aboutsummaryrefslogtreecommitdiffstats
path: root/ssl/ssl_ciph.c
Commit message (Collapse)AuthorAgeFilesLines
* Remove some obsolete/obscure internal define switches:Emilia Kasper2017-03-011-3/+0
| | | | | | | | | | | | | | | | - FLAT_INC - PKCS1_CHECK (the SSL_OP_PKCS1_CHECK options have been no-oped) - PKCS_TESTVECT (debugging leftovers) - SSL_AD_MISSING_SRP_USERNAME (unfinished feature) - DTLS_AD_MISSING_HANDSHAKE_MESSAGE (unfinished feature) - USE_OBJ_MAC (note this removes a define from the public header but very unlikely someone would be depending on it) - SSL_FORBID_ENULL Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org>
* Remove some commented out code in libsslMatt Caswell2017-02-281-3/+0
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2774)
* Clean up references to FIPSEmilia Kasper2017-02-281-7/+1
| | | | | | | | | | | This removes the fips configure option. This option is broken as the required FIPS code is not available. FIPS_mode() and FIPS_mode_set() are retained for compatibility, but FIPS_mode() always returns 0, and FIPS_mode_set() can only be used to turn FIPS mode off. Reviewed-by: Stephen Henson <steve@openssl.org>
* Let ssl_get_cipher_by_char yield not-valid ciphersBenjamin Kaduk2017-02-231-2/+3
| | | | | | | | | | | Now that we have made SCSVs into more of a first-class object, provide a way for the bytes-to-SSL_CIPHER conversion to actually return them. Add a flag 'all' to ssl_get_cipher_by_char to indicate that we want all the known ciphers, not just the ones valid for encryption. This will, in practice, let the caller retrieve the SCSVs. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2279)
* Implementation of the ARIA cipher as described in RFC 5794.Pauli2017-02-211-4/+1
| | | | | | | | | | | | | | This implementation is written in endian agnostic C code. No attempt at providing machine specific assembly code has been made. This implementation expands the evptests by including the test cases from RFC 5794 and ARIA official site rather than providing an individual test case. Support for ARIA has been integrated into the command line applications, but not TLS. Implemented modes are CBC, CFB1, CFB8, CFB128, CTR, ECB and OFB128. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2337)
* mem leak on error path and error propagation fixYuchi2017-02-141-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2559)
* Replace SSL_PKEY_RSA_ENC, SSL_PKEY_RSA_SIGNDr. Stephen Henson2017-02-101-1/+1
| | | | | | | | | The original intent of SSL_PKEY_RSA_SIGN and SSL_PKEY_RSA_ENC was to support two different keys for RSA signing and decrypt. However this was never implemented and we only ever set one key and the other was always NULL. Replace with single SSL_PKEY_RSA type. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2587)
* Add NID_auth_any and NID_kx_any NIDs.Dr. Stephen Henson2017-02-081-2/+4
| | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2550)
* Add SSL_kANY and SSL_aANYDr. Stephen Henson2017-02-081-0/+6
| | | | | | | Add SSL_kANY and SSL_aANY contants for TLS 1.3 ciphersuites. Return appropriate text strings when they are used. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2550)
* Always ensure that session->cipher is setMatt Caswell2017-01-301-11/+0
| | | | | | | | If we have deserialized the SSL_SESSION then in some circumstances the session->cipher value is NULL. We were patching up in some places but not in others. We should just do it as part of loading the SSL_SESSION. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2259)
* Implement Server side of PSK extension parsingMatt Caswell2017-01-301-0/+11
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2259)
* Fix a few misspellings.FdaSilvaYY2017-01-251-1/+1
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1618)
* Remove a hack from ssl_test_oldMatt Caswell2016-11-161-0/+18
| | | | | | | | | | | | ssl_test_old was reaching inside the SSL structure and changing the internal BIO values. This is completely unneccessary, and was causing an abort in the test when enabling TLSv1.3. I also removed the need for ssl_test_old to include ssl_locl.h. This required the addition of some missing accessors for SSL_COMP name and id fields. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix misc size_t issues causing Windows warnings in 64 bitMatt Caswell2016-11-041-1/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Convert master_secret_size code to size_tMatt Caswell2016-11-041-4/+5
