From: jsing Date: Mon, 22 Jul 2024 14:47:15 +0000 (+0000) Subject: Use cipher suite values instead of IDs. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f4fe6251b363bc47c99c75caa60c829516bf905e;p=openbsd Use cipher suite values instead of IDs. OpenSSL has had the concept of cipher IDs, which were a way of working around overlapping cipher suite values between SSLv2 and SSLv3. Given that we no longer have to deal with this issue, replace the use of IDs with cipher suite values. In particular, this means that we can stop mapping back and forth between the two, simplifying things considerably. While here, remove the 'valid' member of the SSL_CIPHER. The ssl3_ciphers[] table is no longer mutable, meaning that ciphers cannot be disabled at runtime (and we have `#if 0' if we want to do it at compile time). Clean up the comments and add/update RFC references for cipher suites. ok tb@ --- diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 38e7ba7f192..d30eb6deb70 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.255 2024/07/19 08:54:31 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.256 2024/07/22 14:47:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -171,12 +171,12 @@ /* list of available SSLv3 ciphers (sorted by id) */ const SSL_CIPHER ssl3_ciphers[] = { - /* The RSA ciphers */ - /* Cipher 01 */ + /* + * SSLv3 RSA cipher suites (RFC 6101, appendix A.6). + */ { - .valid = 1, + .value = 0x0001, .name = SSL3_TXT_RSA_NULL_MD5, - .id = SSL3_CK_RSA_NULL_MD5, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_eNULL, @@ -187,12 +187,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 0, .alg_bits = 0, }, - - /* Cipher 02 */ { - .valid = 1, + .value = 0x0002, .name = SSL3_TXT_RSA_NULL_SHA, - .id = SSL3_CK_RSA_NULL_SHA, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_eNULL, @@ -203,12 +200,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 0, .alg_bits = 0, }, - - /* Cipher 04 */ { - .valid = 1, + .value = 0x0004, .name = SSL3_TXT_RSA_RC4_128_MD5, - .id = SSL3_CK_RSA_RC4_128_MD5, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_RC4, @@ -219,12 +213,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 05 */ { - .valid = 1, + .value = 0x0005, .name = SSL3_TXT_RSA_RC4_128_SHA, - .id = SSL3_CK_RSA_RC4_128_SHA, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_RC4, @@ -235,12 +226,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 0A */ { - .valid = 1, + .value = 0x000a, .name = SSL3_TXT_RSA_DES_192_CBC3_SHA, - .id = SSL3_CK_RSA_DES_192_CBC3_SHA, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_3DES, @@ -253,14 +241,11 @@ const SSL_CIPHER ssl3_ciphers[] = { }, /* - * Ephemeral DH (DHE) ciphers. + * SSLv3 DHE cipher suites (RFC 6101, appendix A.6). */ - - /* Cipher 16 */ { - .valid = 1, + .value = 0x0016, .name = SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, - .id = SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_3DES, @@ -271,12 +256,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 112, .alg_bits = 168, }, - - /* Cipher 18 */ { - .valid = 1, + .value = 0x0018, .name = SSL3_TXT_ADH_RC4_128_MD5, - .id = SSL3_CK_ADH_RC4_128_MD5, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_RC4, @@ -287,12 +269,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 1B */ { - .valid = 1, + .value = 0x001b, .name = SSL3_TXT_ADH_DES_192_CBC_SHA, - .id = SSL3_CK_ADH_DES_192_CBC_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_3DES, @@ -305,14 +284,11 @@ const SSL_CIPHER ssl3_ciphers[] = { }, /* - * AES ciphersuites. + * TLSv1.0 AES cipher suites (RFC 3268). */ - - /* Cipher 2F */ { - .valid = 1, + .value = 0x002f, .name = TLS1_TXT_RSA_WITH_AES_128_SHA, - .id = TLS1_CK_RSA_WITH_AES_128_SHA, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES128, @@ -323,12 +299,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 33 */ { - .valid = 1, + .value = 0x0033, .name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, - .id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES128, @@ -339,12 +312,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 34 */ { - .valid = 1, + .value = 0x0034, .name = TLS1_TXT_ADH_WITH_AES_128_SHA, - .id = TLS1_CK_ADH_WITH_AES_128_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_AES128, @@ -355,12 +325,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 35 */ { - .valid = 1, + .value = 0x0035, .name = TLS1_TXT_RSA_WITH_AES_256_SHA, - .id = TLS1_CK_RSA_WITH_AES_256_SHA, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES256, @@ -371,12 +338,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher 39 */ { - .valid = 1, + .value = 0x0039, .name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, - .id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES256, @@ -387,12 +351,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher 3A */ { - .valid = 1, + .value = 0x003a, .name = TLS1_TXT_ADH_WITH_AES_256_SHA, - .id = TLS1_CK_ADH_WITH_AES_256_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_AES256, @@ -404,12 +365,12 @@ const SSL_CIPHER ssl3_ciphers[] = { .alg_bits = 256, }, - /* TLS v1.2 ciphersuites */ - /* Cipher 3B */ + /* + * TLSv1.2 RSA cipher suites (RFC 5246, appendix A.5). + */ { - .valid = 1, + .value = 0x003b, .name = TLS1_TXT_RSA_WITH_NULL_SHA256, - .id = TLS1_CK_RSA_WITH_NULL_SHA256, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_eNULL, @@ -420,12 +381,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 0, .alg_bits = 0, }, - - /* Cipher 3C */ { - .valid = 1, + .value = 0x003c, .name = TLS1_TXT_RSA_WITH_AES_128_SHA256, - .id = TLS1_CK_RSA_WITH_AES_128_SHA256, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES128, @@ -436,12 +394,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 3D */ { - .valid = 1, + .value = 0x003d, .name = TLS1_TXT_RSA_WITH_AES_256_SHA256, - .id = TLS1_CK_RSA_WITH_AES_256_SHA256, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES256, @@ -454,13 +409,12 @@ const SSL_CIPHER ssl3_ciphers[] = { }, #ifndef OPENSSL_NO_CAMELLIA - /* Camellia ciphersuites from RFC4132 (128-bit portion) */ - - /* Cipher 41 */ + /* + * TLSv1.0 Camellia 128 bit cipher suites (RFC 4132). + */ { - .valid = 1, + .value = 0x0041, .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, - .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CAMELLIA128, @@ -471,12 +425,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 45 */ { - .valid = 1, + .value = 0x0045, .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, - .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CAMELLIA128, @@ -487,12 +438,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 46 */ { - .valid = 1, + .value = 0x0046, .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, - .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_CAMELLIA128, @@ -505,12 +453,12 @@ const SSL_CIPHER ssl3_ciphers[] = { }, #endif /* OPENSSL_NO_CAMELLIA */ - /* TLS v1.2 ciphersuites */ - /* Cipher 67 */ + /* + * TLSv1.2 DHE cipher suites (RFC 5246, appendix A.5). + */ { - .valid = 1, + .value = 0x0067, .name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, - .id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES128, @@ -521,12 +469,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 6B */ { - .valid = 1, + .value = 0x006b, .name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, - .id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES256, @@ -537,12 +482,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher 6C */ { - .valid = 1, + .value = 0x006c, .name = TLS1_TXT_ADH_WITH_AES_128_SHA256, - .id = TLS1_CK_ADH_WITH_AES_128_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_AES128, @@ -553,12 +495,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 6D */ { - .valid = 1, + .value = 0x006d, .name = TLS1_TXT_ADH_WITH_AES_256_SHA256, - .id = TLS1_CK_ADH_WITH_AES_256_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_AES256, @@ -571,13 +510,12 @@ const SSL_CIPHER ssl3_ciphers[] = { }, #ifndef OPENSSL_NO_CAMELLIA - /* Camellia ciphersuites from RFC4132 (256-bit portion) */ - - /* Cipher 84 */ + /* + * TLSv1.0 Camellia 256 bit cipher suites (RFC 4132). + */ { - .valid = 1, + .value = 0x0084, .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, - .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CAMELLIA256, @@ -588,12 +526,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher 88 */ { - .valid = 1, + .value = 0x0088, .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, - .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CAMELLIA256, @@ -604,12 +539,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher 89 */ { - .valid = 1, + .value = 0x0089, .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, - .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_CAMELLIA256, @@ -623,14 +555,11 @@ const SSL_CIPHER ssl3_ciphers[] = { #endif /* OPENSSL_NO_CAMELLIA */ /* - * GCM ciphersuites from RFC5288. + * TLSv1.2 AES GCM cipher suites (RFC 5288). */ - - /* Cipher 9C */ { - .valid = 1, + .value = 0x009c, .name = TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, - .id = TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES128GCM, @@ -641,12 +570,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 9D */ { - .valid = 1, + .value = 0x009d, .name = TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, - .id = TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES256GCM, @@ -657,12 +583,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher 9E */ { - .valid = 1, + .value = 0x009e, .name = TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, - .id = TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES128GCM, @@ -673,12 +596,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 9F */ { - .valid = 1, + .value = 0x009f, .name = TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, - .id = TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES256GCM, @@ -689,12 +609,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher A6 */ { - .valid = 1, + .value = 0x00a6, .name = TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, - .id = TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_AES128GCM, @@ -705,12 +622,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher A7 */ { - .valid = 1, + .value = 0x00a7, .name = TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, - .id = TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_AES256GCM, @@ -723,13 +637,12 @@ const SSL_CIPHER ssl3_ciphers[] = { }, #ifndef OPENSSL_NO_CAMELLIA - /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ - - /* Cipher BA */ + /* + * TLSv1.2 Camellia SHA-256 cipher suites (RFC 5932). + */ { - .valid = 1, + .value = 0x00ba, .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256, - .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CAMELLIA128, @@ -740,12 +653,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher BE */ { - .valid = 1, + .value = 0x000be, .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, - .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CAMELLIA128, @@ -756,12 +666,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher BF */ { - .valid = 1, + .value = 0x00bf, .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256, - .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_CAMELLIA128, @@ -772,12 +679,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C0 */ { - .valid = 1, + .value = 0x00c0, .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256, - .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256, .algorithm_mkey = SSL_kRSA, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CAMELLIA256, @@ -788,12 +692,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher C4 */ { - .valid = 1, + .value = 0x00c4, .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, - .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CAMELLIA256, @@ -804,12 +705,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher C5 */ { - .valid = 1, + .value = 0x00c5, .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256, - .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_CAMELLIA256, @@ -822,16 +720,13 @@ const SSL_CIPHER ssl3_ciphers[] = { }, #endif /* OPENSSL_NO_CAMELLIA */ +#ifdef LIBRESSL_HAS_TLS1_3 /* - * TLSv1.3 cipher suites. + * TLSv1.3 cipher suites (RFC 8446). */ - -#ifdef LIBRESSL_HAS_TLS1_3 - /* Cipher 1301 */ { - .valid = 1, + .value = 0x1301, .name = TLS1_3_RFC_AES_128_GCM_SHA256, - .id = TLS1_3_CK_AES_128_GCM_SHA256, .algorithm_mkey = SSL_kTLS1_3, .algorithm_auth = SSL_aTLS1_3, .algorithm_enc = SSL_AES128GCM, @@ -842,12 +737,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher 1302 */ { - .valid = 1, + .value = 0x1302, .name = TLS1_3_RFC_AES_256_GCM_SHA384, - .id = TLS1_3_CK_AES_256_GCM_SHA384, .algorithm_mkey = SSL_kTLS1_3, .algorithm_auth = SSL_aTLS1_3, .algorithm_enc = SSL_AES256GCM, @@ -858,12 +750,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher 1303 */ { - .valid = 1, + .value = 0x1303, .name = TLS1_3_RFC_CHACHA20_POLY1305_SHA256, - .id = TLS1_3_CK_CHACHA20_POLY1305_SHA256, .algorithm_mkey = SSL_kTLS1_3, .algorithm_auth = SSL_aTLS1_3, .algorithm_enc = SSL_CHACHA20POLY1305, @@ -876,11 +765,12 @@ const SSL_CIPHER ssl3_ciphers[] = { }, #endif - /* Cipher C006 */ + /* + * TLSv1.0 Elliptic Curve cipher suites (RFC 4492, section 6). + */ { - .valid = 1, + .value = 0xc006, .name = TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, - .id = TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_eNULL, @@ -891,12 +781,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 0, .alg_bits = 0, }, - - /* Cipher C007 */ { - .valid = 1, + .value = 0xc007, .name = TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, - .id = TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_RC4, @@ -907,12 +794,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C008 */ { - .valid = 1, + .value = 0xc008, .name = TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, - .id = TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_3DES, @@ -923,12 +807,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 112, .alg_bits = 168, }, - - /* Cipher C009 */ { - .valid = 1, + .value = 0xc009, .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_AES128, @@ -939,12 +820,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C00A */ { - .valid = 1, + .value = 0xc00a, .