MultiTech
/
CyaSSL
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL
Embed:
(wiki syntax)
Show/hide line numbers
keys.c
00001 /* keys.c 00002 * 00003 * Copyright (C) 2006-2014 wolfSSL Inc. 00004 * 00005 * This file is part of CyaSSL. 00006 * 00007 * CyaSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * CyaSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA 00020 */ 00021 00022 00023 #ifdef HAVE_CONFIG_H 00024 #include <config.h> 00025 #endif 00026 00027 #include <cyassl/ctaocrypt/settings.h> 00028 00029 #include <cyassl/internal.h> 00030 #include <cyassl/error-ssl.h> 00031 #if defined(SHOW_SECRETS) || defined(CHACHA_AEAD_TEST) 00032 #ifdef FREESCALE_MQX 00033 #include <fio.h> 00034 #else 00035 #include <stdio.h> 00036 #endif 00037 #endif 00038 00039 00040 int SetCipherSpecs(CYASSL* ssl) 00041 { 00042 #ifndef NO_CYASSL_CLIENT 00043 if (ssl->options.side == CYASSL_CLIENT_END) { 00044 /* server side verified before SetCipherSpecs call */ 00045 if (VerifyClientSuite(ssl) != 1) { 00046 CYASSL_MSG("SetCipherSpecs() client has an unusuable suite"); 00047 return UNSUPPORTED_SUITE; 00048 } 00049 } 00050 #endif /* NO_CYASSL_CLIENT */ 00051 00052 /* Chacha extensions, 0xcc */ 00053 if (ssl->options.cipherSuite0 == CHACHA_BYTE) { 00054 00055 switch (ssl->options.cipherSuite) { 00056 #ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 00057 case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: 00058 ssl->specs.bulk_cipher_algorithm = cyassl_chacha; 00059 ssl->specs.cipher_type = aead; 00060 ssl->specs.mac_algorithm = sha256_mac; 00061 ssl->specs.kea = ecc_diffie_hellman_kea; 00062 ssl->specs.sig_algo = rsa_sa_algo; 00063 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00064 ssl->specs.pad_size = PAD_SHA; 00065 ssl->specs.static_ecdh = 0; 00066 ssl->specs.key_size = CHACHA20_256_KEY_SIZE; 00067 ssl->specs.block_size = CHACHA20_BLOCK_SIZE; 00068 ssl->specs.iv_size = CHACHA20_IV_SIZE; 00069 ssl->specs.aead_mac_size = POLY1305_AUTH_SZ; 00070 00071 break; 00072 #endif 00073 00074 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 00075 case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: 00076 ssl->specs.bulk_cipher_algorithm = cyassl_chacha; 00077 ssl->specs.cipher_type = aead; 00078 ssl->specs.mac_algorithm = sha256_mac; 00079 ssl->specs.kea = ecc_diffie_hellman_kea; 00080 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00081 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00082 ssl->specs.pad_size = PAD_SHA; 00083 ssl->specs.static_ecdh = 0; 00084 ssl->specs.key_size = CHACHA20_256_KEY_SIZE; 00085 ssl->specs.block_size = CHACHA20_BLOCK_SIZE; 00086 ssl->specs.iv_size = CHACHA20_IV_SIZE; 00087 ssl->specs.aead_mac_size = POLY1305_AUTH_SZ; 00088 00089 break; 00090 #endif 00091 00092 #ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 00093 case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: 00094 ssl->specs.bulk_cipher_algorithm = cyassl_chacha; 00095 ssl->specs.cipher_type = aead; 00096 ssl->specs.mac_algorithm = sha256_mac; 00097 ssl->specs.kea = diffie_hellman_kea; 00098 ssl->specs.sig_algo = rsa_sa_algo; 00099 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00100 ssl->specs.pad_size = PAD_SHA; 00101 ssl->specs.static_ecdh = 0; 00102 ssl->specs.key_size = CHACHA20_256_KEY_SIZE; 00103 ssl->specs.block_size = CHACHA20_BLOCK_SIZE; 00104 ssl->specs.iv_size = CHACHA20_IV_SIZE; 00105 ssl->specs.aead_mac_size = POLY1305_AUTH_SZ; 00106 00107 break; 00108 #endif 00109 default: 00110 CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ChaCha"); 00111 return UNSUPPORTED_SUITE; 00112 } 00113 } 00114 00115 /* ECC extensions, or AES-CCM */ 00116 if (ssl->options.cipherSuite0 == ECC_BYTE) { 00117 00118 switch (ssl->options.cipherSuite) { 00119 00120 #ifdef HAVE_ECC 00121 00122 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 00123 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : 00124 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00125 ssl->specs.cipher_type = block; 00126 ssl->specs.mac_algorithm = sha256_mac; 00127 ssl->specs.kea = ecc_diffie_hellman_kea; 00128 ssl->specs.sig_algo = rsa_sa_algo; 00129 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00130 ssl->specs.pad_size = PAD_SHA; 00131 ssl->specs.static_ecdh = 0; 00132 ssl->specs.key_size = AES_128_KEY_SIZE; 00133 ssl->specs.iv_size = AES_IV_SIZE; 00134 ssl->specs.block_size = AES_BLOCK_SIZE; 00135 break; 00136 #endif 00137 00138 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 00139 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 : 00140 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00141 ssl->specs.cipher_type = block; 00142 ssl->specs.mac_algorithm = sha256_mac; 00143 ssl->specs.kea = ecc_diffie_hellman_kea; 00144 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00145 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00146 ssl->specs.pad_size = PAD_SHA; 00147 ssl->specs.static_ecdh = 0; 00148 ssl->specs.key_size = AES_128_KEY_SIZE; 00149 ssl->specs.iv_size = AES_IV_SIZE; 00150 ssl->specs.block_size = AES_BLOCK_SIZE; 00151 break; 00152 #endif 00153 00154 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 00155 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 : 00156 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00157 ssl->specs.cipher_type = block; 00158 ssl->specs.mac_algorithm = sha256_mac; 00159 ssl->specs.kea = ecc_diffie_hellman_kea; 00160 ssl->specs.sig_algo = rsa_sa_algo; 00161 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00162 ssl->specs.pad_size = PAD_SHA; 00163 ssl->specs.static_ecdh = 1; 00164 ssl->specs.key_size = AES_128_KEY_SIZE; 00165 ssl->specs.iv_size = AES_IV_SIZE; 00166 ssl->specs.block_size = AES_BLOCK_SIZE; 00167 break; 00168 #endif 00169 00170 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 00171 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 : 00172 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00173 ssl->specs.cipher_type = block; 00174 ssl->specs.mac_algorithm = sha256_mac; 00175 ssl->specs.kea = ecc_diffie_hellman_kea; 00176 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00177 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00178 ssl->specs.pad_size = PAD_SHA; 00179 ssl->specs.static_ecdh = 1; 00180 ssl->specs.key_size = AES_128_KEY_SIZE; 00181 ssl->specs.iv_size = AES_IV_SIZE; 00182 ssl->specs.block_size = AES_BLOCK_SIZE; 00183 break; 00184 #endif 00185 00186 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 00187 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : 00188 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00189 ssl->specs.cipher_type = block; 00190 ssl->specs.mac_algorithm = sha384_mac; 00191 ssl->specs.kea = ecc_diffie_hellman_kea; 00192 ssl->specs.sig_algo = rsa_sa_algo; 00193 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00194 ssl->specs.pad_size = PAD_SHA; 00195 ssl->specs.static_ecdh = 0; 00196 ssl->specs.key_size = AES_256_KEY_SIZE; 00197 ssl->specs.iv_size = AES_IV_SIZE; 00198 ssl->specs.block_size = AES_BLOCK_SIZE; 00199 break; 00200 #endif 00201 00202 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 00203 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 : 00204 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00205 ssl->specs.cipher_type = block; 00206 ssl->specs.mac_algorithm = sha384_mac; 00207 ssl->specs.kea = ecc_diffie_hellman_kea; 00208 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00209 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00210 ssl->specs.pad_size = PAD_SHA; 00211 ssl->specs.static_ecdh = 0; 00212 ssl->specs.key_size = AES_256_KEY_SIZE; 00213 ssl->specs.iv_size = AES_IV_SIZE; 00214 ssl->specs.block_size = AES_BLOCK_SIZE; 00215 break; 00216 #endif 00217 00218 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 00219 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 : 00220 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00221 ssl->specs.cipher_type = block; 00222 ssl->specs.mac_algorithm = sha384_mac; 00223 ssl->specs.kea = ecc_diffie_hellman_kea; 00224 ssl->specs.sig_algo = rsa_sa_algo; 00225 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00226 ssl->specs.pad_size = PAD_SHA; 00227 ssl->specs.static_ecdh = 1; 00228 ssl->specs.key_size = AES_256_KEY_SIZE; 00229 ssl->specs.iv_size = AES_IV_SIZE; 00230 ssl->specs.block_size = AES_BLOCK_SIZE; 00231 break; 00232 #endif 00233 00234 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 00235 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 : 00236 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00237 ssl->specs.cipher_type = block; 00238 ssl->specs.mac_algorithm = sha384_mac; 00239 ssl->specs.kea = ecc_diffie_hellman_kea; 00240 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00241 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00242 ssl->specs.pad_size = PAD_SHA; 00243 ssl->specs.static_ecdh = 1; 00244 ssl->specs.key_size = AES_256_KEY_SIZE; 00245 ssl->specs.iv_size = AES_IV_SIZE; 00246 ssl->specs.block_size = AES_BLOCK_SIZE; 00247 break; 00248 #endif 00249 00250 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 00251 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : 00252 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00253 ssl->specs.cipher_type = block; 00254 ssl->specs.mac_algorithm = sha_mac; 00255 ssl->specs.kea = ecc_diffie_hellman_kea; 00256 ssl->specs.sig_algo = rsa_sa_algo; 00257 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00258 ssl->specs.pad_size = PAD_SHA; 00259 ssl->specs.static_ecdh = 0; 00260 ssl->specs.key_size = AES_128_KEY_SIZE; 00261 ssl->specs.block_size = AES_BLOCK_SIZE; 00262 ssl->specs.iv_size = AES_IV_SIZE; 00263 00264 break; 00265 #endif 00266 00267 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 00268 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA : 00269 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00270 ssl->specs.cipher_type = block; 00271 ssl->specs.mac_algorithm = sha_mac; 00272 ssl->specs.kea = ecc_diffie_hellman_kea; 00273 ssl->specs.sig_algo = rsa_sa_algo; 00274 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00275 ssl->specs.pad_size = PAD_SHA; 00276 ssl->specs.static_ecdh = 1; 00277 ssl->specs.key_size = AES_128_KEY_SIZE; 00278 ssl->specs.block_size = AES_BLOCK_SIZE; 00279 ssl->specs.iv_size = AES_IV_SIZE; 00280 00281 break; 00282 #endif 00283 00284 #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 00285 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : 00286 