Remove remnants of now-removed cipher suites.
NULL, SRP, CAMELLIA, export ciphers, SSLv2, IDEA, and SEED are gone. Unknown
directives are silently ignored in the parser, so there is no need to retain
their masks and entries in the cipher suite aliases.
Change-Id: If43b9cbce56b3e1c401db764b88996940452a300
Reviewed-on: https://boringssl-review.googlesource.com/1561
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 5a97d71..9ccb445 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -188,21 +188,12 @@
/* These are used to specify which ciphers to use and not to use */
-#define SSL_TXT_EXP40 "EXPORT40"
-#define SSL_TXT_EXP56 "EXPORT56"
#define SSL_TXT_LOW "LOW"
#define SSL_TXT_MEDIUM "MEDIUM"
#define SSL_TXT_HIGH "HIGH"
#define SSL_TXT_FIPS "FIPS"
-#define SSL_TXT_kFZA "kFZA" /* unused! */
-#define SSL_TXT_aFZA "aFZA" /* unused! */
-#define SSL_TXT_eFZA "eFZA" /* unused! */
-#define SSL_TXT_FZA "FZA" /* unused! */
-
#define SSL_TXT_aNULL "aNULL"
-#define SSL_TXT_eNULL "eNULL"
-#define SSL_TXT_NULL "NULL"
#define SSL_TXT_kRSA "kRSA"
#define SSL_TXT_kDHr "kDHr"
@@ -214,7 +205,6 @@
#define SSL_TXT_kECDH "kECDH"
#define SSL_TXT_kEECDH "kEECDH"
#define SSL_TXT_kPSK "kPSK"
-#define SSL_TXT_kSRP "kSRP"
#define SSL_TXT_aRSA "aRSA"
#define SSL_TXT_aDSS "aDSS"
@@ -233,21 +223,14 @@
#define SSL_TXT_AECDH "AECDH"
#define SSL_TXT_ECDSA "ECDSA"
#define SSL_TXT_PSK "PSK"
-#define SSL_TXT_SRP "SRP"
#define SSL_TXT_DES "DES"
#define SSL_TXT_3DES "3DES"
#define SSL_TXT_RC4 "RC4"
-#define SSL_TXT_RC2 "RC2"
-#define SSL_TXT_IDEA "IDEA"
-#define SSL_TXT_SEED "SEED"
#define SSL_TXT_AES128 "AES128"
#define SSL_TXT_AES256 "AES256"
#define SSL_TXT_AES "AES"
#define SSL_TXT_AES_GCM "AESGCM"
-#define SSL_TXT_CAMELLIA128 "CAMELLIA128"
-#define SSL_TXT_CAMELLIA256 "CAMELLIA256"
-#define SSL_TXT_CAMELLIA "CAMELLIA"
#define SSL_TXT_CHACHA20 "CHACHA20"
#define SSL_TXT_MD5 "MD5"
@@ -256,15 +239,11 @@
#define SSL_TXT_SHA256 "SHA256"
#define SSL_TXT_SHA384 "SHA384"
-#define SSL_TXT_SSLV2 "SSLv2"
#define SSL_TXT_SSLV3 "SSLv3"
#define SSL_TXT_TLSV1 "TLSv1"
#define SSL_TXT_TLSV1_1 "TLSv1.1"
#define SSL_TXT_TLSV1_2 "TLSv1.2"
-#define SSL_TXT_EXP "EXP"
-#define SSL_TXT_EXPORT "EXPORT"
-
#define SSL_TXT_ALL "ALL"
/*
@@ -281,7 +260,6 @@
* DEFAULT gets, as only selection is being done and no sorting as needed
* for DEFAULT.
*/
-#define SSL_TXT_CMPALL "COMPLEMENTOFALL"
#define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
/* The following cipher list is used by default.
