1 /* $OpenBSD: ssl_methods.c,v 1.28 2021/07/26 03:17:38 jsing Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include "dtls_locl.h" 60 #include "ssl_locl.h" 61 #include "tls13_internal.h" 62 63 static const SSL_METHOD DTLS_method_data = { 64 .dtls = 1, 65 .server = 1, 66 .version = DTLS1_2_VERSION, 67 .min_tls_version = TLS1_1_VERSION, 68 .max_tls_version = TLS1_2_VERSION, 69 .ssl_new = dtls1_new, 70 .ssl_clear = dtls1_clear, 71 .ssl_free = dtls1_free, 72 .ssl_accept = ssl3_accept, 73 .ssl_connect = ssl3_connect, 74 .ssl_shutdown = ssl3_shutdown, 75 .ssl_renegotiate = ssl3_renegotiate, 76 .ssl_renegotiate_check = ssl3_renegotiate_check, 77 .ssl_pending = ssl3_pending, 78 .ssl_read_bytes = dtls1_read_bytes, 79 .ssl_write_bytes = dtls1_write_app_data_bytes, 80 .get_cipher = dtls1_get_cipher, 81 .enc_flags = TLSV1_2_ENC_FLAGS, 82 }; 83 84 static const SSL_METHOD DTLS_client_method_data = { 85 .dtls = 1, 86 .server = 0, 87 .version = DTLS1_2_VERSION, 88 .min_tls_version = TLS1_1_VERSION, 89 .max_tls_version = TLS1_2_VERSION, 90 .ssl_new = dtls1_new, 91 .ssl_clear = dtls1_clear, 92 .ssl_free = dtls1_free, 93 .ssl_accept = ssl_undefined_function, 94 .ssl_connect = ssl3_connect, 95 .ssl_shutdown = ssl3_shutdown, 96 .ssl_renegotiate = ssl3_renegotiate, 97 .ssl_renegotiate_check = ssl3_renegotiate_check, 98 .ssl_pending = ssl3_pending, 99 .ssl_read_bytes = dtls1_read_bytes, 100 .ssl_write_bytes = dtls1_write_app_data_bytes, 101 .get_cipher = dtls1_get_cipher, 102 .enc_flags = TLSV1_2_ENC_FLAGS, 103 }; 104 105 static const SSL_METHOD DTLSv1_method_data = { 106 .dtls = 1, 107 .server = 1, 108 .version = DTLS1_VERSION, 109 .min_tls_version = TLS1_1_VERSION, 110 .max_tls_version = TLS1_1_VERSION, 111 .ssl_new = dtls1_new, 112 .ssl_clear = dtls1_clear, 113 .ssl_free = dtls1_free, 114 .ssl_accept = ssl3_accept, 115 .ssl_connect = ssl3_connect, 116 .ssl_shutdown = ssl3_shutdown, 117 .ssl_renegotiate = ssl3_renegotiate, 118 .ssl_renegotiate_check = ssl3_renegotiate_check, 119 .ssl_pending = ssl3_pending, 120 .ssl_read_bytes = dtls1_read_bytes, 121 .ssl_write_bytes = dtls1_write_app_data_bytes, 122 .get_cipher = dtls1_get_cipher, 123 .enc_flags = TLSV1_1_ENC_FLAGS, 124 }; 125 126 static const SSL_METHOD DTLSv1_client_method_data = { 127 .dtls = 1, 128 .server = 0, 129 .version = DTLS1_VERSION, 130 .min_tls_version = TLS1_1_VERSION, 131 .max_tls_version = TLS1_1_VERSION, 132 .ssl_new = dtls1_new, 133 .ssl_clear = dtls1_clear, 134 .ssl_free = dtls1_free, 135 .ssl_accept = ssl_undefined_function, 136 .ssl_connect = ssl3_connect, 137 .ssl_shutdown = ssl3_shutdown, 138 .ssl_renegotiate = ssl3_renegotiate, 139 .ssl_renegotiate_check = ssl3_renegotiate_check, 140 .ssl_pending = ssl3_pending, 141 .ssl_read_bytes = dtls1_read_bytes, 142 .ssl_write_bytes = dtls1_write_app_data_bytes, 143 .get_cipher = dtls1_get_cipher, 144 .enc_flags = TLSV1_1_ENC_FLAGS, 