summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2014-07-09 11:25:43 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2014-07-09 11:25:43 +0000
commit8fe50da7c9e728f8298edeb84998d26bf458b0e2 (patch)
treed34a2bf599566a5be04db4c77c0669e4ff759ff1
parent9fca2717c60e5d9f3a807340975d9b8e8779efad (diff)
tedu the SSL export cipher handling - since we do not have enabled export
ciphers we no longer need the flags or code to support it. ok beck@ miod@
-rw-r--r--lib/libssl/d1_srvr.c26
-rw-r--r--lib/libssl/s3_clnt.c32
-rw-r--r--lib/libssl/s3_lib.c30
-rw-r--r--lib/libssl/s3_srvr.c33
-rw-r--r--lib/libssl/ssl.h5
-rw-r--r--lib/libssl/ssl_cert.c4
-rw-r--r--lib/libssl/ssl_ciph.c64
-rw-r--r--lib/libssl/ssl_lib.c71
-rw-r--r--lib/libssl/ssl_locl.h55
-rw-r--r--lib/libssl/t1_enc.c64
10 files changed, 45 insertions, 339 deletions
diff --git a/lib/libssl/d1_srvr.c b/lib/libssl/d1_srvr.c
index d4d564a6883..c01dc77254e 100644
--- a/lib/libssl/d1_srvr.c
+++ b/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.27 2014/06/30 14:13:27 tedu Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.28 2014/07/09 11:25:42 jsing Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -473,9 +473,6 @@ dtls1_accept(SSL *s)
|| (alg_k & SSL_kEECDH)
|| ((alg_k & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
- || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
- && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
- )
)
)
) {
@@ -1047,9 +1044,7 @@ dtls1_send_server_key_exchange(SSL *s)
if (type & SSL_kRSA) {
rsa = cert->rsa_tmp;
if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
- rsa = s->cert->rsa_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+ rsa = s->cert->rsa_tmp_cb(s, 0, 0);
if (rsa == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
@@ -1070,9 +1065,7 @@ dtls1_send_server_key_exchange(SSL *s)
if (type & SSL_kEDH) {
dhp = cert->dh_tmp;
if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
- dhp = s->cert->dh_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+ dhp = s->cert->dh_tmp_cb(s, 0, 0);
if (dhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_DH_KEY);
@@ -1115,11 +1108,8 @@ dtls1_send_server_key_exchange(SSL *s)
const EC_GROUP *group;
ecdhp = cert->ecdh_tmp;
- if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) {
- ecdhp = s->cert->ecdh_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
- }
+ if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
+ ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
if (ecdhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_MISSING_TMP_ECDH_KEY);
@@ -1160,12 +1150,6 @@ dtls1_send_server_key_exchange(SSL *s)
goto err;
}
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- (EC_GROUP_get_degree(group) > 163)) {
- SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
- goto err;
- }
-
/* XXX: For now, we only support ephemeral ECDH
* keys over named (not generic) curves. For
* supported named curves, curve_id is non-zero.
diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c
index 03500190785..61de494244e 100644
--- a/lib/libssl/s3_clnt.c
+++ b/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.72 2014/06/21 20:27:25 tedu Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.73 2014/07/09 11:25:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1490,14 +1490,6 @@ ssl3_get_key_exchange(SSL *s)
group = EC_KEY_get0_group(ecdh);
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- (EC_GROUP_get_degree(group) > 163)) {
- al = SSL_AD_EXPORT_RESTRICTION;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
- goto f_err;
- }
-
p += 3;
/* Next, get the encoded ECPoint */
@@ -2824,28 +2816,6 @@ ssl3_check_cert_and_algorithm(SSL *s)
goto f_err;
}
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- !has_bits(i, EVP_PKT_EXP)) {
- if (alg_k & SSL_kRSA) {
- if (rsa == NULL || RSA_size(rsa) * 8 >
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
- goto f_err;
- }
- } else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) {
- if (dh == NULL || DH_size(dh) * 8 >
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_MISSING_EXPORT_TMP_DH_KEY);
- goto f_err;
- }
- } else {
- SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
- SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
- goto f_err;
- }
- }
return (1);
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index d07d7e7cbc5..5c4e530d34e 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.66 2014/07/09 11:10:51 bcook Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.67 2014/07/09 11:25:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -210,7 +210,7 @@ SSL_CIPHER ssl3_ciphers[] = {
.algorithm_enc = SSL_RC4,
.algorithm_mac = SSL_MD5,
.algorithm_ssl = SSL_SSLV3,
- .algo_strength = SSL_EXPORT|SSL_EXP40,
+ .algo_strength = 0,
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
.strength_bits = 40,
.alg_bits = 128,
@@ -258,7 +258,7 @@ SSL_CIPHER ssl3_ciphers[] = {
.algorithm_enc = SSL_RC2,
.algorithm_mac = SSL_MD5,
.algorithm_ssl = SSL_SSLV3,
- .algo_strength = SSL_EXPORT|SSL_EXP40,
+ .algo_strength = 0,
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
.strength_bits = 40,
.alg_bits = 128,
@@ -292,7 +292,7 @@ SSL_CIPHER ssl3_ciphers[] = {
.algorithm_enc = SSL_DES,
.algorithm_mac = SSL_SHA1,
.algorithm_ssl = SSL_SSLV3,
- .algo_strength = SSL_EXPORT|SSL_EXP40,
+ .algo_strength = 0,
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
.strength_bits = 40,
.alg_bits = 56,
@@ -341,7 +341,7 @@ SSL_CIPHER ssl3_ciphers[] = {
.algorithm_enc = SSL_DES,
.algorithm_mac = SSL_SHA1,
.algorithm_ssl = SSL_SSLV3,
- .algo_strength = SSL_EXPORT|SSL_EXP40,
+ .algo_strength = 0,
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
.strength_bits = 40,
.alg_bits = 56,
@@ -389,7 +389,7 @@ SSL_CIPHER ssl3_ciphers[] = {
.algorithm_enc = SSL_DES,
.algorithm_mac = SSL_SHA1,
.algorithm_ssl = SSL_SSLV3,
- .algo_strength = SSL_EXPORT|SSL_EXP40,
+ .algo_strength = 0,
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
.strength_bits = 40,
.alg_bits = 56,
@@ -438,7 +438,7 @@ SSL_CIPHER ssl3_ciphers[] = {
.algorithm_enc = SSL_DES,
.algorithm_mac = SSL_SHA1,
.algorithm_ssl = SSL_SSLV3,
- .algo_strength = SSL_EXPORT|SSL_EXP40,
+ .algo_strength = 0,
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
.strength_bits = 40,
.alg_bits = 56,
@@ -486,7 +486,7 @@ SSL_CIPHER ssl3_ciphers[] = {
.algorithm_enc = SSL_DES,
.algorithm_mac = SSL_SHA1,
.algorithm_ssl = SSL_SSLV3,
- .algo_strength = SSL_EXPORT|SSL_EXP40,
+ .algo_strength = 0,
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
.strength_bits = 40,
.alg_bits = 56,
@@ -534,7 +534,7 @@ SSL_CIPHER ssl3_ciphers[] = {
.algorithm_enc = SSL_RC4,
.algorithm_mac = SSL_MD5,
.algorithm_ssl = SSL_SSLV3,
- .algo_strength = SSL_EXPORT|SSL_EXP40,
+ .algo_strength = 0,
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
.strength_bits = 40,
.alg_bits = 128,
@@ -566,7 +566,7 @@ SSL_CIPHER ssl3_ciphers[] = {
.algorithm_enc = SSL_DES,
.algorithm_mac = SSL_SHA1,
.algorithm_ssl = SSL_SSLV3,
- .algo_strength = SSL_EXPORT|SSL_EXP40,
+ .algo_strength = 0,
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
.strength_bits = 40,
.alg_bits = 128,
@@ -2999,7 +2999,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
