Browse Source
Remove algo_strength.
FIPS is the same as HIGH (but for CHACHA20), so those are redundant. Likewise, MEDIUM vs HIGH was just RC4. Remove those in favor of redefining those legacy rules to mean this. One less field to keep track of in each cipher. Change-Id: I2b2489cffb9e16efb0ac7d7290c173cac061432a Reviewed-on: https://boringssl-review.googlesource.com/6515 Reviewed-by: Adam Langley <agl@google.com>kris/onging/CECPQ3_patch15
David Benjamin
9 years ago
committed by
Adam Langley
Adam Langley
4 changed files with 117 additions and 130 deletions
Unified View
Diff Options
-
+2 -4include/openssl/ssl.h
-
+0 -5ssl/internal.h
-
+113 -121ssl/ssl_cipher.c
-
+2 -0ssl/ssl_test.cc
+ 2
- 4
include/openssl/ssl.h
View File
| @@ -1166,10 +1166,9 @@ OPENSSL_EXPORT int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, | |||||
| * |kEDH|, |EDH|, |kEECDH|, and |EECDH| are legacy aliases for |kDHE|, |DHE|, | * |kEDH|, |EDH|, |kEECDH|, and |EECDH| are legacy aliases for |kDHE|, |DHE|, | ||||
| * |kECDHE|, and |ECDHE|, respectively. | * |kECDHE|, and |ECDHE|, respectively. | ||||
| * | * | ||||
| * |MEDIUM| and |HIGH| match ciphers historically labeled by OpenSSL as | |||||
| * 'medium' and 'high', respectively. | |||||
| * |MEDIUM| and |HIGH| match RC4-based ciphers and all others, respectively. | |||||
| * | * | ||||
| * |FIPS| matches ciphers historically FIPS-approved in OpenSSL. | |||||
| * |FIPS| is an alias for |HIGH|. | |||||
| * | * | ||||
| * |SSLv3| and |TLSv1| match ciphers available in TLS 1.1 or earlier. | * |SSLv3| and |TLSv1| match ciphers available in TLS 1.1 or earlier. | ||||
| * |TLSv1_2| matches ciphers new in TLS 1.2. This is confusing and should not | * |TLSv1_2| matches ciphers new in TLS 1.2. This is confusing and should not | ||||
| @@ -3380,7 +3379,6 @@ struct ssl_cipher_st { | |||||
| uint32_t algorithm_auth; | uint32_t algorithm_auth; | ||||
| uint32_t algorithm_enc; | uint32_t algorithm_enc; | ||||
| uint32_t algorithm_mac; | uint32_t algorithm_mac; | ||||
| uint32_t algo_strength; | |||||
| uint32_t algorithm_prf; | uint32_t algorithm_prf; | ||||
| /* strength_bits is the strength of the cipher in bits. */ | /* strength_bits is the strength of the cipher in bits. */ | ||||
+ 0
- 5
ssl/internal.h
View File
| @@ -203,11 +203,6 @@ | |||||
| * one, update the table in ssl_cipher.c. */ | * one, update the table in ssl_cipher.c. */ | ||||
| #define SSL_MAX_DIGEST 4 | #define SSL_MAX_DIGEST 4 | ||||
| /* Bits for |algo_strength|, cipher strength information. */ | |||||
| #define SSL_MEDIUM 0x00000001L | |||||
| #define SSL_HIGH 0x00000002L | |||||
| #define SSL_FIPS 0x00000004L | |||||
| /* ssl_cipher_get_evp_aead sets |*out_aead| to point to the correct EVP_AEAD | /* ssl_cipher_get_evp_aead sets |*out_aead| to point to the correct EVP_AEAD | ||||
| * object for |cipher| protocol version |version|. It sets |*out_mac_secret_len| | * object for |cipher| protocol version |version|. It sets |*out_mac_secret_len| | ||||
| * and |*out_fixed_iv_len| to the MAC key length and fixed IV length, | * and |*out_fixed_iv_len| to the MAC key length and fixed IV length, | ||||
+ 113
- 121
ssl/ssl_cipher.c
View File
| @@ -160,25 +160,25 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| /* Cipher 02 */ | /* Cipher 02 */ | ||||
| { | { | ||||
| SSL3_TXT_RSA_NULL_SHA, SSL3_CK_RSA_NULL_SHA, SSL_kRSA, SSL_aRSA, | SSL3_TXT_RSA_NULL_SHA, SSL3_CK_RSA_NULL_SHA, SSL_kRSA, SSL_aRSA, | ||||
| SSL_eNULL, SSL_SHA1, SSL_FIPS, SSL_HANDSHAKE_MAC_DEFAULT, 0, 0, | |||||
| SSL_eNULL, SSL_SHA1, SSL_HANDSHAKE_MAC_DEFAULT, 0, 0, | |||||
| }, | }, | ||||
| /* Cipher 04 */ | /* Cipher 04 */ | ||||
| { | { | ||||
| SSL3_TXT_RSA_RC4_128_MD5, SSL3_CK_RSA_RC4_128_MD5, SSL_kRSA, SSL_aRSA, | SSL3_TXT_RSA_RC4_128_MD5, SSL3_CK_RSA_RC4_128_MD5, SSL_kRSA, SSL_aRSA, | ||||
| SSL_RC4, SSL_MD5, SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | |||||
| SSL_RC4, SSL_MD5, SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | |||||
| }, | }, | ||||
| /* Cipher 05 */ | /* Cipher 05 */ | ||||
| { | { | ||||
| SSL3_TXT_RSA_RC4_128_SHA, SSL3_CK_RSA_RC4_128_SHA, SSL_kRSA, SSL_aRSA, | SSL3_TXT_RSA_RC4_128_SHA, SSL3_CK_RSA_RC4_128_SHA, SSL_kRSA, SSL_aRSA, | ||||
| SSL_RC4, SSL_SHA1, SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | |||||
| SSL_RC4, SSL_SHA1, SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | |||||
| }, | }, | ||||
| /* Cipher 0A */ | /* Cipher 0A */ | ||||
| { | { | ||||
| SSL3_TXT_RSA_DES_192_CBC3_SHA, SSL3_CK_RSA_DES_192_CBC3_SHA, SSL_kRSA, | SSL3_TXT_RSA_DES_192_CBC3_SHA, SSL3_CK_RSA_DES_192_CBC3_SHA, SSL_kRSA, | ||||
| SSL_aRSA, SSL_3DES, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_aRSA, SSL_3DES, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 112, 168, | SSL_HANDSHAKE_MAC_DEFAULT, 112, 168, | ||||
