Skip to content
Snippets Groups Projects
Commit c759daa7 authored by Martin Nilsson's avatar Martin Nilsson
Browse files

Removed traces of the crypto export restrictions.

parent e3e5b4ff
Branches
Tags
No related merge requests found
...@@ -50,10 +50,6 @@ class CipherSpec { ...@@ -50,10 +50,6 @@ class CipherSpec {
//! The Message Authentication Code to use for the packets. //! The Message Authentication Code to use for the packets.
program(MACAlgorithm) mac_algorithm; program(MACAlgorithm) mac_algorithm;
//! Indication whether the combination uses strong or weak
//! (aka exportable) crypto.
int is_exportable;
//! The number of bytes in the MAC hashes. //! The number of bytes in the MAC hashes.
int hash_size; int hash_size;
...@@ -477,7 +473,6 @@ array lookup(int suite, ProtocolVersion|int version) ...@@ -477,7 +473,6 @@ array lookup(int suite, ProtocolVersion|int version)
case CIPHER_rc4_40: case CIPHER_rc4_40:
res->bulk_cipher_algorithm = Nettle.ARCFOUR_State; res->bulk_cipher_algorithm = Nettle.ARCFOUR_State;
res->cipher_type = CIPHER_stream; res->cipher_type = CIPHER_stream;
res->is_exportable = 1;
res->key_material = 16; res->key_material = 16;
res->iv_size = 0; res->iv_size = 0;
res->key_bits = 40; res->key_bits = 40;
...@@ -485,7 +480,6 @@ array lookup(int suite, ProtocolVersion|int version) ...@@ -485,7 +480,6 @@ array lookup(int suite, ProtocolVersion|int version)
case CIPHER_des40: case CIPHER_des40:
res->bulk_cipher_algorithm = DES; res->bulk_cipher_algorithm = DES;
res->cipher_type = CIPHER_block; res->cipher_type = CIPHER_block;
res->is_exportable = 1;
res->key_material = 8; res->key_material = 8;
res->iv_size = 8; res->iv_size = 8;
res->key_bits = 40; res->key_bits = 40;
...@@ -493,16 +487,13 @@ array lookup(int suite, ProtocolVersion|int version) ...@@ -493,16 +487,13 @@ array lookup(int suite, ProtocolVersion|int version)
case CIPHER_null: case CIPHER_null:
res->bulk_cipher_algorithm = 0; res->bulk_cipher_algorithm = 0;
res->cipher_type = CIPHER_stream; res->cipher_type = CIPHER_stream;
res->is_exportable = 1;
res->key_material = 0; res->key_material = 0;
res->iv_size = 0; res->iv_size = 0;
res->key_bits = 0; res->key_bits = 0;
break; break;
#ifndef WEAK_CRYPTO_40BIT
case CIPHER_rc4: case CIPHER_rc4:
res->bulk_cipher_algorithm = Nettle.ARCFOUR_State; res->bulk_cipher_algorithm = Nettle.ARCFOUR_State;
res->cipher_type = CIPHER_stream; res->cipher_type = CIPHER_stream;
res->is_exportable = 0;
res->key_material = 16; res->key_material = 16;
res->iv_size = 0; res->iv_size = 0;
res->key_bits = 128; res->key_bits = 128;
...@@ -510,7 +501,6 @@ array lookup(int suite, ProtocolVersion|int version) ...@@ -510,7 +501,6 @@ array lookup(int suite, ProtocolVersion|int version)
case CIPHER_des: case CIPHER_des:
res->bulk_cipher_algorithm = DES; res->bulk_cipher_algorithm = DES;
res->cipher_type = CIPHER_block; res->cipher_type = CIPHER_block;
res->is_exportable = 0;
res->key_material = 8; res->key_material = 8;