int ec_ok, ec_nid;
unsigned char ec_search1 = 0, ec_search2 = 0;
CERT *cert;
- unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
+ unsigned long alg_k, alg_a, mask_k, mask_a;
/* Let's see which ciphers we can support */
cert = s->cert;
@@ -3030,8 +3030,6 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
ssl_set_cert_masks(cert, c);
mask_k = cert->mask_k;
mask_a = cert->mask_a;
- emask_k = cert->export_mask_k;
- emask_a = cert->export_mask_a;
alg_k = c->algorithm_mkey;
alg_a = c->algorithm_auth;
@@ -3042,11 +3040,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
continue;
#endif /* OPENSSL_NO_PSK */
- if (SSL_C_IS_EXPORT(c)) {
- ok = (alg_k & emask_k) && (alg_a & emask_a);
- } else {
- ok = (alg_k & mask_k) && (alg_a & mask_a);
- }
+ ok = (alg_k & mask_k) && (alg_a & mask_a);
if (
/*
diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c
index a3387040a93..f24d0f9cf85 100644
--- a/lib/libssl/s3_srvr.c
+++ b/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.67 2014/06/30 14:13:27 tedu Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.68 2014/07/09 11:25:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -435,11 +435,7 @@ ssl3_accept(SSL *s)
|| ((alg_k & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey ==
NULL
- || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
- && EVP_PKEY_size(
- s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) * 8
- > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher
- ))))) {
+ ))) {
ret = ssl3_send_server_key_exchange(s);
if (ret <= 0)
goto end;
@@ -1296,8 +1292,6 @@ ssl3_get_client_hello(SSL *s)
c = sk_SSL_CIPHER_value(sk, i);
if (c->algorithm_enc & SSL_eNULL)
nc = c;
- if (SSL_C_IS_EXPORT(c))
- ec = c;
}
if (nc != NULL)
s->s3->tmp.new_cipher = nc;
@@ -1508,9 +1502,7 @@ ssl3_send_server_key_exchange(SSL *s)
if (type & SSL_kRSA) {
rsa = cert->rsa_tmp;
if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
- rsa = s->cert->rsa_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+ rsa = s->cert->rsa_tmp_cb(s, 0, 0);
if (rsa == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(
@@ -1534,9 +1526,7 @@ ssl3_send_server_key_exchange(SSL *s)
if (type & SSL_kEDH) {
dhp = cert->dh_tmp;
if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
- dhp = s->cert->dh_tmp_cb(s,
- SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+ dhp = s->cert->dh_tmp_cb(s, 0, 0);
if (dhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
@@ -1584,12 +1574,8 @@ ssl3_send_server_key_exchange(SSL *s)
const EC_GROUP *group;
ecdhp = cert->ecdh_tmp;
- if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) {
- ecdhp = s->cert->ecdh_tmp_cb(
- s, SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
- SSL_C_EXPORT_PKEYLENGTH(
- s->s3->tmp.new_cipher));
- }
+ if (ecdhp == NULL && s->cert->ecdh_tmp_cb != NULL)
+ ecdhp = s->cert->ecdh_tmp_cb(s, 0, 0);
if (ecdhp == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
@@ -1634,13 +1620,6 @@ ssl3_send_server_key_exchange(SSL *s)
goto err;
}
- if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
- (EC_GROUP_get_degree(group) > 163)) {
- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
- SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
- goto err;
- }
-
/*
* XXX: For now, we only support ephemeral ECDH
* keys over named (not generic) curves. For
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index 3e09bd35219..b1eeb85c649 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.56 2014/06/13 13:28:53 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.57 2014/07/09 11:25:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -222,12 +222,9 @@ extern "C" {
/* These are used to specify which ciphers to use and not to use */
-#define SSL_TXT_EXP40 "EXPORT40"
-#define SSL_TXT_EXP56 "EXPORT56"
#define SSL_TXT_LOW "LOW"
#define SSL_TXT_MEDIUM "MEDIUM"
#define SSL_TXT_HIGH "HIGH"
-#define SSL_TXT_FIPS "FIPS"
#define SSL_TXT_kFZA "kFZA" /* unused! */
#define SSL_TXT_aFZA "aFZA" /* unused! */
diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c
index 0864fe8d997..5b5ffac06f4 100644
--- a/lib/libssl/ssl_cert.c
+++ b/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.39 2014/06/21 09:10:30 logan Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.40 2014/07/09 11:25:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -202,8 +202,6 @@ ssl_cert_dup(CERT *cert)
