1 /* $OpenBSD: ssl_methods.c,v 1.28 2021/07/26 03:17:38 jsing Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59 #include "dtls_locl.h"
60 #include "ssl_locl.h"
61 #include "tls13_internal.h"
62
63 static const SSL_METHOD DTLS_method_data = {
64 .dtls = 1,
65 .server = 1,
66 .version = DTLS1_2_VERSION,
67 .min_tls_version = TLS1_1_VERSION,
68 .max_tls_version = TLS1_2_VERSION,
69 .ssl_new = dtls1_new,
70 .ssl_clear = dtls1_clear,
71 .ssl_free = dtls1_free,
72 .ssl_accept = ssl3_accept,
73 .ssl_connect = ssl3_connect,
74 .ssl_shutdown = ssl3_shutdown,
75 .ssl_renegotiate = ssl3_renegotiate,
76 .ssl_renegotiate_check = ssl3_renegotiate_check,
77 .ssl_pending = ssl3_pending,
78 .ssl_read_bytes = dtls1_read_bytes,
79 .ssl_write_bytes = dtls1_write_app_data_bytes,
80 .get_cipher = dtls1_get_cipher,
81 .enc_flags = TLSV1_2_ENC_FLAGS,
82 };
83
84 static const SSL_METHOD DTLS_client_method_data = {
85 .dtls = 1,
86 .server = 0,
87 .version = DTLS1_2_VERSION,
88 .min_tls_version = TLS1_1_VERSION,
89 .max_tls_version = TLS1_2_VERSION,
90 .ssl_new = dtls1_new,
91 .ssl_clear = dtls1_clear,
92 .ssl_free = dtls1_free,
93 .ssl_accept = ssl_undefined_function,
94 .ssl_connect = ssl3_connect,
95 .ssl_shutdown = ssl3_shutdown,
96 .ssl_renegotiate = ssl3_renegotiate,
97 .ssl_renegotiate_check = ssl3_renegotiate_check,
98 .ssl_pending = ssl3_pending,
99 .ssl_read_bytes = dtls1_read_bytes,
100 .ssl_write_bytes = dtls1_write_app_data_bytes,
101 .get_cipher = dtls1_get_cipher,
102 .enc_flags = TLSV1_2_ENC_FLAGS,
103 };
104
105 static const SSL_METHOD DTLSv1_method_data = {
106 .dtls = 1,
107 .server = 1,
108 .version = DTLS1_VERSION,
109 .min_tls_version = TLS1_1_VERSION,
110 .max_tls_version = TLS1_1_VERSION,
111 .ssl_new = dtls1_new,
112 .ssl_clear = dtls1_clear,
113 .ssl_free = dtls1_free,
114 .ssl_accept = ssl3_accept,
115 .ssl_connect = ssl3_connect,
116 .ssl_shutdown = ssl3_shutdown,
117 .ssl_renegotiate = ssl3_renegotiate,
118 .ssl_renegotiate_check = ssl3_renegotiate_check,
119 .ssl_pending = ssl3_pending,
120 .ssl_read_bytes = dtls1_read_bytes,
121 .ssl_write_bytes = dtls1_write_app_data_bytes,
122 .get_cipher = dtls1_get_cipher,
123 .enc_flags = TLSV1_1_ENC_FLAGS,
124 };
125
126 static const SSL_METHOD DTLSv1_client_method_data = {
127 .dtls = 1,
128 .server = 0,
129 .version = DTLS1_VERSION,
130 .min_tls_version = TLS1_1_VERSION,
131 .max_tls_version = TLS1_1_VERSION,
132 .ssl_new = dtls1_new,
133 .ssl_clear = dtls1_clear,
134 .ssl_free = dtls1_free,
135 .ssl_accept = ssl_undefined_function,
136 .ssl_connect = ssl3_connect,
137 .ssl_shutdown = ssl3_shutdown,
138 .ssl_renegotiate = ssl3_renegotiate,
139 .ssl_renegotiate_check = ssl3_renegotiate_check,
140 .ssl_pending = ssl3_pending,
141 .ssl_read_bytes = dtls1_read_bytes,
142 .ssl_write_bytes = dtls1_write_app_data_bytes,
143 .get_cipher = dtls1_get_cipher,
144 .enc_flags = TLSV1_1_ENC_FLAGS,
145 };
146
147 static const SSL_METHOD DTLSv1_2_method_data = {
148 .dtls = 1,
149 .server = 1,
150 .version = DTLS1_2_VERSION,