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_AES256, @@ -955,12 +833,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher C010 */ { - .valid = 1, + .value = 0xc010, .name = TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, - .id = TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_eNULL, @@ -971,12 +846,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 0, .alg_bits = 0, }, - - /* Cipher C011 */ { - .valid = 1, + .value = 0xc011, .name = TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, - .id = TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_RC4, @@ -987,12 +859,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C012 */ { - .valid = 1, + .value = 0xc012, .name = TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, - .id = TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_3DES, @@ -1003,12 +872,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 112, .alg_bits = 168, }, - - /* Cipher C013 */ { - .valid = 1, + .value = 0xc013, .name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, - .id = TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES128, @@ -1019,12 +885,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C014 */ { - .valid = 1, + .value = 0xc014, .name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, - .id = TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES256, @@ -1035,12 +898,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher C015 */ { - .valid = 1, + .value = 0xc015, .name = TLS1_TXT_ECDH_anon_WITH_NULL_SHA, - .id = TLS1_CK_ECDH_anon_WITH_NULL_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_eNULL, @@ -1051,12 +911,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 0, .alg_bits = 0, }, - - /* Cipher C016 */ { - .valid = 1, + .value = 0xc016, .name = TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, - .id = TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_RC4, @@ -1067,12 +924,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C017 */ { - .valid = 1, + .value = 0xc017, .name = TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, - .id = TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_3DES, @@ -1083,12 +937,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 112, .alg_bits = 168, }, - - /* Cipher C018 */ { - .valid = 1, + .value = 0xc018, .name = TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, - .id = TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_AES128, @@ -1099,12 +950,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C019 */ { - .valid = 1, + .value = 0xc019, .name = TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, - .id = TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aNULL, .algorithm_enc = SSL_AES256, @@ -1116,14 +964,12 @@ const SSL_CIPHER ssl3_ciphers[] = { .alg_bits = 256, }, - - /* HMAC based TLS v1.2 ciphersuites from RFC5289 */ - - /* Cipher C023 */ + /* + * TLSv1.2 Elliptic Curve HMAC cipher suites (RFC 5289, section 3.1). + */ { - .valid = 1, + .value = 0xc023, .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, - .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_AES128, @@ -1134,12 +980,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C024 */ { - .valid = 1, + .value = 0xc024, .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, - .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_AES256, @@ -1150,12 +993,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher C027 */ { - .valid = 1, + .value = 0xc027, .name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, - .id = TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES128, @@ -1166,12 +1006,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C028 */ { - .valid = 1, + .value = 0xc028, .name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, - .id = TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES256, @@ -1183,13 +1020,12 @@ const SSL_CIPHER ssl3_ciphers[] = { .alg_bits = 256, }, - /* GCM based TLS v1.2 ciphersuites from RFC5289 */ - - /* Cipher C02B */ + /* + * TLSv1.2 Elliptic Curve GCM cipher suites (RFC 5289, section 3.2). + */ { - .valid = 1, + .value = 0xc02b, .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_AES128GCM, @@ -1200,12 +1036,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C02C */ { - .valid = 1, + .value = 0xc02c, .