OLD | NEW |
| (Empty) |
1 /* ssl/s2_lib.c */ | |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | |
3 * All rights reserved. | |
4 * | |
5 * This package is an SSL implementation written | |
6 * by Eric Young (eay@cryptsoft.com). | |
7 * The implementation was written so as to conform with Netscapes SSL. | |
8 * | |
9 * This library is free for commercial and non-commercial use as long as | |
10 * the following conditions are aheared to. The following conditions | |
11 * apply to all code found in this distribution, be it the RC4, RSA, | |
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 * included with this distribution is covered by the same copyright terms | |
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 * | |
16 * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 * the code are not to be removed. | |
18 * If this package is used in a product, Eric Young should be given attribution | |
19 * as the author of the parts of the library used. | |
20 * This can be in the form of a textual message at program startup or | |
21 * in documentation (online or textual) provided with the package. | |
22 * | |
23 * Redistribution and use in source and binary forms, with or without | |
24 * modification, are permitted provided that the following conditions | |
25 * are met: | |
26 * 1. Redistributions of source code must retain the copyright | |
27 * notice, this list of conditions and the following disclaimer. | |
28 * 2. Redistributions in binary form must reproduce the above copyright | |
29 * notice, this list of conditions and the following disclaimer in the | |
30 * documentation and/or other materials provided with the distribution. | |
31 * 3. All advertising materials mentioning features or use of this software | |
32 * must display the following acknowledgement: | |
33 * "This product includes cryptographic software written by | |
34 * Eric Young (eay@cryptsoft.com)" | |
35 * The word 'cryptographic' can be left out if the rouines from the library | |
36 * being used are not cryptographic related :-). | |
37 * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 * the apps directory (application code) you must include an acknowledgement: | |
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 * | |
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 * SUCH DAMAGE. | |
52 * | |
53 * The licence and distribution terms for any publically available version or | |
54 * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 * copied and put under another distribution licence | |
56 * [including the GNU Public Licence.] | |
57 */ | |
58 /* ==================================================================== | |
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. | |
60 * | |
61 * Redistribution and use in source and binary forms, with or without | |
62 * modification, are permitted provided that the following conditions | |
63 * are met: | |
64 * | |
65 * 1. Redistributions of source code must retain the above copyright | |
66 * notice, this list of conditions and the following disclaimer. | |
67 * | |
68 * 2. Redistributions in binary form must reproduce the above copyright | |
69 * notice, this list of conditions and the following disclaimer in | |
70 * the documentation and/or other materials provided with the | |
71 * distribution. | |
72 * | |
73 * 3. All advertising materials mentioning features or use of this | |
74 * software must display the following acknowledgment: | |
75 * "This product includes software developed by the OpenSSL Project | |
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | |
77 * | |
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
79 * endorse or promote products derived from this software without | |
80 * prior written permission. For written permission, please contact | |
81 * openssl-core@openssl.org. | |
82 * | |
83 * 5. Products derived from this software may not be called "OpenSSL" | |
84 * nor may "OpenSSL" appear in their names without prior written | |
85 * permission of the OpenSSL Project. | |
86 * | |
87 * 6. Redistributions of any form whatsoever must retain the following | |
88 * acknowledgment: | |
89 * "This product includes software developed by the OpenSSL Project | |
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | |
91 * | |
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
103 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
104 * ==================================================================== | |
105 * | |
106 * This product includes cryptographic software written by Eric Young | |
107 * (eay@cryptsoft.com). This product includes software written by Tim | |
108 * Hudson (tjh@cryptsoft.com). | |
109 * | |
110 */ | |
111 | |
112 #include "ssl_locl.h" | |
113 #ifndef OPENSSL_NO_SSL2 | |
114 #include <stdio.h> | |
115 #include <openssl/objects.h> | |
116 #include <openssl/evp.h> | |
117 #include <openssl/md5.h> | |
118 | |
119 const char ssl2_version_str[]="SSLv2" OPENSSL_VERSION_PTEXT; | |
120 | |
121 #define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER)) | |
122 | |
123 /* list of available SSLv2 ciphers (sorted by id) */ | |
124 OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={ | |
125 #if 0 | |
126 /* NULL_WITH_MD5 v3 */ | |
127 { | |
128 1, | |
129 SSL2_TXT_NULL_WITH_MD5, | |
130 SSL2_CK_NULL_WITH_MD5, | |
131 SSL_kRSA, | |
132 SSL_aRSA, | |
133 SSL_eNULL, | |
134 SSL_MD5, | |
135 SSL_SSLV2, | |
136 SSL_EXPORT|SSL_EXP40|SSL_STRONG_NONE, | |
137 0, | |
138 0, | |
139 0, | |
140 }, | |
141 #endif | |
142 | |
143 /* RC4_128_WITH_MD5 */ | |
144 { | |
145 1, | |
146 SSL2_TXT_RC4_128_WITH_MD5, | |
147 SSL2_CK_RC4_128_WITH_MD5, | |
148 SSL_kRSA, | |
149 SSL_aRSA, | |
150 SSL_RC4, | |
151 SSL_MD5, | |
152 SSL_SSLV2, | |
153 SSL_NOT_EXP|SSL_MEDIUM, | |
154 0, | |
155 128, | |
156 128, | |
157 }, | |
158 | |
159 /* RC4_128_EXPORT40_WITH_MD5 */ | |
160 { | |
161 1, | |
162 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5, | |
163 SSL2_CK_RC4_128_EXPORT40_WITH_MD5, | |
164 SSL_kRSA, | |
165 SSL_aRSA, | |
166 SSL_RC4, | |
167 SSL_MD5, | |
168 SSL_SSLV2, | |
169 SSL_EXPORT|SSL_EXP40, | |
170 SSL2_CF_5_BYTE_ENC, | |
171 40, | |
172 128, | |
173 }, | |
174 | |
175 /* RC2_128_CBC_WITH_MD5 */ | |
176 { | |
177 1, | |
178 SSL2_TXT_RC2_128_CBC_WITH_MD5, | |
179 SSL2_CK_RC2_128_CBC_WITH_MD5, | |
180 SSL_kRSA, | |
181 SSL_aRSA, | |
182 SSL_RC2, | |
183 SSL_MD5, | |
184 SSL_SSLV2, | |
185 SSL_NOT_EXP|SSL_MEDIUM, | |
186 0, | |
187 128, | |
188 128, | |
189 }, | |
190 | |
191 /* RC2_128_CBC_EXPORT40_WITH_MD5 */ | |
192 { | |
193 1, | |
194 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5, | |
195 SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5, | |
196 SSL_kRSA, | |
197 SSL_aRSA, | |
198 SSL_RC2, | |
199 SSL_MD5, | |
200 SSL_SSLV2, | |
201 SSL_EXPORT|SSL_EXP40, | |
202 SSL2_CF_5_BYTE_ENC, | |
203 40, | |
204 128, | |
205 }, | |
206 | |
207 #ifndef OPENSSL_NO_IDEA | |
208 /* IDEA_128_CBC_WITH_MD5 */ | |
209 { | |
210 1, | |
211 SSL2_TXT_IDEA_128_CBC_WITH_MD5, | |
212 SSL2_CK_IDEA_128_CBC_WITH_MD5, | |
213 SSL_kRSA, | |
214 SSL_aRSA, | |
215 SSL_IDEA, | |
216 SSL_MD5, | |
217 SSL_SSLV2, | |
218 SSL_NOT_EXP|SSL_MEDIUM, | |
219 0, | |
220 128, | |
221 128, | |
222 }, | |
223 #endif | |
224 | |
225 /* DES_64_CBC_WITH_MD5 */ | |
226 { | |
227 1, | |
228 SSL2_TXT_DES_64_CBC_WITH_MD5, | |
229 SSL2_CK_DES_64_CBC_WITH_MD5, | |
230 SSL_kRSA, | |
231 SSL_aRSA, | |
232 SSL_DES, | |
233 SSL_MD5, | |
234 SSL_SSLV2, | |
235 SSL_NOT_EXP|SSL_LOW, | |
236 0, | |
237 56, | |
238 56, | |
239 }, | |
240 | |
241 /* DES_192_EDE3_CBC_WITH_MD5 */ | |
242 { | |
243 1, | |
244 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5, | |
245 SSL2_CK_DES_192_EDE3_CBC_WITH_MD5, | |
246 SSL_kRSA, | |
247 SSL_aRSA, | |
248 SSL_3DES, | |
249 SSL_MD5, | |
250 SSL_SSLV2, | |
251 SSL_NOT_EXP|SSL_HIGH, | |
252 0, | |
253 168, | |
254 168, | |
255 }, | |
256 | |
257 #if 0 | |
258 /* RC4_64_WITH_MD5 */ | |
259 { | |
260 1, | |
261 SSL2_TXT_RC4_64_WITH_MD5, | |
262 SSL2_CK_RC4_64_WITH_MD5, | |
263 SSL_kRSA, | |
264 SSL_aRSA, | |
265 SSL_RC4, | |
266 SSL_MD5, | |
267 SSL_SSLV2, | |
268 SSL_NOT_EXP|SSL_LOW, | |
269 SSL2_CF_8_BYTE_ENC, | |
270 64, | |
271 64, | |
272 }, | |
273 #endif | |
274 | |
275 #if 0 | |
276 /* NULL SSLeay (testing) */ | |
277 { | |
278 0, | |
279 SSL2_TXT_NULL, | |
280 SSL2_CK_NULL, | |
281 0, | |
282 0, | |
283 0, | |
284 0, | |
285 SSL_SSLV2, | |
286 SSL_STRONG_NONE, | |
287 0, | |
288 0, | |
289 0, | |
290 }, | |
291 #endif | |
292 | |
293 /* end of list :-) */ | |
294 }; | |
295 | |
296 long ssl2_default_timeout(void) | |
297 { | |
298 return(300); | |
299 } | |
300 | |
301 int ssl2_num_ciphers(void) | |
302 { | |
303 return(SSL2_NUM_CIPHERS); | |
304 } | |
305 | |
306 const SSL_CIPHER *ssl2_get_cipher(unsigned int u) | |
307 { | |
308 if (u < SSL2_NUM_CIPHERS) | |
309 return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u])); | |
310 else | |
311 return(NULL); | |
312 } | |
313 | |
314 int ssl2_pending(const SSL *s) | |
315 { | |
316 return SSL_in_init(s) ? 0 : s->s2->ract_data_length; | |
317 } | |
318 | |
319 int ssl2_new(SSL *s) | |
320 { | |
321 SSL2_STATE *s2; | |
322 | |
323 if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err; | |
324 memset(s2,0,sizeof *s2); | |
325 | |
326 #if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEA
DER + 2 | |
327 # error "assertion failed" | |
328 #endif | |
329 | |
330 if ((s2->rbuf=OPENSSL_malloc( | |
331 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err; | |
332 /* wbuf needs one byte more because when using two-byte headers, | |
333 * we leave the first byte unused in do_ssl_write (s2_pkt.c) */ | |
334 if ((s2->wbuf=OPENSSL_malloc( | |
335 SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err; | |
336 s->s2=s2; | |
337 | |
338 ssl2_clear(s); | |
339 return(1); | |
340 err: | |
341 if (s2 != NULL) | |
342 { | |
343 if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); | |
344 if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); | |
345 OPENSSL_free(s2); | |
346 } | |
347 return(0); | |
348 } | |
349 | |
350 void ssl2_free(SSL *s) | |
351 { | |
352 SSL2_STATE *s2; | |
353 | |
354 if(s == NULL) | |
355 return; | |
356 | |
357 s2=s->s2; | |
358 if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); | |
359 if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); | |
360 OPENSSL_cleanse(s2,sizeof *s2); | |
361 OPENSSL_free(s2); | |
362 s->s2=NULL; | |
363 } | |
364 | |
365 void ssl2_clear(SSL *s) | |
366 { | |
367 SSL2_STATE *s2; | |
368 unsigned char *rbuf,*wbuf; | |
369 | |
370 s2=s->s2; | |
371 | |
372 rbuf=s2->rbuf; | |
373 wbuf=s2->wbuf; | |
374 | |
375 memset(s2,0,sizeof *s2); | |
376 | |
377 s2->rbuf=rbuf; | |
378 s2->wbuf=wbuf; | |
379 s2->clear_text=1; | |
380 s->packet=s2->rbuf; | |
381 s->version=SSL2_VERSION; | |
382 s->packet_length=0; | |
383 } | |
384 | |
385 long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg) | |
386 { | |
387 int ret=0; | |
388 | |
389 switch(cmd) | |
390 { | |
391 case SSL_CTRL_GET_SESSION_REUSED: | |
392 ret=s->hit; | |
393 break; | |
394 default: | |
395 break; | |
396 } | |
397 return(ret); | |
398 } | |
399 | |
400 long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp)(void)) | |
401 { | |
402 return(0); | |
403 } | |
404 | |
405 long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) | |
406 { | |
407 return(0); | |
408 } | |
409 | |
410 long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) | |
411 { | |
412 return(0); | |
413 } | |
414 | |
415 /* This function needs to check if the ciphers required are actually | |
416 * available */ | |
417 const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p) | |
418 { | |
419 SSL_CIPHER c; | |
420 const SSL_CIPHER *cp; | |
421 unsigned long id; | |
422 | |
423 id=0x02000000L|((unsigned long)p[0]<<16L)| | |
424 ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; | |
425 c.id=id; | |
426 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS); | |
427 if ((cp == NULL) || (cp->valid == 0)) | |
428 return NULL; | |
429 else | |
430 return cp; | |
431 } | |
432 | |
433 int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) | |
434 { | |
435 long l; | |
436 | |
437 if (p != NULL) | |
438 { | |
439 l=c->id; | |
440 if ((l & 0xff000000) != 0x02000000) return(0); | |
441 p[0]=((unsigned char)(l>>16L))&0xFF; | |
442 p[1]=((unsigned char)(l>> 8L))&0xFF; | |
443 p[2]=((unsigned char)(l ))&0xFF; | |
444 } | |
445 return(3); | |
446 } | |
447 | |
448 int ssl2_generate_key_material(SSL *s) | |
449 { | |
450 unsigned int i; | |
451 EVP_MD_CTX ctx; | |
452 unsigned char *km; | |
453 unsigned char c='0'; | |
454 const EVP_MD *md5; | |
455 int md_size; | |
456 | |
457 md5 = EVP_md5(); | |
458 | |
459 #ifdef CHARSET_EBCDIC | |
460 c = os_toascii['0']; /* Must be an ASCII '0', not EBCDIC '0', | |
461 see SSLv2 docu */ | |
462 #endif | |
463 EVP_MD_CTX_init(&ctx); | |
464 km=s->s2->key_material; | |
465 | |
466 if (s->session->master_key_length < 0 || | |
467 s->session->master_key_length > (int)sizeof(s->session->
master_key)) | |
468 { | |
469 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR); | |
470 return 0; | |
471 } | |
472 md_size = EVP_MD_size(md5); | |
473 if (md_size < 0) | |
474 return 0; | |
475 for (i=0; i<s->s2->key_material_length; i += md_size) | |
476 { | |
477 if (((km - s->s2->key_material) + md_size) > | |
478 (int)sizeof(s->s2->key_material)) | |
479 { | |
480 /* EVP_DigestFinal_ex() below would write beyond buffer
*/ | |
481 SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_
ERROR); | |
482 return 0; | |
483 } | |
484 | |
485 EVP_DigestInit_ex(&ctx, md5, NULL); | |
486 | |
487 OPENSSL_assert(s->session->master_key_length >= 0 | |
488 && s->session->master_key_length | |
489 < (int)sizeof(s->session->master_key)); | |
490 EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_
key_length); | |
491 EVP_DigestUpdate(&ctx,&c,1); | |
492 c++; | |
493 EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length); | |
494 EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length); | |
495 EVP_DigestFinal_ex(&ctx,km,NULL); | |
496 km += md_size; | |
497 } | |
498 | |
499 EVP_MD_CTX_cleanup(&ctx); | |
500 return 1; | |
501 } | |
502 | |
503 void ssl2_return_error(SSL *s, int err) | |
504 { | |
505 if (!s->error) | |
506 { | |
507 s->error=3; | |
508 s->error_code=err; | |
509 | |
510 ssl2_write_error(s); | |
511 } | |
512 } | |
513 | |
514 | |
515 void ssl2_write_error(SSL *s) | |
516 { | |
517 unsigned char buf[3]; | |
518 int i,error; | |
519 | |
520 buf[0]=SSL2_MT_ERROR; | |
521 buf[1]=(s->error_code>>8)&0xff; | |
522 buf[2]=(s->error_code)&0xff; | |
523 | |
524 /* state=s->rwstate;*/ | |
525 | |
526 error=s->error; /* number of bytes left to write */ | |
527 s->error=0; | |
528 OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf)); | |
529 i=ssl2_write(s,&(buf[3-error]),error); | |
530 | |
531 /* if (i == error) s->rwstate=state; */ | |
532 | |
533 if (i < 0) | |
534 s->error=error; | |
535 else | |
536 { | |
537 s->error=error-i; | |
538 | |
539 if (s->error == 0) | |
540 if (s->msg_callback) | |
541 s->msg_callback(1, s->version, 0, buf, 3, s, s->
msg_callback_arg); /* ERROR */ | |
542 } | |
543 } | |
544 | |
545 int ssl2_shutdown(SSL *s) | |
546 { | |
547 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); | |
548 return(1); | |
549 } | |
550 #else /* !OPENSSL_NO_SSL2 */ | |
551 | |
552 # if PEDANTIC | |
553 static void *dummy=&dummy; | |
554 # endif | |
555 | |
556 #endif | |
OLD | NEW |