]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_ssl/lib/sslCipherSpecs.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-58286.60.28.tar.gz
[apple/security.git] / OSX / libsecurity_ssl / lib / sslCipherSpecs.c
1 /*
2 * Copyright (c) 1999-2001,2005-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * cipherSpecs.c - SSLCipherSpec declarations
26 */
27
28 #include "sslBuildFlags.h"
29 #include "sslContext.h"
30 #include "sslCipherSpecs.h"
31 #include "sslDebug.h"
32 #include "sslMemory.h"
33 #include "sslDebug.h"
34 #include "sslPriv.h"
35
36 #include <tls_handshake.h>
37
38 #include <string.h>
39 #include <assert.h>
40 #include <Security/SecBase.h>
41
42 #include <TargetConditionals.h>
43
44
45 /* SecureTransport needs it's own copy of KnownCipherSuites for now, there is a copy in coreTLS,
46 that is exported, but it actually should only included the "default" not the supported */
47
48 #define ENABLE_ECDH 1
49 #define ENABLE_AES_GCM 1
50 #define ENABLE_PSK 1
51 #define ENABLE_CHACHA20_POLY1305 1
52 #define ENABLE_AES_CCM 0
53
54
55 static const uint16_t STKnownCipherSuites[] = {
56 #if ENABLE_AES_GCM
57 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
58 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
59 #endif
60 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
61 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
62 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
63 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
64 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
65 #if ENABLE_AES_GCM
66 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
67 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
68 #endif
69 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
70 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
71 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
72 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
73 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
74 #if ENABLE_ECDH
75 #if ENABLE_AES_GCM
76 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
77 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
78 #endif
79 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
80 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
81 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
82 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
83 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
84 #if ENABLE_AES_GCM
85 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
86 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
87 #endif
88 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
89 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
90 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
91 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
92 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
93 #endif
94
95 #if ENABLE_AES_GCM
96 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
97 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
98 #endif // ENABLE_AES_GCM
99 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
100 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
101 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
102 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
103 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
104
105 #if ENABLE_AES_GCM
106 TLS_RSA_WITH_AES_256_GCM_SHA384,
107 TLS_RSA_WITH_AES_128_GCM_SHA256,
108 #endif
109 TLS_RSA_WITH_AES_256_CBC_SHA256,
110 TLS_RSA_WITH_AES_128_CBC_SHA256,
111 TLS_RSA_WITH_AES_256_CBC_SHA,
112 TLS_RSA_WITH_AES_128_CBC_SHA,
113 SSL_RSA_WITH_3DES_EDE_CBC_SHA,
114
115 #if ENABLE_RC4
116 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
117 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
118 TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
119 TLS_ECDH_RSA_WITH_RC4_128_SHA,
120 SSL_RSA_WITH_RC4_128_SHA,
121 SSL_RSA_WITH_RC4_128_MD5,
122 #endif
123
124 /* TLS 1.3 ciphersuites */
125 #if ENABLE_AES_GCM
126 TLS_AES_128_GCM_SHA256,
127 TLS_AES_256_GCM_SHA384,
128 #endif
129 #if ENABLE_CHACHA20_POLY1305
130 TLS_CHACHA20_POLY1305_SHA256,
131 #endif
132 #if ENABLE_AES_CCM
133 TLS_AES_128_CCM_SHA256,
134 TLS_AES_128_CCM_8_SHA256,
135 #endif
136
137 /* Unsafe ciphersuites */
138
139 #if ENABLE_AES_GCM
140 TLS_DH_anon_WITH_AES_256_GCM_SHA384,
141 TLS_DH_anon_WITH_AES_128_GCM_SHA256,
142 #endif
143 TLS_DH_anon_WITH_AES_128_CBC_SHA256,
144 TLS_DH_anon_WITH_AES_256_CBC_SHA256,
145 TLS_DH_anon_WITH_AES_128_CBC_SHA,
146 TLS_DH_anon_WITH_AES_256_CBC_SHA,
147 SSL_DH_anon_WITH_RC4_128_MD5,
148 SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
149
150 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
151 TLS_ECDHE_RSA_WITH_NULL_SHA,
152 #if ENABLE_ECDH
153 TLS_ECDH_ECDSA_WITH_NULL_SHA,
154 TLS_ECDH_RSA_WITH_NULL_SHA,
155 #endif
156
157 #if ENABLE_PSK
158 TLS_PSK_WITH_AES_256_CBC_SHA384,
159 TLS_PSK_WITH_AES_128_CBC_SHA256,
160 TLS_PSK_WITH_AES_256_CBC_SHA,
161 TLS_PSK_WITH_AES_128_CBC_SHA,
162 TLS_PSK_WITH_RC4_128_SHA,
163 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
164 TLS_PSK_WITH_NULL_SHA384,
165 TLS_PSK_WITH_NULL_SHA256,
166 TLS_PSK_WITH_NULL_SHA,
167 #endif
168
169 TLS_RSA_WITH_NULL_SHA256,
170 SSL_RSA_WITH_NULL_SHA,
171 SSL_RSA_WITH_NULL_MD5
172
173 };
174
175 static const unsigned STCipherSuiteCount = sizeof(STKnownCipherSuites)/sizeof(STKnownCipherSuites[0]);
176
177
178 /*
179 * Convert an array of uint16_t
180 * to an array of SSLCipherSuites.