145 }; 146 147 static const SSL_METHOD DTLSv1_2_method_data = { 148 .dtls = 1, 149 .server = 1, 150 .version = DTLS1_2_VERSION, 151 .min_tls_version = TLS1_2_VERSION, 152 .max_tls_version = TLS1_2_VERSION, 153 .ssl_new = dtls1_new, 154 .ssl_clear = dtls1_clear, 155 .ssl_free = dtls1_free, 156 .ssl_accept = ssl3_accept, 157 .ssl_connect = ssl3_connect, 158 .ssl_shutdown = ssl3_shutdown, 159 .ssl_renegotiate = ssl3_renegotiate, 160 .ssl_renegotiate_check = ssl3_renegotiate_check, 161 .ssl_pending = ssl3_pending, 162 .ssl_read_bytes = dtls1_read_bytes, 163 .ssl_write_bytes = dtls1_write_app_data_bytes, 164 .get_cipher = dtls1_get_cipher, 165 .enc_flags = TLSV1_2_ENC_FLAGS, 166 }; 167 168 static const SSL_METHOD DTLSv1_2_client_method_data = { 169 .dtls = 1, 170 .server = 0, 171 .version = DTLS1_2_VERSION, 172 .min_tls_version = TLS1_2_VERSION, 173 .max_tls_version = TLS1_2_VERSION, 174 .ssl_new = dtls1_new, 175 .ssl_clear = dtls1_clear, 176 .ssl_free = dtls1_free, 177 .ssl_accept = ssl_undefined_function, 178 .ssl_connect = ssl3_connect, 179 .ssl_shutdown = ssl3_shutdown, 180 .ssl_renegotiate = ssl3_renegotiate, 181 .ssl_renegotiate_check = ssl3_renegotiate_check, 182 .ssl_pending = ssl3_pending, 183 .ssl_read_bytes = dtls1_read_bytes, 184 .ssl_write_bytes = dtls1_write_app_data_bytes, 185 .get_cipher = dtls1_get_cipher, 186 .enc_flags = TLSV1_2_ENC_FLAGS, 187 }; 188 189 const SSL_METHOD * 190 DTLSv1_client_method(void) 191 { 192 return &DTLSv1_client_method_data; 193 } 194 195 const SSL_METHOD * 196 DTLSv1_method(void) 197 { 198 return &DTLSv1_method_data; 199 } 200 201 const SSL_METHOD * 202 DTLSv1_server_method(void) 203 { 204 return &DTLSv1_method_data; 205 } 206 207 const SSL_METHOD * 208 DTLSv1_2_client_method(void) 209 { 210 return &DTLSv1_2_client_method_data; 211 } 212 213 const SSL_METHOD * 214 DTLSv1_2_method(void) 215 { 216 return &DTLSv1_2_method_data; 217 } 218 219 const SSL_METHOD * 220 DTLSv1_2_server_method(void) 221 { 222 return &DTLSv1_2_method_data; 223 } 224 225 const SSL_METHOD * 226 DTLS_client_method(void) 227 { 228 return &DTLS_client_method_data; 229 } 230 231 const SSL_METHOD * 232 DTLS_method(void) 233 { 234 return &DTLS_method_data; 235 } 236 237 const SSL_METHOD * 238 DTLS_server_method(void) 239 { 240 return &DTLS_method_data; 241 } 242 243 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER) 244 static const SSL_METHOD TLS_method_data = { 245 .dtls = 0, 246 .server = 1, 247 .version = TLS1_3_VERSION, 248 .min_tls_version = TLS1_VERSION, 249 .max_tls_version = TLS1_3_VERSION, 250 .ssl_new = tls1_new, 251 .ssl_clear = tls1_clear, 252 .ssl_free = tls1_free, 253 .ssl_accept = tls13_legacy_accept, 254 .ssl_connect = tls13_legacy_connect, 255 .ssl_shutdown = tls13_legacy_shutdown, 256 .ssl_renegotiate = ssl_undefined_function, 257 .ssl_renegotiate_check = ssl_ok, 258 .ssl_pending = tls13_legacy_pending, 