ret->valid = cert->valid;
ret->mask_k = cert->mask_k;
ret->mask_a = cert->mask_a;
- ret->export_mask_k = cert->export_mask_k;
- ret->export_mask_a = cert->export_mask_a;
if (cert->rsa_tmp != NULL) {
RSA_up_ref(cert->rsa_tmp);
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c
index 31964ebe145..8fc05bc7479 100644
--- a/lib/libssl/ssl_ciph.c
+++ b/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.56 2014/07/08 21:50:40 jsing Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.57 2014/07/09 11:25:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -526,26 +526,8 @@ static const SSL_CIPHER cipher_aliases[] = {
.algorithm_ssl = SSL_TLSV1_2,
},
- /* export flag */
- {
- .name = SSL_TXT_EXP,
- .algo_strength = SSL_EXPORT,
- },
- {
- .name = SSL_TXT_EXPORT,
- .algo_strength = SSL_EXPORT,
- },
-
/* strength classes */
{
- .name = SSL_TXT_EXP40,
- .algo_strength = SSL_EXP40,
- },
- {
- .name = SSL_TXT_EXP56,
- .algo_strength = SSL_EXP56,
- },
- {
.name = SSL_TXT_LOW,
.algo_strength = SSL_LOW,
},
@@ -1214,8 +1196,6 @@ ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long alg_mkey,
continue;
if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
continue;
- if ((algo_strength & SSL_EXP_MASK) && !(algo_strength & SSL_EXP_MASK & cp->algo_strength))
- continue;
if ((algo_strength & SSL_STRONG_MASK) && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
continue;
}
@@ -1469,21 +1449,6 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p,
alg_mac = ca_list[j]->algorithm_mac;
}
- if (ca_list[j]->algo_strength & SSL_EXP_MASK) {
- if (algo_strength & SSL_EXP_MASK) {
- algo_strength &=
- (ca_list[j]->algo_strength &
- SSL_EXP_MASK) | ~SSL_EXP_MASK;
- if (!(algo_strength & SSL_EXP_MASK)) {
- found = 0;
- break;
- }
- } else
- algo_strength |=
- ca_list[j]->algo_strength &
- SSL_EXP_MASK;
- }
-
if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
if (algo_strength & SSL_STRONG_MASK) {
algo_strength &=
@@ -1739,11 +1704,11 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
char *
SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
{
- int is_export, pkl, kl, l;
- const char *ver, *exp_str;
+ int l;
+ const char *ver;
const char *kx, *au, *enc, *mac;
unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
- static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
+ static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s\n";
alg_mkey = cipher->algorithm_mkey;
alg_auth = cipher->algorithm_auth;
@@ -1753,11 +1718,6 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
alg2 = cipher->algorithm2;
- is_export = SSL_C_IS_EXPORT(cipher);
- pkl = SSL_C_EXPORT_PKEYLENGTH(cipher);
- kl = SSL_C_EXPORT_KEYLENGTH(cipher);
- exp_str = is_export?" export":"";
-
if (alg_ssl & SSL_SSLV2)
ver="SSLv2";
else if (alg_ssl & SSL_SSLV3)
@@ -1769,7 +1729,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
switch (alg_mkey) {
case SSL_kRSA:
- kx = is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA";
+ kx = "RSA";
break;
case SSL_kDHr:
kx="DH/RSA";
@@ -1781,7 +1741,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
kx="KRB5";
break;
case SSL_kEDH:
- kx = is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH";
+ kx = "DH";
break;
case SSL_kECDHr:
kx="ECDH/RSA";
@@ -1834,17 +1794,16 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
switch (alg_enc) {
case SSL_DES:
- enc = (is_export && kl == 5)?"DES(40)":"DES(56)";
+ enc = "DES(56)";
break;
case SSL_3DES:
enc="3DES(168)";
break;
case SSL_RC4:
- enc = is_export?(kl == 5 ? "RC4(40)" : "RC4(56)")
- :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
+ enc = alg2 & SSL2_CF_8_BYTE_ENC ? "RC4(64)" : "RC4(128)";
break;
case SSL_RC2:
- enc = is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)";
+ enc = "RC2(128)";
break;
case SSL_IDEA:
enc="IDEA(128)";
@@ -1903,11 +1862,10 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
}
if (buf == NULL)
- l = asprintf(&buf, format, cipher->name, ver, kx, au, enc,
- mac, exp_str);
+ l = asprintf(&buf, format, cipher->name, ver, kx, au, enc, mac);
else {
l = snprintf(buf, len, format, cipher->name, ver, kx, au, enc,
- mac, exp_str);
+ mac);
if (l >= len)