| }, | }, | ||||
| @@ -188,28 +188,28 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| /* Cipher 2F */ | /* Cipher 2F */ | ||||
| { | { | ||||
| TLS1_TXT_RSA_WITH_AES_128_SHA, TLS1_CK_RSA_WITH_AES_128_SHA, SSL_kRSA, | TLS1_TXT_RSA_WITH_AES_128_SHA, TLS1_CK_RSA_WITH_AES_128_SHA, SSL_kRSA, | ||||
| SSL_aRSA, SSL_AES128, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_aRSA, SSL_AES128, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | ||||
| }, | }, | ||||
| /* Cipher 33 */ | /* Cipher 33 */ | ||||
| { | { | ||||
| TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, TLS1_CK_DHE_RSA_WITH_AES_128_SHA, | TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, TLS1_CK_DHE_RSA_WITH_AES_128_SHA, | ||||
| SSL_kDHE, SSL_aRSA, SSL_AES128, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_kDHE, SSL_aRSA, SSL_AES128, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | ||||
| }, | }, | ||||
| /* Cipher 35 */ | /* Cipher 35 */ | ||||
| { | { | ||||
| TLS1_TXT_RSA_WITH_AES_256_SHA, TLS1_CK_RSA_WITH_AES_256_SHA, SSL_kRSA, | TLS1_TXT_RSA_WITH_AES_256_SHA, TLS1_CK_RSA_WITH_AES_256_SHA, SSL_kRSA, | ||||
| SSL_aRSA, SSL_AES256, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_aRSA, SSL_AES256, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | ||||
| }, | }, | ||||
| /* Cipher 39 */ | /* Cipher 39 */ | ||||
| { | { | ||||
| TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, TLS1_CK_DHE_RSA_WITH_AES_256_SHA, | TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, TLS1_CK_DHE_RSA_WITH_AES_256_SHA, | ||||
| SSL_kDHE, SSL_aRSA, SSL_AES256, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_kDHE, SSL_aRSA, SSL_AES256, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | ||||
| }, | }, | ||||
| @@ -219,7 +219,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| /* Cipher 3C */ | /* Cipher 3C */ | ||||
| { | { | ||||
| TLS1_TXT_RSA_WITH_AES_128_SHA256, TLS1_CK_RSA_WITH_AES_128_SHA256, | TLS1_TXT_RSA_WITH_AES_128_SHA256, TLS1_CK_RSA_WITH_AES_128_SHA256, | ||||
| SSL_kRSA, SSL_aRSA, SSL_AES128, SSL_SHA256, SSL_HIGH | SSL_FIPS, | |||||
| SSL_kRSA, SSL_aRSA, SSL_AES128, SSL_SHA256, | |||||
| SSL_HANDSHAKE_MAC_SHA256, 128, 128, | SSL_HANDSHAKE_MAC_SHA256, 128, 128, | ||||
| }, | }, | ||||
| @@ -227,14 +227,14 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_RSA_WITH_AES_256_SHA256, TLS1_CK_RSA_WITH_AES_256_SHA256, | TLS1_TXT_RSA_WITH_AES_256_SHA256, TLS1_CK_RSA_WITH_AES_256_SHA256, | ||||
| SSL_kRSA, SSL_aRSA, SSL_AES256, SSL_SHA256, | SSL_kRSA, SSL_aRSA, SSL_AES256, SSL_SHA256, | ||||
| SSL_HIGH | SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256, 256, 256, | |||||
| SSL_HANDSHAKE_MAC_SHA256, 256, 256, | |||||
| }, | }, | ||||
| /* Cipher 67 */ | /* Cipher 67 */ | ||||
| { | { | ||||
| TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, | TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, | ||||
| TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, SSL_kDHE, SSL_aRSA, SSL_AES128, | TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, SSL_kDHE, SSL_aRSA, SSL_AES128, | ||||
| SSL_SHA256, SSL_HIGH | SSL_FIPS, | |||||
| SSL_SHA256, | |||||
| SSL_HANDSHAKE_MAC_SHA256, 128, 128, | SSL_HANDSHAKE_MAC_SHA256, 128, 128, | ||||
| }, | }, | ||||
| @@ -242,7 +242,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, | TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, | ||||
| TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, SSL_kDHE, SSL_aRSA, SSL_AES256, | TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, SSL_kDHE, SSL_aRSA, SSL_AES256, | ||||
| SSL_SHA256, SSL_HIGH | SSL_FIPS, | |||||
| SSL_SHA256, | |||||
| SSL_HANDSHAKE_MAC_SHA256, 256, 256, | SSL_HANDSHAKE_MAC_SHA256, 256, 256, | ||||
| }, | }, | ||||
| @@ -251,21 +251,21 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| /* Cipher 8A */ | /* Cipher 8A */ | ||||
| { | { | ||||
| TLS1_TXT_PSK_WITH_RC4_128_SHA, TLS1_CK_PSK_WITH_RC4_128_SHA, SSL_kPSK, | TLS1_TXT_PSK_WITH_RC4_128_SHA, TLS1_CK_PSK_WITH_RC4_128_SHA, SSL_kPSK, | ||||
| SSL_aPSK, SSL_RC4, SSL_SHA1, SSL_MEDIUM, | |||||
| SSL_aPSK, SSL_RC4, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | ||||
| }, | }, | ||||
| /* Cipher 8C */ | /* Cipher 8C */ | ||||
| { | { | ||||
| TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, TLS1_CK_PSK_WITH_AES_128_CBC_SHA, | TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, TLS1_CK_PSK_WITH_AES_128_CBC_SHA, | ||||
| SSL_kPSK, SSL_aPSK, SSL_AES128, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_kPSK, SSL_aPSK, SSL_AES128, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | ||||
| }, | }, | ||||
| /* Cipher 8D */ | /* Cipher 8D */ | ||||
