From 916a85743bb281f0fcb886dbfc3f4f6d73ff6ec7 Mon Sep 17 00:00:00 2001 From: Theo Buehler Date: Mon, 21 Jan 2019 14:12:14 +0000 Subject: Move ssl_cipher_list_to_bytes() and ssl_bytes_to_cipher_list() to a more appropriately licenced file. jsing and doug have rewritten these functions (including the comments) over the past years. ok jsing --- lib/libssl/ssl_ciphers.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++- lib/libssl/ssl_lib.c | 116 +-------------------------------------------- 2 files changed, 120 insertions(+), 116 deletions(-) (limited to 'lib/libssl') diff --git a/lib/libssl/ssl_ciphers.c b/lib/libssl/ssl_ciphers.c index 081a35ddb2b..374cb6684ed 100644 --- a/lib/libssl/ssl_ciphers.c +++ b/lib/libssl/ssl_ciphers.c @@ -1,5 +1,7 @@ -/* $OpenBSD: ssl_ciphers.c,v 1.1 2019/01/21 10:28:52 tb Exp $ */ +/* $OpenBSD: ssl_ciphers.c,v 1.2 2019/01/21 14:12:13 tb Exp $ */ /* + * Copyright (c) 2015-2017 Doug Hogan + * Copyright (c) 2015-2018 Joel Sing * Copyright (c) 2019 Theo Buehler * * Permission to use, copy, modify, and distribute this software for any @@ -15,6 +17,9 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include + +#include "bytestring.h" #include "ssl_locl.h" int @@ -42,3 +47,116 @@ ssl_cipher_is_permitted(const SSL_CIPHER *cipher, uint16_t min_ver, return 0; } + +int +ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb) +{ + SSL_CIPHER *cipher; + int num_ciphers = 0; + uint16_t min_vers, max_vers; + int i; + + if (ciphers == NULL) + return 0; + + if (!ssl_supported_version_range(s, &min_vers, &max_vers)) + return 0; + + for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { + if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL) + return 0; + + if (!ssl_cipher_is_permitted(cipher, min_vers, max_vers)) + continue; + + if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher))) + return 0; + + num_ciphers++; + } + + /* Add SCSV if there are other ciphers and we're not renegotiating. */ + if (num_ciphers > 0 && !s->internal->renegotiate) { + if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK)) + return 0; + } + + if (!CBB_flush(cbb)) + return 0; + + return 1; +} + +STACK_OF(SSL_CIPHER) * +ssl_bytes_to_cipher_list(SSL *s, CBS *cbs) +{ + STACK_OF(SSL_CIPHER) *ciphers = NULL; + const SSL_CIPHER *cipher; + uint16_t cipher_value, max_version; + unsigned long cipher_id; + + if (s->s3 != NULL) + S3I(s)->send_connection_binding = 0; + + if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) { + SSLerror(s, ERR_R_MALLOC_FAILURE); + goto err; + } + + while (CBS_len(cbs) > 0) { + if (!CBS_get_u16(cbs, &cipher_value)) { + SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); + goto err; + } + + cipher_id = SSL3_CK_ID | cipher_value; + + if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) { + /* + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if + * renegotiating. + */ + if (s->internal->renegotiate) { + SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); + ssl3_send_alert(s, SSL3_AL_FATAL, + SSL_AD_HANDSHAKE_FAILURE); + + goto err; + } + S3I(s)->send_connection_binding = 1; + continue; + } + + if (cipher_id == SSL3_CK_FALLBACK_SCSV) { + /* + * TLS_FALLBACK_SCSV indicates that the client + * previously tried a higher protocol version. + * Fail if the current version is an unexpected + * downgrade. + */ + max_version = ssl_max_server_version(s); + if (max_version == 0 || s->version < max_version) { + SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK); + if (s->s3 != NULL) + ssl3_send_alert(s, SSL3_AL_FATAL, + SSL_AD_INAPPROPRIATE_FALLBACK); + goto err; + } + continue; + } + + if ((cipher = ssl3_get_cipher_by_value(cipher_value)) != NULL) { + if (!sk_SSL_CIPHER_push(ciphers, cipher)) { + SSLerror(s, ERR_R_MALLOC_FAILURE); + goto err; + } + } + } + + return (ciphers); + + err: + sk_SSL_CIPHER_free(ciphers); + + return (NULL); +} diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 97e0a4479d1..e3ab8431ab6 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.198 2019/01/21 10:32:58 tb Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.199 2019/01/21 14:12:13 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1402,120 +1402,6 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len) return (buf); } -int -ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb) -{ - SSL_CIPHER *cipher; - int num_ciphers = 0; - uint16_t min_vers, max_vers; - int i; - - if (ciphers == NULL) - return 0; - - if (!ssl_supported_version_range(s, &min_vers, &max_vers)) - return 0; - - for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { - if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL) - return 0; - - if (!ssl_cipher_is_permitted(cipher, min_vers, max_vers)) - continue; - - if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher))) - return 0; - - num_ciphers++; - } - - /* Add SCSV if there are other ciphers and we're not renegotiating. */ - if (num_ciphers > 0 && !s->internal->renegotiate) { - if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK)) - return 0; - } - - if (!CBB_flush(cbb)) - return 0; - - return 1; -} - -STACK_OF(SSL_CIPHER) * -ssl_bytes_to_cipher_list(SSL *s, CBS *cbs) -{ - STACK_OF(SSL_CIPHER) *ciphers = NULL; - const SSL_CIPHER *cipher; - uint16_t cipher_value, max_version; - unsigned long cipher_id; - - if (s->s3 != NULL) - S3I(s)->send_connection_binding = 0; - - if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) { - SSLerror(s, ERR_R_MALLOC_FAILURE); - goto err; - } - - while (CBS_len(cbs) > 0) { - if (!CBS_get_u16(cbs, &cipher_value)) { - SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); - goto err; - } - - cipher_id = SSL3_CK_ID | cipher_value; - - if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) { - /* - * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if - * renegotiating. - */ - if (s->internal->renegotiate) { - SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); - ssl3_send_alert(s, SSL3_AL_FATAL, - SSL_AD_HANDSHAKE_FAILURE); - - goto err; - } - S3I(s)->send_connection_binding = 1; - continue; - } - - if (cipher_id == SSL3_CK_FALLBACK_SCSV) { - /* - * TLS_FALLBACK_SCSV indicates that the client - * previously tried a higher protocol version. - * Fail if the current version is an unexpected - * downgrade. - */ - max_version = ssl_max_server_version(s); - if (max_version == 0 || s->version < max_version) { - SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK); - if (s->s3 != NULL) - ssl3_send_alert(s, SSL3_AL_FATAL, - SSL_AD_INAPPROPRIATE_FALLBACK); - goto err; - } - continue; - } - - if ((cipher = ssl3_get_cipher_by_value(cipher_value)) != NULL) { - if (!sk_SSL_CIPHER_push(ciphers, cipher)) { - SSLerror(s, ERR_R_MALLOC_FAILURE); - goto err; - } - } - } - - return (ciphers); - -err: - sk_SSL_CIPHER_free(ciphers); - - return (NULL); -} - - /* * Return a servername extension value if provided in Client Hello, or NULL. * So far, only host_name types are defined (RFC 3546). -- cgit v1.2.3