l = -1;
}
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index f867daab0ec..51772eb6181 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.69 2014/06/19 21:29:51 tedu Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.70 2014/07/09 11:25:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1956,9 +1956,7 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
{
CERT_PKEY *cpk;
int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
- int rsa_enc_export, dh_rsa_export, dh_dsa_export;
- int rsa_tmp_export, dh_tmp_export, kl;
- unsigned long mask_k, mask_a, emask_k, emask_a;
+ unsigned long mask_k, mask_a;
int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
int have_ecdh_tmp;
X509 *x = NULL;
@@ -1968,39 +1966,25 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
if (c == NULL)
return;
- kl = SSL_C_EXPORT_PKEYLENGTH(cipher);
-
rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
- rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
- (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl));
dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
- dh_tmp_export = (c->dh_tmp_cb != NULL ||
- (dh_tmp && DH_size(c->dh_tmp)*8 <= kl));
have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
- rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
dh_rsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
- dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
/* FIX THIS EAY EAY EAY */
dh_dsa = (cpk->x509 != NULL && cpk->privatekey != NULL);
- dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
cpk = &(c->pkeys[SSL_PKEY_ECC]);
have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
mask_k = 0;
mask_a = 0;
- emask_k = 0;
- emask_a = 0;
-
-
-
cpk = &(c->pkeys[SSL_PKEY_GOST01]);
if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
@@ -2015,38 +1999,23 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
if (rsa_enc || (rsa_tmp && rsa_sign))
mask_k|=SSL_kRSA;
- if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
- emask_k|=SSL_kRSA;
-
- if (dh_tmp_export)
- emask_k|=SSL_kEDH;
if (dh_tmp)
mask_k|=SSL_kEDH;
if (dh_rsa)
mask_k|=SSL_kDHr;
- if (dh_rsa_export)
- emask_k|=SSL_kDHr;
if (dh_dsa)
mask_k|=SSL_kDHd;
- if (dh_dsa_export)
- emask_k|=SSL_kDHd;
- if (rsa_enc || rsa_sign) {
+ if (rsa_enc || rsa_sign)
mask_a|=SSL_aRSA;
- emask_a|=SSL_aRSA;
- }
- if (dsa_sign) {
+ if (dsa_sign)
mask_a|=SSL_aDSS;
- emask_a|=SSL_aDSS;
- }
mask_a|=SSL_aNULL;
- emask_a|=SSL_aNULL;
-
/*
* An ECC certificate may be usable for ECDH and/or
@@ -2069,47 +2038,30 @@ ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
}
if (ecdh_ok) {
-
if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
mask_k|=SSL_kECDHr;
mask_a|=SSL_aECDH;
- if (ecc_pkey_size <= 163) {
- emask_k|=SSL_kECDHr;
- emask_a|=SSL_aECDH;
- }
}
-
if (pk_nid == NID_X9_62_id_ecPublicKey) {
mask_k|=SSL_kECDHe;
mask_a|=SSL_aECDH;
- if (ecc_pkey_size <= 163) {
- emask_k|=SSL_kECDHe;
- emask_a|=SSL_aECDH;
- }
}
}
- if (ecdsa_ok) {
+ if (ecdsa_ok)
mask_a|=SSL_aECDSA;
- emask_a|=SSL_aECDSA;
- }
}
if (have_ecdh_tmp) {
mask_k|=SSL_kEECDH;
- emask_k|=SSL_kEECDH;
}
#ifndef OPENSSL_NO_PSK
mask_k |= SSL_kPSK;
mask_a |= SSL_aPSK;
- emask_k |= SSL_kPSK;
- emask_a |= SSL_aPSK;
#endif
c->mask_k = mask_k;
c->mask_a = mask_a;
- c->export_mask_k = emask_k;
- c->export_mask_a = emask_a;
c->valid = 1;
}
@@ -2122,25 +2074,12 @@ int
ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
{
unsigned long alg_k, alg_a;
- EVP_PKEY *pkey = NULL;
- int keysize = 0;
int signature_nid = 0, md_nid = 0, pk_nid = 0;
const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
alg_k = cs->algorithm_mkey;
alg_a = cs->algorithm_auth;
- if (SSL_C_IS_EXPORT(cs)) {
- /* ECDH key length in export ciphers must be <= 163 bits */
- pkey = X509_get_pubkey(x);
- if (pkey == NULL)
- return (0);
- keysize = EVP_PKEY_bits(pkey);
- EVP_PKEY_free(pkey);
- if (keysize > 163)
- return (0);
- }
-
/* This call populates the ex_flags field correctly */
X509_check_purpose(x, -1, 0);
if ((x->sig_alg) && (x->sig_alg->algorithm)) {
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index 228bf5b2be6..2b3d1b8e444 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.55 2014/07/08 21:50:40 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.56 2014/07/09 11:25:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -368,63 +368,14 @@