| { | { | ||||
| TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, TLS1_CK_PSK_WITH_AES_256_CBC_SHA, | TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, TLS1_CK_PSK_WITH_AES_256_CBC_SHA, | ||||
| SSL_kPSK, SSL_aPSK, SSL_AES256, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_kPSK, SSL_aPSK, SSL_AES256, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | ||||
| }, | }, | ||||
| @@ -275,7 +275,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, | TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, | ||||
| TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, SSL_kRSA, SSL_aRSA, SSL_AES128GCM, | TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, SSL_kRSA, SSL_aRSA, SSL_AES128GCM, | ||||
| SSL_AEAD, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA256, | SSL_HANDSHAKE_MAC_SHA256, | ||||
| 128, 128, | 128, 128, | ||||
| }, | }, | ||||
| @@ -284,7 +284,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, | TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, | ||||
| TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, SSL_kRSA, SSL_aRSA, SSL_AES256GCM, | TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, SSL_kRSA, SSL_aRSA, SSL_AES256GCM, | ||||
| SSL_AEAD, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA384, | SSL_HANDSHAKE_MAC_SHA384, | ||||
| 256, 256, | 256, 256, | ||||
| }, | }, | ||||
| @@ -293,7 +293,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, | TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, | ||||
| TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kDHE, SSL_aRSA, SSL_AES128GCM, | TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kDHE, SSL_aRSA, SSL_AES128GCM, | ||||
| SSL_AEAD, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA256, | SSL_HANDSHAKE_MAC_SHA256, | ||||
| 128, 128, | 128, 128, | ||||
| }, | }, | ||||
| @@ -302,7 +302,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, | TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, | ||||
| TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kDHE, SSL_aRSA, SSL_AES256GCM, | TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kDHE, SSL_aRSA, SSL_AES256GCM, | ||||
| SSL_AEAD, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA384, | SSL_HANDSHAKE_MAC_SHA384, | ||||
| 256, 256, | 256, 256, | ||||
| }, | }, | ||||
| @@ -311,7 +311,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, | TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, | ||||
| TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_kECDHE, SSL_aECDSA, SSL_RC4, | TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_kECDHE, SSL_aECDSA, SSL_RC4, | ||||
| SSL_SHA1, SSL_MEDIUM, SSL_HANDSHAKE_MAC_DEFAULT, 128, | |||||
| SSL_SHA1, SSL_HANDSHAKE_MAC_DEFAULT, 128, | |||||
| 128, | 128, | ||||
| }, | }, | ||||
| @@ -319,7 +319,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, | TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, | ||||
| TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_kECDHE, SSL_aECDSA, | TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_kECDHE, SSL_aECDSA, | ||||
| SSL_AES128, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AES128, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | ||||
| }, | }, | ||||
| @@ -327,14 +327,14 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, | TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, | ||||
| TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_kECDHE, SSL_aECDSA, | TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, SSL_kECDHE, SSL_aECDSA, | ||||
| SSL_AES256, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AES256, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | ||||
| }, | }, | ||||
| /* Cipher C011 */ | /* Cipher C011 */ | ||||
| { | { | ||||
| TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, | TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, | ||||
| SSL_kECDHE, SSL_aRSA, SSL_RC4, SSL_SHA1, SSL_MEDIUM, | |||||
| SSL_kECDHE, SSL_aRSA, SSL_RC4, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | ||||
| }, | }, | ||||
| @@ -342,7 +342,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, | TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, | ||||
| TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_kECDHE, SSL_aRSA, SSL_AES128, | TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_kECDHE, SSL_aRSA, SSL_AES128, | ||||
| SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | ||||
| }, | }, | ||||
| @@ -350,7 +350,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, | TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, | ||||
| TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_kECDHE, SSL_aRSA, SSL_AES256, | TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, SSL_kECDHE, SSL_aRSA, SSL_AES256, | ||||
| SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | ||||
| }, | }, | ||||
| @@ -361,7 +361,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, | TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, | ||||
| TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, SSL_kECDHE, SSL_aECDSA, | TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, SSL_kECDHE, SSL_aECDSA, | ||||
| SSL_AES128, SSL_SHA256, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AES128, SSL_SHA256, | |||||
| SSL_HANDSHAKE_MAC_SHA256, 128, 128, | SSL_HANDSHAKE_MAC_SHA256, 128, 128, | ||||
| }, | }, | ||||
| @@ -369,7 +369,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, | TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, | ||||
| TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, SSL_kECDHE, SSL_aECDSA, | TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, SSL_kECDHE, SSL_aECDSA, | ||||
| SSL_AES256, SSL_SHA384, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AES256, SSL_SHA384, | |||||
| SSL_HANDSHAKE_MAC_SHA384, 256, 256, | SSL_HANDSHAKE_MAC_SHA384, 256, 256, | ||||
| }, | }, | ||||
| @@ -377,7 +377,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, | TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, | ||||
| TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, SSL_kECDHE, SSL_aRSA, SSL_AES128, | TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, SSL_kECDHE, SSL_aRSA, SSL_AES128, | ||||
| SSL_SHA256, SSL_HIGH | SSL_FIPS, | |||||
| SSL_SHA256, | |||||
| SSL_HANDSHAKE_MAC_SHA256, 128, 128, | SSL_HANDSHAKE_MAC_SHA256, 128, 128, | ||||
| }, | }, | ||||
| @@ -385,7 +385,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, | TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, | ||||
| TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, SSL_kECDHE, SSL_aRSA, SSL_AES256, | TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, SSL_kECDHE, SSL_aRSA, SSL_AES256, | ||||
| SSL_SHA384, SSL_HIGH | SSL_FIPS, | |||||
| SSL_SHA384, | |||||
| SSL_HANDSHAKE_MAC_SHA384, 256, 256, | SSL_HANDSHAKE_MAC_SHA384, 256, 256, | ||||
| }, | }, | ||||
| @@ -396,7 +396,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | ||||
| TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_kECDHE, SSL_aECDSA, | TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_kECDHE, SSL_aECDSA, | ||||
| SSL_AES128GCM, SSL_AEAD, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AES128GCM, SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA256, | SSL_HANDSHAKE_MAC_SHA256, | ||||
| 128, 128, | 128, 128, | ||||
| }, | }, | ||||
| @@ -405,7 +405,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, | TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, | ||||
| TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_kECDHE, SSL_aECDSA, | TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_kECDHE, SSL_aECDSA, | ||||
| SSL_AES256GCM, SSL_AEAD, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AES256GCM, SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA384, | SSL_HANDSHAKE_MAC_SHA384, | ||||
| 256, 256, | 256, 256, | ||||
| }, | }, | ||||
| @@ -414,7 +414,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | ||||
| TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kECDHE, SSL_aRSA, | TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kECDHE, SSL_aRSA, | ||||
| SSL_AES128GCM, SSL_AEAD, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AES128GCM, SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA256, | SSL_HANDSHAKE_MAC_SHA256, | ||||
| 128, 128, | 128, 128, | ||||
| }, | }, | ||||
| @@ -423,7 +423,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, | TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, | ||||
| TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kECDHE, SSL_aRSA, | TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kECDHE, SSL_aRSA, | ||||
| SSL_AES256GCM, SSL_AEAD, SSL_HIGH | SSL_FIPS, | |||||
| SSL_AES256GCM, SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA384, | SSL_HANDSHAKE_MAC_SHA384, | ||||
| 256, 256, | 256, 256, | ||||
| }, | }, | ||||
| @@ -434,7 +434,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA, | TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA, | ||||
| TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA, | TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA, | ||||
| SSL_kECDHE, SSL_aPSK, SSL_AES128, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_kECDHE, SSL_aPSK, SSL_AES128, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, | ||||
| }, | }, | ||||
| @@ -442,7 +442,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA, | TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA, | ||||
| TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA, | TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA, | ||||
| SSL_kECDHE, SSL_aPSK, SSL_AES256, SSL_SHA1, SSL_HIGH | SSL_FIPS, | |||||
| SSL_kECDHE, SSL_aPSK, SSL_AES256, SSL_SHA1, | |||||
| SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, | ||||
| }, | }, | ||||
| @@ -452,7 +452,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD, | TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD, | ||||
| TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD, SSL_kECDHE, SSL_aRSA, | TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD, SSL_kECDHE, SSL_aRSA, | ||||
| SSL_CHACHA20POLY1305_OLD, SSL_AEAD, SSL_HIGH, | |||||
| SSL_CHACHA20POLY1305_OLD, SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA256, | SSL_HANDSHAKE_MAC_SHA256, | ||||
| 256, 256, | 256, 256, | ||||
| }, | }, | ||||
| @@ -460,7 +460,7 @@ static const SSL_CIPHER kCiphers[] = { | |||||
| { | { | ||||
| TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD, | TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD, | ||||
| TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD, SSL_kECDHE, SSL_aECDSA, | TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD, SSL_kECDHE, SSL_aECDSA, | ||||
| SSL_CHACHA20POLY1305_OLD, SSL_AEAD, SSL_HIGH, | |||||
| SSL_CHACHA20POLY1305_OLD, SSL_AEAD, | |||||
| SSL_HANDSHAKE_MAC_SHA256, | SSL_HANDSHAKE_MAC_SHA256, | ||||
| 256, 256, | 256, 256, | ||||
| }, | }, | ||||
| @@ -494,7 +494,6 @@ typedef struct cipher_alias_st { | |||||
| uint32_t algorithm_auth; | uint32_t algorithm_auth; | ||||
| uint32_t algorithm_enc; | uint32_t algorithm_enc; | ||||
| uint32_t algorithm_mac; | uint32_t algorithm_mac; | ||||
| uint32_t algo_strength; | |||||
| /* min_version, if non-zero, matches all ciphers which were added in that | /* min_version, if non-zero, matches all ciphers which were added in that | ||||
| * particular protocol version. */ | * particular protocol version. */ | ||||
| @@ -503,7 +502,7 @@ typedef struct cipher_alias_st { | |||||
| static const CIPHER_ALIAS kCipherAliases[] = { | static const CIPHER_ALIAS kCipherAliases[] = { | ||||
| /* "ALL" doesn't include eNULL (must be specifically enabled) */ | /* "ALL" doesn't include eNULL (must be specifically enabled) */ | ||||
| {"ALL", ~0u, ~0u, ~SSL_eNULL, ~0u, ~0u, 0}, | |||||
| {"ALL", ~0u, ~0u, ~SSL_eNULL, ~0u, 0}, | |||||
| /* The "COMPLEMENTOFDEFAULT" rule is omitted. It matches nothing. */ | /* The "COMPLEMENTOFDEFAULT" rule is omitted. It matches nothing. */ | ||||
| @@ -511,59 +510,58 @@ static const CIPHER_ALIAS kCipherAliases[] = { | |||||
| * (some of those using only a single bit here combine | * (some of those using only a single bit here combine | ||||
| * multiple key exchange algs according to the RFCs, | * multiple key exchange algs according to the RFCs, | ||||
| * e.g. kEDH combines DHE_DSS and DHE_RSA) */ | * e.g. kEDH combines DHE_DSS and DHE_RSA) */ | ||||
| {"kRSA", SSL_kRSA, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"kRSA", SSL_kRSA, ~0u, ~0u, ~0u, 0}, | |||||
| {"kDHE", SSL_kDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"kEDH", SSL_kDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"DH", SSL_kDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"kDHE", SSL_kDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"kEDH", SSL_kDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"DH", SSL_kDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"kECDHE", SSL_kECDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"kEECDH", SSL_kECDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"ECDH", SSL_kECDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"kECDHE", SSL_kECDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"kEECDH", SSL_kECDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"ECDH", SSL_kECDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"kPSK", SSL_kPSK, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"kPSK", SSL_kPSK, ~0u, ~0u, ~0u, 0}, | |||||
| /* server authentication aliases */ | /* server authentication aliases */ | ||||
| {"aRSA", ~0u, SSL_aRSA, ~SSL_eNULL, ~0u, ~0u, 0}, | |||||
| {"aECDSA", ~0u, SSL_aECDSA, ~0u, ~0u, ~0u, 0}, | |||||
| {"ECDSA", ~0u, SSL_aECDSA, ~0u, ~0u, ~0u, 0}, | |||||
| {"aPSK", ~0u, SSL_aPSK, ~0u, ~0u, ~0u, 0}, | |||||
| {"aRSA", ~0u, SSL_aRSA, ~SSL_eNULL, ~0u, 0}, | |||||
| {"aECDSA", ~0u, SSL_aECDSA, ~0u, ~0u, 0}, | |||||
| {"ECDSA", ~0u, SSL_aECDSA, ~0u, ~0u, 0}, | |||||
| {"aPSK", ~0u, SSL_aPSK, ~0u, ~0u, 0}, | |||||
| /* aliases combining key exchange and server authentication */ | /* aliases combining key exchange and server authentication */ | ||||