res->iv_size = 8; res->iv_size = 8;
res->key_bits = 56; res->key_bits = 56;
...@@ -518,7 +508,6 @@ array lookup(int suite, ProtocolVersion|int version) ...@@ -518,7 +508,6 @@ array lookup(int suite, ProtocolVersion|int version)
case CIPHER_3des: case CIPHER_3des:
res->bulk_cipher_algorithm = DES3; res->bulk_cipher_algorithm = DES3;
res->cipher_type = CIPHER_block; res->cipher_type = CIPHER_block;
res->is_exportable = 0;
res->key_material = 24; res->key_material = 24;
res->iv_size = 8; res->iv_size = 8;
res->key_bits = 168; res->key_bits = 168;
...@@ -526,7 +515,6 @@ array lookup(int suite, ProtocolVersion|int version) ...@@ -526,7 +515,6 @@ array lookup(int suite, ProtocolVersion|int version)
case CIPHER_idea: case CIPHER_idea:
res->bulk_cipher_algorithm = IDEA; res->bulk_cipher_algorithm = IDEA;
res->cipher_type = CIPHER_block; res->cipher_type = CIPHER_block;
res->is_exportable = 0;
res->key_material = 16; res->key_material = 16;
res->iv_size = 8; res->iv_size = 8;
res->key_bits = 128; res->key_bits = 128;
...@@ -534,7 +522,6 @@ array lookup(int suite, ProtocolVersion|int version) ...@@ -534,7 +522,6 @@ array lookup(int suite, ProtocolVersion|int version)
case CIPHER_aes: case CIPHER_aes:
res->bulk_cipher_algorithm = AES; res->bulk_cipher_algorithm = AES;
res->cipher_type = CIPHER_block; res->cipher_type = CIPHER_block;
res->is_exportable = 0;
res->key_material = 16; res->key_material = 16;
res->iv_size = 16; res->iv_size = 16;
res->key_bits = 128; res->key_bits = 128;
...@@ -542,12 +529,10 @@ array lookup(int suite, ProtocolVersion|int version) ...@@ -542,12 +529,10 @@ array lookup(int suite, ProtocolVersion|int version)
case CIPHER_aes256: case CIPHER_aes256:
res->bulk_cipher_algorithm = AES; res->bulk_cipher_algorithm = AES;
res->cipher_type = CIPHER_block; res->cipher_type = CIPHER_block;
res->is_exportable = 0;
res->key_material = 32; res->key_material = 32;
res->iv_size = 16; res->iv_size = 16;
res->key_bits = 256; res->key_bits = 256;
break; break;
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
default: default:
return 0; return 0;
} }
......
...@@ -59,7 +59,6 @@ constant CIPHER_null = 0; ...@@ -59,7 +59,6 @@ constant CIPHER_null = 0;
constant CIPHER_rc4_40 = 2; constant CIPHER_rc4_40 = 2;
constant CIPHER_rc2 = 3; constant CIPHER_rc2 = 3;
constant CIPHER_des40 = 6; constant CIPHER_des40 = 6;
#ifndef WEAK_CRYPTO_40BIT
constant CIPHER_rc4 = 1; constant CIPHER_rc4 = 1;
constant CIPHER_des = 4; constant CIPHER_des = 4;
constant CIPHER_3des = 5; constant CIPHER_3des = 5;
...@@ -67,7 +66,6 @@ constant CIPHER_fortezza = 7; ...@@ -67,7 +66,6 @@ constant CIPHER_fortezza = 7;
constant CIPHER_idea = 8; constant CIPHER_idea = 8;
constant CIPHER_aes = 9; constant CIPHER_aes = 9;
constant CIPHER_aes256 = 10; constant CIPHER_aes256 = 10;
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
//! Mapping from cipher algorithm to effective key length. //! Mapping from cipher algorithm to effective key length.