(((ssl_cipher->algorithm2 >> 24) & 0xf) * 2)
/*
- * Export and cipher strength information. For each cipher we have to decide
- * whether it is exportable or not. This information is likely to change
- * over time, since the export control rules are no static technical issue.
- *
- * Independent of the export flag the cipher strength is sorted into classes.
- * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
- * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
- * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
- * since SSL_EXP64 could be similar to SSL_LOW.
- * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
- * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
- * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
- * be possible.
+ * Cipher strength information.
*/
-#define SSL_EXP_MASK 0x00000003L
#define SSL_STRONG_MASK 0x000001fcL
-
-#define SSL_EXPORT 0x00000002L
-
#define SSL_STRONG_NONE 0x00000004L
-#define SSL_EXP40 0x00000008L
-#define SSL_MICRO (SSL_EXP40)
-#define SSL_EXP56 0x00000010L
-#define SSL_MINI (SSL_EXP56)
#define SSL_LOW 0x00000020L
#define SSL_MEDIUM 0x00000040L
#define SSL_HIGH 0x00000080L
-/* we have used 000001ff - 23 bits left to go */
-
-/*
- * Macros to check the export status and cipher strength for export ciphers.
- * Even though the macros for EXPORT and EXPORT40/56 have similar names,
- * their meaning is different:
- * *_EXPORT macros check the 'exportable' status.
- * *_EXPORT40/56 macros are used to check whether a certain cipher strength
- * is given.
- * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
- * algorithm structure element to be passed (algorithms, algo_strength) and no
- * typechecking can be done as they are all of type unsigned long, their
- * direct usage is discouraged.
- * Use the SSL_C_* macros instead.
- */
-#define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT)
-#define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56)
-#define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40)
-#define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength)
-#define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength)
-#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength)
-
-#define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \
- (a) == SSL_DES ? 8 : 7)
-#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
-#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \
- (c)->algo_strength)
-#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
-
/* Check if an SSL structure is using DTLS. */
#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
@@ -490,8 +441,6 @@ typedef struct cert_st {
int valid;
unsigned long mask_k;
unsigned long mask_a;
- unsigned long export_mask_k;
- unsigned long export_mask_a;
RSA *rsa_tmp;
RSA *(*rsa_tmp_cb)(SSL *ssl, int is_export, int keysize);
DH *dh_tmp;
diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c
index 46238dc6c3b..26d98522d0a 100644
--- a/lib/libssl/t1_enc.c
+++ b/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.64 2014/07/08 16:05:52 beck Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.65 2014/07/09 11:25:42 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -375,21 +375,12 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
const unsigned char *key, unsigned int key_len, const unsigned char *iv,
unsigned int iv_len)
{
- static const unsigned char empty[] = "";
- unsigned char export_tmp1[EVP_MAX_KEY_LENGTH];
- unsigned char export_tmp2[EVP_MAX_KEY_LENGTH];
- unsigned char export_iv1[EVP_MAX_IV_LENGTH * 2];
- unsigned char export_iv2[EVP_MAX_IV_LENGTH * 2];
- unsigned char *exp_label;
- int exp_label_len;
EVP_CIPHER_CTX *cipher_ctx;
const EVP_CIPHER *cipher;
EVP_MD_CTX *mac_ctx;
const EVP_MD *mac;
int mac_type;
- int is_export;
- is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
cipher = s->s3->tmp.new_sym_enc;
mac = s->s3->tmp.new_hash;
mac_type = s->s3->tmp.new_mac_pkey_type;
@@ -438,41 +429,6 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
s->write_hash = mac_ctx;
}
- if (is_export) {
- /*
- * Both the read and write key/iv are set to the same value
- * since only the correct one will be used :-).