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_AES256GCM, @@ -1216,12 +1049,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher C02F */ { - .valid = 1, + .value = 0xc02f, .name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - .id = TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES128GCM, @@ -1232,12 +1062,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 128, .alg_bits = 128, }, - - /* Cipher C030 */ { - .valid = 1, + .value = 0xc030, .name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - .id = TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_AES256GCM, @@ -1249,11 +1076,12 @@ const SSL_CIPHER ssl3_ciphers[] = { .alg_bits = 256, }, - /* Cipher CCA8 */ + /* + * TLSv1.2 ChaCha20-Poly1305 cipher suites (RFC 7905). + */ { - .valid = 1, + .value = 0xcca8, .name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, - .id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CHACHA20POLY1305, @@ -1264,12 +1092,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher CCA9 */ { - .valid = 1, + .value = 0xcca9, .name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, - .id = TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305, .algorithm_mkey = SSL_kECDHE, .algorithm_auth = SSL_aECDSA, .algorithm_enc = SSL_CHACHA20POLY1305, @@ -1280,12 +1105,9 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* Cipher CCAA */ { - .valid = 1, + .value = 0xccaa, .name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305, - .id = TLS1_CK_DHE_RSA_CHACHA20_POLY1305, .algorithm_mkey = SSL_kDHE, .algorithm_auth = SSL_aRSA, .algorithm_enc = SSL_CHACHA20POLY1305, @@ -1296,8 +1118,6 @@ const SSL_CIPHER ssl3_ciphers[] = { .strength_bits = 256, .alg_bits = 256, }, - - /* end of list */ }; int @@ -1316,37 +1136,19 @@ ssl3_get_cipher(unsigned int u) } static int -ssl3_cipher_id_cmp(const void *id, const void *cipher) +ssl3_cipher_value_cmp(const void *value, const void *cipher) { - unsigned long a = *(const unsigned long *)id; - unsigned long b = ((const SSL_CIPHER *)cipher)->id; + uint16_t a = *(const uint16_t *)value; + uint16_t b = ((const SSL_CIPHER *)cipher)->value; return a < b ? -1 : a > b; } -const SSL_CIPHER * -ssl3_get_cipher_by_id(unsigned long id) -{ - const SSL_CIPHER *cipher; - - cipher = bsearch(&id, ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(*cipher), - ssl3_cipher_id_cmp); - if (cipher != NULL && cipher->valid == 1) - return cipher; - - return NULL; -} - const SSL_CIPHER * ssl3_get_cipher_by_value(uint16_t value) { - return ssl3_get_cipher_by_id(SSL3_CK_ID | value); -} - -uint16_t -ssl3_cipher_get_value(const SSL_CIPHER *c) -{ - return (c->id & SSL3_CK_VALUE_MASK); + return bsearch(&value, ssl3_ciphers, SSL3_NUM_CIPHERS, + sizeof(ssl3_ciphers[0]), ssl3_cipher_value_cmp); } int diff --git a/lib/libssl/ssl_asn1.c b/lib/libssl/ssl_asn1.c index ef34cbdb04b..fcf4631a594 100644 --- a/lib/libssl/ssl_asn1.c +++ b/lib/libssl/ssl_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_asn1.c,v 1.68 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: ssl_asn1.c,v 1.69 2024/07/22 14:47:15 jsing Exp $ */ /* * Copyright (c) 2016 Joel Sing * @@ -51,7 +51,6 @@ SSL_SESSION_encode(SSL_SESSION *s, unsigned char **out, size_t *out_len, CBB peer_cert, sidctx, verify_result, hostname, lifetime, ticket, value; unsigned char *peer_cert_bytes = NULL; int len, rv = 0; - uint16_t cid; if (!CBB_init(&cbb, 0)) goto err; @@ -69,11 +68,10 @@ SSL_SESSION_encode(SSL_SESSION *s, unsigned char **out, size_t *out_len, if (!CBB_add_asn1_uint64(&session, s->ssl_version)) goto err; - /* Cipher suite ID. */ - cid = (uint16_t)(s->cipher_id & SSL3_CK_VALUE_MASK); + /* Cipher suite value. */ if (!CBB_add_asn1(&session, &cipher_suite, CBS_ASN1_OCTETSTRING)) goto err; - if (!CBB_add_u16(&cipher_suite, cid)) + if (!CBB_add_u16(&cipher_suite, s->cipher_value)) goto err; /* Session ID - zero length for a ticket. */ @@ -193,7 +191,7 @@ SSL_SESSION_ticket(SSL_SESSION *ss, unsigned char **out, size_t *out_len) if (ss == NULL) return 0; - if (ss->cipher_id == 0) + if (ss->cipher_value == 0) return 0; return SSL_SESSION_encode(ss, out, out_len, 1); @@ -209,7 +207,7 @@ i2d_SSL_SESSION(SSL_SESSION *ss, unsigned char **pp) if (ss == NULL) return 0; - if (ss->cipher_id == 0) + if (ss->cipher_value == 0) return 0; if (!SSL_SESSION_encode(ss, &data, &data_len, 0)) @@ -244,7 +242,6 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length) CBS hostname, ticket; uint64_t version, tls_version, stime, timeout, verify_result, lifetime; const unsigned char *peer_cert_bytes; - uint16_t cipher_value; SSL_SESSION *s = NULL; size_t data_len; int present; @@ -277,14 +274,13 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length) goto err; s->ssl_version = (int)tls_version; - /* Cipher suite. */ + /* Cipher suite value. */ if (!CBS_get_asn1(&session, &cipher_suite, CBS_ASN1_OCTETSTRING)) goto err; - if (!CBS_get_u16(&cipher_suite, &cipher_value)) + if (!CBS_get_u16(&cipher_suite, &s->cipher_value)) goto err; if (CBS_len(&cipher_suite) != 0) goto err; - s->cipher_id = SSL3_CK_ID | cipher_value; /* Session ID. */ if (!CBS_get_asn1(&session, &session_id, CBS_ASN1_OCTETSTRING)) diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index 7c32354902b..dce141101d4 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_ciph.c,v 1.145 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: ssl_ciph.c,v 1.146 2024/07/22 14:47:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -373,21 +373,18 @@ static const SSL_CIPHER cipher_aliases[] = { /* cipher suite aliases */ #ifdef LIBRESSL_HAS_TLS1_3 { - .valid = 1, + .value = 0x1301, .name = "TLS_AES_128_GCM_SHA256", - .id = TLS1_3_CK_AES_128_GCM_SHA256, .algorithm_ssl = SSL_TLSV1_3, }, { - .valid = 1, + .value = 0x1302, .name = "TLS_AES_256_GCM_SHA384", - .id = TLS1_3_CK_AES_256_GCM_SHA384, .algorithm_ssl = SSL_TLSV1_3, }, { - .valid = 1, + .value = 0x1303, .name = "TLS_CHACHA20_POLY1305_SHA256", - .id = TLS1_3_CK_CHACHA20_POLY1305_SHA256, .algorithm_ssl = SSL_TLSV1_3, }, #endif @@ -619,7 +616,7 @@ ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers, * Drop any invalid ciphers and any which use unavailable * algorithms. */ - if ((c != NULL) && c->valid && + if ((c != NULL) && !