1/* $OpenBSD: ssl_methods.c,v 1.31 2023/07/08 16:40:13 beck Exp $ */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59#include "dtls_local.h" 60#include "ssl_local.h" 61#include "tls13_internal.h" 62 63static const SSL_METHOD DTLS_method_data = { 64 .dtls = 1, 65 .server = 1, 66 .version = DTLS1_2_VERSION, 67 .min_tls_version = TLS1_1_VERSION, 68 .max_tls_version = TLS1_2_VERSION, 69 .ssl_new = dtls1_new, 70 .ssl_clear = dtls1_clear, 71 .ssl_free = dtls1_free, 72 .ssl_accept = ssl3_accept, 73 .ssl_connect = ssl3_connect, 74 .ssl_shutdown = ssl3_shutdown, 75 .ssl_renegotiate = ssl3_renegotiate, 76 .ssl_renegotiate_check = ssl3_renegotiate_check, 77 .ssl_pending = ssl3_pending, 78 .ssl_read_bytes = dtls1_read_bytes, 79 .ssl_write_bytes = dtls1_write_app_data_bytes, 80 .get_cipher = dtls1_get_cipher, 81 .enc_flags = TLSV1_2_ENC_FLAGS, 82}; 83 84static const SSL_METHOD DTLS_client_method_data = { 85 .dtls = 1, 86 .server = 0, 87 .version = DTLS1_2_VERSION, 88 .min_tls_version = TLS1_1_VERSION, 89 .max_tls_version = TLS1_2_VERSION, 90 .ssl_new = dtls1_new, 91 .ssl_clear = dtls1_clear, 92 .ssl_free = dtls1_free, 93 .ssl_accept = ssl_undefined_function, 94 .ssl_connect = ssl3_connect, 95 .ssl_shutdown = ssl3_shutdown, 96 .ssl_renegotiate = ssl3_renegotiate, 97 .ssl_renegotiate_check = ssl3_renegotiate_check, 98 .ssl_pending = ssl3_pending, 99 .ssl_read_bytes = dtls1_read_bytes, 100 .ssl_write_bytes = dtls1_write_app_data_bytes, 101 .get_cipher = dtls1_get_cipher, 102 .enc_flags = TLSV1_2_ENC_FLAGS, 103}; 104 105static const SSL_METHOD DTLSv1_method_data = { 106 .dtls = 1, 107 .server = 1, 108 .version = DTLS1_VERSION, 109 .min_tls_version = TLS1_1_VERSION, 110 .max_tls_version = TLS1_1_VERSION, 111 .ssl_new = dtls1_new, 112 .ssl_clear = dtls1_clear, 113 .ssl_free = dtls1_free, 114 .ssl_accept = ssl3_accept, 115 .ssl_connect = ssl3_connect, 116 .ssl_shutdown = ssl3_shutdown, 117 .ssl_renegotiate = ssl3_renegotiate, 118 .ssl_renegotiate_check = ssl3_renegotiate_check, 119 .ssl_pending = ssl3_pending, 120 .ssl_read_bytes = dtls1_read_bytes, 121 .ssl_write_bytes = dtls1_write_app_data_bytes, 122 .get_cipher = dtls1_get_cipher, 123 .enc_flags = TLSV1_1_ENC_FLAGS, 124}; 125 126static const SSL_METHOD DTLSv1_client_method_data = { 127 .dtls = 1, 128 .server = 0, 129 .version = DTLS1_VERSION, 130 .min_tls_version = TLS1_1_VERSION, 131 .max_tls_version = TLS1_1_VERSION, 132 .ssl_new = dtls1_new, 133 .ssl_clear = dtls1_clear, 134 .ssl_free = dtls1_free, 135 .ssl_accept = ssl_undefined_function, 136 .ssl_connect = ssl3_connect, 137 .ssl_shutdown = ssl3_shutdown, 138 .ssl_renegotiate = ssl3_renegotiate, 139 .ssl_renegotiate_check = ssl3_renegotiate_check, 140 .ssl_pending = ssl3_pending, 141 .ssl_read_bytes = dtls1_read_bytes, 142 .ssl_write_bytes = dtls1_write_app_data_bytes, 