- */
- if (use_client_keys) {
- exp_label = TLS_MD_CLIENT_WRITE_KEY_CONST;
- exp_label_len = TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
- } else {
- exp_label = TLS_MD_SERVER_WRITE_KEY_CONST;
- exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
- }
- if (!tls1_PRF(ssl_get_algorithm2(s), exp_label, exp_label_len,
- s->s3->client_random, SSL3_RANDOM_SIZE,
- s->s3->server_random, SSL3_RANDOM_SIZE,
- NULL, 0, NULL, 0, key, key_len, export_tmp1, export_tmp2,
- EVP_CIPHER_key_length(cipher)))
- goto err2;
- key = export_tmp1;
-
- if (iv_len > 0) {
- if (!tls1_PRF(ssl_get_algorithm2(s),
- TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE,
- s->s3->client_random, SSL3_RANDOM_SIZE,
- s->s3->server_random, SSL3_RANDOM_SIZE,
- NULL, 0, NULL, 0, empty, 0,
- export_iv1, export_iv2, iv_len * 2))
- goto err2;
- if (use_client_keys)
- iv = export_iv1;
- else
- iv = &(export_iv1[iv_len]);
- }
- }
-
if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) {
EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL,
!is_read);
@@ -494,18 +450,10 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
mac_secret_size, (unsigned char *)mac_secret);
}
- if (is_export) {
- OPENSSL_cleanse(export_tmp1, sizeof(export_tmp1));
- OPENSSL_cleanse(export_tmp2, sizeof(export_tmp2));
- OPENSSL_cleanse(export_iv1, sizeof(export_iv1));
- OPENSSL_cleanse(export_iv2, sizeof(export_iv2));
- }
-
return (1);
err:
SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER, ERR_R_MALLOC_FAILURE);
-err2:
return (0);
}
@@ -521,13 +469,11 @@ tls1_change_cipher_state(SSL *s, int which)
const EVP_CIPHER *cipher;
const EVP_AEAD *aead;
char is_read, use_client_keys;
- int is_export;
#ifndef OPENSSL_NO_COMP
const SSL_COMP *comp;
#endif
- is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
cipher = s->s3->tmp.new_sym_enc;
aead = s->s3->tmp.new_aead;
@@ -598,10 +544,6 @@ tls1_change_cipher_state(SSL *s, int which)
key_len = EVP_CIPHER_key_length(cipher);
iv_len = EVP_CIPHER_iv_length(cipher);
- if (is_export &&
- key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher))
- key_len = SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher);
-
/* If GCM mode only part of IV comes from PRF. */
if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)
iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
@@ -700,10 +642,6 @@ tls1_setup_key_block(SSL *s)
key_len = EVP_CIPHER_key_length(cipher);
iv_len = EVP_CIPHER_iv_length(cipher);
- if (SSL_C_IS_EXPORT(s->session->cipher) &&
- key_len > SSL_C_EXPORT_KEYLENGTH(s->session->cipher))
- key_len = SSL_C_EXPORT_KEYLENGTH(s->session->cipher);
-
/* If GCM mode only part of IV comes from PRF. */
if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)
iv_len = EVP_GCM_TLS_FIXED_IV_LEN;