151 .min_tls_version = TLS1_2_VERSION,
152 .max_tls_version = TLS1_2_VERSION,
153 .ssl_new = dtls1_new,
154 .ssl_clear = dtls1_clear,
155 .ssl_free = dtls1_free,
156 .ssl_accept = ssl3_accept,
157 .ssl_connect = ssl3_connect,
158 .ssl_shutdown = ssl3_shutdown,
159 .ssl_renegotiate = ssl3_renegotiate,
160 .ssl_renegotiate_check = ssl3_renegotiate_check,
161 .ssl_pending = ssl3_pending,
162 .ssl_read_bytes = dtls1_read_bytes,
163 .ssl_write_bytes = dtls1_write_app_data_bytes,
164 .get_cipher = dtls1_get_cipher,
165 .enc_flags = TLSV1_2_ENC_FLAGS,
166 };
167
168 static const SSL_METHOD DTLSv1_2_client_method_data = {
169 .dtls = 1,
170 .server = 0,
171 .version = DTLS1_2_VERSION,
172 .min_tls_version = TLS1_2_VERSION,
173 .max_tls_version = TLS1_2_VERSION,
174 .ssl_new = dtls1_new,
175 .ssl_clear = dtls1_clear,
176 .ssl_free = dtls1_free,
177 .ssl_accept = ssl_undefined_function,
178 .ssl_connect = ssl3_connect,
179 .ssl_shutdown = ssl3_shutdown,
180 .ssl_renegotiate = ssl3_renegotiate,
181 .ssl_renegotiate_check = ssl3_renegotiate_check,
182 .ssl_pending = ssl3_pending,
183 .ssl_read_bytes = dtls1_read_bytes,
184 .ssl_write_bytes = dtls1_write_app_data_bytes,
185 .get_cipher = dtls1_get_cipher,
186 .enc_flags = TLSV1_2_ENC_FLAGS,
187 };
188
189 const SSL_METHOD *
DTLSv1_client_method(void)190 DTLSv1_client_method(void)
191 {
192 return &DTLSv1_client_method_data;
193 }
194
195 const SSL_METHOD *
DTLSv1_method(void)196 DTLSv1_method(void)
197 {
198 return &DTLSv1_method_data;
199 }
200
201 const SSL_METHOD *
DTLSv1_server_method(void)202 DTLSv1_server_method(void)
203 {
204 return &DTLSv1_method_data;
205 }
206
207 const SSL_METHOD *
DTLSv1_2_client_method(void)208 DTLSv1_2_client_method(void)
209 {
210 return &DTLSv1_2_client_method_data;
211 }
212
213 const SSL_METHOD *
DTLSv1_2_method(void)214 DTLSv1_2_method(void)
215 {
216 return &DTLSv1_2_method_data;
217 }
218
219 const SSL_METHOD *
DTLSv1_2_server_method(void)220 DTLSv1_2_server_method(void)
221 {
222 return &DTLSv1_2_method_data;
223 }
224
225 const SSL_METHOD *
DTLS_client_method(void)226 DTLS_client_method(void)
227 {
228 return &DTLS_client_method_data;
229 }
230
231 const SSL_METHOD *
DTLS_method(void)232 DTLS_method(void)
233 {
234 return &DTLS_method_data;
235 }
236
237 const SSL_METHOD *
DTLS_server_method(void)238 DTLS_server_method(void)
239 {
240 return &DTLS_method_data;
241 }
242
243 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
244 static const SSL_METHOD TLS_method_data = {
245 .dtls = 0,
246 .server = 1,
247 .version = TLS1_3_VERSION,
248 .min_tls_version = TLS1_VERSION,
249 .max_tls_version = TLS1_3_VERSION,
250 .ssl_new = tls1_new,
251 .ssl_clear = tls1_clear,
252 .ssl_free = tls1_free,
253 .ssl_accept = tls13_legacy_accept,
254 .ssl_connect = tls13_legacy_connect,
255 .ssl_shutdown = tls13_legacy_shutdown,
256 .ssl_renegotiate = ssl_undefined_function,
257 .ssl_renegotiate_check = ssl_ok,
258 .ssl_pending = tls13_legacy_pending,
259 .ssl_read_bytes = tls13_legacy_read_bytes,