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 2f029b8..9f5b521 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -369,9 +369,6 @@
if (s->session->cipher != NULL)
{
- if (s->session->cipher->algorithm_enc == SSL_eNULL)
- s->s3->need_record_splitting = 0;
-
#ifndef OPENSSL_NO_RC4
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3->need_record_splitting = 0;
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 10aa13e..b0fcb97 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -193,13 +193,10 @@
} CIPHER_ORDER;
static const SSL_CIPHER cipher_aliases[]={
- /* "ALL" doesn't include eNULL (must be specifically enabled) */
- {0,SSL_TXT_ALL,0, 0,0,~SSL_eNULL,0,0,0,0,0,0},
- /* "COMPLEMENTOFALL" */
- {0,SSL_TXT_CMPALL,0, 0,0,SSL_eNULL,0,0,0,0,0,0},
+ {0,SSL_TXT_ALL,0, 0,0,0,0,0,0,0,0,0},
/* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in ALL!) */
- {0,SSL_TXT_CMPDEF,0, SSL_kEDH|SSL_kEECDH,SSL_aNULL,~SSL_eNULL,0,0,0,0,0,0},
+ {0,SSL_TXT_CMPDEF,0, SSL_kEDH|SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0},
/* key exchange aliases
* (some of those using only a single bit here combine
@@ -220,7 +217,6 @@
{0,SSL_TXT_ECDH,0, SSL_kECDHr|SSL_kECDHe|SSL_kEECDH,0,0,0,0,0,0,0,0},
{0,SSL_TXT_kPSK,0, SSL_kPSK, 0,0,0,0,0,0,0,0},
- {0,SSL_TXT_kSRP,0, SSL_kSRP, 0,0,0,0,0,0,0,0},
/* server authentication aliases */
{0,SSL_TXT_aRSA,0, 0,SSL_aRSA, 0,0,0,0,0,0,0},
@@ -236,29 +232,20 @@
/* aliases combining key exchange and server authentication */
{0,SSL_TXT_EDH,0, SSL_kEDH,~SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_EECDH,0, SSL_kEECDH,~SSL_aNULL,0,0,0,0,0,0,0},
- {0,SSL_TXT_NULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0},
{0,SSL_TXT_RSA,0, SSL_kRSA,SSL_aRSA,0,0,0,0,0,0,0},
{0,SSL_TXT_ADH,0, SSL_kEDH,SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_AECDH,0, SSL_kEECDH,SSL_aNULL,0,0,0,0,0,0,0},
{0,SSL_TXT_PSK,0, SSL_kPSK,SSL_aPSK,0,0,0,0,0,0,0},
- {0,SSL_TXT_SRP,0, SSL_kSRP,0,0,0,0,0,0,0,0},
/* symmetric encryption aliases */
{0,SSL_TXT_DES,0, 0,0,SSL_DES, 0,0,0,0,0,0},
{0,SSL_TXT_3DES,0, 0,0,SSL_3DES, 0,0,0,0,0,0},
{0,SSL_TXT_RC4,0, 0,0,SSL_RC4, 0,0,0,0,0,0},
- {0,SSL_TXT_RC2,0, 0,0,SSL_RC2, 0,0,0,0,0,0},
- {0,SSL_TXT_IDEA,0, 0,0,SSL_IDEA, 0,0,0,0,0,0},
- {0,SSL_TXT_SEED,0, 0,0,SSL_SEED, 0,0,0,0,0,0},
- {0,SSL_TXT_eNULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0},
{0,SSL_TXT_AES128,0, 0,0,SSL_AES128|SSL_AES128GCM,0,0,0,0,0,0},
{0,SSL_TXT_AES256,0, 0,0,SSL_AES256|SSL_AES256GCM,0,0,0,0,0,0},
{0,SSL_TXT_AES,0, 0,0,SSL_AES,0,0,0,0,0,0},
{0,SSL_TXT_AES_GCM,0, 0,0,SSL_AES128GCM|SSL_AES256GCM,0,0,0,0,0,0},
- {0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0},
- {0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0},
- {0,SSL_TXT_CAMELLIA ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0},