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add DTLS_get_data_mtu() functionDavid Woodhouse2016-11-021-0/+52
| | | | | | | | | | We add ssl_cipher_get_overhead() as an internal function, to avoid having too much ciphersuite-specific knowledge in DTLS_get_data_mtu() itself. It's going to need adjustment for TLSv1.3... but then again, so is fairly much *all* of the SSL_CIPHER handling. This bit is in the noise. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Use ciphersuite id when matching if we've got oneMatt Caswell2016-11-021-0/+2
| | | | | | | | When matching a ciphersuite if we are given an id, make sure we use it otherwise we will match another ciphersuite which is identical except for the TLS version. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Remove trailing zerosRich Salz2016-08-261-87/+73
| | | | Reviewed-by: Andy Polyakov <appro@openssl.org>
* Indent ssl/Emilia Kasper2016-08-181-52/+52
| | | | | | | | | Run util/openssl-format-source on ssl/ Some comments and hand-formatted tables were fixed up manually by disabling auto-formatting. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix CIPHER_DEBUGJimC2016-08-061-1/+1
| | | | | | | Commit 3eb2aff renamed a field of ssl_cipher_st from algorithm_ssl -> min_tls but neglected to update the fprintf reference which is included by -DCIPHER_DEBUG Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1417)
* Have load_buildtin_compression in ssl/ssl_ciph.c return RUN_ONCE resultRichard Levitte2016-07-221-3/+8
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Change all our uses of CRYPTO_THREAD_run_once to use RUN_ONCE insteadRichard Levitte2016-07-191-3/+4
| | | | | | | That way, we have a way to check if the init function was successful or not. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Add checks on sk_TYPE_push() returned resultFdaSilvaYY2016-06-231-2/+2
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Copyright consolidation 01/10Rich Salz2016-05-171-107/+7
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Fold threads.h into crypto.h making API publicViktor Dukhovni2016-05-161-1/+1
| | | | | | Document thread-safe lock creation Reviewed-by: Richard Levitte <levitte@openssl.org>
* Fix building with -DCHARSET_EBCDICMatt Caswell2016-04-291-0/+1
| | | | | | | Building with -DCHARSET_EBCDIC and using --strict-warnings resulted in lots of miscellaneous errors. This fixes it. Reviewed-by: Andy Polyakov <appro@openssl.org>
* Rename int_*() functions to *_int()Matt Caswell2016-04-131-1/+1
| | | | | | | | | | There is a preference for suffixes to indicate that a function is internal rather than prefixes. Note: the suffix is only required to disambiguate internal functions and public symbols with the same name (but different case) Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Rename lots of *_intern or *_internal function to int_*Matt Caswell2016-04-131-1/+1
| | | | | | | | There was a lot of naming inconsistency, so we try and standardise on one form. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Deprecate SSL_COMP_free_compression_methods() and make it a no-opMatt Caswell2016-04-131-4/+1
| | | | | | | | SSL_COMP_free_compression_methods() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Check algo_strength using SSL_STRONG_MASKKurt Roeckx2016-03-221-6/+9
| | | | | | | | algo_strength contains 2 parts that need to be checked by their own. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #2082
* Remove #error from include files.Rich Salz2016-03-201-6/+2
| | | | | | | | Don't have #error statements in header files, but instead wrap the contents of that file in #ifndef OPENSSL_NO_xxx This means it is now always safe to include the header file. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Report TLS 1.0 as backwards-compatible TLSv1Viktor Dukhovni2016-03-171-0/+7
| | | | | | | The TLSv1.0 form is retained for reporting the first protocol version that supports a given cupher. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Sort cipher-list at runtime.Rich Salz2016-03-161-0/+2
