OSX/libsecurity_ssl/lib/sslCipherSpecs.c

   1 /*
   2  * Copyright (c) 1999-2001,2005-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*
  25  * cipherSpecs.c - SSLCipherSpec declarations
  26  */
  27
  28 #include "sslBuildFlags.h"
  29 #include "sslContext.h"
  30 #include "sslCipherSpecs.h"
  31 #include "sslDebug.h"
  32 #include "sslMemory.h"
  33 #include "sslDebug.h"
  34 #include "sslPriv.h"
  35
  36 #include <tls_handshake.h>
  37
  38 #include <string.h>
  39 #include <assert.h>
  40 #include <Security/SecBase.h>
  41
  42 #include <TargetConditionals.h>
  43
  44
  45 /* SecureTransport needs it's own copy of KnownCipherSuites for now, there is a copy in coreTLS,
  46    that is exported, but it actually should only included the "default" not the supported */
  47
  48 #define ENABLE_ECDH                     1
  49 #define ENABLE_AES_GCM          1
  50 #define ENABLE_PSK              1
  51
  52 static const uint16_t STKnownCipherSuites[] = {
  53 #if ENABLE_AES_GCM
  54     TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
  55     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
  56 #endif
  57     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
  58     TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
  59     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
  60     TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
  61     TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
  62 #if ENABLE_AES_GCM
  63     TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
  64     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
  65 #endif
  66     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
  67     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
  68     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
  69     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
  70     TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
  71 #if ENABLE_ECDH
  72 #if ENABLE_AES_GCM
  73     TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
  74     TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
  75 #endif
  76     TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
  77     TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
  78     TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
  79     TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
  80     TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
  81 #if ENABLE_AES_GCM
  82     TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
  83     TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
  84 #endif
  85     TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
  86     TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
  87     TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
  88     TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
  89     TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
  90 #endif
  91
  92 #if ENABLE_AES_GCM
  93     TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
  94     TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
  95 #endif // ENABLE_AES_GCM
  96     TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
  97     TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
  98     TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
  99     TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
 100     SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
 101
 102 #if ENABLE_AES_GCM
 103     TLS_RSA_WITH_AES_256_GCM_SHA384,
 104     TLS_RSA_WITH_AES_128_GCM_SHA256,
 105 #endif
 106     TLS_RSA_WITH_AES_256_CBC_SHA256,
 107     TLS_RSA_WITH_AES_128_CBC_SHA256,
 108     TLS_RSA_WITH_AES_256_CBC_SHA,
 109     TLS_RSA_WITH_AES_128_CBC_SHA,
 110     SSL_RSA_WITH_3DES_EDE_CBC_SHA,
 111
 112 #if ENABLE_RC4
 113     TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
 114     TLS_ECDHE_RSA_WITH_RC4_128_SHA,
 115     TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
 116     TLS_ECDH_RSA_WITH_RC4_128_SHA,
 117     SSL_RSA_WITH_RC4_128_SHA,
 118     SSL_RSA_WITH_RC4_128_MD5,
 119 #endif
 120
 121
 122     /* Unsafe ciphersuites */
 123
 124 #if ENABLE_AES_GCM
 125     TLS_DH_anon_WITH_AES_256_GCM_SHA384,
 126     TLS_DH_anon_WITH_AES_128_GCM_SHA256,
 127 #endif
 128     TLS_DH_anon_WITH_AES_128_CBC_SHA256,
 129     TLS_DH_anon_WITH_AES_256_CBC_SHA256,
 130     TLS_DH_anon_WITH_AES_128_CBC_SHA,
 131     TLS_DH_anon_WITH_AES_256_CBC_SHA,
 132     SSL_DH_anon_WITH_RC4_128_MD5,
 133     SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,
 134
 135     TLS_ECDHE_ECDSA_WITH_NULL_SHA,
 136     TLS_ECDHE_RSA_WITH_NULL_SHA,
 137 #if ENABLE_ECDH
 138     TLS_ECDH_ECDSA_WITH_NULL_SHA,
 139     TLS_ECDH_RSA_WITH_NULL_SHA,
 140 #endif
 141
 142 #if ENABLE_PSK
 143     TLS_PSK_WITH_AES_256_CBC_SHA384,
 144     TLS_PSK_WITH_AES_128_CBC_SHA256,
 145     TLS_PSK_WITH_AES_256_CBC_SHA,
 146     TLS_PSK_WITH_AES_128_CBC_SHA,
 147     TLS_PSK_WITH_RC4_128_SHA,
 148     TLS_PSK_WITH_3DES_EDE_CBC_SHA,
 149     TLS_PSK_WITH_NULL_SHA384,
 150     TLS_PSK_WITH_NULL_SHA256,
 151     TLS_PSK_WITH_NULL_SHA,
 152 #endif
 153
 154     TLS_RSA_WITH_NULL_SHA256,
 155     SSL_RSA_WITH_NULL_SHA,
 156     SSL_RSA_WITH_NULL_MD5
 157
 158 };
 159
 160 static const unsigned STCipherSuiteCount = sizeof(STKnownCipherSuites)/sizeof(STKnownCipherSuites[0]);
 161
 162
 163 /*
 164  * Convert an array of uint16_t
 165  * to an array of SSLCipherSuites.