{0,SSL_TXT_CHACHA20 ,0,0,0,SSL_CHACHA20POLY1305,0,0,0,0,0,0},
/* MAC aliases */
@@ -269,23 +256,16 @@
{0,SSL_TXT_SHA384,0, 0,0,0,SSL_SHA384, 0,0,0,0,0},
/* protocol version aliases */
- {0,SSL_TXT_SSLV2,0, 0,0,0,0,SSL_SSLV2, 0,0,0,0},
{0,SSL_TXT_SSLV3,0, 0,0,0,0,SSL_SSLV3, 0,0,0,0},
{0,SSL_TXT_TLSV1,0, 0,0,0,0,SSL_TLSV1, 0,0,0,0},
{0,SSL_TXT_TLSV1_2,0, 0,0,0,0,SSL_TLSV1_2, 0,0,0,0},
- /* export flag */
- {0,SSL_TXT_EXP,0, 0,0,0,0,0,SSL_EXPORT,0,0,0},
- {0,SSL_TXT_EXPORT,0, 0,0,0,0,0,SSL_EXPORT,0,0,0},
-
/* strength classes */
- {0,SSL_TXT_EXP40,0, 0,0,0,0,0,SSL_EXP40, 0,0,0},
- {0,SSL_TXT_EXP56,0, 0,0,0,0,0,SSL_EXP56, 0,0,0},
{0,SSL_TXT_LOW,0, 0,0,0,0,0,SSL_LOW, 0,0,0},
{0,SSL_TXT_MEDIUM,0, 0,0,0,0,0,SSL_MEDIUM,0,0,0},
{0,SSL_TXT_HIGH,0, 0,0,0,0,0,SSL_HIGH, 0,0,0},
/* FIPS 140-2 approved ciphersuite */
- {0,SSL_TXT_FIPS,0, 0,0,~SSL_eNULL,0,0,SSL_FIPS, 0,0,0},
+ {0,SSL_TXT_FIPS,0, 0,0,0,0,0,SSL_FIPS, 0,0,0},
};
void ssl_load_ciphers(void)
@@ -536,9 +516,6 @@
*mkey |= SSL_kECDHe|SSL_kECDHr;
*auth |= SSL_aECDH;
#endif
-#ifdef SSL_FORBID_ENULL
- *enc |= SSL_eNULL;
-#endif
@@ -1410,7 +1387,7 @@
{
const char *ver;
const char *kx,*au,*enc,*mac;
- unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2;
+ unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl;
#ifdef KSSL_DEBUG
static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s AL=%lx/%lx/%lx/%lx/%lx\n";
#else
@@ -1423,11 +1400,7 @@
alg_mac = cipher->algorithm_mac;
alg_ssl = cipher->algorithm_ssl;
- alg2=cipher->algorithm2;
-
- if (alg_ssl & SSL_SSLV2)
- ver="SSLv2";
- else if (alg_ssl & SSL_SSLV3)
+ if (alg_ssl & SSL_SSLV3)
ver="SSLv3";
else if (alg_ssl & SSL_TLSV1_2)
ver="TLSv1.2";
@@ -1460,9 +1433,6 @@
case SSL_kPSK:
kx="PSK";
break;
- case SSL_kSRP:
- kx="SRP";
- break;
default:
kx="unknown";
}
@@ -1504,16 +1474,7 @@
enc="3DES(168)";
break;
case SSL_RC4:
- enc=(alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)";
- break;
- case SSL_RC2:
- enc="RC2(128)";
- break;
- case SSL_IDEA:
- enc="IDEA(128)";
- break;
- case SSL_eNULL:
- enc="None";
+ enc="RC4(128)";
break;
case SSL_AES128:
enc="AES(128)";
@@ -1527,15 +1488,6 @@
case SSL_AES256GCM:
enc="AESGCM(256)";
break;
- case SSL_CAMELLIA128:
- enc="Camellia(128)";
- break;
- case SSL_CAMELLIA256:
- enc="Camellia(256)";
- break;
- case SSL_SEED:
- enc="SEED(128)";
- break;
case SSL_CHACHA20POLY1305:
enc="ChaCha20-Poly1305";
break;
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index b28c936..ff2c96f 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -282,7 +282,6 @@
#define SSL_kECDHe 0x00000020L /* ECDH cert, ECDSA CA cert */
#define SSL_kEECDH 0x00000040L /* ephemeral ECDH */
#define SSL_kPSK 0x00000080L /* PSK */
-#define SSL_kSRP 0x00000100L /* SRP */