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; 00287 ssl->specs.cipher_type = block; 00288 ssl->specs.mac_algorithm = sha_mac; 00289 ssl->specs.kea = ecc_diffie_hellman_kea; 00290 ssl->specs.sig_algo = rsa_sa_algo; 00291 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00292 ssl->specs.pad_size = PAD_SHA; 00293 ssl->specs.static_ecdh = 0; 00294 ssl->specs.key_size = DES3_KEY_SIZE; 00295 ssl->specs.block_size = DES_BLOCK_SIZE; 00296 ssl->specs.iv_size = DES_IV_SIZE; 00297 00298 break; 00299 #endif 00300 00301 #ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 00302 case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA : 00303 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; 00304 ssl->specs.cipher_type = block; 00305 ssl->specs.mac_algorithm = sha_mac; 00306 ssl->specs.kea = ecc_diffie_hellman_kea; 00307 ssl->specs.sig_algo = rsa_sa_algo; 00308 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00309 ssl->specs.pad_size = PAD_SHA; 00310 ssl->specs.static_ecdh = 1; 00311 ssl->specs.key_size = DES3_KEY_SIZE; 00312 ssl->specs.block_size = DES_BLOCK_SIZE; 00313 ssl->specs.iv_size = DES_IV_SIZE; 00314 00315 break; 00316 #endif 00317 00318 #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA 00319 case TLS_ECDHE_RSA_WITH_RC4_128_SHA : 00320 ssl->specs.bulk_cipher_algorithm = cyassl_rc4; 00321 ssl->specs.cipher_type = stream; 00322 ssl->specs.mac_algorithm = sha_mac; 00323 ssl->specs.kea = ecc_diffie_hellman_kea; 00324 ssl->specs.sig_algo = rsa_sa_algo; 00325 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00326 ssl->specs.pad_size = PAD_SHA; 00327 ssl->specs.static_ecdh = 0; 00328 ssl->specs.key_size = RC4_KEY_SIZE; 00329 ssl->specs.iv_size = 0; 00330 ssl->specs.block_size = 0; 00331 00332 break; 00333 #endif 00334 00335 #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA 00336 case TLS_ECDH_RSA_WITH_RC4_128_SHA : 00337 ssl->specs.bulk_cipher_algorithm = cyassl_rc4; 00338 ssl->specs.cipher_type = stream; 00339 ssl->specs.mac_algorithm = sha_mac; 00340 ssl->specs.kea = ecc_diffie_hellman_kea; 00341 ssl->specs.sig_algo = rsa_sa_algo; 00342 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00343 ssl->specs.pad_size = PAD_SHA; 00344 ssl->specs.static_ecdh = 1; 00345 ssl->specs.key_size = RC4_KEY_SIZE; 00346 ssl->specs.iv_size = 0; 00347 ssl->specs.block_size = 0; 00348 00349 break; 00350 #endif 00351 00352 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 00353 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : 00354 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; 00355 ssl->specs.cipher_type = block; 00356 ssl->specs.mac_algorithm = sha_mac; 00357 ssl->specs.kea = ecc_diffie_hellman_kea; 00358 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00359 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00360 ssl->specs.pad_size = PAD_SHA; 00361 ssl->specs.static_ecdh = 0; 00362 ssl->specs.key_size = DES3_KEY_SIZE; 00363 ssl->specs.block_size = DES_BLOCK_SIZE; 00364 ssl->specs.iv_size = DES_IV_SIZE; 00365 00366 break; 00367 #endif 00368 00369 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 00370 case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : 00371 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; 00372 ssl->specs.cipher_type = block; 00373 ssl->specs.mac_algorithm = sha_mac; 00374 ssl->specs.kea = ecc_diffie_hellman_kea; 00375 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00376 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00377 ssl->specs.pad_size = PAD_SHA; 00378 ssl->specs.static_ecdh = 1; 00379 ssl->specs.key_size = DES3_KEY_SIZE; 00380 ssl->specs.block_size = DES_BLOCK_SIZE; 00381 ssl->specs.iv_size = DES_IV_SIZE; 00382 00383 break; 00384 #endif 00385 00386 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 00387 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : 00388 ssl->specs.bulk_cipher_algorithm = cyassl_rc4; 00389 ssl->specs.cipher_type = stream; 00390 ssl->specs.mac_algorithm = sha_mac; 00391 ssl->specs.kea = ecc_diffie_hellman_kea; 00392 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00393 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00394 ssl->specs.pad_size = PAD_SHA; 00395 ssl->specs.static_ecdh = 0; 00396 ssl->specs.key_size = RC4_KEY_SIZE; 00397 ssl->specs.iv_size = 0; 00398 ssl->specs.block_size = 0; 00399 00400 break; 00401 #endif 00402 00403 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 00404 case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : 00405 ssl->specs.bulk_cipher_algorithm = cyassl_rc4; 00406 ssl->specs.cipher_type = stream; 00407 ssl->specs.mac_algorithm = sha_mac; 00408 ssl->specs.kea = ecc_diffie_hellman_kea; 00409 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00410 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00411 ssl->specs.pad_size = PAD_SHA; 00412 ssl->specs.static_ecdh = 1; 00413 ssl->specs.key_size = RC4_KEY_SIZE; 00414 ssl->specs.iv_size = 0; 00415 ssl->specs.block_size = 0; 00416 00417 break; 00418 #endif 00419 00420 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 00421 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : 00422 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00423 ssl->specs.cipher_type = block; 00424 ssl->specs.mac_algorithm = sha_mac; 00425 ssl->specs.kea = ecc_diffie_hellman_kea; 00426 ssl->specs.sig_algo = rsa_sa_algo; 00427 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00428 ssl->specs.pad_size = PAD_SHA; 00429 ssl->specs.static_ecdh = 0; 00430 ssl->specs.key_size = AES_256_KEY_SIZE; 00431 ssl->specs.block_size = AES_BLOCK_SIZE; 00432 ssl->specs.iv_size = AES_IV_SIZE; 00433 00434 break; 00435 #endif 00436 00437 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 00438 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : 00439 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00440 ssl->specs.cipher_type = block; 00441 ssl->specs.mac_algorithm = sha_mac; 00442 ssl->specs.kea = ecc_diffie_hellman_kea; 00443 ssl->specs.sig_algo = rsa_sa_algo; 00444 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00445 ssl->specs.pad_size = PAD_SHA; 00446 ssl->specs.static_ecdh = 1; 00447 ssl->specs.key_size = AES_256_KEY_SIZE; 00448 ssl->specs.block_size = AES_BLOCK_SIZE; 00449 ssl->specs.iv_size = AES_IV_SIZE; 00450 00451 break; 00452 #endif 00453 00454 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 00455 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : 00456 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00457 ssl->specs.cipher_type = block; 00458 ssl->specs.mac_algorithm = sha_mac; 00459 ssl->specs.kea = ecc_diffie_hellman_kea; 00460 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00461 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00462 ssl->specs.pad_size = PAD_SHA; 00463 ssl->specs.static_ecdh = 0; 00464 ssl->specs.key_size = AES_128_KEY_SIZE; 00465 ssl->specs.block_size = AES_BLOCK_SIZE; 00466 ssl->specs.iv_size = AES_IV_SIZE; 00467 00468 break; 00469 #endif 00470 00471 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 00472 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : 00473 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00474 ssl->specs.cipher_type = block; 00475 ssl->specs.mac_algorithm = sha_mac; 00476 ssl->specs.kea = ecc_diffie_hellman_kea; 00477 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00478 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00479 ssl->specs.pad_size = PAD_SHA; 00480 ssl->specs.static_ecdh = 1; 00481 ssl->specs.key_size = AES_128_KEY_SIZE; 00482 ssl->specs.block_size = AES_BLOCK_SIZE; 00483 ssl->specs.iv_size = AES_IV_SIZE; 00484 00485 break; 00486 #endif 00487 00488 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 00489 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : 00490 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00491 ssl->specs.cipher_type = block; 00492 ssl->specs.mac_algorithm = sha_mac; 00493 ssl->specs.kea = ecc_diffie_hellman_kea; 00494 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00495 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00496 ssl->specs.pad_size = PAD_SHA; 00497 ssl->specs.static_ecdh = 0; 00498 ssl->specs.key_size = AES_256_KEY_SIZE; 00499 ssl->specs.block_size = AES_BLOCK_SIZE; 00500 ssl->specs.iv_size = AES_IV_SIZE; 00501 00502 break; 00503 #endif 00504 00505 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 00506 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : 00507 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00508 ssl->specs.cipher_type = block; 00509 ssl->specs.mac_algorithm = sha_mac; 00510 ssl->specs.kea = ecc_diffie_hellman_kea; 00511 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00512 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00513 ssl->specs.pad_size = PAD_SHA; 00514 ssl->specs.static_ecdh = 1; 00515 ssl->specs.key_size = AES_256_KEY_SIZE; 00516 ssl->specs.block_size = AES_BLOCK_SIZE; 00517 ssl->specs.iv_size = AES_IV_SIZE; 00518 00519 break; 00520 #endif 00521 00522 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 00523 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : 00524 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 00525 ssl->specs.cipher_type = aead; 00526 ssl->specs.mac_algorithm = sha256_mac; 00527 ssl->specs.kea = ecc_diffie_hellman_kea; 00528 ssl->specs.sig_algo = rsa_sa_algo; 00529 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00530 ssl->specs.pad_size = PAD_SHA; 00531 ssl->specs.static_ecdh = 0; 00532 ssl->specs.key_size = AES_128_KEY_SIZE; 00533 ssl->specs.block_size = AES_BLOCK_SIZE; 00534 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00535 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00536 00537 break; 00538 #endif 00539 00540 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 00541 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 : 00542 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 00543 ssl->specs.cipher_type = aead; 00544 ssl->specs.mac_algorithm = sha384_mac; 00545 ssl->specs.kea = ecc_diffie_hellman_kea; 00546 ssl->specs.sig_algo = rsa_sa_algo; 00547 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00548 ssl->specs.pad_size = PAD_SHA; 00549 ssl->specs.static_ecdh = 0; 00550 ssl->specs.key_size = AES_256_KEY_SIZE; 00551 ssl->specs.block_size = AES_BLOCK_SIZE; 00552 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00553 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00554 00555 break; 00556 #endif 00557 00558 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 