diff options
author | Ben Laurie <ben@openssl.org> | 1999-02-21 20:03:24 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 1999-02-21 20:03:24 +0000 |
commit | 06ab81f9f7b055a4456798cb9ef3266160438a08 (patch) | |
tree | 880b224a7f2e8224efeb0d4783ebe5e522d91c94 /ssl/s3_lib.c | |
parent | abf87f79f7ebd7885e443f086a6e1a88b31f9af1 (diff) | |
download | openssl-06ab81f9f7b055a4456798cb9ef3266160438a08.tar.gz |
Add support for new TLS export ciphersuites.
Diffstat (limited to 'ssl/s3_lib.c')
-rw-r--r-- | ssl/s3_lib.c | 91 |
1 files changed, 60 insertions, 31 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index c64b760a44..ffea4b5d72 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -77,7 +77,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_NULL_MD5, SSL3_CK_RSA_NULL_MD5, - SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3, + SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|_SSL_NOT_EXP|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -86,7 +86,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_NULL_SHA, SSL3_CK_RSA_NULL_SHA, - SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -97,7 +97,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_ADH_RC4_40_MD5, SSL3_CK_ADH_RC4_40_MD5, - SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3, + SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_EXP40|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -106,7 +106,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_ADH_RC4_128_MD5, SSL3_CK_ADH_RC4_128_MD5, - SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3, + SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5|_SSL_NOT_EXP|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -115,7 +115,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_ADH_DES_40_CBC_SHA, SSL3_CK_ADH_DES_40_CBC_SHA, - SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -124,7 +124,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_ADH_DES_64_CBC_SHA, SSL3_CK_ADH_DES_64_CBC_SHA, - SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -133,7 +133,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_ADH_DES_192_CBC_SHA, SSL3_CK_ADH_DES_192_CBC_SHA, - SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -144,7 +144,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_RC4_40_MD5, SSL3_CK_RSA_RC4_40_MD5, - SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3, + SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_EXP40|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -153,7 +153,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_RC4_128_MD5, SSL3_CK_RSA_RC4_128_MD5, - SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, + SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|_SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, 0, SSL_ALL_CIPHERS, }, @@ -162,7 +162,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_RC4_128_SHA, SSL3_CK_RSA_RC4_128_SHA, - SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, + SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, 0, SSL_ALL_CIPHERS, }, @@ -171,7 +171,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_RC2_40_MD5, SSL3_CK_RSA_RC2_40_MD5, - SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_EXP|SSL_SSLV3, + SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_EXP40|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -180,7 +180,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_IDEA_128_SHA, SSL3_CK_RSA_IDEA_128_SHA, - SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, + SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM, 0, SSL_ALL_CIPHERS, }, @@ -189,7 +189,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_DES_40_CBC_SHA, SSL3_CK_RSA_DES_40_CBC_SHA, - SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -198,7 +198,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_DES_64_CBC_SHA, SSL3_CK_RSA_DES_64_CBC_SHA, - SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, 0, SSL_ALL_CIPHERS, }, @@ -207,7 +207,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_RSA_DES_192_CBC3_SHA, SSL3_CK_RSA_DES_192_CBC3_SHA, - SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, 