| {"DHE", SSL_kDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"EDH", SSL_kDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"ECDHE", SSL_kECDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"EECDH", SSL_kECDHE, ~0u, ~0u, ~0u, ~0u, 0}, | |||||
| {"RSA", SSL_kRSA, SSL_aRSA, ~SSL_eNULL, ~0u, ~0u, 0}, | |||||
| {"PSK", SSL_kPSK, SSL_aPSK, ~0u, ~0u, ~0u, 0}, | |||||
| {"DHE", SSL_kDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"EDH", SSL_kDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"ECDHE", SSL_kECDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"EECDH", SSL_kECDHE, ~0u, ~0u, ~0u, 0}, | |||||
| {"RSA", SSL_kRSA, SSL_aRSA, ~SSL_eNULL, ~0u, 0}, | |||||
| {"PSK", SSL_kPSK, SSL_aPSK, ~0u, ~0u, 0}, | |||||
| /* symmetric encryption aliases */ | /* symmetric encryption aliases */ | ||||
| {"3DES", ~0u, ~0u, SSL_3DES, ~0u, ~0u, 0}, | |||||
| {"RC4", ~0u, ~0u, SSL_RC4, ~0u, ~0u, 0}, | |||||
| {"AES128", ~0u, ~0u, SSL_AES128 | SSL_AES128GCM, ~0u, ~0u, 0}, | |||||
| {"AES256", ~0u, ~0u, SSL_AES256 | SSL_AES256GCM, ~0u, ~0u, 0}, | |||||
| {"AES", ~0u, ~0u, SSL_AES, ~0u, ~0u, 0}, | |||||
| {"AESGCM", ~0u, ~0u, SSL_AES128GCM | SSL_AES256GCM, ~0u, ~0u, 0}, | |||||
| {"CHACHA20", ~0u, ~0u, SSL_CHACHA20POLY1305_OLD, ~0u, ~0u, 0}, | |||||
| {"3DES", ~0u, ~0u, SSL_3DES, ~0u, 0}, | |||||
| {"RC4", ~0u, ~0u, SSL_RC4, ~0u, 0}, | |||||
| {"AES128", ~0u, ~0u, SSL_AES128 | SSL_AES128GCM, ~0u, 0}, | |||||
| {"AES256", ~0u, ~0u, SSL_AES256 | SSL_AES256GCM, ~0u, 0}, | |||||
| {"AES", ~0u, ~0u, SSL_AES, ~0u, 0}, | |||||
| {"AESGCM", ~0u, ~0u, SSL_AES128GCM | SSL_AES256GCM, ~0u, 0}, | |||||
| {"CHACHA20", ~0u, ~0u, SSL_CHACHA20POLY1305_OLD, ~0u, 0}, | |||||
| /* MAC aliases */ | /* MAC aliases */ | ||||
| {"MD5", ~0u, ~0u, ~0u, SSL_MD5, ~0u, 0}, | |||||
| {"SHA1", ~0u, ~0u, ~SSL_eNULL, SSL_SHA1, ~0u, 0}, | |||||
| {"SHA", ~0u, ~0u, ~SSL_eNULL, SSL_SHA1, ~0u, 0}, | |||||
| {"SHA256", ~0u, ~0u, ~0u, SSL_SHA256, ~0u, 0}, | |||||
| {"SHA384", ~0u, ~0u, ~0u, SSL_SHA384, ~0u, 0}, | |||||
| {"MD5", ~0u, ~0u, ~0u, SSL_MD5, 0}, | |||||
| {"SHA1", ~0u, ~0u, ~SSL_eNULL, SSL_SHA1, 0}, | |||||
| {"SHA", ~0u, ~0u, ~SSL_eNULL, SSL_SHA1, 0}, | |||||
| {"SHA256", ~0u, ~0u, ~0u, SSL_SHA256, 0}, | |||||
| {"SHA384", ~0u, ~0u, ~0u, SSL_SHA384, 0}, | |||||
| /* Legacy protocol minimum version aliases. "TLSv1" is intentionally the | /* Legacy protocol minimum version aliases. "TLSv1" is intentionally the | ||||
| * same as "SSLv3". */ | * same as "SSLv3". */ | ||||
| {"SSLv3", ~0u, ~0u, ~SSL_eNULL, ~0u, ~0u, SSL3_VERSION}, | |||||
| {"TLSv1", ~0u, ~0u, ~SSL_eNULL, ~0u, ~0u, SSL3_VERSION}, | |||||
| {"TLSv1.2", ~0u, ~0u, ~SSL_eNULL, ~0u, ~0u, TLS1_2_VERSION}, | |||||
| /* strength classes */ | |||||
| {"MEDIUM", ~0u, ~0u, ~0u, ~0u, SSL_MEDIUM, 0}, | |||||
| {"HIGH", ~0u, ~0u, ~0u, ~0u, SSL_HIGH, 0}, | |||||
| /* FIPS 140-2 approved ciphersuite */ | |||||
| {"FIPS", ~0u, ~0u, ~SSL_eNULL, ~0u, SSL_FIPS, 0}, | |||||
| {"SSLv3", ~0u, ~0u, ~SSL_eNULL, ~0u, SSL3_VERSION}, | |||||
| {"TLSv1", ~0u, ~0u, ~SSL_eNULL, ~0u, SSL3_VERSION}, | |||||
| {"TLSv1.2", ~0u, ~0u, ~SSL_eNULL, ~0u, TLS1_2_VERSION}, | |||||
| /* Legacy strength classes. */ | |||||
| {"MEDIUM", ~0u, ~0u, SSL_RC4, ~0u, 0}, | |||||
| {"HIGH", ~0u, ~0u, ~(SSL_eNULL|SSL_RC4), ~0u, 0}, | |||||
| {"FIPS", ~0u, ~0u, ~(SSL_eNULL|SSL_RC4), ~0u, 0}, | |||||
| }; | }; | ||||
| static const size_t kCipherAliasesLen = | static const size_t kCipherAliasesLen = | ||||
| @@ -839,20 +837,19 @@ static void ssl_cipher_collect_ciphers(const SSL_PROTOCOL_METHOD *ssl_method, | |||||
| * - If |cipher_id| is non-zero, only that cipher is selected. | * - If |cipher_id| is non-zero, only that cipher is selected. | ||||
| * - Otherwise, if |strength_bits| is non-negative, it selects ciphers | * - Otherwise, if |strength_bits| is non-negative, it selects ciphers | ||||
| * of that strength. | * of that strength. | ||||
| * - Otherwise, it selects ciphers that match each bitmasks in |alg*| and | |||||
| * - Otherwise, it selects ciphers that match each bitmasks in |alg_*| and | |||||
| * |min_version|. */ | * |min_version|. */ | ||||
| static void ssl_cipher_apply_rule( | static void ssl_cipher_apply_rule( | ||||
| uint32_t cipher_id, uint32_t alg_mkey, uint32_t alg_auth, | uint32_t cipher_id, uint32_t alg_mkey, uint32_t alg_auth, | ||||
| uint32_t alg_enc, uint32_t alg_mac, uint32_t algo_strength, | |||||
| uint16_t min_version, int rule, int strength_bits, int in_group, | |||||
| CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) { | |||||
| uint32_t alg_enc, uint32_t alg_mac, uint16_t min_version, int rule, | |||||
| int strength_bits, int in_group, CIPHER_ORDER **head_p, | |||||
| CIPHER_ORDER **tail_p) { | |||||
| CIPHER_ORDER *head, *tail, *curr, *next, *last; | CIPHER_ORDER *head, *tail, *curr, *next, *last; | ||||