constant CIPHER_algorithms = ([ constant CIPHER_algorithms = ([
...@@ -75,7 +73,6 @@ constant CIPHER_algorithms = ([ ...@@ -75,7 +73,6 @@ constant CIPHER_algorithms = ([
CIPHER_rc4_40: 40, CIPHER_rc4_40: 40,
CIPHER_rc2: 40, CIPHER_rc2: 40,
CIPHER_des40: 40, CIPHER_des40: 40,
#ifndef WEAK_CRYPTO_40BIT
CIPHER_rc4: 128, CIPHER_rc4: 128,
CIPHER_des: 56, CIPHER_des: 56,
CIPHER_3des: 168, CIPHER_3des: 168,
...@@ -83,7 +80,6 @@ constant CIPHER_algorithms = ([ ...@@ -83,7 +80,6 @@ constant CIPHER_algorithms = ([
CIPHER_idea: 128, CIPHER_idea: 128,
CIPHER_aes: 128, CIPHER_aes: 128,
CIPHER_aes256: 256, CIPHER_aes256: 256,
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
]); ]);
/* Hash algorithms as per RFC 5246 7.4.1.4.1. */ /* Hash algorithms as per RFC 5246 7.4.1.4.1. */
...@@ -204,7 +200,6 @@ constant TLS_krb5_with_rc4_40_sha = 0x0028; ...@@ -204,7 +200,6 @@ constant TLS_krb5_with_rc4_40_sha = 0x0028;
constant TLS_krb5_with_des_cbc_40_md5 = 0x0029; constant TLS_krb5_with_des_cbc_40_md5 = 0x0029;
constant TLS_krb5_with_rc2_cbc_40_md5 = 0x002a; constant TLS_krb5_with_rc2_cbc_40_md5 = 0x002a;
constant TLS_krb5_with_rc4_40_md5 = 0x002b; constant TLS_krb5_with_rc4_40_md5 = 0x002b;
#ifndef WEAK_CRYPTO_40BIT
constant SSL_rsa_with_rc4_128_md5 = 0x0004; constant SSL_rsa_with_rc4_128_md5 = 0x0004;
constant SSL_rsa_with_rc4_128_sha = 0x0005; constant SSL_rsa_with_rc4_128_sha = 0x0005;
constant SSL_rsa_with_idea_cbc_sha = 0x0007; constant SSL_rsa_with_idea_cbc_sha = 0x0007;
...@@ -384,7 +379,6 @@ constant TLS_ecdhe_psk_with_aes_256_cbc_sha384 = 0xc038; ...@@ -384,7 +379,6 @@ constant TLS_ecdhe_psk_with_aes_256_cbc_sha384 = 0xc038;
constant TLS_ecdhe_psk_with_null_sha = 0xc039; constant TLS_ecdhe_psk_with_null_sha = 0xc039;
constant TLS_ecdhe_psk_with_null_sha256 = 0xc03a; constant TLS_ecdhe_psk_with_null_sha256 = 0xc03a;
constant TLS_ecdhe_psk_with_null_sha384 = 0xc03b; constant TLS_ecdhe_psk_with_null_sha384 = 0xc03b;
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
#if 0 #if 0
/* Methods for signing any server_key_exchange message (RFC 5246 7.4.1.4.1) */ /* Methods for signing any server_key_exchange message (RFC 5246 7.4.1.4.1) */
...@@ -403,7 +397,6 @@ constant CIPHER_SUITES = ...@@ -403,7 +397,6 @@ constant CIPHER_SUITES =
SSL_rsa_export_with_rc4_40_md5 : ({ KE_rsa, CIPHER_rc4_40, HASH_md5 }), SSL_rsa_export_with_rc4_40_md5 : ({ KE_rsa, CIPHER_rc4_40, HASH_md5 }),
SSL_dhe_dss_export_with_des40_cbc_sha : SSL_dhe_dss_export_with_des40_cbc_sha :
({ KE_dhe_dss, CIPHER_des40, HASH_sha }), ({ KE_dhe_dss, CIPHER_des40, HASH_sha }),
#ifndef WEAK_CRYPTO_40BIT
SSL_rsa_with_rc4_128_sha : ({ KE_rsa, CIPHER_rc4, HASH_sha }), SSL_rsa_with_rc4_128_sha : ({ KE_rsa, CIPHER_rc4, HASH_sha }),
SSL_rsa_with_rc4_128_md5 : ({ KE_rsa, CIPHER_rc4, HASH_md5 }), SSL_rsa_with_rc4_128_md5 : ({ KE_rsa, CIPHER_rc4, HASH_md5 }),
SSL_rsa_with_idea_cbc_sha : ({ KE_rsa, CIPHER_idea, HASH_sha }), SSL_rsa_with_idea_cbc_sha : ({ KE_rsa, CIPHER_idea, HASH_sha }),
...@@ -415,11 +408,9 @@ constant CIPHER_SUITES = ...@@ -415,11 +408,9 @@ constant CIPHER_SUITES =
TLS_dhe_dss_with_aes_128_cbc_sha : ({ KE_dhe_dss, CIPHER_aes, HASH_sha }), TLS_dhe_dss_with_aes_128_cbc_sha : ({ KE_dhe_dss, CIPHER_aes, HASH_sha }),
TLS_rsa_with_aes_256_cbc_sha : ({ KE_rsa, CIPHER_aes256, HASH_sha }), TLS_rsa_with_aes_256_cbc_sha : ({ KE_rsa, CIPHER_aes256, HASH_sha }),
TLS_dhe_dss_with_aes_256_cbc_sha : ({ KE_dhe_dss, CIPHER_aes256, HASH_sha }), TLS_dhe_dss_with_aes_256_cbc_sha : ({ KE_dhe_dss, CIPHER_aes256, HASH_sha }),
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
]); ]);
constant preferred_rsa_suites = ({ constant preferred_rsa_suites = ({
#ifndef WEAK_CRYPTO_40BIT
TLS_rsa_with_aes_256_cbc_sha, TLS_rsa_with_aes_256_cbc_sha,
TLS_rsa_with_aes_128_cbc_sha, // Mandatory in RFC 5246 (TLS 1.2). TLS_rsa_with_aes_128_cbc_sha, // Mandatory in RFC 5246 (TLS 1.2).
