From: Bodo Möller Date: Sun, 5 May 2002 23:47:09 +0000 (+0000) Subject: disable AES ciphersuites unless explicitly requested X-Git-Tag: OpenSSL_0_9_7-beta1~73 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=29f6a99432fc0404fa93c34b1f4adade28d166a5;p=oweals%2Fopenssl.git disable AES ciphersuites unless explicitly requested --- diff --git a/CHANGES b/CHANGES index ffe622dc89..76a8316b15 100644 --- a/CHANGES +++ b/CHANGES @@ -1021,9 +1021,16 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *) Update Rijndael code to version 3.0 and change EVP AES ciphers to handle the new API. Currently only ECB, CBC modes supported. Add new - AES OIDs. Add TLS AES ciphersuites as described in the "AES Ciphersuites - for TLS" draft-ietf-tls-ciphersuite-03.txt. - [Ben Laurie, Steve Henson] + AES OIDs. + + Add TLS AES ciphersuites as described in the "AES Ciphersuites + for TLS" draft-ietf-tls-ciphersuite-03.txt. As these are not yet + official, they are not enabled by default and are not even part + of the "ALL" ciphersuite alias; for now, they must be explicitly + requested by specifying the new "AESdraft" ciphersuite alias. If + you want the default ciphersuite list plus the new ciphersuites, + use "DEFAULT:AESdraft:@STRENGTH". + [Ben Laurie, Steve Henson, Bodo Moeller] *) New function OCSP_copy_nonce() to copy nonce value (if present) from request to response. diff --git a/ssl/ssl.h b/ssl/ssl.h index 27d3564630..ba9dc4a9a9 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -253,7 +253,7 @@ extern "C" { #define SSL_TXT_RC4 "RC4" #define SSL_TXT_RC2 "RC2" #define SSL_TXT_IDEA "IDEA" -#define SSL_TXT_AES "AES" +#define SSL_TXT_AES "AESdraft" /* AES ciphersuites are not yet official (thus excluded from 'ALL') */ #define SSL_TXT_MD5 "MD5" #define SSL_TXT_SHA1 "SHA1" #define SSL_TXT_SHA "SHA" @@ -266,9 +266,10 @@ extern "C" { #define SSL_TXT_TLSV1 "TLSv1" #define SSL_TXT_ALL "ALL" -/* 'DEFAULT' at the start of the cipher list insert the following string - * in addition to this being the default cipher string */ -#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH" +/* The following cipher list is used by default. + * It also is substituted when an application-defined cipher list string + * starts with 'DEFAULT'. */ +#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:@STRENGTH" /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ #define SSL_SENT_SHUTDOWN 1 diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index a7e2ef65a5..cdd8dde128 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -100,8 +100,9 @@ typedef struct cipher_order_st } CIPHER_ORDER; static const SSL_CIPHER cipher_aliases[]={ - /* Don't include eNULL unless specifically enabled */ - {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */ + /* Don't include eNULL unless specifically enabled. + * Similarly, don't include AES in ALL because these ciphers are not yet official. */ + {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL & ~SSL_AES, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */ {0,SSL_TXT_kKRB5,0,SSL_kKRB5,0,0,0,0,SSL_MKEY_MASK,0}, /* VRS Kerberos5 */ {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0}, {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0}, @@ -998,10 +999,10 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) case SSL_AES: switch(cipher->strength_bits) { - case 128: enc="AES(128)"; break; - case 192: enc="AES(192)"; break; - case 256: enc="AES(256)"; break; - default: enc="AES(?""?""?)"; break; + case 128: enc="AESdraft(128)"; break; + case 192: enc="AESdraft(192)"; break; + case 256: enc="AESdraft(256)"; break; + default: enc="AESdraft(?""?""?)"; break; } break; default: diff --git a/ssl/tls1.h b/ssl/tls1.h index ac5410b472..7f59758ca2 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -127,19 +127,19 @@ extern "C" { #define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA" #define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA" /* AES ciphersuites from draft ietf-tls-ciphersuite-03.txt */ -#define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA" -#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA" -#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA" -#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA" -#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA" -#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA" - -#define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA" -#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA" -#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA" -#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA" -#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA" -#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA" +#define TLS1_TXT_RSA_WITH_AES_128_SHA "AESdraft128-SHA" +#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AESdraft128-SHA" +#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AESdraft128-SHA" +#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AESdraft128-SHA" +#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AESdraft128-SHA" +#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AESdraft128-SHA" + +#define TLS1_TXT_RSA_WITH_AES_256_SHA "AESdraft256-SHA" +#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AESdraft256-SHA" +#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AESdraft256-SHA" +#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AESdraft256-SHA" +#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AESdraft256-SHA" +#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AESdraft256-SHA" #define TLS_CT_RSA_SIGN 1