(c->algorithm_mkey & disabled_mkey) && !(c->algorithm_auth & disabled_auth) && !(c->algorithm_enc & disabled_enc) && @@ -725,7 +722,7 @@ ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, int num_of_group_aliases, } static void -ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long alg_mkey, +ssl_cipher_apply_rule(uint16_t cipher_value, unsigned long alg_mkey, unsigned long alg_auth, unsigned long alg_enc, unsigned long alg_mac, unsigned long alg_ssl, unsigned long algo_strength, int rule, int strength_bits, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) @@ -757,7 +754,7 @@ ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long alg_mkey, cp = curr->cipher; - if (cipher_id && cp->id != cipher_id) + if (cipher_value != 0 && cp->value != cipher_value) continue; /* @@ -882,7 +879,7 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p, unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl; unsigned long algo_strength; int j, multi, found, rule, retval, ok, buflen; - unsigned long cipher_id = 0; + uint16_t cipher_value = 0; const char *l, *buf; char ch; @@ -974,7 +971,7 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p, * '\0' terminated.) */ j = found = 0; - cipher_id = 0; + cipher_value = 0; while (ca_list[j]) { if (!strncmp(buf, ca_list[j]->name, buflen) && (ca_list[j]->name[buflen] == '\0')) { @@ -1047,13 +1044,13 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p, SSL_STRONG_MASK; } - if (ca_list[j]->valid) { + if (ca_list[j]->value != 0) { /* * explicit ciphersuite found; its protocol * version does not become part of the search * pattern! */ - cipher_id = ca_list[j]->id; + cipher_value = ca_list[j]->value; if (ca_list[j]->algorithm_ssl == SSL_TLSV1_3) *tls13_seen = 1; } else { @@ -1109,7 +1106,7 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p, } else if (found) { if (alg_ssl == SSL_TLSV1_3) *tls13_seen = 1; - ssl_cipher_apply_rule(cipher_id, alg_mkey, alg_auth, + ssl_cipher_apply_rule(cipher_value, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength, rule, -1, head_p, tail_p); } else { @@ -1470,24 +1467,23 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) LSSL_ALIAS(SSL_CIPHER_description); const char * -SSL_CIPHER_get_version(const SSL_CIPHER *c) +SSL_CIPHER_get_version(const SSL_CIPHER *cipher) { - if (c == NULL) - return("(NONE)"); - if ((c->id >> 24) == 3) - return("TLSv1/SSLv3"); - else - return("unknown"); + if (cipher == NULL) + return "(NONE)"; + + return "TLSv1/SSLv3"; } LSSL_ALIAS(SSL_CIPHER_get_version); /* return the actual cipher being used */ const char * -SSL_CIPHER_get_name(const SSL_CIPHER *c) +SSL_CIPHER_get_name(const SSL_CIPHER *cipher) { - if (c != NULL) - return (c->name); - return("(NONE)"); + if (cipher == NULL) + return "(NONE)"; + + return cipher->name; } LSSL_ALIAS(SSL_CIPHER_get_name); @@ -1507,16 +1503,16 @@ SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits) LSSL_ALIAS(SSL_CIPHER_get_bits); unsigned long -SSL_CIPHER_get_id(const SSL_CIPHER *c) +SSL_CIPHER_get_id(const SSL_CIPHER *cipher) { - return c->id; + return SSL3_CK_ID | cipher->value; } LSSL_ALIAS(SSL_CIPHER_get_id); uint16_t -SSL_CIPHER_get_value(const SSL_CIPHER *c) +SSL_CIPHER_get_value(const SSL_CIPHER *cipher) { - return ssl3_cipher_get_value(c); + return cipher->value; } LSSL_ALIAS(SSL_CIPHER_get_value); diff --git a/lib/libssl/ssl_ciphers.c b/lib/libssl/ssl_ciphers.c index 4ec1b099bc0..503ef9d03cd 100644 --- a/lib/libssl/ssl_ciphers.c +++ b/lib/libssl/ssl_ciphers.