00559 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 : 00560 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 00561 ssl->specs.cipher_type = aead; 00562 ssl->specs.mac_algorithm = sha256_mac; 00563 ssl->specs.kea = ecc_diffie_hellman_kea; 00564 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00565 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00566 ssl->specs.pad_size = PAD_SHA; 00567 ssl->specs.static_ecdh = 0; 00568 ssl->specs.key_size = AES_128_KEY_SIZE; 00569 ssl->specs.block_size = AES_BLOCK_SIZE; 00570 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00571 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00572 00573 break; 00574 #endif 00575 00576 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 00577 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 : 00578 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 00579 ssl->specs.cipher_type = aead; 00580 ssl->specs.mac_algorithm = sha384_mac; 00581 ssl->specs.kea = ecc_diffie_hellman_kea; 00582 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00583 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00584 ssl->specs.pad_size = PAD_SHA; 00585 ssl->specs.static_ecdh = 0; 00586 ssl->specs.key_size = AES_256_KEY_SIZE; 00587 ssl->specs.block_size = AES_BLOCK_SIZE; 00588 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00589 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00590 00591 break; 00592 #endif 00593 00594 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 00595 case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 : 00596 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 00597 ssl->specs.cipher_type = aead; 00598 ssl->specs.mac_algorithm = sha256_mac; 00599 ssl->specs.kea = ecc_diffie_hellman_kea; 00600 ssl->specs.sig_algo = rsa_sa_algo; 00601 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00602 ssl->specs.pad_size = PAD_SHA; 00603 ssl->specs.static_ecdh = 1; 00604 ssl->specs.key_size = AES_128_KEY_SIZE; 00605 ssl->specs.block_size = AES_BLOCK_SIZE; 00606 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00607 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00608 00609 break; 00610 #endif 00611 00612 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 00613 case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 : 00614 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 00615 ssl->specs.cipher_type = aead; 00616 ssl->specs.mac_algorithm = sha384_mac; 00617 ssl->specs.kea = ecc_diffie_hellman_kea; 00618 ssl->specs.sig_algo = rsa_sa_algo; 00619 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00620 ssl->specs.pad_size = PAD_SHA; 00621 ssl->specs.static_ecdh = 1; 00622 ssl->specs.key_size = AES_256_KEY_SIZE; 00623 ssl->specs.block_size = AES_BLOCK_SIZE; 00624 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00625 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00626 00627 break; 00628 #endif 00629 00630 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 00631 case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 : 00632 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 00633 ssl->specs.cipher_type = aead; 00634 ssl->specs.mac_algorithm = sha256_mac; 00635 ssl->specs.kea = ecc_diffie_hellman_kea; 00636 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00637 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00638 ssl->specs.pad_size = PAD_SHA; 00639 ssl->specs.static_ecdh = 1; 00640 ssl->specs.key_size = AES_128_KEY_SIZE; 00641 ssl->specs.block_size = AES_BLOCK_SIZE; 00642 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00643 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00644 00645 break; 00646 #endif 00647 00648 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 00649 case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 : 00650 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 00651 ssl->specs.cipher_type = aead; 00652 ssl->specs.mac_algorithm = sha384_mac; 00653 ssl->specs.kea = ecc_diffie_hellman_kea; 00654 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00655 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00656 ssl->specs.pad_size = PAD_SHA; 00657 ssl->specs.static_ecdh = 1; 00658 ssl->specs.key_size = AES_256_KEY_SIZE; 00659 ssl->specs.block_size = AES_BLOCK_SIZE; 00660 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00661 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00662 00663 break; 00664 #endif 00665 00666 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 00667 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : 00668 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00669 ssl->specs.cipher_type = aead; 00670 ssl->specs.mac_algorithm = sha256_mac; 00671 ssl->specs.kea = ecc_diffie_hellman_kea; 00672 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00673 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00674 ssl->specs.pad_size = PAD_SHA; 00675 ssl->specs.static_ecdh = 0; 00676 ssl->specs.key_size = AES_128_KEY_SIZE; 00677 ssl->specs.block_size = AES_BLOCK_SIZE; 00678 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00679 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00680 00681 break; 00682 #endif 00683 00684 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 00685 case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : 00686 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00687 ssl->specs.cipher_type = aead; 00688 ssl->specs.mac_algorithm = sha256_mac; 00689 ssl->specs.kea = ecc_diffie_hellman_kea; 00690 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00691 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00692 ssl->specs.pad_size = PAD_SHA; 00693 ssl->specs.static_ecdh = 0; 00694 ssl->specs.key_size = AES_256_KEY_SIZE; 00695 ssl->specs.block_size = AES_BLOCK_SIZE; 00696 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00697 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00698 00699 break; 00700 #endif 00701 #endif /* HAVE_ECC */ 00702 00703 #ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8 00704 case TLS_RSA_WITH_AES_128_CCM_8 : 00705 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00706 ssl->specs.cipher_type = aead; 00707 ssl->specs.mac_algorithm = sha256_mac; 00708 ssl->specs.kea = rsa_kea; 00709 ssl->specs.sig_algo = rsa_sa_algo; 00710 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00711 ssl->specs.pad_size = PAD_SHA; 00712 ssl->specs.static_ecdh = 0; 00713 ssl->specs.key_size = AES_128_KEY_SIZE; 00714 ssl->specs.block_size = AES_BLOCK_SIZE; 00715 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00716 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00717 00718 break; 00719 #endif 00720 00721 #ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8 00722 case TLS_RSA_WITH_AES_256_CCM_8 : 00723 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00724 ssl->specs.cipher_type = aead; 00725 ssl->specs.mac_algorithm = sha256_mac; 00726 ssl->specs.kea = rsa_kea; 00727 ssl->specs.sig_algo = rsa_sa_algo; 00728 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00729 ssl->specs.pad_size = PAD_SHA; 00730 ssl->specs.static_ecdh = 0; 00731 ssl->specs.key_size = AES_256_KEY_SIZE; 00732 ssl->specs.block_size = AES_BLOCK_SIZE; 00733 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00734 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00735 00736 break; 00737 #endif 00738 00739 #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8 00740 case TLS_PSK_WITH_AES_128_CCM_8 : 00741 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00742 ssl->specs.cipher_type = aead; 00743 ssl->specs.mac_algorithm = sha256_mac; 00744 ssl->specs.kea = psk_kea; 00745 ssl->specs.sig_algo = anonymous_sa_algo; 00746 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00747 ssl->specs.pad_size = PAD_SHA; 00748 ssl->specs.static_ecdh = 0; 00749 ssl->specs.key_size = AES_128_KEY_SIZE; 00750 ssl->specs.block_size = AES_BLOCK_SIZE; 00751 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00752 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00753 00754 ssl->options.usingPSK_cipher = 1; 00755 break; 00756 #endif 00757 00758 #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8 00759 case TLS_PSK_WITH_AES_256_CCM_8 : 00760 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00761 ssl->specs.cipher_type = aead; 00762 ssl->specs.mac_algorithm = sha256_mac; 00763 ssl->specs.kea = psk_kea; 00764 ssl->specs.sig_algo = anonymous_sa_algo; 00765 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00766 ssl->specs.pad_size = PAD_SHA; 00767 ssl->specs.static_ecdh = 0; 00768 ssl->specs.key_size = AES_256_KEY_SIZE; 00769 ssl->specs.block_size = AES_BLOCK_SIZE; 00770 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00771 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00772 00773 ssl->options.usingPSK_cipher = 1; 00774 break; 00775 #endif 00776 00777 #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM 00778 case TLS_PSK_WITH_AES_128_CCM : 00779 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00780 ssl->specs.cipher_type = aead; 00781 ssl->specs.mac_algorithm = sha256_mac; 00782 ssl->specs.kea = psk_kea; 00783 ssl->specs.sig_algo = anonymous_sa_algo; 00784 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00785 ssl->specs.pad_size = PAD_SHA; 00786 ssl->specs.static_ecdh = 0; 00787 ssl->specs.key_size = AES_128_KEY_SIZE; 00788 ssl->specs.block_size = AES_BLOCK_SIZE; 00789 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00790 ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; 00791 00792 ssl->options.usingPSK_cipher = 1; 00793 break; 00794 #endif 00795 00796 #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM 00797 case TLS_PSK_WITH_AES_256_CCM : 00798 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00799 ssl->specs.cipher_type = aead; 00800 ssl->specs.mac_algorithm = sha256_mac; 00801 ssl->specs.kea = psk_kea; 00802 ssl->specs.sig_algo = anonymous_sa_algo; 00803 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00804 ssl->specs.pad_size = PAD_SHA; 00805 ssl->specs.static_ecdh = 0; 00806 ssl->specs.key_size = AES_256_KEY_SIZE; 00807 ssl->specs.block_size = AES_BLOCK_SIZE; 00808 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00809 ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; 00810 00811 ssl->options.usingPSK_cipher = 1; 00812 break; 00813 #endif 00814 00815 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM 00816 case TLS_DHE_PSK_WITH_AES_128_CCM : 00817 