181 */
182 static OSStatus
183 cipherSuitesToCipherSuites(
184 size_t numCipherSuites,
185 const uint16_t *cipherSuites,
186 SSLCipherSuite *ciphers, /* RETURNED */
187 size_t *numCiphers) /* IN/OUT */
188 {
189 size_t i;
190 if(*numCiphers < numCipherSuites) {
191 return errSSLBufferOverflow;
192 }
193
194 /* NOTE: this is required to go from uint16_t to SSLCipherSuite
195 which is either 32 or 16 bits, depending on the platform */
196 for(i=0;i<numCipherSuites; i++) {
197 ciphers[i]=cipherSuites[i];
198 }
199 *numCiphers = numCipherSuites;
200 return errSecSuccess;
201 }
202
203 /***
204 *** Publically exported functions declared in SecureTransport.h
205 ***/
206
207 /*
208 * Determine number and values of all of the SSLCipherSuites we support.
209 * Caller allocates output buffer for SSLGetSupportedCiphers() and passes in
210 * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
211 * will be returned.
212 */
213 OSStatus
214 SSLGetNumberSupportedCiphers (SSLContextRef ctx,
215 size_t *numCiphers)
216 {
217 if((ctx == NULL) || (numCiphers == NULL)) {
218 return errSecParam;
219 }
220 *numCiphers = STCipherSuiteCount;
221 return errSecSuccess;
222 }
223
224 OSStatus
225 SSLGetSupportedCiphers (SSLContextRef ctx,
226 SSLCipherSuite *ciphers, /* RETURNED */
227 size_t *numCiphers) /* IN/OUT */
228 {
229 if((ctx == NULL) || (ciphers == NULL) || (numCiphers == NULL)) {
230 return errSecParam;
231 }
232 return cipherSuitesToCipherSuites(STCipherSuiteCount,
233 STKnownCipherSuites,
234 ciphers,
235 numCiphers);
236 }
237
238 /*
239 * Specify a (typically) restricted set of SSLCipherSuites to be enabled by
240 * the current SSLContext. Can only be called when no session is active. Default
241 * set of enabled SSLCipherSuites is NOT the same as the complete set of supported
242 * SSLCipherSuites as obtained by SSLGetSupportedCiphers().
243 */
244 OSStatus
245 SSLSetEnabledCiphers (SSLContextRef ctx,
246 const SSLCipherSuite *ciphers,
247 size_t numCiphers)
248 {
249 uint16_t *cs;
250
251 if((ctx == NULL) || (ciphers == NULL) || (numCiphers == 0)) {
252 return errSecParam;
253 }
254
255 if(sslIsSessionActive(ctx)) {
256 /* can't do this with an active session */
257 return errSecBadReq;
258 }
259
260 int matchCount = 0;
261 for(int i=0; i<numCiphers; i++) {
262 for (int j=0; j < STCipherSuiteCount; j++) {
263 if (STKnownCipherSuites[j] == ciphers[i]) {
264 matchCount++;
265 break;
266 }
267 }
268 }
269
270 // If the caller specified no ciphersuites that we actually support, return an error code.
271 if (matchCount == 0) {
272 return errSecParam;
273 }
274
275 cs = (uint16_t *)sslMalloc(matchCount * sizeof(uint16_t));
276 if(cs == NULL) {
277 return errSecAllocate;
278 }
279
280 matchCount = 0;
281 for(int i=0; i<numCiphers; i++) {
282 for (int j=0; j < STCipherSuiteCount; j++) {
283 if (STKnownCipherSuites[j] == ciphers[i]) {
284 cs[matchCount++] = ciphers[i];
285 break;
286 }
287 }
288 }
289
290
291 OSStatus result = tls_handshake_set_ciphersuites(ctx->hdsk, cs, (unsigned) matchCount);
292
293 sslFree(cs);
294
295 return result;
296 }
297
298 /*
299 * Determine number and values of all of the SSLCipherSuites currently enabled.
300 * Caller allocates output buffer for SSLGetEnabledCiphers() and passes in
301 * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
302 * will be returned.
303 */
304 OSStatus
305 SSLGetNumberEnabledCiphers (SSLContextRef ctx,
306 size_t *numCiphers)
307 {
308 if((ctx == NULL) || (numCiphers == NULL)) {
309 return errSecParam;
310 }
311
312 unsigned n;
313 const uint16_t *ciphersuites;
314 int err;
315
316 err = tls_handshake_get_ciphersuites(ctx->hdsk, &ciphersuites, &n);
317
318 if(err) {
319 return err;
320 } else {
321 *numCiphers = n;
322 return errSecSuccess;
323 }
324 }
325
326 OSStatus
327 SSLGetEnabledCiphers (SSLContextRef ctx,
328 SSLCipherSuite *ciphers, /* RETURNED */
329 size_t *numCiphers) /* IN/OUT */
330 {
331 if((ctx == NULL) || (ciphers == NULL) || (numCiphers == NULL)) {
332 return errSecParam;
333 }
334
335 unsigned n;
336 const uint16_t *ciphersuites;
337 int err;
338
339 err = tls_handshake_get_ciphersuites(ctx->hdsk, &ciphersuites, &n);
340
341 if(err) {
342 return err;
343 } else {
344 return cipherSuitesToCipherSuites(n,
345 ciphersuites,
346 ciphers,
347 numCiphers);
348 }
349 }
350
351 OSStatus
352 SSLSetSessionTicketsEnabled (SSLContextRef context,
353 Boolean enabled)
354 {
355 if (context == NULL) {
356 return errSecParam;
357 }
358
359 return tls_handshake_set_session_ticket_enabled(context->hdsk, enabled);
360 }
mirror of Security