SSL_rsa_with_idea_cbc_sha, SSL_rsa_with_idea_cbc_sha,
...@@ -427,19 +418,16 @@ constant preferred_rsa_suites = ({ ...@@ -427,19 +418,16 @@ constant preferred_rsa_suites = ({
SSL_rsa_with_rc4_128_md5, SSL_rsa_with_rc4_128_md5,
SSL_rsa_with_3des_ede_cbc_sha, // Mandatory in RFC 2246 (TLS 1.0). SSL_rsa_with_3des_ede_cbc_sha, // Mandatory in RFC 2246 (TLS 1.0).
SSL_rsa_with_des_cbc_sha, SSL_rsa_with_des_cbc_sha,
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
SSL_rsa_export_with_rc4_40_md5, SSL_rsa_export_with_rc4_40_md5,
SSL_rsa_with_null_sha, SSL_rsa_with_null_sha,
SSL_rsa_with_null_md5, SSL_rsa_with_null_md5,
}); });
constant preferred_dhe_dss_suites = ({ constant preferred_dhe_dss_suites = ({
#ifndef WEAK_CRYPTO_40BIT
TLS_dhe_dss_with_aes_256_cbc_sha, TLS_dhe_dss_with_aes_256_cbc_sha,
TLS_dhe_dss_with_aes_128_cbc_sha, TLS_dhe_dss_with_aes_128_cbc_sha,
SSL_dhe_dss_with_3des_ede_cbc_sha, // Mandatory in RFC 2246 (TLS 1.0). SSL_dhe_dss_with_3des_ede_cbc_sha, // Mandatory in RFC 2246 (TLS 1.0).
SSL_dhe_dss_with_des_cbc_sha, SSL_dhe_dss_with_des_cbc_sha,
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
SSL_dhe_dss_export_with_des40_cbc_sha, SSL_dhe_dss_export_with_des40_cbc_sha,
}); });
......
...@@ -140,15 +140,9 @@ int verify_certificates = 0; ...@@ -140,15 +140,9 @@ int verify_certificates = 0;
//! Temporary, non-certified, private keys, used with a //! Temporary, non-certified, private keys, used with a
//! server_key_exchange message. The rules are as follows: //! server_key_exchange message. The rules are as follows:
//! //!
//! If the negotiated cipher_suite has the "exportable" property, and //! If the long_rsa is not zero its public part will be sent. If it is
//! short_rsa is not zero, send a server_key_exchange message with the //! zero and short_rsa is set, its public part will be sent instead.
//! (public part of) the short_rsa key. //! If they are both zero, no server_key_exchange message is sent.
//!
//! If the negotiated cipher_suite does not have the exportable
//! property, and long_rsa is not zero, send a server_key_exchange
//! message with the (public part of) the long_rsa key.
//!
//! Otherwise, dont send any server_key_exchange message.
Crypto.RSA long_rsa; Crypto.RSA long_rsa;
Crypto.RSA short_rsa; Crypto.RSA short_rsa;
......
...@@ -277,14 +277,8 @@ Packet server_key_exchange_packet() ...@@ -277,14 +277,8 @@ Packet server_key_exchange_packet()
switch (session->ke_method) switch (session->ke_method)
{ {
case KE_rsa: case KE_rsa:
#ifdef WEAK_CRYPTO_40BIT temp_key = context->long_rsa || context->short_rsa;
temp_key = context->short_rsa;
#endif /* WEAK_CRYPTO_40BIT (magic comment) */
#ifndef WEAK_CRYPTO_40BIT
temp_key = (session->cipher_spec->is_exportable
? context->short_rsa
: context->long_rsa);
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
if (temp_key) if (temp_key)
{ {
/* Send a ServerKeyExchange message. */ /* Send a ServerKeyExchange message. */
......