0, SSL_ALL_CIPHERS, }, @@ -218,7 +218,7 @@ SSL_CIPHER ssl3_ciphers[]={ 0, SSL3_TXT_DH_DSS_DES_40_CBC_SHA, SSL3_CK_DH_DSS_DES_40_CBC_SHA, - SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -227,7 +227,7 @@ SSL_CIPHER ssl3_ciphers[]={ 0, SSL3_TXT_DH_DSS_DES_64_CBC_SHA, SSL3_CK_DH_DSS_DES_64_CBC_SHA, - SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, 0, SSL_ALL_CIPHERS, }, @@ -236,7 +236,7 @@ SSL_CIPHER ssl3_ciphers[]={ 0, SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, SSL3_CK_DH_DSS_DES_192_CBC3_SHA, - SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, 0, SSL_ALL_CIPHERS, }, @@ -245,7 +245,7 @@ SSL_CIPHER ssl3_ciphers[]={ 0, SSL3_TXT_DH_RSA_DES_40_CBC_SHA, SSL3_CK_DH_RSA_DES_40_CBC_SHA, - SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -254,7 +254,7 @@ SSL_CIPHER ssl3_ciphers[]={ 0, SSL3_TXT_DH_RSA_DES_64_CBC_SHA, SSL3_CK_DH_RSA_DES_64_CBC_SHA, - SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, 0, SSL_ALL_CIPHERS, }, @@ -263,7 +263,7 @@ SSL_CIPHER ssl3_ciphers[]={ 0, SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, SSL3_CK_DH_RSA_DES_192_CBC3_SHA, - SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, 0, SSL_ALL_CIPHERS, }, @@ -274,7 +274,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, SSL3_CK_EDH_DSS_DES_40_CBC_SHA, - SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -283,7 +283,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, SSL3_CK_EDH_DSS_DES_64_CBC_SHA, - SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, 0, SSL_ALL_CIPHERS, }, @@ -292,7 +292,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, - SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, 0, SSL_ALL_CIPHERS, }, @@ -301,7 +301,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, SSL3_CK_EDH_RSA_DES_40_CBC_SHA, - SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3, + SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP40|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -310,7 +310,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, SSL3_CK_EDH_RSA_DES_64_CBC_SHA, - SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, + SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_LOW, 0, SSL_ALL_CIPHERS, }, @@ -319,7 +319,7 @@ SSL_CIPHER ssl3_ciphers[]={ 1, SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, - SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, + SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH, 0, SSL_ALL_CIPHERS, }, @@ -330,7 +330,7 @@ SSL_CIPHER ssl3_ciphers[]={ 0, SSL3_TXT_FZA_DMS_NULL_SHA, SSL3_CK_FZA_DMS_NULL_SHA, - SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -340,7 +340,7 @@ SSL_CIPHER ssl3_ciphers[]={ 0, SSL3_TXT_FZA_DMS_FZA_SHA, SSL3_CK_FZA_DMS_FZA_SHA, - SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, @@ -350,11 +350,40 @@ SSL_CIPHER ssl3_ciphers[]={ 0, SSL3_TXT_FZA_DMS_RC4_SHA, SSL3_CK_FZA_DMS_RC4_SHA, - SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3, + SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|_SSL_NOT_EXP|SSL_SSLV3, 0, SSL_ALL_CIPHERS, }, + /* New TLS Export CipherSuites */ + /* Cipher 60 */ + { + 1, + TLS1_TXT_RSA_EXPORT56_WITH_RC4_56_MD5, + TLS1_CK_RSA_EXPORT56_WITH_RC4_56_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP56|SSL_TLSV1, + 0, + SSL_ALL_CIPHERS + }, + /* Cipher 61 */ + { + 1, + TLS1_TXT_RSA_EXPORT56_WITH_RC2_CBC_56_MD5, + TLS1_CK_RSA_EXPORT56_WITH_RC2_CBC_56_MD5, + SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP56|SSL_TLSV1, + 0, + SSL_ALL_CIPHERS + }, + /* Cipher 62 */ + { + 1, + TLS1_TXT_RSA_EXPORT56_WITH_DES_CBC_SHA, + TLS1_CK_RSA_EXPORT56_WITH_DES_CBC_SHA, + SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_EXP56|SSL_TLSV1, + 0, + SSL_ALL_CIPHERS + }, + /* end of list */ }; @@ -733,7 +762,7 @@ STACK *have,*pref; { c=(SSL_CIPHER *)sk_value(have,i); alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK); - if (alg & SSL_EXPORT) + if (SSL_IS_EXPORT(alg)) { ok=((alg & emask) == alg)?1:0; #ifdef CIPHER_DEBUG |