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00818 ssl->specs.cipher_type = aead; 00819 ssl->specs.mac_algorithm = sha256_mac; 00820 ssl->specs.kea = dhe_psk_kea; 00821 ssl->specs.sig_algo = anonymous_sa_algo; 00822 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00823 ssl->specs.pad_size = PAD_SHA; 00824 ssl->specs.static_ecdh = 0; 00825 ssl->specs.key_size = AES_128_KEY_SIZE; 00826 ssl->specs.block_size = AES_BLOCK_SIZE; 00827 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00828 ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; 00829 00830 ssl->options.usingPSK_cipher = 1; 00831 break; 00832 #endif 00833 00834 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM 00835 case TLS_DHE_PSK_WITH_AES_256_CCM : 00836 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; 00837 ssl->specs.cipher_type = aead; 00838 ssl->specs.mac_algorithm = sha256_mac; 00839 ssl->specs.kea = dhe_psk_kea; 00840 ssl->specs.sig_algo = anonymous_sa_algo; 00841 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00842 ssl->specs.pad_size = PAD_SHA; 00843 ssl->specs.static_ecdh = 0; 00844 ssl->specs.key_size = AES_256_KEY_SIZE; 00845 ssl->specs.block_size = AES_BLOCK_SIZE; 00846 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00847 ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; 00848 00849 ssl->options.usingPSK_cipher = 1; 00850 break; 00851 #endif 00852 00853 default: 00854 CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC"); 00855 return UNSUPPORTED_SUITE; 00856 } /* switch */ 00857 } /* if */ 00858 if (ssl->options.cipherSuite0 != ECC_BYTE && 00859 ssl->options.cipherSuite0 != CHACHA_BYTE) { /* normal suites */ 00860 switch (ssl->options.cipherSuite) { 00861 00862 #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA 00863 case SSL_RSA_WITH_RC4_128_SHA : 00864 ssl->specs.bulk_cipher_algorithm = cyassl_rc4; 00865 ssl->specs.cipher_type = stream; 00866 ssl->specs.mac_algorithm = sha_mac; 00867 ssl->specs.kea = rsa_kea; 00868 ssl->specs.sig_algo = rsa_sa_algo; 00869 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00870 ssl->specs.pad_size = PAD_SHA; 00871 ssl->specs.static_ecdh = 0; 00872 ssl->specs.key_size = RC4_KEY_SIZE; 00873 ssl->specs.iv_size = 0; 00874 ssl->specs.block_size = 0; 00875 00876 break; 00877 #endif 00878 00879 #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA 00880 case TLS_NTRU_RSA_WITH_RC4_128_SHA : 00881 ssl->specs.bulk_cipher_algorithm = cyassl_rc4; 00882 ssl->specs.cipher_type = stream; 00883 ssl->specs.mac_algorithm = sha_mac; 00884 ssl->specs.kea = ntru_kea; 00885 ssl->specs.sig_algo = rsa_sa_algo; 00886 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00887 ssl->specs.pad_size = PAD_SHA; 00888 ssl->specs.static_ecdh = 0; 00889 ssl->specs.key_size = RC4_KEY_SIZE; 00890 ssl->specs.iv_size = 0; 00891 ssl->specs.block_size = 0; 00892 00893 break; 00894 #endif 00895 00896 #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5 00897 case SSL_RSA_WITH_RC4_128_MD5 : 00898 ssl->specs.bulk_cipher_algorithm = cyassl_rc4; 00899 ssl->specs.cipher_type = stream; 00900 ssl->specs.mac_algorithm = md5_mac; 00901 ssl->specs.kea = rsa_kea; 00902 ssl->specs.sig_algo = rsa_sa_algo; 00903 ssl->specs.hash_size = MD5_DIGEST_SIZE; 00904 ssl->specs.pad_size = PAD_MD5; 00905 ssl->specs.static_ecdh = 0; 00906 ssl->specs.key_size = RC4_KEY_SIZE; 00907 ssl->specs.iv_size = 0; 00908 ssl->specs.block_size = 0; 00909 00910 break; 00911 #endif 00912 00913 #ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA 00914 case SSL_RSA_WITH_3DES_EDE_CBC_SHA : 00915 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; 00916 ssl->specs.cipher_type = block; 00917 ssl->specs.mac_algorithm = sha_mac; 00918 ssl->specs.kea = rsa_kea; 00919 ssl->specs.sig_algo = rsa_sa_algo; 00920 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00921 ssl->specs.pad_size = PAD_SHA; 00922 ssl->specs.static_ecdh = 0; 00923 ssl->specs.key_size = DES3_KEY_SIZE; 00924 ssl->specs.block_size = DES_BLOCK_SIZE; 00925 ssl->specs.iv_size = DES_IV_SIZE; 00926 00927 break; 00928 #endif 00929 00930 #ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA 00931 case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : 00932 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; 00933 ssl->specs.cipher_type = block; 00934 ssl->specs.mac_algorithm = sha_mac; 00935 ssl->specs.kea = ntru_kea; 00936 ssl->specs.sig_algo = rsa_sa_algo; 00937 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00938 ssl->specs.pad_size = PAD_SHA; 00939 ssl->specs.static_ecdh = 0; 00940 ssl->specs.key_size = DES3_KEY_SIZE; 00941 ssl->specs.block_size = DES_BLOCK_SIZE; 00942 ssl->specs.iv_size = DES_IV_SIZE; 00943 00944 break; 00945 #endif 00946 00947 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA 00948 case TLS_RSA_WITH_AES_128_CBC_SHA : 00949 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00950 ssl->specs.cipher_type = block; 00951 ssl->specs.mac_algorithm = sha_mac; 00952 ssl->specs.kea = rsa_kea; 00953 ssl->specs.sig_algo = rsa_sa_algo; 00954 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00955 ssl->specs.pad_size = PAD_SHA; 00956 ssl->specs.static_ecdh = 0; 00957 ssl->specs.key_size = AES_128_KEY_SIZE; 00958 ssl->specs.block_size = AES_BLOCK_SIZE; 00959 ssl->specs.iv_size = AES_IV_SIZE; 00960 00961 break; 00962 #endif 00963 00964 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 00965 case TLS_RSA_WITH_AES_128_CBC_SHA256 : 00966 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 00967 ssl->specs.cipher_type = block; 00968 ssl->specs.mac_algorithm = sha256_mac; 00969 ssl->specs.kea = rsa_kea; 00970 ssl->specs.sig_algo = rsa_sa_algo; 00971 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00972 ssl->specs.pad_size = PAD_SHA; 00973 ssl->specs.static_ecdh = 0; 00974 ssl->specs.key_size = AES_128_KEY_SIZE; 00975 ssl->specs.block_size = AES_BLOCK_SIZE; 00976 ssl->specs.iv_size = AES_IV_SIZE; 00977 00978 break; 00979 #endif 00980 00981 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA 00982 case TLS_RSA_WITH_NULL_SHA : 00983 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; 00984 ssl->specs.cipher_type = stream; 00985 ssl->specs.mac_algorithm = sha_mac; 00986 ssl->specs.kea = rsa_kea; 00987 ssl->specs.sig_algo = rsa_sa_algo; 00988 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00989 ssl->specs.pad_size = PAD_SHA; 00990 ssl->specs.static_ecdh = 0; 00991 ssl->specs.key_size = 0; 00992 ssl->specs.block_size = 0; 00993 ssl->specs.iv_size = 0; 00994 00995 break; 00996 #endif 00997 00998 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA256 00999 case TLS_RSA_WITH_NULL_SHA256 : 01000 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; 01001 ssl->specs.cipher_type = stream; 01002 ssl->specs.mac_algorithm = sha256_mac; 01003 ssl->specs.kea = rsa_kea; 01004 ssl->specs.sig_algo = rsa_sa_algo; 01005 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01006 ssl->specs.pad_size = PAD_SHA; 01007 ssl->specs.static_ecdh = 0; 01008 ssl->specs.key_size = 0; 01009 ssl->specs.block_size = 0; 01010 ssl->specs.iv_size = 0; 01011 01012 break; 01013 #endif 01014 01015 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA 01016 case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : 01017 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01018 ssl->specs.cipher_type = block; 01019 ssl->specs.mac_algorithm = sha_mac; 01020 ssl->specs.kea = ntru_kea; 01021 ssl->specs.sig_algo = rsa_sa_algo; 01022 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01023 ssl->specs.pad_size = PAD_SHA; 01024 ssl->specs.static_ecdh = 0; 01025 ssl->specs.key_size = AES_128_KEY_SIZE; 01026 ssl->specs.block_size = AES_BLOCK_SIZE; 01027 ssl->specs.iv_size = AES_IV_SIZE; 01028 01029 break; 01030 #endif 01031 01032 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA 01033 case TLS_RSA_WITH_AES_256_CBC_SHA : 01034 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01035 ssl->specs.cipher_type = block; 01036 ssl->specs.mac_algorithm = sha_mac; 01037 ssl->specs.kea = rsa_kea; 01038 ssl->specs.sig_algo = rsa_sa_algo; 01039 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01040 ssl->specs.pad_size = PAD_SHA; 01041 ssl->specs.static_ecdh = 0; 01042 ssl->specs.key_size = AES_256_KEY_SIZE; 01043 ssl->specs.block_size = AES_BLOCK_SIZE; 01044 ssl->specs.iv_size = AES_IV_SIZE; 01045 01046 break; 01047 #endif 01048 01049 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 01050 case TLS_RSA_WITH_AES_256_CBC_SHA256 : 01051 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01052 ssl->specs.cipher_type = block; 01053 ssl->specs.mac_algorithm = sha256_mac; 01054 ssl->specs.kea = rsa_kea; 01055 ssl->specs.sig_algo = rsa_sa_algo; 01056 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01057 ssl->specs.pad_size = PAD_SHA; 01058 ssl->specs.static_ecdh = 0; 01059 ssl->specs.key_size = AES_256_KEY_SIZE; 01060 ssl->specs.block_size = AES_BLOCK_SIZE; 01061 ssl->specs.iv_size = AES_IV_SIZE; 01062 01063 break; 01064 #endif 01065 01066 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA 01067 case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : 01068 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01069 ssl->specs.cipher_type = block; 01070 ssl->specs.mac_algorithm = sha_mac; 01071 ssl->specs.kea = ntru_kea; 01072 ssl->specs.sig_algo = rsa_sa_algo; 01073 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01074 ssl->specs.pad_size = PAD_SHA; 01075 ssl->specs.static_ecdh = 0; 01076 ssl->specs.key_size = AES_256_KEY_SIZE; 01077 ssl->specs.block_size = AES_BLOCK_SIZE; 01078 ssl->specs.iv_size = AES_IV_SIZE; 01079 01080 break; 01081 #endif 01082 01083 #ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 01084 case TLS_PSK_WITH_AES_128_GCM_SHA256 : 01085 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 01086 ssl->specs.cipher_type = aead; 01087 ssl->specs.mac_algorithm = sha256_mac; 01088 ssl->specs.kea = psk_kea; 01089 ssl->specs.sig_algo = anonymous_sa_algo; 01090 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01091 ssl->specs.pad_size = PAD_SHA; 01092 ssl->specs.static_ecdh = 0; 01093 ssl->specs.key_size = AES_128_KEY_SIZE; 01094 ssl->specs.block_size = AES_BLOCK_SIZE; 01095 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01096 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01097 01098 ssl->options.usingPSK_cipher = 1; 01099 break; 01100 #endif 01101 01102 #ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 01103 case TLS_PSK_WITH_AES_256_GCM_SHA384 : 01104 