OSX/libsecurity_ssl/lib/sslCipherSpecs.c

   1 /*
   2  * Copyright (c) 1999-2001,2005-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*
  25  * cipherSpecs.c - SSLCipherSpec declarations
  26  */
  27
  28 #include "sslBuildFlags.h"
  29 #include "sslContext.h"
  30 #include "sslCipherSpecs.h"
  31 #include "sslDebug.h"
  32 #include "sslMemory.h"
  33 #include "sslDebug.h"
  34 #include "sslUtils.h"
  35 #include "sslPriv.h"
  36
  37 #include <tls_handshake.h>
  38
  39 #include <string.h>
  40 #include <assert.h>
  41 #include <Security/SecBase.h>
  42
  43 #include <TargetConditionals.h>
  44
  45
  46 /* SecureTransport needs it's own copy of KnownCipherSuites for now, there is a copy in coreTLS,
  47    that is exported, but it actually should only included the "default" not the supported */
  48
  49 #define ENABLE_ECDH                     1
  50 #define ENABLE_AES_GCM          1
  51 #define ENABLE_PSK              1
  52
  53 static const uint16_t STKnownCipherSuites[] = {
  54 #if ENABLE_AES_GCM
  55     TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
  56     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
  57 #endif
  58     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
  59     TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
  60     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
  61     TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
  62     TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
  63 #if ENABLE_AES_GCM
  64     TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
  65     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
  66 #endif
  67     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
  68     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
  69     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
  70     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
  71     TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
  72 #if ENABLE_ECDH
  73 #if ENABLE_AES_GCM
  74     TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
  75     TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
  76 #endif
  77     TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
  78     TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
  79     TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
  80     TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
  81     TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
  82 #if ENABLE_AES_GCM
  83     TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
  84     TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
  85 #endif
  86     TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
  87     TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
  88     TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
  89     TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
  90     TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
  91 #endif
  92
  93 #if ENABLE_AES_GCM
  94     TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
  95     TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
  96 #endif // ENABLE_AES_GCM
  97     TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
  98     TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
  99     TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
 100     TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
 101     SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
 102
 103 #if ENABLE_AES_GCM
 104     TLS_RSA_WITH_AES_256_GCM_SHA384,
 105     TLS_RSA_WITH_AES_128_GCM_SHA256,
 106 #endif
 107     TLS_RSA_WITH_AES_256_CBC_SHA256,
 108     TLS_RSA_WITH_AES_128_CBC_SHA256,
 109     TLS_RSA_WITH_AES_256_CBC_SHA,
 110     TLS_RSA_WITH_AES_128_CBC_SHA,
 111     SSL_RSA_WITH_3DES_EDE_CBC_SHA,
 112
 113 #if ENABLE_RC4
 114     TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
 115     TLS_ECDHE_RSA_WITH_RC4_128_SHA,
 116     TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
 117     TLS_ECDH_RSA_WITH_RC4_128_SHA,
 118     SSL_RSA_WITH_RC4_128_SHA,
 119     SSL_RSA_WITH_RC4_128_MD5,
 120 #endif
 121
 122
 123     /* Unsafe ciphersuites */
 124
 125 #if ENABLE_AES_GCM
 126     TLS_DH_anon_WITH_AES_256_GCM_SHA384,
 127     TLS_DH_anon_WITH_AES_128_GCM_SHA256,
 128 #endif
 129     TLS_DH_anon_WITH_AES_128_CBC_SHA256,
 130     TLS_DH_anon_WITH_AES_256_CBC_SHA256,
 131     TLS_DH_anon_WITH_AES_128_CBC_SHA,
 132     TLS_DH_anon_WITH_AES_256_CBC_SHA,
 133     SSL_DH_anon_WITH_RC4_128_MD5,
 134     SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
 135
 136     TLS_ECDHE_ECDSA_WITH_NULL_SHA,
 137     TLS_ECDHE_RSA_WITH_NULL_SHA,
 138 #if ENABLE_ECDH
 139     TLS_ECDH_ECDSA_WITH_NULL_SHA,
 140     TLS_ECDH_RSA_WITH_NULL_SHA,
 141 #endif
 142
 143 #if ENABLE_PSK
 144     TLS_PSK_WITH_AES_256_CBC_SHA384,
 145     TLS_PSK_WITH_AES_128_CBC_SHA256,
 146     TLS_PSK_WITH_AES_256_CBC_SHA,
 147     TLS_PSK_WITH_AES_128_CBC_SHA,
 148     TLS_PSK_WITH_RC4_128_SHA,
 149     TLS_PSK_WITH_3DES_EDE_CBC_SHA,
 150     TLS_PSK_WITH_NULL_SHA384,
 151     TLS_PSK_WITH_NULL_SHA256,
 152     TLS_PSK_WITH_NULL_SHA,
 153 #endif
 154
 155     TLS_RSA_WITH_NULL_SHA256,
 156     SSL_RSA_WITH_NULL_SHA,
 157     SSL_RSA_WITH_NULL_MD5
 158
 159 };
 160
 161 static const unsigned STCipherSuiteCount = sizeof(STKnownCipherSuites)/sizeof(STKnownCipherSuites[0]);
 162
 163
 164 /*
 165  * Convert an array of uint16_t
 166  * to an array of SSLCipherSuites.
 167  */
 168 static OSStatus
 169 cipherSuitesToCipherSuites(
 170                           size_t                                numCipherSuites,
 171                           const uint16_t        *cipherSuites,
 172                           SSLCipherSuite                *ciphers,               /* RETURNED */
 173                           size_t                                *numCiphers)    /* IN/OUT */
 174 {
 175     size_t i;
 176         if(*numCiphers < numCipherSuites) {
 177                 return errSSLBufferOverflow;
 178         }
 179
 180     /* NOTE: this is required to go from uint16_t to SSLCipherSuite
 181        which is either 32 or 16 bits, depending on the platform */
 182     for(i=0;i<numCipherSuites; i++) {
 183         ciphers[i]=cipherSuites[i];
 184     }
 185         *numCiphers = numCipherSuites;
 186         return errSecSuccess;
 187 }
 188
 189 /***
 190  *** Publically exported functions declared in SecureTransport.h
 191  ***/
 192
 193 /*
 194  * Determine number and values of all of the SSLCipherSuites we support.
 195  * Caller allocates output buffer for SSLGetSupportedCiphers() and passes in
 196  * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
 197  * will be returned.
 198  */
 199 OSStatus
 200 SSLGetNumberSupportedCiphers (SSLContextRef     ctx,
 201                                                           size_t                *numCiphers)
 202 {
 203         if((ctx == NULL) || (numCiphers == NULL)) {
 204                 return errSecParam;
 205         }
 206         *numCiphers = STCipherSuiteCount;
 207         return errSecSuccess;
 208 }
 209
 210 OSStatus
 211 SSLGetSupportedCiphers           (SSLContextRef         ctx,
 212                                                           SSLCipherSuite        *ciphers,               /* RETURNED */
 213                                                           size_t                        *numCiphers)    /* IN/OUT */
 214 {
 215         if((ctx == NULL) || (ciphers == NULL) || (numCiphers == NULL)) {
 216                 return errSecParam;
 217         }
 218         return cipherSuitesToCipherSuites(STCipherSuiteCount,
 219                 STKnownCipherSuites,
 220                 ciphers,
 221                 numCiphers);
 222 }
 223
 224 /*
 225  * Specify a (typically) restricted set of SSLCipherSuites to be enabled by
 226  * the current SSLContext. Can only be called when no session is active. Default
 227  * set of enabled SSLCipherSuites is NOT the same as the complete set of supported
 228  * SSLCipherSuites as obtained by SSLGetSupportedCiphers().
 229  */
 230 OSStatus
 231 SSLSetEnabledCiphers            (SSLContextRef                  ctx,
 232                                                          const SSLCipherSuite   *ciphers,
 233                                                          size_t                                 numCiphers)
 234 {
 235     uint16_t *cs;
 236
 237         if((ctx == NULL) || (ciphers == NULL) || (numCiphers == 0)) {
 238                 return errSecParam;
 239         }
 240         if(sslIsSessionActive(ctx)) {
 241                 /* can't do this with an active session */
 242                 return errSecBadReq;
 243         }
 244
 245     cs = (uint16_t *)sslMalloc(numCiphers * sizeof(uint16_t));
 246     if(cs == NULL) {
 247                 return errSecAllocate;
 248         }
 249
 250     for(int i=0; i<numCiphers; i++)
 251     {
 252         cs[i] = ciphers[i];
 253         }
 254
 255     tls_handshake_set_ciphersuites(ctx->hdsk, cs, (unsigned) numCiphers);
 256
 257     sslFree(cs);
 258
 259     return errSecSuccess;
 260 }
 261
 262 /*
 263  * Determine number and values of all of the SSLCipherSuites currently enabled.
 264  * Caller allocates output buffer for SSLGetEnabledCiphers() and passes in
 265  * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
 266  * will be returned.
 267  */
 268 OSStatus
 269 SSLGetNumberEnabledCiphers      (SSLContextRef                  ctx,
 270                                                          size_t                                 *numCiphers)
 271 {
 272         if((ctx == NULL) || (numCiphers == NULL)) {
 273                 return errSecParam;
 274         }
 275
 276     unsigned n;
 277     const uint16_t *ciphersuites;
 278     int err;
 279
 280     err = tls_handshake_get_ciphersuites(ctx->hdsk, &ciphersuites, &n);
 281
 282     if(err) {
 283         return err;
 284     } else {
 285         *numCiphers = n;
 286         return errSecSuccess;
 287     }
 288 }
 289
 290 OSStatus
 291 SSLGetEnabledCiphers            (SSLContextRef                  ctx,
 292                                                          SSLCipherSuite                 *ciphers,               /* RETURNED */
 293                                                          size_t                                 *numCiphers)    /* IN/OUT */
 294 {
 295         if((ctx == NULL) || (ciphers == NULL) || (numCiphers == NULL)) {
 296                 return errSecParam;
 297         }
 298
 299     unsigned n;
 300     const uint16_t *ciphersuites;
 301     int err;
 302
 303     err = tls_handshake_get_ciphersuites(ctx->hdsk, &ciphersuites, &n);
 304
 305     return cipherSuitesToCipherSuites(n,
 306                                       ciphersuites,
 307                                       ciphers,
 308                                       numCiphers);
 309
 310 }