143 .get_cipher = dtls1_get_cipher, 144 .enc_flags = TLSV1_1_ENC_FLAGS, 145}; 146 147static const SSL_METHOD DTLSv1_2_method_data = { 148 .dtls = 1, 149 .server = 1, 150 .version = DTLS1_2_VERSION, 151 .min_tls_version = TLS1_2_VERSION, 152 .max_tls_version = TLS1_2_VERSION, 153 .ssl_new = dtls1_new, 154 .ssl_clear = dtls1_clear, 155 .ssl_free = dtls1_free, 156 .ssl_accept = ssl3_accept, 157 .ssl_connect = ssl3_connect, 158 .ssl_shutdown = ssl3_shutdown, 159 .ssl_renegotiate = ssl3_renegotiate, 160 .ssl_renegotiate_check = ssl3_renegotiate_check, 161 .ssl_pending = ssl3_pending, 162 .ssl_read_bytes = dtls1_read_bytes, 163 .ssl_write_bytes = dtls1_write_app_data_bytes, 164 .get_cipher = dtls1_get_cipher, 165 .enc_flags = TLSV1_2_ENC_FLAGS, 166}; 167 168static const SSL_METHOD DTLSv1_2_client_method_data = { 169 .dtls = 1, 170 .server = 0, 171 .version = DTLS1_2_VERSION, 172 .min_tls_version = TLS1_2_VERSION, 173 .max_tls_version = TLS1_2_VERSION, 174 .ssl_new = dtls1_new, 175 .ssl_clear = dtls1_clear, 176 .ssl_free = dtls1_free, 177 .ssl_accept = ssl_undefined_function, 178 .ssl_connect = ssl3_connect, 179 .ssl_shutdown = ssl3_shutdown, 180 .ssl_renegotiate = ssl3_renegotiate, 181 .ssl_renegotiate_check = ssl3_renegotiate_check, 182 .ssl_pending = ssl3_pending, 183 .ssl_read_bytes = dtls1_read_bytes, 184 .ssl_write_bytes = dtls1_write_app_data_bytes, 185 .get_cipher = dtls1_get_cipher, 186 .enc_flags = TLSV1_2_ENC_FLAGS, 187}; 188 189const SSL_METHOD * 190DTLSv1_client_method(void) 191{ 192 return &DTLSv1_client_method_data; 193} 194LSSL_ALIAS(DTLSv1_client_method); 195 196const SSL_METHOD * 197DTLSv1_method(void) 198{ 199 return &DTLSv1_method_data; 200} 201LSSL_ALIAS(DTLSv1_method); 202 203const SSL_METHOD * 204DTLSv1_server_method(void) 205{ 206 return &DTLSv1_method_data; 207} 208LSSL_ALIAS(DTLSv1_server_method); 209 210const SSL_METHOD * 211DTLSv1_2_client_method(void) 212{ 213 return &DTLSv1_2_client_method_data; 214} 215LSSL_ALIAS(DTLSv1_2_client_method); 216 217const SSL_METHOD * 218DTLSv1_2_method(void) 219{ 220 return &DTLSv1_2_method_data; 221} 222LSSL_ALIAS(DTLSv1_2_method); 223 224const SSL_METHOD * 225DTLSv1_2_server_method(void) 226{ 227 return &DTLSv1_2_method_data; 228} 229LSSL_ALIAS(DTLSv1_2_server_method); 230 231const SSL_METHOD * 232DTLS_client_method(void) 233{ 234 return &DTLS_client_method_data; 235} 236LSSL_ALIAS(DTLS_client_method); 237 238const SSL_METHOD * 239DTLS_method(void) 240{ 241 return &DTLS_method_data; 242} 243LSSL_ALIAS(DTLS_method); 244 245const SSL_METHOD * 246DTLS_server_method(void) 247{ 248 return &DTLS_method_data; 249} 250LSSL_ALIAS(DTLS_server_method); 251 252static const SSL_METHOD TLS_method_data = { 253 .dtls = 0, 254 .server = 1, 255 .version = TLS1_3_VERSION, 256 .min_tls_version = TLS1_VERSION, 257 .max_tls_version = TLS1_3_VERSION, 258 .ssl_new = tls1_new, 259 .ssl_clear = tls1_clear, 260 .ssl_free = tls1_free, 261 .ssl_accept = tls13_legacy_accept, 262 .ssl_connect = tls13_legacy_connect, 263 .ssl_shutdown = tls13_legacy_shutdown, 264 .ssl_renegotiate = ssl_undefined_function, 265 .ssl_renegotiate_check = ssl_ok, 266 .ssl_pending = tls13_legacy_pending, 267 .ssl_read_bytes = tls13_legacy_read_bytes, 268 .ssl_write_bytes = tls13_legacy_write_bytes, 269 .get_cipher = ssl3_get_cipher, 270 .enc_flags = TLSV1_3_ENC_FLAGS, 271}; 272 273static const SSL_METHOD TLS_legacy_method_data = { 274 .dtls = 0, 275 .server = 1, 276 .version = TLS1_2_VERSION, 277 .min_tls_version = TLS1_VERSION, 278 .max_tls_version = TLS1_2_VERSION, 279 .ssl_new = tls1_new, 280 .ssl_clear = tls1_clear, 281 .ssl_free = tls1_free, 282 .ssl_accept = ssl3_accept, 283 .ssl_connect = ssl3_connect, 284 .ssl_shutdown = ssl3_shutdown, 285 .ssl_renegotiate = ssl_undefined_function, 286 .ssl_renegotiate_check = ssl_ok, 287 .ssl_pending = ssl3_pending, 288 .ssl_read_bytes = ssl3_read_bytes, 289 .ssl_write_bytes = ssl3_write_bytes, 290 .get_cipher = ssl3_get_cipher, 291 .enc_flags = TLSV1_2_ENC_FLAGS, 292}; 293 294static const SSL_METHOD TLS_client_method_data = { 295 .dtls = 0, 296 .server = 0, 297 .version = TLS1_3_VERSION, 298 .min_tls_version = TLS1_VERSION, 299 .max_tls_version = TLS1_3_VERSION, 300 .ssl_new = tls1_new, 301 .ssl_clear = tls1_clear, 302 .ssl_free = tls1_free, 303 .ssl_accept = tls13_legacy_accept, 304 .ssl_connect = tls13_legacy_connect, 305 .ssl_shutdown = tls13_legacy_shutdown, 306 .ssl_renegotiate = ssl_undefined_function, 307 .ssl_renegotiate_check = ssl_ok, 308 .ssl_pending = tls13_legacy_pending, 309 .ssl_read_bytes = tls13_legacy_read_bytes, 310 .ssl_write_bytes = tls13_legacy_write_bytes, 311 .get_cipher = ssl3_get_cipher, 312 .enc_flags = TLSV1_3_ENC_FLAGS, 313}; 314 315static const SSL_METHOD TLSv1_method_data = { 316 .dtls = 0, 317 .server = 1, 318 .version = TLS1_VERSION, 319 .min_tls_version = TLS1_VERSION, 320 .max_tls_version = TLS1_VERSION, 321 .ssl_new = tls1_new, 322 .ssl_clear = tls1_clear, 323 .ssl_free = tls1_free, 324 .ssl_accept = ssl3_accept, 325 .ssl_connect = ssl3_connect, 326 .ssl_shutdown = ssl3_shutdown, 327 .ssl_renegotiate = ssl3_renegotiate, 328 .ssl_renegotiate_check = ssl3_renegotiate_check, 329 .ssl_pending = ssl3_pending, 330 .ssl_read_bytes = ssl3_read_bytes, 331 .ssl_write_bytes = ssl3_write_bytes, 332 .get_cipher = ssl3_get_cipher, 333 .enc_flags = TLSV1_ENC_FLAGS, 334}; 335 336static const SSL_METHOD TLSv1_client_method_data = { 337 .dtls = 0, 338 .server = 0, 339 .version = TLS1_VERSION, 340 .min_tls_version = TLS1_VERSION, 341 .max_tls_version = TLS1_VERSION, 342 .ssl_new = tls1_new, 343 .ssl_clear = tls1_clear, 344 .ssl_free = tls1_free, 345 .ssl_accept = ssl_undefined_function, 346 .ssl_connect = ssl3_connect, 347 .ssl_shutdown = ssl3_shutdown, 348 .ssl_renegotiate = ssl3_renegotiate, 349 .ssl_renegotiate_check = ssl3_renegotiate_check, 350 .ssl_pending = ssl3_pending, 351 .ssl_read_bytes = ssl3_read_bytes, 352 .ssl_write_bytes = ssl3_write_bytes, 353 .get_cipher = ssl3_get_cipher, 354 .enc_flags = TLSV1_ENC_FLAGS, 355}; 356 357static const SSL_METHOD TLSv1_1_method_data = { 358 .dtls = 0, 359 .server = 1, 360 .version = TLS1_1_VERSION, 361 .min_tls_version = TLS1_1_VERSION, 362 .max_tls_version = TLS1_1_VERSION, 363 .ssl_new = tls1_new, 364 .ssl_clear = tls1_clear, 365 .ssl_free = tls1_free, 366 .ssl_accept = ssl3_accept, 367 .ssl_connect = ssl3_connect, 368 .ssl_shutdown = ssl3_shutdown, 369 .ssl_renegotiate = ssl3_renegotiate, 370 .ssl_renegotiate_check = ssl3_renegotiate_check, 371 .ssl_pending = ssl3_pending, 372 .ssl_read_bytes = ssl3_read_bytes, 373 .ssl_write_bytes = ssl3_write_bytes, 374 .get_cipher = ssl3_get_cipher, 375 .enc_flags = TLSV1_1_ENC_FLAGS, 376}; 377 378static const SSL_METHOD TLSv1_1_client_method_data = { 379 .dtls = 0, 380 .server = 0, 381 .version = TLS1_1_VERSION, 382 .min_tls_version = TLS1_1_VERSION, 383 .max_tls_version = TLS1_1_VERSION, 384 .ssl_new = tls1_new, 385 .ssl_clear = tls1_clear, 386 .ssl_free = tls1_free, 387 .ssl_accept = ssl_undefined_function, 388 .ssl_connect = ssl3_connect, 389 .ssl_shutdown = ssl3_shutdown, 390 .ssl_renegotiate = ssl3_renegotiate, 391 .ssl_renegotiate_check = ssl3_renegotiate_check, 392 .ssl_pending = ssl3_pending, 393 .ssl_read_bytes = ssl3_read_bytes, 394 .ssl_write_bytes = ssl3_write_bytes, 395 .get_cipher = ssl3_get_cipher, 396 .enc_flags = TLSV1_1_ENC_FLAGS, 397}; 398 399static const SSL_METHOD TLSv1_2_method_data = { 400 .dtls = 0, 401 .server = 1, 402 .version = TLS1_2_VERSION, 403 .min_tls_version = TLS1_2_VERSION, 404 .max_tls_version = TLS1_2_VERSION, 405 .ssl_new = tls1_new, 406 .ssl_clear = tls1_clear, 407 .ssl_free = tls1_free, 408 .ssl_accept = ssl3_accept, 409 .ssl_connect = ssl3_connect, 410 .ssl_shutdown = ssl3_shutdown, 411 .ssl_renegotiate = ssl3_renegotiate, 412 .ssl_renegotiate_check = ssl3_renegotiate_check, 413 .ssl_pending = ssl3_pending, 414 .ssl_read_bytes = ssl3_read_bytes, 415 .ssl_write_bytes = ssl3_write_bytes, 416 .get_cipher = ssl3_get_cipher, 417 .enc_flags = TLSV1_2_ENC_FLAGS, 418}; 419 420static const SSL_METHOD TLSv1_2_client_method_data = { 421 .dtls = 0, 422 .server = 0, 423 .version = TLS1_2_VERSION, 424 .min_tls_version = TLS1_2_VERSION, 425 .max_tls_version = TLS1_2_VERSION, 426 .ssl_new = tls1_new, 427 .ssl_clear = tls1_clear, 428 .ssl_free = tls1_free, 429 .ssl_accept = ssl_undefined_function, 430 .ssl_connect = ssl3_connect, 431 .ssl_shutdown = ssl3_shutdown, 432 .ssl_renegotiate = ssl3_renegotiate, 433 .ssl_renegotiate_check = ssl3_renegotiate_check, 434 .ssl_pending = ssl3_pending, 435 .ssl_read_bytes = ssl3_read_bytes, 436 .ssl_write_bytes = ssl3_write_bytes, 437 .get_cipher = ssl3_get_cipher, 438 .enc_flags = TLSV1_2_ENC_FLAGS, 439}; 440 441const SSL_METHOD * 442TLS_client_method(void) 443{ 444 return (&TLS_client_method_data); 445} 446LSSL_ALIAS(TLS_client_method); 447 448const SSL_METHOD * 449TLS_method(void) 450{ 451 return (&TLS_method_data); 452} 453LSSL_ALIAS(TLS_method); 454 455const SSL_METHOD * 456TLS_server_method(void) 457{ 458 return TLS_method(); 459} 460LSSL_ALIAS(TLS_server_method); 461 462const SSL_METHOD * 463tls_legacy_method(void) 464{ 465 return (&TLS_legacy_method_data); 466} 467 468const SSL_METHOD * 469SSLv23_client_method(void) 470{ 471 return TLS_client_method(); 472} 473LSSL_ALIAS(SSLv23_client_method); 474 475const SSL_METHOD * 476SSLv23_method(void) 477{ 478 return TLS_method(); 479} 480LSSL_ALIAS(SSLv23_method); 481 482const SSL_METHOD * 483SSLv23_server_method(void) 484{ 485 return TLS_method(); 486} 487LSSL_ALIAS(SSLv23_server_method); 488 489const SSL_METHOD * 490TLSv1_client_method(void) 491{ 492 return (&TLSv1_client_method_data); 493} 494LSSL_ALIAS(TLSv1_client_method); 495 496const SSL_METHOD * 497TLSv1_method(void) 498{ 499 return (&TLSv1_method_data); 500} 501LSSL_ALIAS(TLSv1_method); 502 503const SSL_METHOD * 504TLSv1_server_method(void) 505{ 506 return (&TLSv1_method_data); 507} 508LSSL_ALIAS(TLSv1_server_method); 509 510const SSL_METHOD * 511TLSv1_1_client_method(void) 512{ 513 return (&TLSv1_1_client_method_data); 514} 515LSSL_ALIAS(TLSv1_1_client_method); 516 517const SSL_METHOD * 518TLSv1_1_method(void) 519{ 520 return (&TLSv1_1_method_data); 521} 522LSSL_ALIAS(TLSv1_1_method); 523 524const SSL_METHOD * 525TLSv1_1_server_method(void) 526{ 527 return (&TLSv1_1_method_data); 528} 529LSSL_ALIAS(TLSv1_1_server_method); 530 531const SSL_METHOD * 532TLSv1_2_client_method(void) 533{ 534 return (&TLSv1_2_client_method_data); 535} 536LSSL_ALIAS(TLSv1_2_client_method); 537 538const SSL_METHOD * 539TLSv1_2_method(void) 540{ 541 return (&TLSv1_2_method_data); 542} 543LSSL_ALIAS(TLSv1_2_method); 544 545const SSL_METHOD * 546TLSv1_2_server_method(void) 547{ 548 return (&TLSv1_2_method_data); 549} 550LSSL_ALIAS(TLSv1_2_server_method); 551 552const SSL_METHOD * 553ssl_get_method(uint16_t version) 554{ 555 if (version == TLS1_3_VERSION) 556 return (TLS_method()); 557 if (version == TLS1_2_VERSION) 558 return (TLSv1_2_method()); 559 if (version == TLS1_1_VERSION) 560 return (TLSv1_1_method()); 561 if (version == TLS1_VERSION) 562 return (TLSv1_method()); 563 if (version == DTLS1_VERSION) 564 return (DTLSv1_method()); 565 if (version == DTLS1_2_VERSION) 566 return (DTLSv1_2_method()); 567 568 return (NULL); 569} 570