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 01105 ssl->specs.cipher_type = aead; 01106 ssl->specs.mac_algorithm = sha384_mac; 01107 ssl->specs.kea = psk_kea; 01108 ssl->specs.sig_algo = anonymous_sa_algo; 01109 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01110 ssl->specs.pad_size = PAD_SHA; 01111 ssl->specs.static_ecdh = 0; 01112 ssl->specs.key_size = AES_256_KEY_SIZE; 01113 ssl->specs.block_size = AES_BLOCK_SIZE; 01114 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01115 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01116 01117 ssl->options.usingPSK_cipher = 1; 01118 break; 01119 #endif 01120 01121 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 01122 case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 : 01123 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 01124 ssl->specs.cipher_type = aead; 01125 ssl->specs.mac_algorithm = sha256_mac; 01126 ssl->specs.kea = dhe_psk_kea; 01127 ssl->specs.sig_algo = anonymous_sa_algo; 01128 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01129 ssl->specs.pad_size = PAD_SHA; 01130 ssl->specs.static_ecdh = 0; 01131 ssl->specs.key_size = AES_128_KEY_SIZE; 01132 ssl->specs.block_size = AES_BLOCK_SIZE; 01133 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01134 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01135 01136 ssl->options.usingPSK_cipher = 1; 01137 break; 01138 #endif 01139 01140 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 01141 case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 : 01142 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 01143 ssl->specs.cipher_type = aead; 01144 ssl->specs.mac_algorithm = sha384_mac; 01145 ssl->specs.kea = dhe_psk_kea; 01146 ssl->specs.sig_algo = anonymous_sa_algo; 01147 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01148 ssl->specs.pad_size = PAD_SHA; 01149 ssl->specs.static_ecdh = 0; 01150 ssl->specs.key_size = AES_256_KEY_SIZE; 01151 ssl->specs.block_size = AES_BLOCK_SIZE; 01152 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01153 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01154 01155 ssl->options.usingPSK_cipher = 1; 01156 break; 01157 #endif 01158 01159 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 01160 case TLS_PSK_WITH_AES_128_CBC_SHA256 : 01161 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01162 ssl->specs.cipher_type = block; 01163 ssl->specs.mac_algorithm = sha256_mac; 01164 ssl->specs.kea = psk_kea; 01165 ssl->specs.sig_algo = anonymous_sa_algo; 01166 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01167 ssl->specs.pad_size = PAD_SHA; 01168 ssl->specs.static_ecdh = 0; 01169 ssl->specs.key_size = AES_128_KEY_SIZE; 01170 ssl->specs.block_size = AES_BLOCK_SIZE; 01171 ssl->specs.iv_size = AES_IV_SIZE; 01172 01173 ssl->options.usingPSK_cipher = 1; 01174 break; 01175 #endif 01176 01177 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 01178 case TLS_PSK_WITH_AES_256_CBC_SHA384 : 01179 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01180 ssl->specs.cipher_type = block; 01181 ssl->specs.mac_algorithm = sha384_mac; 01182 ssl->specs.kea = psk_kea; 01183 ssl->specs.sig_algo = anonymous_sa_algo; 01184 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01185 ssl->specs.pad_size = PAD_SHA; 01186 ssl->specs.static_ecdh = 0; 01187 ssl->specs.key_size = AES_256_KEY_SIZE; 01188 ssl->specs.block_size = AES_BLOCK_SIZE; 01189 ssl->specs.iv_size = AES_IV_SIZE; 01190 01191 ssl->options.usingPSK_cipher = 1; 01192 break; 01193 #endif 01194 01195 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 01196 case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 : 01197 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01198 ssl->specs.cipher_type = block; 01199 ssl->specs.mac_algorithm = sha256_mac; 01200 ssl->specs.kea = dhe_psk_kea; 01201 ssl->specs.sig_algo = anonymous_sa_algo; 01202 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01203 ssl->specs.pad_size = PAD_SHA; 01204 ssl->specs.static_ecdh = 0; 01205 ssl->specs.key_size = AES_128_KEY_SIZE; 01206 ssl->specs.block_size = AES_BLOCK_SIZE; 01207 ssl->specs.iv_size = AES_IV_SIZE; 01208 01209 ssl->options.usingPSK_cipher = 1; 01210 break; 01211 #endif 01212 01213 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 01214 case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 : 01215 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01216 ssl->specs.cipher_type = block; 01217 ssl->specs.mac_algorithm = sha384_mac; 01218 ssl->specs.kea = dhe_psk_kea; 01219 ssl->specs.sig_algo = anonymous_sa_algo; 01220 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01221 ssl->specs.pad_size = PAD_SHA; 01222 ssl->specs.static_ecdh = 0; 01223 ssl->specs.key_size = AES_256_KEY_SIZE; 01224 ssl->specs.block_size = AES_BLOCK_SIZE; 01225 ssl->specs.iv_size = AES_IV_SIZE; 01226 01227 ssl->options.usingPSK_cipher = 1; 01228 break; 01229 #endif 01230 01231 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA 01232 case TLS_PSK_WITH_AES_128_CBC_SHA : 01233 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01234 ssl->specs.cipher_type = block; 01235 ssl->specs.mac_algorithm = sha_mac; 01236 ssl->specs.kea = psk_kea; 01237 ssl->specs.sig_algo = anonymous_sa_algo; 01238 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01239 ssl->specs.pad_size = PAD_SHA; 01240 ssl->specs.static_ecdh = 0; 01241 ssl->specs.key_size = AES_128_KEY_SIZE; 01242 ssl->specs.block_size = AES_BLOCK_SIZE; 01243 ssl->specs.iv_size = AES_IV_SIZE; 01244 01245 ssl->options.usingPSK_cipher = 1; 01246 break; 01247 #endif 01248 01249 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA 01250 case TLS_PSK_WITH_AES_256_CBC_SHA : 01251 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01252 ssl->specs.cipher_type = block; 01253 ssl->specs.mac_algorithm = sha_mac; 01254 ssl->specs.kea = psk_kea; 01255 ssl->specs.sig_algo = anonymous_sa_algo; 01256 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01257 ssl->specs.pad_size = PAD_SHA; 01258 ssl->specs.static_ecdh = 0; 01259 ssl->specs.key_size = AES_256_KEY_SIZE; 01260 ssl->specs.block_size = AES_BLOCK_SIZE; 01261 ssl->specs.iv_size = AES_IV_SIZE; 01262 01263 ssl->options.usingPSK_cipher = 1; 01264 break; 01265 #endif 01266 01267 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA256 01268 case TLS_PSK_WITH_NULL_SHA256 : 01269 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; 01270 ssl->specs.cipher_type = stream; 01271 ssl->specs.mac_algorithm = sha256_mac; 01272 ssl->specs.kea = psk_kea; 01273 ssl->specs.sig_algo = anonymous_sa_algo; 01274 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01275 ssl->specs.pad_size = PAD_SHA; 01276 ssl->specs.static_ecdh = 0; 01277 ssl->specs.key_size = 0; 01278 ssl->specs.block_size = 0; 01279 ssl->specs.iv_size = 0; 01280 01281 ssl->options.usingPSK_cipher = 1; 01282 break; 01283 #endif 01284 01285 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA384 01286 case TLS_PSK_WITH_NULL_SHA384 : 01287 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; 01288 ssl->specs.cipher_type = stream; 01289 ssl->specs.mac_algorithm = sha384_mac; 01290 ssl->specs.kea = psk_kea; 01291 ssl->specs.sig_algo = anonymous_sa_algo; 01292 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01293 ssl->specs.pad_size = PAD_SHA; 01294 ssl->specs.static_ecdh = 0; 01295 ssl->specs.key_size = 0; 01296 ssl->specs.block_size = 0; 01297 ssl->specs.iv_size = 0; 01298 01299 ssl->options.usingPSK_cipher = 1; 01300 break; 01301 #endif 01302 01303 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA 01304 case TLS_PSK_WITH_NULL_SHA : 01305 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; 01306 ssl->specs.cipher_type = stream; 01307 ssl->specs.mac_algorithm = sha_mac; 01308 ssl->specs.kea = psk_kea; 01309 ssl->specs.sig_algo = anonymous_sa_algo; 01310 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01311 ssl->specs.pad_size = PAD_SHA; 01312 ssl->specs.static_ecdh = 0; 01313 ssl->specs.key_size = 0; 01314 ssl->specs.block_size = 0; 01315 ssl->specs.iv_size = 0; 01316 01317 ssl->options.usingPSK_cipher = 1; 01318 break; 01319 #endif 01320 01321 #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 01322 case TLS_DHE_PSK_WITH_NULL_SHA256 : 01323 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; 01324 ssl->specs.cipher_type = stream; 01325 ssl->specs.mac_algorithm = sha256_mac; 01326 ssl->specs.kea = dhe_psk_kea; 01327 ssl->specs.sig_algo = anonymous_sa_algo; 01328 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01329 ssl->specs.pad_size = PAD_SHA; 01330 ssl->specs.static_ecdh = 0; 01331 ssl->specs.key_size = 0; 01332 ssl->specs.block_size = 0; 01333 ssl->specs.iv_size = 0; 01334 01335 ssl->options.usingPSK_cipher = 1; 01336 break; 01337 #endif 01338 01339 #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 01340 case TLS_DHE_PSK_WITH_NULL_SHA384 : 01341 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; 01342 ssl->specs.cipher_type = stream; 01343 ssl->specs.mac_algorithm = sha384_mac; 01344 ssl->specs.kea = dhe_psk_kea; 01345 ssl->specs.sig_algo = anonymous_sa_algo; 01346 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01347 ssl->specs.pad_size = PAD_SHA; 01348 ssl->specs.static_ecdh = 0; 01349 ssl->specs.key_size = 0; 01350 ssl->specs.block_size = 0; 01351 ssl->specs.iv_size = 0; 01352 01353 ssl->options.usingPSK_cipher = 1; 01354 break; 01355 #endif 01356 01357 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 01358 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : 01359 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01360 ssl->specs.cipher_type = block; 01361 ssl->specs.mac_algorithm = sha256_mac; 01362 ssl->specs.kea = diffie_hellman_kea; 01363 ssl->specs.sig_algo = rsa_sa_algo; 01364 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01365 ssl->specs.pad_size = PAD_SHA; 01366 ssl->specs.static_ecdh = 0; 01367 ssl->specs.key_size = AES_128_KEY_SIZE; 01368 ssl->specs.block_size = AES_BLOCK_SIZE; 01369 ssl->specs.iv_size = AES_IV_SIZE; 01370 01371 break; 01372 #endif 01373 01374 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 01375 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 : 01376 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01377 ssl->specs.cipher_type = block; 01378 ssl->specs.mac_algorithm = sha256_mac; 01379 ssl->specs.kea = diffie_hellman_kea; 01380 ssl->specs.sig_algo = rsa_sa_algo; 01381 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01382 ssl->specs.pad_size = PAD_SHA; 