diff options
author | Ben Laurie <ben@openssl.org> | 1999-02-21 20:03:24 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 1999-02-21 20:03:24 +0000 |
commit | 06ab81f9f7b055a4456798cb9ef3266160438a08 (patch) | |
tree | 880b224a7f2e8224efeb0d4783ebe5e522d91c94 /ssl/ssl_ciph.c | |
parent | abf87f79f7ebd7885e443f086a6e1a88b31f9af1 (diff) |
Add support for new TLS export ciphersuites.
Diffstat (limited to 'ssl/ssl_ciph.c')
-rw-r--r-- | ssl/ssl_ciph.c | 38 |
1 files changed, 21 insertions, 17 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 30501cb700..2bea76cffe 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -144,14 +144,15 @@ static SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_ADH, 0,SSL_ADH, 0,SSL_AUTH_MASK|SSL_MKEY_MASK}, {0,SSL_TXT_FZA, 0,SSL_FZA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK}, - {0,SSL_TXT_EXP, 0,SSL_EXP, 0,SSL_EXP_MASK}, - {0,SSL_TXT_EXPORT,0,SSL_EXPORT,0,SSL_EXP_MASK}, - {0,SSL_TXT_SSLV2,0,SSL_SSLV2,0,SSL_SSL_MASK}, - {0,SSL_TXT_SSLV3,0,SSL_SSLV3,0,SSL_SSL_MASK}, - {0,SSL_TXT_TLSV1,0,SSL_SSLV3,0,SSL_SSL_MASK}, - {0,SSL_TXT_LOW, 0,SSL_LOW,0,SSL_STRONG_MASK}, + {0,SSL_TXT_EXP40, 0,SSL_EXP40, 0,_SSL_EXP_MASK}, + {0,SSL_TXT_EXPORT,0,SSL_EXP40, 0,_SSL_EXP_MASK}, + {0,SSL_TXT_EXP56, 0,SSL_EXP56, 0,_SSL_EXP_MASK}, + {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,SSL_SSL_MASK}, + {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,SSL_SSL_MASK}, + {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,SSL_SSL_MASK}, + {0,SSL_TXT_LOW, 0,SSL_LOW, 0,SSL_STRONG_MASK}, {0,SSL_TXT_MEDIUM,0,SSL_MEDIUM,0,SSL_STRONG_MASK}, - {0,SSL_TXT_HIGH, 0,SSL_HIGH,0,SSL_STRONG_MASK}, + {0,SSL_TXT_HIGH, 0,SSL_HIGH, 0,SSL_STRONG_MASK}, }; static int init_ciphers=1; @@ -615,7 +616,7 @@ SSL_CIPHER *cipher; char *buf; int len; { - int export; + int _export,pkl,kl; char *ver,*exp; char *kx,*au,*enc,*mac; unsigned long alg,alg2; @@ -624,8 +625,10 @@ int len; alg=cipher->algorithms; alg2=cipher->algorithm2; - export=(alg&SSL_EXP)?1:0; - exp=(export)?" export":""; + _export=SSL_IS_EXPORT(alg); + pkl=SSL_EXPORT_PKEYLENGTH(alg); + kl=SSL_EXPORT_KEYLENGTH(alg); + exp=_export?" export":""; if (alg & SSL_SSLV2) ver="SSLv2"; @@ -637,7 +640,7 @@ int len; switch (alg&SSL_MKEY_MASK) { case SSL_kRSA: - kx=(export)?"RSA(512)":"RSA"; + kx=_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA"; break; case SSL_kDHr: kx="DH/RSA"; @@ -649,7 +652,7 @@ int len; kx="Fortezza"; break; case SSL_kEDH: - kx=(export)?"DH(512)":"DH"; + kx=_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH"; break; default: kx="unknown"; @@ -678,16 +681,17 @@ int len; switch (alg&SSL_ENC_MASK) { case SSL_DES: - enc=export?"DES(40)":"DES(56)"; + enc=(_export && kl == 5)?"DES(40)":"DES(56)"; break; case SSL_3DES: enc="3DES(168)"; break; case SSL_RC4: - enc=export?"RC4(40)":((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)"); + enc=_export?(kl == 5 ? "RC4(40)" : "RC4(56)") + :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)"); break; case SSL_RC2: - enc=export?"RC2(40)":"RC2(128)"; + enc=_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)"; break; case SSL_IDEA: enc="IDEA(128)"; @@ -770,9 +774,9 @@ int *alg_bits; a=EVP_CIPHER_key_length(enc)*8; - if (c->algorithms & SSL_EXP) + if (SSL_C_IS_EXPORT(c)) { - ret=40; + ret=SSL_C_EXPORT_KEYLENGTH(c)*8; } else { |