| | | | | | Reduces #ifdef complexity. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Fix no-comp buildEmilia Kasper2016-03-121-1/+2
| | | | Reviewed-by: Matt Caswell <matt@openssl.org>
* Move disabling of RC4 for DTLS to the cipher list.Kurt Roeckx2016-03-091-15/+24
| | | | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595
* Remove DES cipher aliasKurt Roeckx2016-03-091-1/+0
| | | | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595
* Add support for minimum and maximum protocol version supported by a cipherKurt Roeckx2016-03-091-103/+93
| | | | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595
* Make SSL_CIPHER_get_version return a const char *Kurt Roeckx2016-03-091-1/+1
| | | | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595
* Remove unused codeKurt Roeckx2016-03-091-15/+4
| | | | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595
* Fix SSL_CIPHER_get_auth_nid returnTodd Short2016-03-081-1/+1
| | | | | | | | Copy/paste error between SSL_CIPHER_get_kx_nid() and SSL_CIPHER_get_auth_nid(), wrong table was referenced Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Convert CRYPTO_LOCK_SSL_* to new multi-threading APIAlessandro Ghedini2016-03-081-31/+24
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* GH787: Fix ALPNTodd Short2016-03-081-7/+7
| | | | | | | | | | | | | * Perform ALPN after the SNI callback; the SSL_CTX may change due to that processing * Add flags to indicate that we actually sent ALPN, to properly error out if unexpectedly received. * clean up ssl3_free() no need to explicitly clear when doing memset * document ALPN functions Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add cipher query functionsTodd Short2016-03-081-4/+48
| | | | | | | Add functions to determine authentication, key-exchange, FIPS and AEAD. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Rework the default cipherlist.Emilia Kasper2016-03-071-6/+57
| | | | | | | | | | | | - Always prefer forward-secure handshakes. - Consistently order ECDSA above RSA. - Next, always prefer AEADs to non-AEADs, irrespective of strength. - Within AEADs, prefer GCM > CHACHA > CCM for a given strength. - Prefer TLS v1.2 ciphers to legacy ciphers. - Remove rarely used DSS, IDEA, SEED, CAMELLIA, CCM from the default list to reduce ClientHello bloat. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Don't mark the eNULL ciphers as non-default.Kurt Roeckx2016-03-041-1/+1
| | | | | | | | They're not part of ALL, so they're not part of COMPLEMENTOFDEFAULT Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #2202
* GH715: ENGINE_finish can take NULLRich Salz2016-02-251-2/+1
| | | | | | | Simplifies calling code. Also fixed up any !ptr tests that were nearby, turning them into NULL tests. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Fix {TLS,CIPHER}_DEBUG compiles.Rich Salz2016-02-181-2/+2
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove outdated DEBUG flags.Rich Salz2016-02-181-4/+0
| | | | | | | | | | | | | | | | | Add -DBIO_DEBUG to --strict-warnings. Remove comments about outdated debugging ifdef guards. Remove md_rand ifdef guarding an assert; it doesn't seem used. Remove the conf guards in conf_api since we use OPENSSL_assert, not assert. For pkcs12 stuff put OPENSSL_ in front of the macro name. Merge TLS_DEBUG into SSL_DEBUG. Various things just turned on/off asserts, mainly for checking non-NULL arguments, which is now removed: camellia, bn_ctx, crypto/modes. Remove some old debug code, that basically just printed things to stderr: DEBUG_PRINT_UNKNOWN_CIPHERSUITES, DEBUG_ZLIB, OPENSSL_RI_DEBUG, RL_DEBUG, RSA_DEBUG, SCRYPT_DEBUG. Remove OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove static ECDH support.Dr. Stephen Henson2016-02-111-32/+5
| | | | | | | Remove support for static ECDH ciphersuites. They require ECDH keys in certificates and don't support forward secrecy. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Add CHACHA20 alias for ciphers.Todd Short2016-02-101-2/+2
| | | | | | | | | Update ciphers documentation as well (based on -04 rev of ID). Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> RT: #4206, GH: #642
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-22 16:57:32 +0000