...@@ -81,17 +81,9 @@ void set_compression_method(int compr) ...@@ -81,17 +81,9 @@ void set_compression_method(int compr)
protected string generate_key_block(string client_random, string server_random, protected string generate_key_block(string client_random, string server_random,
array(int) version) array(int) version)
{ {
int required = 2 * ( int required = 2 * ( cipher_spec->key_material +
#ifndef WEAK_CRYPTO_40BIT
cipher_spec->is_exportable ?
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
(5 + cipher_spec->hash_size)
#ifndef WEAK_CRYPTO_40BIT
: ( cipher_spec->key_material +
cipher_spec->hash_size + cipher_spec->hash_size +
cipher_spec->iv_size) cipher_spec->iv_size );
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
);
string key = ""; string key = "";
if(version[1] == PROTOCOL_SSL_3_0) { if(version[1] == PROTOCOL_SSL_3_0) {
...@@ -171,57 +163,6 @@ array(string) generate_keys(string client_random, string server_random, ...@@ -171,57 +163,6 @@ array(string) generate_keys(string client_random, string server_random,
// server_write_MAC_secret // server_write_MAC_secret
keys[1] = key_data->get_fix_string(cipher_spec->hash_size); keys[1] = key_data->get_fix_string(cipher_spec->hash_size);
#ifndef WEAK_CRYPTO_40BIT
if (cipher_spec->is_exportable)
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
{
// Exportable (ie weak) crypto.
if(version[1] == PROTOCOL_SSL_3_0) {
// SSL 3.0
function(string:string) md5 = .Cipher.MACmd5()->hash_raw;
keys[2] = md5(key_data->get_fix_string(5) +
client_random + server_random)
[..cipher_spec->key_material-1];
keys[3] = md5(key_data->get_fix_string(5) +
server_random + client_random)
[..cipher_spec->key_material-1];
if (cipher_spec->iv_size)
{
keys[4] = md5(client_random +
server_random)[..cipher_spec->iv_size-1];
keys[5] = md5(server_random +
client_random)[..cipher_spec->iv_size-1];
}
} else if(version[1] >= PROTOCOL_TLS_1_0) {
// TLS 1.0 or later.
string client_wkey = key_data->get_fix_string(5);
string server_wkey = key_data->get_fix_string(5);
keys[2] = .Cipher.prf(client_wkey, "client write key",
client_random+server_random,
cipher_spec->key_material);
keys[3] = .Cipher.prf(server_wkey, "server write key",
client_random+server_random,
cipher_spec->key_material);
if(cipher_spec->iv_size) {
string iv_block = .Cipher.prf("", "IV block",
client_random+server_random,
2*cipher_spec->iv_size);
keys[4]=iv_block[..cipher_spec->iv_size-1];
keys[5]=iv_block[cipher_spec->iv_size..];
#ifdef SSL3_DEBUG
werror("sizeof(keys[4]):%d sizeof(keys[5]):%d\n",
sizeof([string]keys[4]), sizeof([string]keys[4]));
#endif
}
}
}
#ifndef WEAK_CRYPTO_40BIT
else {
keys[2] = key_data->get_fix_string(cipher_spec->key_material); keys[2] = key_data->get_fix_string(cipher_spec->key_material);
keys[3] = key_data->get_fix_string(cipher_spec->key_material); keys[3] = key_data->get_fix_string(cipher_spec->key_material);
if (cipher_spec->iv_size) if (cipher_spec->iv_size)
...@@ -229,8 +170,6 @@ array(string) generate_keys(string client_random, string server_random, ...@@ -229,8 +170,6 @@ array(string) generate_keys(string client_random, string server_random,
keys[4] = key_data->get_fix_string(cipher_spec->iv_size); keys[4] = key_data->get_fix_string(cipher_spec->iv_size);
keys[5] = key_data->get_fix_string(cipher_spec->iv_size); keys[5] = key_data->get_fix_string(cipher_spec->iv_size);
} }
}
#endif /* !WEAK_CRYPTO_40BIT (magic comment) */
#ifdef SSL3_DEBUG #ifdef SSL3_DEBUG
printKey( "client_write_MAC_secret",keys[0]); printKey( "client_write_MAC_secret",keys[0]);
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment