OLD | NEW |
1 /* ssl/ssl_ciph.c */ | 1 /* ssl/ssl_ciph.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 280 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
291 {0,SSL_TXT_IDEA,0, 0,0,SSL_IDEA, 0,0,0,0,0,0}, | 291 {0,SSL_TXT_IDEA,0, 0,0,SSL_IDEA, 0,0,0,0,0,0}, |
292 {0,SSL_TXT_SEED,0, 0,0,SSL_SEED, 0,0,0,0,0,0}, | 292 {0,SSL_TXT_SEED,0, 0,0,SSL_SEED, 0,0,0,0,0,0}, |
293 {0,SSL_TXT_eNULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0}, | 293 {0,SSL_TXT_eNULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0}, |
294 {0,SSL_TXT_AES128,0, 0,0,SSL_AES128|SSL_AES128GCM,0,0,0,0,0,0}, | 294 {0,SSL_TXT_AES128,0, 0,0,SSL_AES128|SSL_AES128GCM,0,0,0,0,0,0}, |
295 {0,SSL_TXT_AES256,0, 0,0,SSL_AES256|SSL_AES256GCM,0,0,0,0,0,0}, | 295 {0,SSL_TXT_AES256,0, 0,0,SSL_AES256|SSL_AES256GCM,0,0,0,0,0,0}, |
296 {0,SSL_TXT_AES,0, 0,0,SSL_AES,0,0,0,0,0,0}, | 296 {0,SSL_TXT_AES,0, 0,0,SSL_AES,0,0,0,0,0,0}, |
297 {0,SSL_TXT_AES_GCM,0, 0,0,SSL_AES128GCM|SSL_AES256GCM,0,0,0,0,0,0}, | 297 {0,SSL_TXT_AES_GCM,0, 0,0,SSL_AES128GCM|SSL_AES256GCM,0,0,0,0,0,0}, |
298 {0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0}, | 298 {0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0}, |
299 {0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0}, | 299 {0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0}, |
300 {0,SSL_TXT_CAMELLIA ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0
}, | 300 {0,SSL_TXT_CAMELLIA ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0
}, |
| 301 {0,SSL_TXT_CHACHA20 ,0,0,0,SSL_CHACHA20POLY1305,0,0,0,0,0,0}, |
301 | 302 |
302 /* MAC aliases */ | 303 /* MAC aliases */ |
303 {0,SSL_TXT_MD5,0, 0,0,0,SSL_MD5, 0,0,0,0,0}, | 304 {0,SSL_TXT_MD5,0, 0,0,0,SSL_MD5, 0,0,0,0,0}, |
304 {0,SSL_TXT_SHA1,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, | 305 {0,SSL_TXT_SHA1,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, |
305 {0,SSL_TXT_SHA,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, | 306 {0,SSL_TXT_SHA,0, 0,0,0,SSL_SHA1, 0,0,0,0,0}, |
306 {0,SSL_TXT_GOST94,0, 0,0,0,SSL_GOST94, 0,0,0,0,0}, | 307 {0,SSL_TXT_GOST94,0, 0,0,0,SSL_GOST94, 0,0,0,0,0}, |
307 {0,SSL_TXT_GOST89MAC,0, 0,0,0,SSL_GOST89MAC, 0,0,0,0,0}, | 308 {0,SSL_TXT_GOST89MAC,0, 0,0,0,SSL_GOST89MAC, 0,0,0,0,0}, |
308 {0,SSL_TXT_SHA256,0, 0,0,0,SSL_SHA256, 0,0,0,0,0}, | 309 {0,SSL_TXT_SHA256,0, 0,0,0,SSL_SHA256, 0,0,0,0,0}, |
309 {0,SSL_TXT_SHA384,0, 0,0,0,SSL_SHA384, 0,0,0,0,0}, | 310 {0,SSL_TXT_SHA384,0, 0,0,0,SSL_SHA384, 0,0,0,0,0}, |
310 | 311 |
(...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
477 } | 478 } |
478 } | 479 } |
479 | 480 |
480 if (got_write_lock) | 481 if (got_write_lock) |
481 CRYPTO_w_unlock(CRYPTO_LOCK_SSL); | 482 CRYPTO_w_unlock(CRYPTO_LOCK_SSL); |
482 else | 483 else |
483 CRYPTO_r_unlock(CRYPTO_LOCK_SSL); | 484 CRYPTO_r_unlock(CRYPTO_LOCK_SSL); |
484 } | 485 } |
485 #endif | 486 #endif |
486 | 487 |
| 488 /* ssl_cipher_get_comp sets |comp| to the correct SSL_COMP for the given |
| 489 * session and returns 1. On error it returns 0. */ |
| 490 int ssl_cipher_get_comp(const SSL_SESSION *s, SSL_COMP **comp) |
| 491 { |
| 492 int i; |
| 493 |
| 494 SSL_COMP ctmp; |
| 495 #ifndef OPENSSL_NO_COMP |
| 496 load_builtin_compressions(); |
| 497 #endif |
| 498 |
| 499 *comp=NULL; |
| 500 ctmp.id=s->compress_meth; |
| 501 if (ssl_comp_methods != NULL) |
| 502 { |
| 503 i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp); |
| 504 if (i >= 0) |
| 505 *comp=sk_SSL_COMP_value(ssl_comp_methods,i); |
| 506 else |
| 507 *comp=NULL; |
| 508 } |
| 509 |
| 510 return 1; |
| 511 } |
| 512 |
| 513 /* ssl_cipher_get_evp_aead sets |*aead| to point to the correct EVP_AEAD object |
| 514 * for |s->cipher|. It returns 1 on success and 0 on error. */ |
| 515 int ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead) |
| 516 { |
| 517 const SSL_CIPHER *c = s->cipher; |
| 518 |
| 519 *aead = NULL; |
| 520 |
| 521 if (c == NULL) |
| 522 return 0; |
| 523 if ((c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD) == 0) |
| 524 return 0; |
| 525 |
| 526 #ifndef OPENSSL_NO_AES |
| 527 switch (c->algorithm_enc) |
| 528 { |
| 529 case SSL_AES128GCM: |
| 530 *aead = EVP_aead_aes_128_gcm(); |
| 531 return 1; |
| 532 case SSL_CHACHA20POLY1305: |
| 533 *aead = EVP_aead_chacha20_poly1305(); |
| 534 return 1; |
| 535 } |
| 536 #endif |
| 537 |
| 538 return 0; |
| 539 } |
| 540 |
487 int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, | 541 int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, |
488 » const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size,SSL_COM
P **comp) | 542 » const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size) |
489 { | 543 { |
490 int i; | 544 int i; |
491 const SSL_CIPHER *c; | 545 const SSL_CIPHER *c; |
492 | 546 |
493 c=s->cipher; | 547 c=s->cipher; |
494 if (c == NULL) return(0); | 548 if (c == NULL) return(0); |
495 if (comp != NULL) | |
496 { | |
497 SSL_COMP ctmp; | |
498 #ifndef OPENSSL_NO_COMP | |
499 load_builtin_compressions(); | |
500 #endif | |
501 | 549 |
502 » » *comp=NULL; | 550 » /* This function doesn't deal with EVP_AEAD. See |
503 » » ctmp.id=s->compress_meth; | 551 » * |ssl_cipher_get_aead_evp|. */ |
504 » » if (ssl_comp_methods != NULL) | 552 » if (c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD) |
505 » » » { | 553 » » return(0); |
506 » » » i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp); | |
507 » » » if (i >= 0) | |
508 » » » » *comp=sk_SSL_COMP_value(ssl_comp_methods,i); | |
509 » » » else | |
510 » » » » *comp=NULL; | |
511 » » » } | |
512 » » } | |
513 | 554 |
514 if ((enc == NULL) || (md == NULL)) return(0); | 555 if ((enc == NULL) || (md == NULL)) return(0); |
515 | 556 |
516 switch (c->algorithm_enc) | 557 switch (c->algorithm_enc) |
517 { | 558 { |
518 case SSL_DES: | 559 case SSL_DES: |
519 i=SSL_ENC_DES_IDX; | 560 i=SSL_ENC_DES_IDX; |
520 break; | 561 break; |
521 case SSL_3DES: | 562 case SSL_3DES: |
522 i=SSL_ENC_3DES_IDX; | 563 i=SSL_ENC_3DES_IDX; |
(...skipping 1145 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1668 break; | 1709 break; |
1669 case SSL_CAMELLIA128: | 1710 case SSL_CAMELLIA128: |
1670 enc="Camellia(128)"; | 1711 enc="Camellia(128)"; |
1671 break; | 1712 break; |
1672 case SSL_CAMELLIA256: | 1713 case SSL_CAMELLIA256: |
1673 enc="Camellia(256)"; | 1714 enc="Camellia(256)"; |
1674 break; | 1715 break; |
1675 case SSL_SEED: | 1716 case SSL_SEED: |
1676 enc="SEED(128)"; | 1717 enc="SEED(128)"; |
1677 break; | 1718 break; |
| 1719 case SSL_CHACHA20POLY1305: |
| 1720 enc="ChaCha20-Poly1305"; |
| 1721 break; |
1678 default: | 1722 default: |
1679 enc="unknown"; | 1723 enc="unknown"; |
1680 break; | 1724 break; |
1681 } | 1725 } |
1682 | 1726 |
1683 switch (alg_mac) | 1727 switch (alg_mac) |
1684 { | 1728 { |
1685 case SSL_MD5: | 1729 case SSL_MD5: |
1686 mac="MD5"; | 1730 mac="MD5"; |
1687 break; | 1731 break; |
(...skipping 202 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1890 } | 1934 } |
1891 | 1935 |
1892 const char *SSL_COMP_get_name(const COMP_METHOD *comp) | 1936 const char *SSL_COMP_get_name(const COMP_METHOD *comp) |
1893 { | 1937 { |
1894 if (comp) | 1938 if (comp) |
1895 return comp->name; | 1939 return comp->name; |
1896 return NULL; | 1940 return NULL; |
1897 } | 1941 } |
1898 | 1942 |
1899 #endif | 1943 #endif |
OLD | NEW |