2 * Copyright (c) 1999-2001,2005-2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 * cipherSpecs.c - SSLCipherSpec declarations
28 #include "sslBuildFlags.h"
29 #include "sslContext.h"
30 #include "sslCipherSpecs.h"
32 #include "sslMemory.h"
36 #include <tls_handshake.h>
40 #include <Security/SecBase.h>
42 #include <TargetConditionals.h>
45 /* SecureTransport needs it's own copy of KnownCipherSuites for now, there is a copy in coreTLS,
46 that is exported, but it actually should only included the "default" not the supported */
49 #define ENABLE_AES_GCM 1
52 static const uint16_t STKnownCipherSuites
[] = {
54 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,
55 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,
57 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,
58 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,
59 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,
60 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,
61 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
,
63 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,
64 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,
66 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,
67 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,
68 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,
69 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,
70 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
,
73 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
,
74 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
,
76 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
,
77 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
,
78 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
,
79 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
,
80 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
,
82 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
,
83 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
,
85 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
,
86 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
,
87 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
,
88 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
,
89 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
,
93 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,
94 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,
95 #endif // ENABLE_AES_GCM
96 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
,
97 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
,
98 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,
99 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,
100 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
,
103 TLS_RSA_WITH_AES_256_GCM_SHA384
,
104 TLS_RSA_WITH_AES_128_GCM_SHA256
,
106 TLS_RSA_WITH_AES_256_CBC_SHA256
,
107 TLS_RSA_WITH_AES_128_CBC_SHA256
,
108 TLS_RSA_WITH_AES_256_CBC_SHA
,
109 TLS_RSA_WITH_AES_128_CBC_SHA
,
110 SSL_RSA_WITH_3DES_EDE_CBC_SHA
,
113 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
,
114 TLS_ECDHE_RSA_WITH_RC4_128_SHA
,
115 TLS_ECDH_ECDSA_WITH_RC4_128_SHA
,
116 TLS_ECDH_RSA_WITH_RC4_128_SHA
,
117 SSL_RSA_WITH_RC4_128_SHA
,
118 SSL_RSA_WITH_RC4_128_MD5
,
122 /* Unsafe ciphersuites */
125 TLS_DH_anon_WITH_AES_256_GCM_SHA384
,
126 TLS_DH_anon_WITH_AES_128_GCM_SHA256
,
128 TLS_DH_anon_WITH_AES_128_CBC_SHA256
,
129 TLS_DH_anon_WITH_AES_256_CBC_SHA256
,
130 TLS_DH_anon_WITH_AES_128_CBC_SHA
,
131 TLS_DH_anon_WITH_AES_256_CBC_SHA
,
132 SSL_DH_anon_WITH_RC4_128_MD5
,
133 SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
,
135 TLS_ECDHE_ECDSA_WITH_NULL_SHA
,
136 TLS_ECDHE_RSA_WITH_NULL_SHA
,
138 TLS_ECDH_ECDSA_WITH_NULL_SHA
,
139 TLS_ECDH_RSA_WITH_NULL_SHA
,
143 TLS_PSK_WITH_AES_256_CBC_SHA384
,
144 TLS_PSK_WITH_AES_128_CBC_SHA256
,
145 TLS_PSK_WITH_AES_256_CBC_SHA
,
146 TLS_PSK_WITH_AES_128_CBC_SHA
,
147 TLS_PSK_WITH_RC4_128_SHA
,
148 TLS_PSK_WITH_3DES_EDE_CBC_SHA
,
149 TLS_PSK_WITH_NULL_SHA384
,
150 TLS_PSK_WITH_NULL_SHA256
,
151 TLS_PSK_WITH_NULL_SHA
,
154 TLS_RSA_WITH_NULL_SHA256
,
155 SSL_RSA_WITH_NULL_SHA
,
156 SSL_RSA_WITH_NULL_MD5
160 static const unsigned STCipherSuiteCount
= sizeof(STKnownCipherSuites
)/sizeof(STKnownCipherSuites
[0]);
164 * Convert an array of uint16_t
165 * to an array of SSLCipherSuites.
168 cipherSuitesToCipherSuites(
169 size_t numCipherSuites
,
170 const uint16_t *cipherSuites
,
171 SSLCipherSuite
*ciphers
, /* RETURNED */
172 size_t *numCiphers
) /* IN/OUT */
175 if(*numCiphers
< numCipherSuites
) {
176 return errSSLBufferOverflow
;
179 /* NOTE: this is required to go from uint16_t to SSLCipherSuite
180 which is either 32 or 16 bits, depending on the platform */
181 for(i
=0;i
<numCipherSuites
; i
++) {
182 ciphers
[i
]=cipherSuites
[i
];
184 *numCiphers
= numCipherSuites
;
185 return errSecSuccess
;
189 *** Publically exported functions declared in SecureTransport.h
193 * Determine number and values of all of the SSLCipherSuites we support.
194 * Caller allocates output buffer for SSLGetSupportedCiphers() and passes in
195 * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
199 SSLGetNumberSupportedCiphers (SSLContextRef ctx
,
202 if((ctx
== NULL
) || (numCiphers
== NULL
)) {
205 *numCiphers
= STCipherSuiteCount
;
206 return errSecSuccess
;
210 SSLGetSupportedCiphers (SSLContextRef ctx
,
211 SSLCipherSuite
*ciphers
, /* RETURNED */
212 size_t *numCiphers
) /* IN/OUT */
214 if((ctx
== NULL
) || (ciphers
== NULL
) || (numCiphers
== NULL
)) {
217 return cipherSuitesToCipherSuites(STCipherSuiteCount
,
224 * Specify a (typically) restricted set of SSLCipherSuites to be enabled by
225 * the current SSLContext. Can only be called when no session is active. Default
226 * set of enabled SSLCipherSuites is NOT the same as the complete set of supported
227 * SSLCipherSuites as obtained by SSLGetSupportedCiphers().
230 SSLSetEnabledCiphers (SSLContextRef ctx
,
231 const SSLCipherSuite
*ciphers
,
236 if((ctx
== NULL
) || (ciphers
== NULL
) || (numCiphers
== 0)) {
239 if(sslIsSessionActive(ctx
)) {
240 /* can't do this with an active session */
244 cs
= (uint16_t *)sslMalloc(numCiphers
* sizeof(uint16_t));
246 return errSecAllocate
;
249 for(int i
=0; i
<numCiphers
; i
++)
254 tls_handshake_set_ciphersuites(ctx
->hdsk
, cs
, (unsigned) numCiphers
);
258 return errSecSuccess
;
262 * Determine number and values of all of the SSLCipherSuites currently enabled.
263 * Caller allocates output buffer for SSLGetEnabledCiphers() and passes in
264 * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
268 SSLGetNumberEnabledCiphers (SSLContextRef ctx
,
271 if((ctx
== NULL
) || (numCiphers
== NULL
)) {
276 const uint16_t *ciphersuites
;
279 err
= tls_handshake_get_ciphersuites(ctx
->hdsk
, &ciphersuites
, &n
);
285 return errSecSuccess
;
290 SSLGetEnabledCiphers (SSLContextRef ctx
,
291 SSLCipherSuite
*ciphers
, /* RETURNED */
292 size_t *numCiphers
) /* IN/OUT */
294 if((ctx
== NULL
) || (ciphers
== NULL
) || (numCiphers
== NULL
)) {
299 const uint16_t *ciphersuites
;
302 err
= tls_handshake_get_ciphersuites(ctx
->hdsk
, &ciphersuites
, &n
);
307 return cipherSuitesToCipherSuites(n
,