| const SSL_CIPHER *cp; | const SSL_CIPHER *cp; | ||||
| int reverse = 0; | int reverse = 0; | ||||
| if (cipher_id == 0 && strength_bits == -1 && min_version == 0 && | if (cipher_id == 0 && strength_bits == -1 && min_version == 0 && | ||||
| (alg_mkey == 0 || alg_auth == 0 || alg_enc == 0 || alg_mac == 0 || | |||||
| algo_strength == 0)) { | |||||
| (alg_mkey == 0 || alg_auth == 0 || alg_enc == 0 || alg_mac == 0)) { | |||||
| /* The rule matches nothing, so bail early. */ | /* The rule matches nothing, so bail early. */ | ||||
| return; | return; | ||||
| } | } | ||||
| @@ -901,7 +898,6 @@ static void ssl_cipher_apply_rule( | |||||
| !(alg_auth & cp->algorithm_auth) || | !(alg_auth & cp->algorithm_auth) || | ||||
| !(alg_enc & cp->algorithm_enc) || | !(alg_enc & cp->algorithm_enc) || | ||||
| !(alg_mac & cp->algorithm_mac) || | !(alg_mac & cp->algorithm_mac) || | ||||
| !(algo_strength & cp->algo_strength) || | |||||
| (min_version != 0 && | (min_version != 0 && | ||||
| SSL_CIPHER_get_min_version(cp) != min_version)) { | SSL_CIPHER_get_min_version(cp) != min_version)) { | ||||
| continue; | continue; | ||||
| @@ -997,8 +993,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, | |||||
| /* Go through the list of used strength_bits values in descending order. */ | /* Go through the list of used strength_bits values in descending order. */ | ||||
| for (i = max_strength_bits; i >= 0; i--) { | for (i = max_strength_bits; i >= 0; i--) { | ||||
| if (number_uses[i] > 0) { | if (number_uses[i] > 0) { | ||||
| ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, 0, head_p, | |||||
| tail_p); | |||||
| ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, CIPHER_ORD, i, 0, head_p, tail_p); | |||||
| } | } | ||||
| } | } | ||||
| @@ -1010,7 +1005,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, | |||||
| const char *rule_str, | const char *rule_str, | ||||
| CIPHER_ORDER **head_p, | CIPHER_ORDER **head_p, | ||||
| CIPHER_ORDER **tail_p) { | CIPHER_ORDER **tail_p) { | ||||
| uint32_t alg_mkey, alg_auth, alg_enc, alg_mac, algo_strength; | |||||
| uint32_t alg_mkey, alg_auth, alg_enc, alg_mac; | |||||
| uint16_t min_version; | uint16_t min_version; | ||||
| const char *l, *buf; | const char *l, *buf; | ||||
| int multi, skip_rule, rule, retval, ok, in_group = 0, has_group = 0; | int multi, skip_rule, rule, retval, ok, in_group = 0, has_group = 0; | ||||
| @@ -1094,7 +1089,6 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, | |||||
| alg_auth = ~0u; | alg_auth = ~0u; | ||||
| alg_enc = ~0u; | alg_enc = ~0u; | ||||
| alg_mac = ~0u; | alg_mac = ~0u; | ||||
| algo_strength = ~0u; | |||||
| min_version = 0; | min_version = 0; | ||||
| skip_rule = 0; | skip_rule = 0; | ||||
| @@ -1140,7 +1134,6 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, | |||||
| alg_auth &= kCipherAliases[j].algorithm_auth; | alg_auth &= kCipherAliases[j].algorithm_auth; | ||||
| alg_enc &= kCipherAliases[j].algorithm_enc; | alg_enc &= kCipherAliases[j].algorithm_enc; | ||||
| alg_mac &= kCipherAliases[j].algorithm_mac; | alg_mac &= kCipherAliases[j].algorithm_mac; | ||||
| algo_strength &= kCipherAliases[j].algo_strength; | |||||
| if (min_version != 0 && | if (min_version != 0 && | ||||
| min_version != kCipherAliases[j].min_version) { | min_version != kCipherAliases[j].min_version) { | ||||
| @@ -1185,8 +1178,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method, | |||||
| } | } | ||||
| } else if (!skip_rule) { | } else if (!skip_rule) { | ||||
| ssl_cipher_apply_rule(cipher_id, alg_mkey, alg_auth, alg_enc, alg_mac, | ssl_cipher_apply_rule(cipher_id, alg_mkey, alg_auth, alg_enc, alg_mac, | ||||
| algo_strength, min_version, rule, -1, in_group, | |||||
| head_p, tail_p); | |||||
| min_version, rule, -1, in_group, head_p, tail_p); | |||||
| } | } | ||||
| } | } | ||||
| @@ -1232,56 +1224,56 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method, | |||||
| /* Everything else being equal, prefer ECDHE_ECDSA then ECDHE_RSA over other | /* Everything else being equal, prefer ECDHE_ECDSA then ECDHE_RSA over other | ||||
| * key exchange mechanisms */ | * key exchange mechanisms */ | ||||
| ssl_cipher_apply_rule(0, SSL_kECDHE, SSL_aECDSA, ~0u, ~0u, ~0u, 0, CIPHER_ADD, | |||||
| -1, 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, SSL_kECDHE, ~0u, ~0u, ~0u, ~0u, 0, CIPHER_ADD, -1, | |||||
| 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, SSL_kECDHE, ~0u, ~0u, ~0u, ~0u, 0, CIPHER_DEL, -1, | |||||
| ssl_cipher_apply_rule(0, SSL_kECDHE, SSL_aECDSA, ~0u, ~0u, 0, CIPHER_ADD, -1, | |||||
| 0, &head, &tail); | 0, &head, &tail); | ||||
| ssl_cipher_apply_rule(0, SSL_kECDHE, ~0u, ~0u, ~0u, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | |||||