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_ciphers.c,v 1.17 2022/11/26 16:08:55 tb Exp $ */ +/* $OpenBSD: ssl_ciphers.c,v 1.18 2024/07/22 14:47:15 jsing Exp $ */ /* * Copyright (c) 2015-2017 Doug Hogan * Copyright (c) 2015-2018, 2020 Joel Sing @@ -28,7 +28,7 @@ ssl_cipher_in_list(STACK_OF(SSL_CIPHER) *ciphers, const SSL_CIPHER *cipher) int i; for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { - if (sk_SSL_CIPHER_value(ciphers, i)->id == cipher->id) + if (sk_SSL_CIPHER_value(ciphers, i)->value == cipher->value) return 1; } @@ -72,7 +72,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb) continue; if (!ssl_security_cipher_check(s, cipher)) continue; - if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher))) + if (!CBB_add_u16(cbb, cipher->value)) return 0; num_ciphers++; @@ -165,34 +165,34 @@ ssl_bytes_to_cipher_list(SSL *s, CBS *cbs) struct ssl_tls13_ciphersuite { const char *name; const char *alias; - unsigned long cid; + uint16_t value; }; static const struct ssl_tls13_ciphersuite ssl_tls13_ciphersuites[] = { { .name = TLS1_3_RFC_AES_128_GCM_SHA256, .alias = TLS1_3_TXT_AES_128_GCM_SHA256, - .cid = TLS1_3_CK_AES_128_GCM_SHA256, + .value = 0x1301, }, { .name = TLS1_3_RFC_AES_256_GCM_SHA384, .alias = TLS1_3_TXT_AES_256_GCM_SHA384, - .cid = TLS1_3_CK_AES_256_GCM_SHA384, + .value = 0x1302, }, { .name = TLS1_3_RFC_CHACHA20_POLY1305_SHA256, .alias = TLS1_3_TXT_CHACHA20_POLY1305_SHA256, - .cid = TLS1_3_CK_CHACHA20_POLY1305_SHA256, + .value = 0x1303, }, { .name = TLS1_3_RFC_AES_128_CCM_SHA256, .alias = TLS1_3_TXT_AES_128_CCM_SHA256, - .cid = TLS1_3_CK_AES_128_CCM_SHA256, + .value = 0x1304, }, { .name = TLS1_3_RFC_AES_128_CCM_8_SHA256, .alias = TLS1_3_TXT_AES_128_CCM_8_SHA256, - .cid = TLS1_3_CK_AES_128_CCM_8_SHA256, + .value = 0x1305, }, { .name = NULL, @@ -234,7 +234,7 @@ ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str) goto err; /* We know about the cipher suite, but it is not supported. */ - if ((cipher = ssl3_get_cipher_by_id(ciphersuite->cid)) == NULL) + if ((cipher = ssl3_get_cipher_by_value(ciphersuite->value)) == NULL) continue; if (!sk_SSL_CIPHER_push(ciphers, cipher)) diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c index 7b2e05d23d2..593ed553d30 100644 --- a/lib/libssl/ssl_clnt.c +++ b/lib/libssl/ssl_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_clnt.c,v 1.167 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: ssl_clnt.c,v 1.168 2024/07/22 14:47:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -481,7 +481,7 @@ ssl3_connect(SSL *s) s->s3->hs.state = SSL3_ST_CW_FINISHED_A; s->init_num = 0; - s->session->cipher_id = s->s3->hs.cipher->id; + s->session->cipher_value = s->s3->hs.cipher->value; if (!tls1_setup_key_block(s)) { ret = -1; @@ -1016,13 +1016,13 @@ ssl3_get_server_hello(SSL *s) * and/or cipher_id values may not be set. Make sure that * cipher_id is set and use it for comparison. */ - if (s->hit && (s->session->cipher_id != cipher->id)) { + if (s->hit && (s->session->cipher_value != cipher->value)) { al = SSL_AD_ILLEGAL_PARAMETER; SSLerror(s, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); goto fatal_err; } s->s3->hs.cipher = cipher; - s->session->cipher_id = cipher->id; + s->session->cipher_value = cipher->value; if (!tls1_transcript_hash_init(s)) goto err; diff --git a/lib/libssl/ssl_local.h b/lib/libssl/ssl_local.h index 79f41e6dc36..34197e5920d 100644 --- a/lib/libssl/ssl_local.h +++ b/lib/libssl/ssl_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_local.h,v 1.21 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: ssl_local.h,v 1.22 2024/07/22 14:47:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -339,9 +339,9 @@ struct ssl_comp_st { }; struct ssl_cipher_st { - int valid; + uint16_t value; /* Cipher suite value. */ + const char *name; /* text name */ - unsigned long id; /* id, 4 bytes, first is version */ unsigned long algorithm_mkey; /* key exchange algorithm */ unsigned long algorithm_auth; /* server authentication */ @@ -438,9 +438,7 @@ struct ssl_session_st { time_t time; int references; - unsigned long cipher_id; /* when ASN.1 loaded, this - * needs to be used to load - * the 'cipher' structure */ + uint16_t cipher_value; char *tlsext_hostname; @@ -1293,9 +1291,7 @@ int ssl3_get_req_cert_types(SSL *s, CBB *cbb); int ssl3_get_message(SSL *s, int st1, int stn, int mt, long max); int ssl3_num_ciphers(void); const SSL_CIPHER *ssl3_get_cipher(unsigned int u); -const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned long id); const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value); -uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c); int ssl3_renegotiate(SSL *ssl); int ssl3_renegotiate_check(SSL *ssl); diff --git a/lib/libssl/ssl_pkt.c b/lib/libssl/ssl_pkt.c index 7d6785a3de0..740fe97192e 100644 --- a/lib/libssl/ssl_pkt.c +++ b/lib/libssl/ssl_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_pkt.c,v 1.67 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: ssl_pkt.c,v 1.68 2024/07/22 14:47:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1235,7 +1235,7 @@ ssl3_do_change_cipher_spec(SSL *s) return (0); } - s->session->cipher_id = s->s3->hs.cipher->id; + s->session->cipher_value = s->s3->hs.cipher->value; if (!tls1_setup_key_block(s)) return (0); diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c index c2bd1bf1351..5aea990278c 100644 --- a/lib/libssl/ssl_sess.c +++ b/lib/libssl/ssl_sess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sess.c,v 1.127 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: ssl_sess.c,v 1.128 2024/07/22 14:47:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -287,7 +287,7 @@ ssl_session_dup(SSL_SESSION *sess, int include_ticket) copy->time = sess->time; copy->references = 1; - copy->cipher_id = sess->cipher_id; + copy->cipher_value = sess->cipher_value; if (sess->tlsext_hostname != NULL) { copy->tlsext_hostname = strdup(sess->tlsext_hostname); @@ -984,7 +984,7 @@ LSSL_ALIAS(SSL_SESSION_get_protocol_version); const SSL_CIPHER * SSL_SESSION_get0_cipher(const SSL_SESSION *s) { - return ssl3_get_cipher_by_id(s->cipher_id); + return ssl3_get_cipher_by_value(s->cipher_value); } LSSL_ALIAS(SSL_SESSION_get0_cipher); diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c index be6bd7402ca..302b6bdf0f9 100644 --- a/lib/libssl/ssl_srvr.c +++ b/lib/libssl/ssl_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_srvr.c,v 1.164 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: ssl_srvr.c,v 1.165 2024/07/22 14:47:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -651,7 +651,7 @@ ssl3_accept(SSL *s) goto end; s->s3->hs.state = SSL3_ST_SW_FINISHED_A; s->init_num = 0; - s->session->cipher_id = s->s3->hs.cipher->id; + s->session->cipher_value = s->s3->hs.cipher->value; if (!tls1_setup_key_block(s)) { ret = -1; @@ -781,7 +781,6 @@ ssl3_get_client_hello(SSL *s) uint8_t comp_method; int comp_null; int i, j, al, ret, cookie_valid = 0; - unsigned long id; SSL_CIPHER *c; STACK_OF(SSL_CIPHER) *ciphers = NULL; const SSL_METHOD *method; @@ -978,11 +977,10 @@ ssl3_get_client_hello(SSL *s) /* XXX - CBS_len(&cipher_suites) will always be zero here... */ if (s->hit && CBS_len(&cipher_suites) > 0) { j = 0; - id = s->session->cipher_id; for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { c = sk_SSL_CIPHER_value(ciphers, i); - if (c->id == id) { + if (c->value == s->session->cipher_value) { j = 1; break; } @@ -1127,9 +1125,9 @@ ssl3_get_client_hello(SSL *s) goto fatal_err; } s->s3->hs.cipher = c; - s->session->cipher_id = s->s3->hs.cipher->id; + s->session->cipher_value = s->s3->hs.cipher->value; } else { - s->s3->hs.cipher = ssl3_get_cipher_by_id(s->session->cipher_id); + s->s3->hs.cipher = ssl3_get_cipher_by_value(s->session->cipher_value); if (s->s3->hs.cipher == NULL) goto fatal_err; } @@ -1269,8 +1267,7 @@ ssl3_send_server_hello(SSL *s) goto err; /* Cipher suite. */ - if (!CBB_add_u16(&server_hello, - ssl3_cipher_get_value(s->s3->hs.cipher))) + if (!CBB_add_u16(&server_hello, s->s3->hs.cipher->value)) goto err; /* Compression method (null). */ diff --git a/lib/libssl/ssl_txt.c b/lib/libssl/ssl_txt.c index 26b631d5abb..4ed76c95ab6 100644 --- a/lib/libssl/ssl_txt.c +++ b/lib/libssl/ssl_txt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_txt.c,v 1.38 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: ssl_txt.c,v 1.39 2024/07/22 14:47:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -122,9 +122,9 @@ SSL_SESSION_print(BIO *bp, const SSL_SESSION *x) ssl_version_string(x->ssl_version)) <= 0) goto err; - if ((cipher = ssl3_get_cipher_by_id(x->cipher_id)) == NULL) { - if (BIO_printf(bp, " Cipher : %04lX\n", - x->cipher_id & SSL3_CK_VALUE_MASK) <= 0) + if ((cipher = ssl3_get_cipher_by_value(x->cipher_value)) == NULL) { + if (BIO_printf(bp, " Cipher : %04X\n", + x->cipher_value) <= 0) goto err; } else { const char *cipher_name = "unknown"; diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c index 8f6894fd888..901b38f860e 100644 --- a/lib/libssl/tls13_client.c +++ b/lib/libssl/tls13_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_client.c,v 1.103 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: tls13_client.c,v 1.104 2024/07/22 14:47:15 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -347,7 +347,7 @@ tls13_client_engage_record_protection(struct tls13_ctx *ctx) &shared_key_len)) goto err; - s->session->cipher_id = ctx->hs->cipher->id; + s->session->cipher_value = ctx->hs->cipher->value; s->session->ssl_version = ctx->hs->tls13.server_version; if ((ctx->aead = tls13_cipher_aead(ctx->hs->cipher)) == NULL) diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c index 6bd2993cf3a..63b7d920931 100644 --- a/lib/libssl/tls13_server.c +++ b/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.108 2024/07/20 04:04:23 jsing Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.109 2024/07/22 14:47:15 jsing Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing * Copyright (c) 2020 Bob Beck @@ -383,7 +383,7 @@ tls13_server_engage_record_protection(struct tls13_ctx *ctx) &shared_key_len)) goto err; - s->session->cipher_id = ctx->hs->cipher->id; + s->session->cipher_value = ctx->hs->cipher->value; if ((ctx->aead = tls13_cipher_aead(ctx->hs->cipher)) == NULL) goto err;