01383 ssl->specs.static_ecdh = 0; 01384 ssl->specs.key_size = AES_256_KEY_SIZE; 01385 ssl->specs.block_size = AES_BLOCK_SIZE; 01386 ssl->specs.iv_size = AES_IV_SIZE; 01387 01388 break; 01389 #endif 01390 01391 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 01392 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA : 01393 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01394 ssl->specs.cipher_type = block; 01395 ssl->specs.mac_algorithm = sha_mac; 01396 ssl->specs.kea = diffie_hellman_kea; 01397 ssl->specs.sig_algo = rsa_sa_algo; 01398 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01399 ssl->specs.pad_size = PAD_SHA; 01400 ssl->specs.static_ecdh = 0; 01401 ssl->specs.key_size = AES_128_KEY_SIZE; 01402 ssl->specs.block_size = AES_BLOCK_SIZE; 01403 ssl->specs.iv_size = AES_IV_SIZE; 01404 01405 break; 01406 #endif 01407 01408 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 01409 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA : 01410 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01411 ssl->specs.cipher_type = block; 01412 ssl->specs.mac_algorithm = sha_mac; 01413 ssl->specs.kea = diffie_hellman_kea; 01414 ssl->specs.sig_algo = rsa_sa_algo; 01415 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01416 ssl->specs.pad_size = PAD_SHA; 01417 ssl->specs.static_ecdh = 0; 01418 ssl->specs.key_size = AES_256_KEY_SIZE; 01419 ssl->specs.block_size = AES_BLOCK_SIZE; 01420 ssl->specs.iv_size = AES_IV_SIZE; 01421 01422 break; 01423 #endif 01424 01425 #ifdef BUILD_TLS_RSA_WITH_HC_128_MD5 01426 case TLS_RSA_WITH_HC_128_MD5 : 01427 ssl->specs.bulk_cipher_algorithm = cyassl_hc128; 01428 ssl->specs.cipher_type = stream; 01429 ssl->specs.mac_algorithm = md5_mac; 01430 ssl->specs.kea = rsa_kea; 01431 ssl->specs.sig_algo = rsa_sa_algo; 01432 ssl->specs.hash_size = MD5_DIGEST_SIZE; 01433 ssl->specs.pad_size = PAD_MD5; 01434 ssl->specs.static_ecdh = 0; 01435 ssl->specs.key_size = HC_128_KEY_SIZE; 01436 ssl->specs.block_size = 0; 01437 ssl->specs.iv_size = HC_128_IV_SIZE; 01438 01439 break; 01440 #endif 01441 01442 #ifdef BUILD_TLS_RSA_WITH_HC_128_SHA 01443 case TLS_RSA_WITH_HC_128_SHA : 01444 ssl->specs.bulk_cipher_algorithm = cyassl_hc128; 01445 ssl->specs.cipher_type = stream; 01446 ssl->specs.mac_algorithm = sha_mac; 01447 ssl->specs.kea = rsa_kea; 01448 ssl->specs.sig_algo = rsa_sa_algo; 01449 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01450 ssl->specs.pad_size = PAD_SHA; 01451 ssl->specs.static_ecdh = 0; 01452 ssl->specs.key_size = HC_128_KEY_SIZE; 01453 ssl->specs.block_size = 0; 01454 ssl->specs.iv_size = HC_128_IV_SIZE; 01455 01456 break; 01457 #endif 01458 01459 #ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 01460 case TLS_RSA_WITH_HC_128_B2B256: 01461 ssl->specs.bulk_cipher_algorithm = cyassl_hc128; 01462 ssl->specs.cipher_type = stream; 01463 ssl->specs.mac_algorithm = blake2b_mac; 01464 ssl->specs.kea = rsa_kea; 01465 ssl->specs.sig_algo = rsa_sa_algo; 01466 ssl->specs.hash_size = BLAKE2B_256; 01467 ssl->specs.pad_size = PAD_SHA; 01468 ssl->specs.static_ecdh = 0; 01469 ssl->specs.key_size = HC_128_KEY_SIZE; 01470 ssl->specs.block_size = 0; 01471 ssl->specs.iv_size = HC_128_IV_SIZE; 01472 01473 break; 01474 #endif 01475 01476 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 01477 case TLS_RSA_WITH_AES_128_CBC_B2B256: 01478 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01479 ssl->specs.cipher_type = block; 01480 ssl->specs.mac_algorithm = blake2b_mac; 01481 ssl->specs.kea = rsa_kea; 01482 ssl->specs.sig_algo = rsa_sa_algo; 01483 ssl->specs.hash_size = BLAKE2B_256; 01484 ssl->specs.pad_size = PAD_SHA; 01485 ssl->specs.static_ecdh = 0; 01486 ssl->specs.key_size = AES_128_KEY_SIZE; 01487 ssl->specs.iv_size = AES_IV_SIZE; 01488 ssl->specs.block_size = AES_BLOCK_SIZE; 01489 01490 break; 01491 #endif 01492 01493 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 01494 case TLS_RSA_WITH_AES_256_CBC_B2B256: 01495 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01496 ssl->specs.cipher_type = block; 01497 ssl->specs.mac_algorithm = blake2b_mac; 01498 ssl->specs.kea = rsa_kea; 01499 ssl->specs.sig_algo = rsa_sa_algo; 01500 ssl->specs.hash_size = BLAKE2B_256; 01501 ssl->specs.pad_size = PAD_SHA; 01502 ssl->specs.static_ecdh = 0; 01503 ssl->specs.key_size = AES_256_KEY_SIZE; 01504 ssl->specs.iv_size = AES_IV_SIZE; 01505 ssl->specs.block_size = AES_BLOCK_SIZE; 01506 01507 break; 01508 #endif 01509 01510 #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA 01511 case TLS_RSA_WITH_RABBIT_SHA : 01512 ssl->specs.bulk_cipher_algorithm = cyassl_rabbit; 01513 ssl->specs.cipher_type = stream; 01514 ssl->specs.mac_algorithm = sha_mac; 01515 ssl->specs.kea = rsa_kea; 01516 ssl->specs.sig_algo = rsa_sa_algo; 01517 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01518 ssl->specs.pad_size = PAD_SHA; 01519 ssl->specs.static_ecdh = 0; 01520 ssl->specs.key_size = RABBIT_KEY_SIZE; 01521 ssl->specs.block_size = 0; 01522 ssl->specs.iv_size = RABBIT_IV_SIZE; 01523 01524 break; 01525 #endif 01526 01527 #ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 01528 case TLS_RSA_WITH_AES_128_GCM_SHA256 : 01529 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 01530 ssl->specs.cipher_type = aead; 01531 ssl->specs.mac_algorithm = sha256_mac; 01532 ssl->specs.kea = rsa_kea; 01533 ssl->specs.sig_algo = rsa_sa_algo; 01534 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01535 ssl->specs.pad_size = PAD_SHA; 01536 ssl->specs.static_ecdh = 0; 01537 ssl->specs.key_size = AES_128_KEY_SIZE; 01538 ssl->specs.block_size = AES_BLOCK_SIZE; 01539 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01540 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01541 01542 break; 01543 #endif 01544 01545 #ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 01546 case TLS_RSA_WITH_AES_256_GCM_SHA384 : 01547 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 01548 ssl->specs.cipher_type = aead; 01549 ssl->specs.mac_algorithm = sha384_mac; 01550 ssl->specs.kea = rsa_kea; 01551 ssl->specs.sig_algo = rsa_sa_algo; 01552 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01553 ssl->specs.pad_size = PAD_SHA; 01554 ssl->specs.static_ecdh = 0; 01555 ssl->specs.key_size = AES_256_KEY_SIZE; 01556 ssl->specs.block_size = AES_BLOCK_SIZE; 01557 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01558 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01559 01560 break; 01561 #endif 01562 01563 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 01564 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 : 01565 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 01566 ssl->specs.cipher_type = aead; 01567 ssl->specs.mac_algorithm = sha256_mac; 01568 ssl->specs.kea = diffie_hellman_kea; 01569 ssl->specs.sig_algo = rsa_sa_algo; 01570 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01571 ssl->specs.pad_size = PAD_SHA; 01572 ssl->specs.static_ecdh = 0; 01573 ssl->specs.key_size = AES_128_KEY_SIZE; 01574 ssl->specs.block_size = AES_BLOCK_SIZE; 01575 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01576 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01577 01578 break; 01579 #endif 01580 01581 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 01582 case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 : 01583 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; 01584 ssl->specs.cipher_type = aead; 01585 ssl->specs.mac_algorithm = sha384_mac; 01586 ssl->specs.kea = diffie_hellman_kea; 01587 ssl->specs.sig_algo = rsa_sa_algo; 01588 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01589 ssl->specs.pad_size = PAD_SHA; 01590 ssl->specs.static_ecdh = 0; 01591 ssl->specs.key_size = AES_256_KEY_SIZE; 01592 ssl->specs.block_size = AES_BLOCK_SIZE; 01593 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01594 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01595 01596 break; 01597 #endif 01598 01599 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 01600 case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : 01601 ssl->specs.bulk_cipher_algorithm = cyassl_camellia; 01602 ssl->specs.cipher_type = block; 01603 ssl->specs.mac_algorithm = sha_mac; 01604 ssl->specs.kea = rsa_kea; 01605 ssl->specs.sig_algo = rsa_sa_algo; 01606 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01607 ssl->specs.pad_size = PAD_SHA; 01608 ssl->specs.static_ecdh = 0; 01609 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; 01610 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01611 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01612 01613 break; 01614 #endif 01615 01616 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 01617 case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : 01618 ssl->specs.bulk_cipher_algorithm = cyassl_camellia; 01619 ssl->specs.cipher_type = block; 01620 ssl->specs.mac_algorithm = sha_mac; 01621 ssl->specs.kea = rsa_kea; 01622 ssl->specs.sig_algo = rsa_sa_algo; 01623 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01624 ssl->specs.pad_size = PAD_SHA; 01625 ssl->specs.static_ecdh = 0; 01626 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; 01627 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01628 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01629 01630 break; 01631 #endif 01632 01633 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 01634 case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : 01635 ssl->specs.bulk_cipher_algorithm = cyassl_camellia; 01636 ssl->specs.cipher_type = block; 01637 ssl->specs.mac_algorithm = sha256_mac; 01638 ssl->specs.kea = rsa_kea; 01639 ssl->specs.sig_algo = rsa_sa_algo; 01640 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01641 ssl->specs.pad_size = PAD_SHA; 01642 ssl->specs.static_ecdh = 0; 01643 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; 01644 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01645 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01646 01647 break; 01648 #endif 01649 01650 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 01651 case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 : 01652 ssl->specs.bulk_cipher_algorithm = cyassl_camellia; 01653 ssl->specs.cipher_type = block; 01654 ssl->specs.mac_algorithm = sha256_mac; 01655 ssl->specs.kea = rsa_kea; 01656 ssl->specs.sig_algo = rsa_sa_algo; 01657 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01658 ssl->specs.pad_size = PAD_SHA; 01659 ssl->specs.static_ecdh = 0; 01660 