259 .ssl_read_bytes = tls13_legacy_read_bytes, 260 .ssl_write_bytes = tls13_legacy_write_bytes, 261 .get_cipher = ssl3_get_cipher, 262 .enc_flags = TLSV1_3_ENC_FLAGS, 263 }; 264 #endif 265 266 static const SSL_METHOD TLS_legacy_method_data = { 267 .dtls = 0, 268 .server = 1, 269 .version = TLS1_2_VERSION, 270 .min_tls_version = TLS1_VERSION, 271 .max_tls_version = TLS1_2_VERSION, 272 .ssl_new = tls1_new, 273 .ssl_clear = tls1_clear, 274 .ssl_free = tls1_free, 275 .ssl_accept = ssl3_accept, 276 .ssl_connect = ssl3_connect, 277 .ssl_shutdown = ssl3_shutdown, 278 .ssl_renegotiate = ssl_undefined_function, 279 .ssl_renegotiate_check = ssl_ok, 280 .ssl_pending = ssl3_pending, 281 .ssl_read_bytes = ssl3_read_bytes, 282 .ssl_write_bytes = ssl3_write_bytes, 283 .get_cipher = ssl3_get_cipher, 284 .enc_flags = TLSV1_2_ENC_FLAGS, 285 }; 286 287 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) 288 static const SSL_METHOD TLS_client_method_data = { 289 .dtls = 0, 290 .server = 0, 291 .version = TLS1_3_VERSION, 292 .min_tls_version = TLS1_VERSION, 293 .max_tls_version = TLS1_3_VERSION, 294 .ssl_new = tls1_new, 295 .ssl_clear = tls1_clear, 296 .ssl_free = tls1_free, 297 .ssl_accept = tls13_legacy_accept, 298 .ssl_connect = tls13_legacy_connect, 299 .ssl_shutdown = tls13_legacy_shutdown, 300 .ssl_renegotiate = ssl_undefined_function, 301 .ssl_renegotiate_check = ssl_ok, 302 .ssl_pending = tls13_legacy_pending, 303 .ssl_read_bytes = tls13_legacy_read_bytes, 304 .ssl_write_bytes = tls13_legacy_write_bytes, 305 .get_cipher = ssl3_get_cipher, 306 .enc_flags = TLSV1_3_ENC_FLAGS, 307 }; 308 309 #else 310 311 static const SSL_METHOD TLS_legacy_client_method_data = { 312 .dtls = 0, 313 .server = 0, 314 .version = TLS1_2_VERSION, 315 .min_tls_version = TLS1_VERSION, 316 .max_tls_version = TLS1_2_VERSION, 317 .ssl_new = tls1_new, 318 .ssl_clear = tls1_clear, 319 .ssl_free = tls1_free, 320 .ssl_accept = ssl3_accept, 321 .ssl_connect = ssl3_connect, 322 .ssl_shutdown = ssl3_shutdown, 323 .ssl_renegotiate = ssl_undefined_function, 324 .ssl_renegotiate_check = ssl_ok, 325 .ssl_pending = ssl3_pending, 326 .ssl_read_bytes = ssl3_read_bytes, 327 .ssl_write_bytes = ssl3_write_bytes, 328 .get_cipher = ssl3_get_cipher, 329 .enc_flags = TLSV1_2_ENC_FLAGS, 330 }; 331 #endif 332 333 static const SSL_METHOD TLSv1_method_data = { 334 .dtls = 0, 335 .server = 1, 336 .version = TLS1_VERSION, 337 .min_tls_version = TLS1_VERSION, 338 .max_tls_version = TLS1_VERSION, 339 .ssl_new = tls1_new, 340 .ssl_clear = tls1_clear, 341 .ssl_free = tls1_free, 342 .ssl_accept = ssl3_accept, 343 .ssl_connect = ssl3_connect, 344 .ssl_shutdown = ssl3_shutdown, 345 .ssl_renegotiate = ssl3_renegotiate, 346 .ssl_renegotiate_check = ssl3_renegotiate_check, 347 .ssl_pending = ssl3_pending, 348 .ssl_read_bytes = ssl3_read_bytes, 349 .ssl_write_bytes = ssl3_write_bytes, 350 .get_cipher = ssl3_get_cipher, 351 .enc_flags = TLSV1_ENC_FLAGS, 352 }; 353 354 static const SSL_METHOD TLSv1_client_method_data = { 355 .dtls = 0, 356 .server = 0, 357 .version = TLS1_VERSION, 358 .min_tls_version = TLS1_VERSION, 359 .max_tls_version = TLS1_VERSION, 360 .ssl_new = tls1_new, 361 .ssl_clear = tls1_clear, 362 .ssl_free = tls1_free, 363 .ssl_accept = ssl_undefined_function, 364 .ssl_connect = ssl3_connect, 365 .ssl_shutdown = ssl3_shutdown, 366 .ssl_renegotiate = ssl3_renegotiate, 367 .ssl_renegotiate_check = ssl3_renegotiate_check, 368 .ssl_pending = ssl3_pending, 369 .ssl_read_bytes = ssl3_read_bytes, 370 .ssl_write_bytes = ssl3_write_bytes, 371 .get_cipher = ssl3_get_cipher, 372 .enc_flags = TLSV1_ENC_FLAGS, 373 }; 374 375 static const SSL_METHOD TLSv1_1_method_data = { 376 .dtls = 0, 377 .server = 1, 378 .version = TLS1_1_VERSION, 379 .min_tls_version = TLS1_1_VERSION, 380 .max_tls_version = TLS1_1_VERSION, 381 .ssl_new = tls1_new, 382 .ssl_clear = tls1_clear, 383 .ssl_free = tls1_free, 384 .ssl_accept = ssl3_accept, 385 .ssl_connect = ssl3_connect, 386 .ssl_shutdown = ssl3_shutdown, 387 .ssl_renegotiate = ssl3_renegotiate, 388 .ssl_renegotiate_check = ssl3_renegotiate_check, 389 .ssl_pending = ssl3_pending, 390 .ssl_read_bytes = ssl3_read_bytes, 391 .ssl_write_bytes = ssl3_write_bytes, 392 .get_cipher = ssl3_get_cipher, 393 .enc_flags = TLSV1_1_ENC_FLAGS, 394 }; 395 396 static const SSL_METHOD TLSv1_1_client_method_data = { 397 .dtls = 0, 398 .server = 0, 399 .version = TLS1_1_VERSION, 400 .min_tls_version = TLS1_1_VERSION, 401 .max_tls_version = TLS1_1_VERSION, 402 .ssl_new = tls1_new, 403 .ssl_clear = tls1_clear, 404 .ssl_free = tls1_free, 405 .ssl_accept = ssl_undefined_function, 406 .ssl_connect = ssl3_connect, 407 .ssl_shutdown = ssl3_shutdown, 408 .ssl_renegotiate = ssl3_renegotiate, 409 .ssl_renegotiate_check = ssl3_renegotiate_check, 410 .ssl_pending = ssl3_pending, 411 .ssl_read_bytes = ssl3_read_bytes, 412 .ssl_write_bytes = ssl3_write_bytes, 413 .get_cipher = ssl3_get_cipher, 414 .enc_flags = TLSV1_1_ENC_FLAGS, 415 }; 416 417 static const SSL_METHOD TLSv1_2_method_data = { 418 .dtls = 0, 419 .server = 1, 420 .version = TLS1_2_VERSION, 421 .min_tls_version = TLS1_2_VERSION, 422 .max_tls_version = TLS1_2_VERSION, 423 .ssl_new = tls1_new, 424 .ssl_clear = tls1_clear, 425 .ssl_free = tls1_free, 426 .ssl_accept = ssl3_accept, 427 .ssl_connect = ssl3_connect, 428 .ssl_shutdown = ssl3_shutdown, 429 .ssl_renegotiate = ssl3_renegotiate, 430 .ssl_renegotiate_check = ssl3_renegotiate_check, 431 .ssl_pending = ssl3_pending, 432 .ssl_read_bytes = ssl3_read_bytes, 433 .ssl_write_bytes = ssl3_write_bytes, 434 .get_cipher = ssl3_get_cipher, 435 .enc_flags = TLSV1_2_ENC_FLAGS, 436 }; 437 438 static const SSL_METHOD TLSv1_2_client_method_data = { 439 .dtls = 0, 440 .server = 0, 441 .version = TLS1_2_VERSION, 442 .min_tls_version = TLS1_2_VERSION, 443 .max_tls_version = TLS1_2_VERSION, 444 .ssl_new = tls1_new, 445 .ssl_clear = tls1_clear, 446 .ssl_free = tls1_free, 447 .ssl_accept = ssl_undefined_function, 448 .ssl_connect = ssl3_connect, 449 .ssl_shutdown = ssl3_shutdown, 450 .ssl_renegotiate = ssl3_renegotiate, 451 .ssl_renegotiate_check = ssl3_renegotiate_check, 452 .ssl_pending = ssl3_pending, 453 .ssl_read_bytes = ssl3_read_bytes, 454 .ssl_write_bytes = ssl3_write_bytes, 455 .get_cipher = ssl3_get_cipher, 456 .enc_flags = TLSV1_2_ENC_FLAGS, 457 }; 458 459 const SSL_METHOD * 460 TLS_client_method(void) 461 { 462 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) 463 return (&TLS_client_method_data); 464 #else 465 return (&TLS_legacy_client_method_data); 466 #endif 467 } 468 469 const SSL_METHOD * 470 TLS_method(void) 471 { 472 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER) 473 return (&TLS_method_data); 474 #else 475 return tls_legacy_method(); 476 #endif 477 } 478 479 const SSL_METHOD * 480 TLS_server_method(void) 481 { 482 return TLS_method(); 483 } 484 485 const SSL_METHOD * 486 tls_legacy_method(void) 487 { 488 return (&TLS_legacy_method_data); 489 } 490 491 const SSL_METHOD * 492 SSLv23_client_method(void) 493 { 494 return TLS_client_method(); 495 } 496 497 const SSL_METHOD * 498 SSLv23_method(void) 499 { 500 return TLS_method(); 501 } 502 503 const SSL_METHOD * 504 SSLv23_server_method(void) 505 { 506 return TLS_method(); 507 } 508 509 const SSL_METHOD * 510 TLSv1_client_method(void) 511 { 512 return (&TLSv1_client_method_data); 513 } 514 515 const SSL_METHOD * 516 TLSv1_method(void) 517 { 518 return (&TLSv1_method_data); 519 } 520 521 const SSL_METHOD * 522 TLSv1_server_method(void) 523 { 524 return (&TLSv1_method_data); 525 } 526 527 const SSL_METHOD * 528 TLSv1_1_client_method(void) 529 { 530 return (&TLSv1_1_client_method_data); 531 } 532 533 const SSL_METHOD * 534 TLSv1_1_method(void) 535 { 536 return (&TLSv1_1_method_data); 537 } 538 539 const SSL_METHOD * 540 TLSv1_1_server_method(void) 541 { 542 return (&TLSv1_1_method_data); 543 } 544 545 const SSL_METHOD * 546 TLSv1_2_client_method(void) 547 { 548 return (&TLSv1_2_client_method_data); 549 } 550 551 const SSL_METHOD * 552 TLSv1_2_method(void) 553 { 554 return (&TLSv1_2_method_data); 555 } 556 557 const SSL_METHOD * 558 TLSv1_2_server_method(void) 559 { 560 return (&TLSv1_2_method_data); 561 } 562 563 const SSL_METHOD * 564 ssl_get_method(uint16_t version) 565 { 566 if (version == TLS1_3_VERSION) 567 return (TLS_method()); 568 if (version == TLS1_2_VERSION) 569 return (TLSv1_2_method()); 570 if (version == TLS1_1_VERSION) 571 return (TLSv1_1_method()); 572 if (version == TLS1_VERSION) 573 return (TLSv1_method()); 574 if (version == DTLS1_VERSION) 575 return (DTLSv1_method()); 576 if (version == DTLS1_2_VERSION) 577 return (DTLSv1_2_method()); 578 579 return (NULL); 580 } 581