260 .ssl_write_bytes = tls13_legacy_write_bytes,
261 .get_cipher = ssl3_get_cipher,
262 .enc_flags = TLSV1_3_ENC_FLAGS,
263 };
264 #endif
265
266 static const SSL_METHOD TLS_legacy_method_data = {
267 .dtls = 0,
268 .server = 1,
269 .version = TLS1_2_VERSION,
270 .min_tls_version = TLS1_VERSION,
271 .max_tls_version = TLS1_2_VERSION,
272 .ssl_new = tls1_new,
273 .ssl_clear = tls1_clear,
274 .ssl_free = tls1_free,
275 .ssl_accept = ssl3_accept,
276 .ssl_connect = ssl3_connect,
277 .ssl_shutdown = ssl3_shutdown,
278 .ssl_renegotiate = ssl_undefined_function,
279 .ssl_renegotiate_check = ssl_ok,
280 .ssl_pending = ssl3_pending,
281 .ssl_read_bytes = ssl3_read_bytes,
282 .ssl_write_bytes = ssl3_write_bytes,
283 .get_cipher = ssl3_get_cipher,
284 .enc_flags = TLSV1_2_ENC_FLAGS,
285 };
286
287 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT)
288 static const SSL_METHOD TLS_client_method_data = {
289 .dtls = 0,
290 .server = 0,
291 .version = TLS1_3_VERSION,
292 .min_tls_version = TLS1_VERSION,
293 .max_tls_version = TLS1_3_VERSION,
294 .ssl_new = tls1_new,
295 .ssl_clear = tls1_clear,
296 .ssl_free = tls1_free,
297 .ssl_accept = tls13_legacy_accept,
298 .ssl_connect = tls13_legacy_connect,
299 .ssl_shutdown = tls13_legacy_shutdown,
300 .ssl_renegotiate = ssl_undefined_function,
301 .ssl_renegotiate_check = ssl_ok,
302 .ssl_pending = tls13_legacy_pending,
303 .ssl_read_bytes = tls13_legacy_read_bytes,
304 .ssl_write_bytes = tls13_legacy_write_bytes,
305 .get_cipher = ssl3_get_cipher,
306 .enc_flags = TLSV1_3_ENC_FLAGS,
307 };
308
309 #else
310
311 static const SSL_METHOD TLS_legacy_client_method_data = {
312 .dtls = 0,
313 .server = 0,
314 .version = TLS1_2_VERSION,
315 .min_tls_version = TLS1_VERSION,
316 .max_tls_version = TLS1_2_VERSION,
317 .ssl_new = tls1_new,
318 .ssl_clear = tls1_clear,
319 .ssl_free = tls1_free,
320 .ssl_accept = ssl3_accept,
321 .ssl_connect = ssl3_connect,
322 .ssl_shutdown = ssl3_shutdown,
323 .ssl_renegotiate = ssl_undefined_function,
324 .ssl_renegotiate_check = ssl_ok,
325 .ssl_pending = ssl3_pending,
326 .ssl_read_bytes = ssl3_read_bytes,
327 .ssl_write_bytes = ssl3_write_bytes,
328 .get_cipher = ssl3_get_cipher,
329 .enc_flags = TLSV1_2_ENC_FLAGS,
330 };
331 #endif
332
333 static const SSL_METHOD TLSv1_method_data = {
334 .dtls = 0,
335 .server = 1,
336 .version = TLS1_VERSION,
337 .min_tls_version = TLS1_VERSION,
338 .max_tls_version = TLS1_VERSION,
339 .ssl_new = tls1_new,
340 .ssl_clear = tls1_clear,
341 .ssl_free = tls1_free,
342 .ssl_accept = ssl3_accept,
343 .ssl_connect = ssl3_connect,
344 .ssl_shutdown = ssl3_shutdown,
345 .ssl_renegotiate = ssl3_renegotiate,
346 .ssl_renegotiate_check = ssl3_renegotiate_check,
347 .ssl_pending = ssl3_pending,
348 .ssl_read_bytes = ssl3_read_bytes,
349 .ssl_write_bytes = ssl3_write_bytes,
350 .get_cipher = ssl3_get_cipher,
351 .enc_flags = TLSV1_ENC_FLAGS,
352 };
353
354 static const SSL_METHOD TLSv1_client_method_data = {
355 .dtls = 0,
356 .server = 0,
357 .version = TLS1_VERSION,