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; 01661 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01662 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01663 01664 break; 01665 #endif 01666 01667 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 01668 case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : 01669 ssl->specs.bulk_cipher_algorithm = cyassl_camellia; 01670 ssl->specs.cipher_type = block; 01671 ssl->specs.mac_algorithm = sha_mac; 01672 ssl->specs.kea = diffie_hellman_kea; 01673 ssl->specs.sig_algo = rsa_sa_algo; 01674 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01675 ssl->specs.pad_size = PAD_SHA; 01676 ssl->specs.static_ecdh = 0; 01677 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; 01678 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01679 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01680 01681 break; 01682 #endif 01683 01684 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 01685 case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : 01686 ssl->specs.bulk_cipher_algorithm = cyassl_camellia; 01687 ssl->specs.cipher_type = block; 01688 ssl->specs.mac_algorithm = sha_mac; 01689 ssl->specs.kea = diffie_hellman_kea; 01690 ssl->specs.sig_algo = rsa_sa_algo; 01691 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01692 ssl->specs.pad_size = PAD_SHA; 01693 ssl->specs.static_ecdh = 0; 01694 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; 01695 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01696 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01697 01698 break; 01699 #endif 01700 01701 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 01702 case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 : 01703 ssl->specs.bulk_cipher_algorithm = cyassl_camellia; 01704 ssl->specs.cipher_type = block; 01705 ssl->specs.mac_algorithm = sha256_mac; 01706 ssl->specs.kea = diffie_hellman_kea; 01707 ssl->specs.sig_algo = rsa_sa_algo; 01708 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01709 ssl->specs.pad_size = PAD_SHA; 01710 ssl->specs.static_ecdh = 0; 01711 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; 01712 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01713 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01714 01715 break; 01716 #endif 01717 01718 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 01719 case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 : 01720 ssl->specs.bulk_cipher_algorithm = cyassl_camellia; 01721 ssl->specs.cipher_type = block; 01722 ssl->specs.mac_algorithm = sha256_mac; 01723 ssl->specs.kea = diffie_hellman_kea; 01724 ssl->specs.sig_algo = rsa_sa_algo; 01725 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01726 ssl->specs.pad_size = PAD_SHA; 01727 ssl->specs.static_ecdh = 0; 01728 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; 01729 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01730 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01731 01732 break; 01733 #endif 01734 01735 #ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA 01736 case TLS_DH_anon_WITH_AES_128_CBC_SHA : 01737 ssl->specs.bulk_cipher_algorithm = cyassl_aes; 01738 ssl->specs.cipher_type = block; 01739 ssl->specs.mac_algorithm = sha_mac; 01740 ssl->specs.kea = diffie_hellman_kea; 01741 ssl->specs.sig_algo = anonymous_sa_algo; 01742 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01743 ssl->specs.pad_size = PAD_SHA; 01744 ssl->specs.static_ecdh = 0; 01745 ssl->specs.key_size = AES_128_KEY_SIZE; 01746 ssl->specs.block_size = AES_BLOCK_SIZE; 01747 ssl->specs.iv_size = AES_IV_SIZE; 01748 01749 ssl->options.usingAnon_cipher = 1; 01750 break; 01751 #endif 01752 01753 default: 01754 CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs"); 01755 return UNSUPPORTED_SUITE; 01756 } /* switch */ 01757 } /* if ECC / Normal suites else */ 01758 01759 /* set TLS if it hasn't been turned off */ 01760 if (ssl->version.major == 3 && ssl->version.minor >= 1) { 01761 #ifndef NO_TLS 01762 ssl->options.tls = 1; 01763 ssl->hmac = TLS_hmac; 01764 if (ssl->version.minor >= 2) 01765 ssl->options.tls1_1 = 1; 01766 #endif 01767 } 01768 01769 #ifdef CYASSL_DTLS 01770 if (ssl->options.dtls) 01771 ssl->hmac = TLS_hmac; 01772 #endif 01773 01774 return 0; 01775 } 01776 01777 01778 enum KeyStuff { 01779 MASTER_ROUNDS = 3, 01780 PREFIX = 3, /* up to three letters for master prefix */ 01781 KEY_PREFIX = 7 /* up to 7 prefix letters for key rounds */ 01782 01783 01784 }; 01785 01786 #ifndef NO_OLD_TLS 01787 /* true or false, zero for error */ 01788 static int SetPrefix(byte* sha_input, int idx) 01789 { 01790 switch (idx) { 01791 case 0: 01792 XMEMCPY(sha_input, "A", 1); 01793 break; 01794 case 1: 01795 XMEMCPY(sha_input, "BB", 2); 01796 break; 01797 case 2: 01798 XMEMCPY(sha_input, "CCC", 3); 01799 break; 01800 case 3: 01801 XMEMCPY(sha_input, "DDDD", 4); 01802 break; 01803 case 4: 01804 XMEMCPY(sha_input, "EEEEE", 5); 01805 break; 01806 case 5: 01807 XMEMCPY(sha_input, "FFFFFF", 6); 01808 break; 01809 case 6: 01810 XMEMCPY(sha_input, "GGGGGGG", 7); 01811 break; 01812 default: 01813 CYASSL_MSG("Set Prefix error, bad input"); 01814 return 0; 01815 } 01816 return 1; 01817 } 01818 #endif 01819 01820 01821 static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, 01822 byte side, void* heap, int devId) 01823 { 01824 #ifdef BUILD_ARC4 01825 word32 sz = specs->key_size; 01826 if (specs->bulk_cipher_algorithm == cyassl_rc4) { 01827 if (enc && enc->arc4 == NULL) 01828 enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); 01829 if (enc && enc->arc4 == NULL) 01830 return MEMORY_E; 01831 if (dec && dec->arc4 == NULL) 01832 dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); 01833 if (dec && dec->arc4 == NULL) 01834 return MEMORY_E; 01835 #ifdef HAVE_CAVIUM 01836 if (devId != NO_CAVIUM_DEVICE) { 01837 if (enc) { 01838 if (Arc4InitCavium(enc->arc4, devId) != 0) { 01839 CYASSL_MSG("Arc4InitCavium failed in SetKeys"); 01840 return CAVIUM_INIT_E; 01841 } 01842 } 01843 if (dec) { 01844 if (Arc4InitCavium(dec->arc4, devId) != 0) { 01845 CYASSL_MSG("Arc4InitCavium failed in SetKeys"); 01846 return CAVIUM_INIT_E; 01847 } 01848 } 01849 } 01850 #endif 01851 if (side == CYASSL_CLIENT_END) { 01852 if (enc) 01853 Arc4SetKey(enc->arc4, keys->client_write_key, sz); 01854 if (dec) 01855 Arc4SetKey(dec->arc4, keys->server_write_key, sz); 01856 } 01857 else { 01858 if (enc) 01859 Arc4SetKey(enc->arc4, keys->server_write_key, sz); 01860 if (dec) 01861 Arc4SetKey(dec->arc4, keys->client_write_key, sz); 01862 } 01863 if (enc) 01864 enc->setup = 1; 01865 if (dec) 01866 dec->setup = 1; 01867 } 01868 #endif 01869 01870 01871 #ifdef HAVE_CHACHA 01872 if (specs->bulk_cipher_algorithm == cyassl_chacha) { 01873 int chachaRet; 01874 if (enc && enc->chacha == NULL) 01875 enc->chacha = 01876 (ChaCha*)XMALLOC(sizeof(ChaCha), heap, DYNAMIC_TYPE_CIPHER); 01877 if (enc && enc->chacha == NULL) 01878 return MEMORY_E; 01879 if (dec && dec->chacha == NULL) 01880 dec->chacha = 01881 (ChaCha*)XMALLOC(sizeof(ChaCha), heap, DYNAMIC_TYPE_CIPHER); 01882 if (dec && dec->chacha == NULL) 01883 return MEMORY_E; 01884 if (side == CYASSL_CLIENT_END) { 01885 if (enc) { 01886 chachaRet = Chacha_SetKey(enc->chacha, keys->client_write_key, 01887 specs->key_size); 01888 XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV, 01889 AEAD_IMP_IV_SZ); 01890 if (chachaRet != 0) return chachaRet; 01891 } 01892 if (dec) { 01893 chachaRet = Chacha_SetKey(dec->chacha, keys->server_write_key, 01894 specs->key_size); 01895 XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV, 01896 AEAD_IMP_IV_SZ); 01897 if (chachaRet != 0) return chachaRet; 01898 } 01899 } 01900 else { 01901 if (enc) { 01902 chachaRet = Chacha_SetKey(enc->chacha, keys->server_write_key, 01903 specs->key_size); 01904 XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV, 01905 AEAD_IMP_IV_SZ); 01906 if (chachaRet != 0) return chachaRet; 01907 } 01908 if (dec) { 01909 chachaRet = Chacha_SetKey(dec->chacha, keys->client_write_key, 01910 specs->key_size); 01911 XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV, 01912 AEAD_IMP_IV_SZ); 01913 if (chachaRet != 0) return chachaRet; 01914 } 01915 } 01916 01917 if (enc) 01918 enc->setup = 1; 01919 if (dec) 01920 dec->setup = 1; 01921 } 01922 #endif 01923 01924 #ifdef HAVE_HC128 01925 if (specs->bulk_cipher_algorithm == cyassl_hc128) { 01926 int hcRet; 01927 if (enc && enc->hc128 == NULL) 01928 enc->hc128 = 01929 (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER); 01930 if (enc && enc->hc128 == NULL) 01931 return MEMORY_E; 01932 if (dec && dec->hc128 == NULL) 01933 dec->hc128 = 01934 (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER); 01935 if (dec && dec->hc128 == NULL) 01936 return MEMORY_E; 01937 if (side == CYASSL_CLIENT_END) { 01938 if (enc) { 01939 hcRet = Hc128_SetKey(enc->hc128, keys->client_write_key, 01940 keys->client_write_IV); 01941 if (hcRet != 0) return hcRet; 01942 } 01943 if (dec) { 01944 hcRet = Hc128_SetKey(dec->hc128, keys->server_write_key, 01945 keys->server_write_IV); 01946 if (hcRet != 0) return hcRet; 01947 } 01948 } 01949 else { 01950 if (enc) { 01951 hcRet = Hc128_SetKey(enc->hc128, keys->server_write_key, 01952 keys->server_write_IV); 01953 if (hcRet != 0) return hcRet; 01954 } 01955 if (dec) { 01956 hcRet = Hc128_SetKey(dec->hc128, keys->client_write_key, 01957 keys->client_write_IV); 01958 if (hcRet != 0) return hcRet; 01959 } 01960 } 01961 if (enc) 01962 enc->setup = 1; 01963 if (dec) 01964 dec->setup = 1; 01965 } 01966 #endif 01967 01968 #ifdef BUILD_RABBIT 01969 if (specs->bulk_cipher_algorithm == cyassl_rabbit) { 01970 int rabRet; 01971 if (enc && enc->rabbit == NULL) 01972 enc->rabbit = 01973 (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER); 01974 if (enc && enc->rabbit == NULL) 01975 return MEMORY_E; 01976 if (dec && dec->rabbit == NULL) 01977 dec->rabbit = 01978 (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER); 01979 if (dec && dec->rabbit == NULL) 01980 return MEMORY_E; 01981 if (side == CYASSL_CLIENT_END) { 01982 if (enc) { 01983 rabRet = RabbitSetKey(enc->rabbit, keys->client_write_key, 01984 keys->client_write_IV); 01985 if (rabRet != 0) return rabRet; 01986 } 01987 if (dec) { 01988 rabRet = RabbitSetKey(dec->rabbit, keys->server_write_key, 01989 keys->server_write_IV); 01990 if (rabRet != 0) return rabRet; 01991 } 01992 } 01993 else { 01994 if (enc) { 01995 rabRet = RabbitSetKey(enc->rabbit, keys->server_write_key, 01996 