 166  */
 167 static OSStatus
 168 cipherSuitesToCipherSuites(
 169                           size_t                                numCipherSuites,
 170                           const uint16_t        *cipherSuites,
 171                           SSLCipherSuite                *ciphers,               /* RETURNED */
 172                           size_t                                *numCiphers)    /* IN/OUT */
 173 {
 174     size_t i;
 175         if(*numCiphers < numCipherSuites) {
 176                 return errSSLBufferOverflow;
 177         }
 178
 179     /* NOTE: this is required to go from uint16_t to SSLCipherSuite
 180        which is either 32 or 16 bits, depending on the platform */
 181     for(i=0;i<numCipherSuites; i++) {
 182         ciphers[i]=cipherSuites[i];
 183     }
 184         *numCiphers = numCipherSuites;
 185         return errSecSuccess;
 186 }
 187
 188 /***
 189  *** Publically exported functions declared in SecureTransport.h
 190  ***/
 191
 192 /*
 193  * Determine number and values of all of the SSLCipherSuites we support.
 194  * Caller allocates output buffer for SSLGetSupportedCiphers() and passes in
 195  * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
 196  * will be returned.
 197  */
 198 OSStatus
 199 SSLGetNumberSupportedCiphers (SSLContextRef     ctx,
 200                                                           size_t                *numCiphers)
 201 {
 202         if((ctx == NULL) || (numCiphers == NULL)) {
 203                 return errSecParam;
 204         }
 205         *numCiphers = STCipherSuiteCount;
 206         return errSecSuccess;
 207 }
 208
 209 OSStatus
 210 SSLGetSupportedCiphers           (SSLContextRef         ctx,
 211                                                           SSLCipherSuite        *ciphers,               /* RETURNED */
 212                                                           size_t                        *numCiphers)    /* IN/OUT */
 213 {
 214         if((ctx == NULL) || (ciphers == NULL) || (numCiphers == NULL)) {
 215                 return errSecParam;
 216         }
 217         return cipherSuitesToCipherSuites(STCipherSuiteCount,
 218                 STKnownCipherSuites,
 219                 ciphers,
 220                 numCiphers);
 221 }
 222
 223 /*
 224  * Specify a (typically) restricted set of SSLCipherSuites to be enabled by
 225  * the current SSLContext. Can only be called when no session is active. Default
 226  * set of enabled SSLCipherSuites is NOT the same as the complete set of supported
 227  * SSLCipherSuites as obtained by SSLGetSupportedCiphers().
 228  */
 229 OSStatus
 230 SSLSetEnabledCiphers            (SSLContextRef                  ctx,
 231                                                          const SSLCipherSuite   *ciphers,
 232                                                          size_t                                 numCiphers)
 233 {
 234     uint16_t *cs;
 235
 236         if((ctx == NULL) || (ciphers == NULL) || (numCiphers == 0)) {
 237                 return errSecParam;
 238         }
 239         if(sslIsSessionActive(ctx)) {
 240                 /* can't do this with an active session */
 241                 return errSecBadReq;
 242         }
 243
 244     cs = (uint16_t *)sslMalloc(numCiphers * sizeof(uint16_t));
 245     if(cs == NULL) {
 246                 return errSecAllocate;
 247         }
 248
 249     for(int i=0; i<numCiphers; i++)
 250     {
 251         cs[i] = ciphers[i];
 252         }
 253
 254     tls_handshake_set_ciphersuites(ctx->hdsk, cs, (unsigned) numCiphers);
 255
 256     sslFree(cs);
 257
 258     return errSecSuccess;
 259 }
 260
 261 /*
 262  * Determine number and values of all of the SSLCipherSuites currently enabled.
 263  * Caller allocates output buffer for SSLGetEnabledCiphers() and passes in
 264  * its size in *numCiphers. If supplied buffer is too small, errSSLBufferOverflow
 265  * will be returned.
 266  */
 267 OSStatus
 268 SSLGetNumberEnabledCiphers      (SSLContextRef                  ctx,
 269                                                          size_t                                 *numCiphers)
 270 {
 271         if((ctx == NULL) || (numCiphers == NULL)) {
 272                 return errSecParam;
 273         }
 274
 275     unsigned n;
 276     const uint16_t *ciphersuites;
 277     int err;
 278
 279     err = tls_handshake_get_ciphersuites(ctx->hdsk, &ciphersuites, &n);
 280
 281     if(err) {
 282         return err;
 283     } else {
 284         *numCiphers = n;
 285         return errSecSuccess;
 286     }
 287 }
 288
 289 OSStatus
 290 SSLGetEnabledCiphers            (SSLContextRef                  ctx,
 291                                                          SSLCipherSuite                 *ciphers,               /* RETURNED */
 292                                                          size_t                                 *numCiphers)    /* IN/OUT */
 293 {
 294         if((ctx == NULL) || (ciphers == NULL) || (numCiphers == NULL)) {
 295                 return errSecParam;
 296         }
 297
 298     unsigned n;
 299     const uint16_t *ciphersuites;
 300     int err;
 301
 302     err = tls_handshake_get_ciphersuites(ctx->hdsk, &ciphersuites, &n);
 303
 304     if(err) {
 305         return err;
 306     } else {
 307         return cipherSuitesToCipherSuites(n,
 308                                           ciphersuites,
 309                                           ciphers,
 310                                           numCiphers);
 311     }
 312 }