpy(p, s->cert->client_certificate_types, 714d9e397b599b13d642138480a28c14db7a136bf0Adam Langley s->cert->num_client_certificate_types); 715d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return s->cert->num_client_certificate_types; 716d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 717d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 718d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* get configured sigalgs */ 719d9e397b599b13d642138480a28c14db7a136bf0Adam Langley siglen = tls12_get_psigalgs(s, &sig); 720d9e397b599b13d642138480a28c14db7a136bf0Adam Langley for (i = 0; i < siglen; i += 2, sig += 2) { 721d9e397b599b13d642138480a28c14db7a136bf0Adam Langley switch (sig[1]) { 722d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case TLSEXT_signature_rsa: 723d9e397b599b13d642138480a28c14db7a136bf0Adam Langley have_rsa_sign = 1; 724d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 725d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 726d9e397b599b13d642138480a28c14db7a136bf0Adam Langley case TLSEXT_signature_ecdsa: 727d9e397b599b13d642138480a28c14db7a136bf0Adam Langley have_ecdsa_sign = 1; 728d9e397b599b13d642138480a28c14db7a136bf0Adam Langley break; 729d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 730d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 731d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 732d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (have_rsa_sign) { 733d9e397b599b13d642138480a28c14db7a136bf0Adam Langley p[ret++] = SSL3_CT_RSA_SIGN; 734d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 735d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 736d9e397b599b13d642138480a28c14db7a136bf0Adam Langley /* ECDSA certs can be used with RSA cipher suites as well so we don't need to 737e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley * check for SSL_kECDH or SSL_kECDHE. */ 738d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s->version >= TLS1_VERSION && have_ecdsa_sign) { 739d9e397b599b13d642138480a28c14db7a136bf0Adam Langley p[ret++] = TLS_CT_ECDSA_SIGN; 740d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 741d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 742d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return ret; 743d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 744d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 745d9e397b599b13d642138480a28c14db7a136bf0Adam Langleystatic int ssl3_set_req_cert_type(CERT *c, const uint8_t *p, size_t len) { 746e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley OPENSSL_free(c->client_certificate_types); 747e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley c->client_certificate_types = NULL; 748d9e397b599b13d642138480a28c14db7a136bf0Adam Langley c->num_client_certificate_types = 0; 749e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley 750d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (!p || !len) { 751d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 752d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 753d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 754d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (len > 0xff) { 755d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 756d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 757d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 758d9e397b599b13d642138480a28c14db7a136bf0Adam Langley c->client_certificate_types = BUF_memdup(p, len); 759d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (!c->client_certificate_types) { 760d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 0; 761d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 762d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 763d9e397b599b13d642138480a28c14db7a136bf0Adam Langley c->num_client_certificate_types = len; 764d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return 1; 765d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 766d9e397b599b13d642138480a28c14db7a136bf0Adam Langley 767d9e397b599b13d642138480a28c14db7a136bf0Adam Langley/* If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and 768d9e397b599b13d642138480a28c14db7a136bf0Adam Langley * handshake macs if required. */ 769e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langleyuint32_t ssl_get_algorithm2(SSL *s) { 77053b272a2813a0b11f107d77100ff8805ada8fbd2Adam Langley static const uint32_t kMask = SSL_HANDSHAKE_MAC_DEFAULT; 771e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5Adam Langley uint32_t alg2 = s->s3->tmp.new_cipher->algorithm2; 772d9e397b599b13d642138480a28c14db7a136bf0Adam Langley if (s->enc_method->enc_flags & SSL_ENC_FLAG_SHA256_PRF && 773d9e397b599b13d642138480a28c14db7a136bf0Adam Langley (alg2 & kMask) == kMask) { 77453b272a2813a0b11f107d77100ff8805ada8fbd2Adam Langley return SSL_HANDSHAKE_MAC_SHA256; 775d9e397b599b13d642138480a28c14db7a136bf0Adam Langley } 776d9e397b599b13d642138480a28c14db7a136bf0Adam Langley return alg2; 777d9e397b599b13d642138480a28c14db7a136bf0Adam Langley} 778