358 .min_tls_version = TLS1_VERSION,
359 .max_tls_version = TLS1_VERSION,
360 .ssl_new = tls1_new,
361 .ssl_clear = tls1_clear,
362 .ssl_free = tls1_free,
363 .ssl_accept = ssl_undefined_function,
364 .ssl_connect = ssl3_connect,
365 .ssl_shutdown = ssl3_shutdown,
366 .ssl_renegotiate = ssl3_renegotiate,
367 .ssl_renegotiate_check = ssl3_renegotiate_check,
368 .ssl_pending = ssl3_pending,
369 .ssl_read_bytes = ssl3_read_bytes,
370 .ssl_write_bytes = ssl3_write_bytes,
371 .get_cipher = ssl3_get_cipher,
372 .enc_flags = TLSV1_ENC_FLAGS,
373 };
374
375 static const SSL_METHOD TLSv1_1_method_data = {
376 .dtls = 0,
377 .server = 1,
378 .version = TLS1_1_VERSION,
379 .min_tls_version = TLS1_1_VERSION,
380 .max_tls_version = TLS1_1_VERSION,
381 .ssl_new = tls1_new,
382 .ssl_clear = tls1_clear,
383 .ssl_free = tls1_free,
384 .ssl_accept = ssl3_accept,
385 .ssl_connect = ssl3_connect,
386 .ssl_shutdown = ssl3_shutdown,
387 .ssl_renegotiate = ssl3_renegotiate,
388 .ssl_renegotiate_check = ssl3_renegotiate_check,
389 .ssl_pending = ssl3_pending,
390 .ssl_read_bytes = ssl3_read_bytes,
391 .ssl_write_bytes = ssl3_write_bytes,
392 .get_cipher = ssl3_get_cipher,
393 .enc_flags = TLSV1_1_ENC_FLAGS,
394 };
395
396 static const SSL_METHOD TLSv1_1_client_method_data = {
397 .dtls = 0,
398 .server = 0,
399 .version = TLS1_1_VERSION,
400 .min_tls_version = TLS1_1_VERSION,
401 .max_tls_version = TLS1_1_VERSION,
402 .ssl_new = tls1_new,
403 .ssl_clear = tls1_clear,
404 .ssl_free = tls1_free,
405 .ssl_accept = ssl_undefined_function,
406 .ssl_connect = ssl3_connect,
407 .ssl_shutdown = ssl3_shutdown,
408 .ssl_renegotiate = ssl3_renegotiate,
409 .ssl_renegotiate_check = ssl3_renegotiate_check,
410 .ssl_pending = ssl3_pending,
411 .ssl_read_bytes = ssl3_read_bytes,
412 .ssl_write_bytes = ssl3_write_bytes,
413 .get_cipher = ssl3_get_cipher,
414 .enc_flags = TLSV1_1_ENC_FLAGS,
415 };
416
417 static const SSL_METHOD TLSv1_2_method_data = {
418 .dtls = 0,
419 .server = 1,
420 .version = TLS1_2_VERSION,
421 .min_tls_version = TLS1_2_VERSION,
422 .max_tls_version = TLS1_2_VERSION,
423 .ssl_new = tls1_new,
424 .ssl_clear = tls1_clear,
425 .ssl_free = tls1_free,
426 .ssl_accept = ssl3_accept,
427 .ssl_connect = ssl3_connect,
428 .ssl_shutdown = ssl3_shutdown,
429 .ssl_renegotiate = ssl3_renegotiate,
430 .ssl_renegotiate_check = ssl3_renegotiate_check,
431 .ssl_pending = ssl3_pending,
432 .ssl_read_bytes = ssl3_read_bytes,
433 .ssl_write_bytes = ssl3_write_bytes,
434 .get_cipher = ssl3_get_cipher,
435 .enc_flags = TLSV1_2_ENC_FLAGS,
436 };
437
438 static const SSL_METHOD TLSv1_2_client_method_data = {
439 .dtls = 0,
440 .server = 0,
441 .version = TLS1_2_VERSION,
442 .min_tls_version = TLS1_2_VERSION,
443 .max_tls_version = TLS1_2_VERSION,
444 .ssl_new = tls1_new,
445 .ssl_clear = tls1_clear,
446 .ssl_free = tls1_free,
447 .ssl_accept = ssl_undefined_function,
448 .ssl_connect = ssl3_connect,
449 .ssl_shutdown = ssl3_shutdown,
450 .ssl_renegotiate = ssl3_renegotiate,
451 .ssl_renegotiate_check = ssl3_renegotiate_check,
452 .ssl_pending = ssl3_pending,
453 .ssl_read_bytes = ssl3_read_bytes,
454 .ssl_write_bytes = ssl3_write_bytes,
455 .get_cipher = ssl3_get_cipher,
456 .enc_flags = TLSV1_2_ENC_FLAGS,
457 };
458
459 const SSL_METHOD *
TLS_client_method(void)460 TLS_client_method(void)
461 {
462 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT)
463 return (&TLS_client_method_data);
464 #else
465 return (&TLS_legacy_client_method_data);
466 #endif
467 }
468
469 const SSL_METHOD *
TLS_method(void)470 TLS_method(void)
471 {
472 #if defined(LIBRESSL_HAS_TLS1_3_CLIENT) && defined(LIBRESSL_HAS_TLS1_3_SERVER)
473 return (&TLS_method_data);
474 #else
475 return tls_legacy_method();
476 #endif
477 }
478
479 const SSL_METHOD *
TLS_server_method(void)480 TLS_server_method(void)
481 {
482 return TLS_method();
483 }
484
485 const SSL_METHOD *
tls_legacy_method(void)486 tls_legacy_method(void)
487 {
488 return (&TLS_legacy_method_data);
489 }
490
491 const SSL_METHOD *
SSLv23_client_method(void)492 SSLv23_client_method(void)
493 {
494 return TLS_client_method();
495 }
496
497 const SSL_METHOD *
SSLv23_method(void)498 SSLv23_method(void)
499 {
500 return TLS_method();
501 }
502
503 const SSL_METHOD *
SSLv23_server_method(void)504 SSLv23_server_method(void)
505 {
506 return TLS_method();
507 }
508
509 const SSL_METHOD *
TLSv1_client_method(void)510 TLSv1_client_method(void)
511 {
512 return (&TLSv1_client_method_data);
513 }
514
515 const SSL_METHOD *
TLSv1_method(void)516 TLSv1_method(void)
517 {
518 return (&TLSv1_method_data);
519 }
520
521 const SSL_METHOD *
TLSv1_server_method(void)522 TLSv1_server_method(void)
523 {
524 return (&TLSv1_method_data);
525 }
526
527 const SSL_METHOD *
TLSv1_1_client_method(void)528 TLSv1_1_client_method(void)
529 {
530 return (&TLSv1_1_client_method_data);
531 }
532
533 const SSL_METHOD *
TLSv1_1_method(void)534 TLSv1_1_method(void)
535 {
536 return (&TLSv1_1_method_data);
537 }
538
539 const SSL_METHOD *
TLSv1_1_server_method(void)540 TLSv1_1_server_method(void)
541 {
542 return (&TLSv1_1_method_data);
543 }
544
545 const SSL_METHOD *
TLSv1_2_client_method(void)546 TLSv1_2_client_method(void)
547 {
548 return (&TLSv1_2_client_method_data);
549 }
550
551 const SSL_METHOD *
TLSv1_2_method(void)552 TLSv1_2_method(void)
553 {
554 return (&TLSv1_2_method_data);
555 }
556
557 const SSL_METHOD *
TLSv1_2_server_method(void)558 TLSv1_2_server_method(void)
559 {
560 return (&TLSv1_2_method_data);
561 }
562
563 const SSL_METHOD *
ssl_get_method(uint16_t version)564 ssl_get_method(uint16_t version)
565 {
566 if (version == TLS1_3_VERSION)
567 return (TLS_method());
568 if (version == TLS1_2_VERSION)
569 return (TLSv1_2_method());
570 if (version == TLS1_1_VERSION)
571 return (TLSv1_1_method());
572 if (version == TLS1_VERSION)
573 return (TLSv1_method());
574 if (version == DTLS1_VERSION)
575 return (DTLSv1_method());
576 if (version == DTLS1_2_VERSION)
577 return (DTLSv1_2_method());
578
579 return (NULL);
580 }
581