/* Bits for algorithm_auth (server authentication) */
#define SSL_aRSA 0x00000001L /* RSA auth */
@@ -298,20 +297,13 @@
#define SSL_DES 0x00000001L
#define SSL_3DES 0x00000002L
#define SSL_RC4 0x00000004L
-#define SSL_RC2 0x00000008L
-#define SSL_IDEA 0x00000010L
-#define SSL_eNULL 0x00000020L
-#define SSL_AES128 0x00000040L
-#define SSL_AES256 0x00000080L
-#define SSL_CAMELLIA128 0x00000100L
-#define SSL_CAMELLIA256 0x00000200L
-#define SSL_SEED 0x00000400L
-#define SSL_AES128GCM 0x00000800L
-#define SSL_AES256GCM 0x00001000L
-#define SSL_CHACHA20POLY1305 0x00002000L
+#define SSL_AES128 0x00000008L
+#define SSL_AES256 0x00000010L
+#define SSL_AES128GCM 0x00000020L
+#define SSL_AES256GCM 0x00000040L
+#define SSL_CHACHA20POLY1305 0x00000080L
#define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
-#define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
/* Bits for algorithm_mac (symmetric authentication) */
@@ -324,7 +316,6 @@
#define SSL_AEAD 0x00000010L
/* Bits for algorithm_ssl (protocol version) */
-#define SSL_SSLV2 0x00000001L
#define SSL_SSLV3 0x00000002L
#define SSL_TLSV1 SSL_SSLV3 /* for now */
#define SSL_TLSV1_2 0x00000004L
@@ -374,31 +365,13 @@
#define SSL_CIPHER_ALGORITHM2_STATEFUL_AEAD (1<<28)
/*
- * Export and cipher strength information. For each cipher we have to decide
- * whether it is exportable or not. This information is likely to change
- * over time, since the export control rules are no static technical issue.
- *
- * Independent of the export flag the cipher strength is sorted into classes.
- * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
- * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
- * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
- * since SSL_EXP64 could be similar to SSL_LOW.
- * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
- * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
- * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
- * be possible.
+ * Cipher strength information.
*/
#define SSL_EXP_MASK 0x00000003L
#define SSL_STRONG_MASK 0x000001fcL
#define SSL_NOT_EXP 0x00000001L
-#define SSL_EXPORT 0x00000002L
-#define SSL_STRONG_NONE 0x00000004L
-#define SSL_EXP40 0x00000008L
-#define SSL_MICRO (SSL_EXP40)
-#define SSL_EXP56 0x00000010L
-#define SSL_MINI (SSL_EXP56)
#define SSL_LOW 0x00000020L
#define SSL_MEDIUM 0x00000040L
#define SSL_HIGH 0x00000080L
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 42e3410..743c359 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -676,9 +676,6 @@
if (s->session->cipher != NULL)
{
- if (s->session->cipher->algorithm_enc == SSL_eNULL)
- s->s3->need_record_splitting = 0;
-
#ifndef OPENSSL_NO_RC4
if (s->session->cipher->algorithm_enc == SSL_RC4)
s->s3->need_record_splitting = 0;