| ssl_cipher_apply_rule(0, SSL_kECDHE, ~0u, ~0u, ~0u, 0, CIPHER_DEL, -1, 0, | |||||
| &head, &tail); | |||||
| /* Order the bulk ciphers. First the preferred AEAD ciphers. We prefer | /* Order the bulk ciphers. First the preferred AEAD ciphers. We prefer | ||||
| * CHACHA20 unless there is hardware support for fast and constant-time | * CHACHA20 unless there is hardware support for fast and constant-time | ||||
| * AES_GCM. */ | * AES_GCM. */ | ||||
| if (EVP_has_aes_hardware()) { | if (EVP_has_aes_hardware()) { | ||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES256GCM, ~0u, ~0u, 0, CIPHER_ADD, | |||||
| -1, 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES128GCM, ~0u, ~0u, 0, CIPHER_ADD, | |||||
| -1, 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_CHACHA20POLY1305_OLD, ~0u, ~0u, 0, | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES256GCM, ~0u, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES128GCM, ~0u, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_CHACHA20POLY1305_OLD, ~0u, 0, | |||||
| CIPHER_ADD, -1, 0, &head, &tail); | CIPHER_ADD, -1, 0, &head, &tail); | ||||
| } else { | } else { | ||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_CHACHA20POLY1305_OLD, ~0u, ~0u, 0, | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_CHACHA20POLY1305_OLD, ~0u, 0, | |||||
| CIPHER_ADD, -1, 0, &head, &tail); | CIPHER_ADD, -1, 0, &head, &tail); | ||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES256GCM, ~0u, ~0u, 0, CIPHER_ADD, | |||||
| -1, 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES128GCM, ~0u, ~0u, 0, CIPHER_ADD, | |||||
| -1, 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES256GCM, ~0u, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES128GCM, ~0u, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | |||||
| } | } | ||||
| /* Then the legacy non-AEAD ciphers: AES_256_CBC, AES-128_CBC, RC4_128_SHA, | /* Then the legacy non-AEAD ciphers: AES_256_CBC, AES-128_CBC, RC4_128_SHA, | ||||
| * RC4_128_MD5, 3DES_EDE_CBC_SHA. */ | * RC4_128_MD5, 3DES_EDE_CBC_SHA. */ | ||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES256, ~0u, ~0u, 0, CIPHER_ADD, -1, | |||||
| 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES128, ~0u, ~0u, 0, CIPHER_ADD, -1, | |||||
| 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_RC4, ~SSL_MD5, ~0u, 0, CIPHER_ADD, | |||||
| -1, 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_RC4, SSL_MD5, ~0u, 0, CIPHER_ADD, -1, | |||||
| 0, &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_3DES, ~0u, ~0u, 0, CIPHER_ADD, -1, 0, | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES256, ~0u, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES128, ~0u, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_RC4, ~SSL_MD5, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | &head, &tail); | ||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_RC4, SSL_MD5, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_3DES, ~0u, 0, CIPHER_ADD, -1, 0, &head, | |||||
| &tail); | |||||
| /* Temporarily enable everything else for sorting */ | /* Temporarily enable everything else for sorting */ | ||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, ~0u, ~0u, ~0u, 0, CIPHER_ADD, -1, 0, | |||||
| &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, ~0u, ~0u, 0, CIPHER_ADD, -1, 0, &head, | |||||
| &tail); | |||||
| /* Move ciphers without forward secrecy to the end. */ | /* Move ciphers without forward secrecy to the end. */ | ||||
| ssl_cipher_apply_rule(0, ~(SSL_kDHE | SSL_kECDHE), ~0u, ~0u, ~0u, ~0u, 0, | |||||
| ssl_cipher_apply_rule(0, ~(SSL_kDHE | SSL_kECDHE), ~0u, ~0u, ~0u, 0, | |||||
| CIPHER_ORD, -1, 0, &head, &tail); | CIPHER_ORD, -1, 0, &head, &tail); | ||||
| /* Now disable everything (maintaining the ordering!) */ | /* Now disable everything (maintaining the ordering!) */ | ||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, ~0u, ~0u, ~0u, 0, CIPHER_DEL, -1, 0, | |||||
| &head, &tail); | |||||
| ssl_cipher_apply_rule(0, ~0u, ~0u, ~0u, ~0u, 0, CIPHER_DEL, -1, 0, &head, | |||||
| &tail); | |||||
| /* If the rule_string begins with DEFAULT, apply the default rule before | /* If the rule_string begins with DEFAULT, apply the default rule before | ||||
| * using the (possibly available) additional rules. */ | * using the (possibly available) additional rules. */ | ||||
+ 2
- 0
ssl/ssl_test.cc
View File
| @@ -250,6 +250,8 @@ static const char *kMustNotIncludeNull[] = { | |||||
| "DEFAULT", | "DEFAULT", | ||||
| "ALL:!eNULL", | "ALL:!eNULL", | ||||
| "ALL:!NULL", | "ALL:!NULL", | ||||
| "MEDIUM", | |||||
| "HIGH", | |||||
| "FIPS", | "FIPS", | ||||
| "SHA", | "SHA", | ||||
| "SHA1", | "SHA1", | ||||