keys->server_write_IV); 01997 if (rabRet != 0) return rabRet; 01998 } 01999 if (dec) { 02000 rabRet = RabbitSetKey(dec->rabbit, keys->client_write_key, 02001 keys->client_write_IV); 02002 if (rabRet != 0) return rabRet; 02003 } 02004 } 02005 if (enc) 02006 enc->setup = 1; 02007 if (dec) 02008 dec->setup = 1; 02009 } 02010 #endif 02011 02012 #ifdef BUILD_DES3 02013 if (specs->bulk_cipher_algorithm == cyassl_triple_des) { 02014 int desRet = 0; 02015 02016 if (enc && enc->des3 == NULL) 02017 enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER); 02018 if (enc && enc->des3 == NULL) 02019 return MEMORY_E; 02020 if (dec && dec->des3 == NULL) 02021 dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER); 02022 if (dec && dec->des3 == NULL) 02023 return MEMORY_E; 02024 #ifdef HAVE_CAVIUM 02025 if (devId != NO_CAVIUM_DEVICE) { 02026 if (enc) { 02027 if (Des3_InitCavium(enc->des3, devId) != 0) { 02028 CYASSL_MSG("Des3_InitCavium failed in SetKeys"); 02029 return CAVIUM_INIT_E; 02030 } 02031 } 02032 if (dec) { 02033 if (Des3_InitCavium(dec->des3, devId) != 0) { 02034 CYASSL_MSG("Des3_InitCavium failed in SetKeys"); 02035 return CAVIUM_INIT_E; 02036 } 02037 } 02038 } 02039 #endif 02040 if (side == CYASSL_CLIENT_END) { 02041 if (enc) { 02042 desRet = Des3_SetKey(enc->des3, keys->client_write_key, 02043 keys->client_write_IV, DES_ENCRYPTION); 02044 if (desRet != 0) return desRet; 02045 } 02046 if (dec) { 02047 desRet = Des3_SetKey(dec->des3, keys->server_write_key, 02048 keys->server_write_IV, DES_DECRYPTION); 02049 if (desRet != 0) return desRet; 02050 } 02051 } 02052 else { 02053 if (enc) { 02054 desRet = Des3_SetKey(enc->des3, keys->server_write_key, 02055 keys->server_write_IV, DES_ENCRYPTION); 02056 if (desRet != 0) return desRet; 02057 } 02058 if (dec) { 02059 desRet = Des3_SetKey(dec->des3, keys->client_write_key, 02060 keys->client_write_IV, DES_DECRYPTION); 02061 if (desRet != 0) return desRet; 02062 } 02063 } 02064 if (enc) 02065 enc->setup = 1; 02066 if (dec) 02067 dec->setup = 1; 02068 } 02069 #endif 02070 02071 #ifdef BUILD_AES 02072 if (specs->bulk_cipher_algorithm == cyassl_aes) { 02073 int aesRet = 0; 02074 02075 if (enc && enc->aes == NULL) 02076 enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 02077 if (enc && enc->aes == NULL) 02078 return MEMORY_E; 02079 if (dec && dec->aes == NULL) 02080 dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 02081 if (dec && dec->aes == NULL) 02082 return MEMORY_E; 02083 #ifdef HAVE_CAVIUM 02084 if (devId != NO_CAVIUM_DEVICE) { 02085 if (enc) { 02086 if (AesInitCavium(enc->aes, devId) != 0) { 02087 CYASSL_MSG("AesInitCavium failed in SetKeys"); 02088 return CAVIUM_INIT_E; 02089 } 02090 } 02091 if (dec) { 02092 if (AesInitCavium(dec->aes, devId) != 0) { 02093 CYASSL_MSG("AesInitCavium failed in SetKeys"); 02094 return CAVIUM_INIT_E; 02095 } 02096 } 02097 } 02098 #endif 02099 if (side == CYASSL_CLIENT_END) { 02100 if (enc) { 02101 aesRet = AesSetKey(enc->aes, keys->client_write_key, 02102 specs->key_size, keys->client_write_IV, 02103 AES_ENCRYPTION); 02104 if (aesRet != 0) return aesRet; 02105 } 02106 if (dec) { 02107 aesRet = AesSetKey(dec->aes, keys->server_write_key, 02108 specs->key_size, keys->server_write_IV, 02109 AES_DECRYPTION); 02110 if (aesRet != 0) return aesRet; 02111 } 02112 } 02113 else { 02114 if (enc) { 02115 aesRet = AesSetKey(enc->aes, keys->server_write_key, 02116 specs->key_size, keys->server_write_IV, 02117 AES_ENCRYPTION); 02118 if (aesRet != 0) return aesRet; 02119 } 02120 if (dec) { 02121 aesRet = AesSetKey(dec->aes, keys->client_write_key, 02122 specs->key_size, keys->client_write_IV, 02123 AES_DECRYPTION); 02124 if (aesRet != 0) return aesRet; 02125 } 02126 } 02127 if (enc) 02128 enc->setup = 1; 02129 if (dec) 02130 dec->setup = 1; 02131 } 02132 #endif 02133 02134 #ifdef BUILD_AESGCM 02135 if (specs->bulk_cipher_algorithm == cyassl_aes_gcm) { 02136 int gcmRet; 02137 02138 if (enc && enc->aes == NULL) 02139 enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 02140 if (enc && enc->aes == NULL) 02141 return MEMORY_E; 02142 if (dec && dec->aes == NULL) 02143 dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 02144 if (dec && dec->aes == NULL) 02145 return MEMORY_E; 02146 02147 if (side == CYASSL_CLIENT_END) { 02148 if (enc) { 02149 gcmRet = AesGcmSetKey(enc->aes, keys->client_write_key, 02150 specs->key_size); 02151 if (gcmRet != 0) return gcmRet; 02152 XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV, 02153 AEAD_IMP_IV_SZ); 02154 } 02155 if (dec) { 02156 gcmRet = AesGcmSetKey(dec->aes, keys->server_write_key, 02157 specs->key_size); 02158 if (gcmRet != 0) return gcmRet; 02159 XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV, 02160 AEAD_IMP_IV_SZ); 02161 } 02162 } 02163 else { 02164 if (enc) { 02165 gcmRet = AesGcmSetKey(enc->aes, keys->server_write_key, 02166 specs->key_size); 02167 if (gcmRet != 0) return gcmRet; 02168 XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV, 02169 AEAD_IMP_IV_SZ); 02170 } 02171 if (dec) { 02172 gcmRet = AesGcmSetKey(dec->aes, keys->client_write_key, 02173 specs->key_size); 02174 if (gcmRet != 0) return gcmRet; 02175 XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV, 02176 AEAD_IMP_IV_SZ); 02177 } 02178 } 02179 if (enc) 02180 enc->setup = 1; 02181 if (dec) 02182 dec->setup = 1; 02183 } 02184 #endif 02185 02186 #ifdef HAVE_AESCCM 02187 if (specs->bulk_cipher_algorithm == cyassl_aes_ccm) { 02188 if (enc && enc->aes == NULL) 02189 enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 02190 if (enc && enc->aes == NULL) 02191 return MEMORY_E; 02192 if (dec && dec->aes == NULL) 02193 dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 02194 if (dec && dec->aes == NULL) 02195 return MEMORY_E; 02196 02197 if (side == CYASSL_CLIENT_END) { 02198 if (enc) { 02199 AesCcmSetKey(enc->aes, keys->client_write_key, specs->key_size); 02200 XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV, 02201 AEAD_IMP_IV_SZ); 02202 } 02203 if (dec) { 02204 AesCcmSetKey(dec->aes, keys->server_write_key, specs->key_size); 02205 XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV, 02206 AEAD_IMP_IV_SZ); 02207 } 02208 } 02209 else { 02210 if (enc) { 02211 AesCcmSetKey(enc->aes, keys->server_write_key, specs->key_size); 02212 XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV, 02213 AEAD_IMP_IV_SZ); 02214 } 02215 if (dec) { 02216 AesCcmSetKey(dec->aes, keys->client_write_key, specs->key_size); 02217 XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV, 02218 AEAD_IMP_IV_SZ); 02219 } 02220 } 02221 if (enc) 02222 enc->setup = 1; 02223 if (dec) 02224 dec->setup = 1; 02225 } 02226 #endif 02227 02228 #ifdef HAVE_CAMELLIA 02229 if (specs->bulk_cipher_algorithm == cyassl_camellia) { 02230 int camRet; 02231 02232 if (enc && enc->cam == NULL) 02233 enc->cam = 02234 (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER); 02235 if (enc && enc->cam == NULL) 02236 return MEMORY_E; 02237 02238 if (dec && dec->cam == NULL) 02239 dec->cam = 02240 (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER); 02241 if (dec && dec->cam == NULL) 02242 return MEMORY_E; 02243 02244 if (side == CYASSL_CLIENT_END) { 02245 if (enc) { 02246 camRet = CamelliaSetKey(enc->cam, keys->client_write_key, 02247 specs->key_size, keys->client_write_IV); 02248 if (camRet != 0) return camRet; 02249 } 02250 if (dec) { 02251 camRet = CamelliaSetKey(dec->cam, keys->server_write_key, 02252 specs->key_size, keys->server_write_IV); 02253 if (camRet != 0) return camRet; 02254 } 02255 } 02256 else { 02257 if (enc) { 02258 camRet = CamelliaSetKey(enc->cam, keys->server_write_key, 02259 specs->key_size, keys->server_write_IV); 02260 if (camRet != 0) return camRet; 02261 } 02262 if (dec) { 02263 camRet = CamelliaSetKey(dec->cam, keys->client_write_key, 02264 specs->key_size, keys->client_write_IV); 02265 if (camRet != 0) return camRet; 02266 } 02267 } 02268 if (enc) 02269 enc->setup = 1; 02270 if (dec) 02271 dec->setup = 1; 02272 } 02273 #endif 02274 02275 #ifdef HAVE_NULL_CIPHER 02276 if (specs->bulk_cipher_algorithm == cyassl_cipher_null) { 02277 if (enc) 02278 enc->setup = 1; 02279 if (dec) 02280 dec->setup = 1; 02281 } 02282 #endif 02283 02284 if (enc) 02285 keys->sequence_number = 0; 02286 if (dec) 02287 keys->peer_sequence_number = 0; 02288 (void)side; 02289 (void)heap; 02290 (void)enc; 02291 (void)dec; 02292 (void)specs; 02293 (void)devId; 02294 02295 return 0; 02296 } 02297 02298 02299 #ifdef HAVE_ONE_TIME_AUTH 02300 /* set one time authentication keys */ 02301 static int SetAuthKeys(OneTimeAuth* authentication, Keys* keys, 02302 CipherSpecs* specs, void* heap, int devId) 02303 { 02304 02305 #ifdef HAVE_POLY1305 02306 /* set up memory space for poly1305 */ 02307 if (authentication && authentication->poly1305 == NULL) 02308 authentication->poly1305 = 02309 (Poly1305*)XMALLOC(sizeof(Poly1305), heap, DYNAMIC_TYPE_CIPHER); 02310 if (authentication && authentication->poly1305 == NULL) 02311 return MEMORY_E; 02312 authentication->setup = 1; 02313 #endif 02314 (void)heap; 02315 (void)keys; 02316 (void)specs; 02317 (void)devId; 02318 02319 return 0; 02320 } 02321 #endif /* HAVE_ONE_TIME_AUTH */ 02322 02323 02324 /* Set encrypt/decrypt or both sides of key setup */ 02325 int SetKeysSide(CYASSL* ssl, enum encrypt_side side) 02326 { 02327 int devId = NO_CAVIUM_DEVICE, ret, copy = 0; 02328 Ciphers* encrypt = NULL; 02329 Ciphers* decrypt = NULL; 02330 Keys* keys = &ssl->keys; 02331 02332 (void)copy; 02333 02334 #ifdef HAVE_CAVIUM 02335 devId = ssl->devId; 02336 #endif 02337 02338 #ifdef HAVE_SECURE_RENEGOTIATION 02339 if (ssl->secure_renegotiation && ssl->secure_renegotiation->cache_status) { 02340 keys = &ssl->secure_renegotiation->tmp_keys; 02341 copy = 1; 02342 } 02343 #endif /* HAVE_SECURE_RENEGOTIATION */ 02344 02345 switch (side) { 02346 case ENCRYPT_SIDE_ONLY: 02347 encrypt = &ssl->encrypt; 02348 break; 02349 02350 case DECRYPT_SIDE_ONLY: 02351 decrypt = &ssl->decrypt; 02352 break; 02353 02354 case ENCRYPT_AND_DECRYPT_SIDE: 02355 encrypt = &ssl->encrypt; 02356 decrypt = &ssl->decrypt; 02357 break; 02358 02359 default: 02360 return BAD_FUNC_ARG; 02361 } 02362 02363 #ifdef HAVE_ONE_TIME_AUTH 02364 if (!ssl->auth.setup) { 02365 ret = SetAuthKeys(&ssl->auth, keys, &ssl->specs, ssl->heap, devId); 02366 if (ret != 0) 02367 return ret; 02368 } 02369 #endif 02370 02371 ret = SetKeys(encrypt, decrypt, keys, &ssl->specs, ssl->options.side, 02372 ssl->heap, devId); 02373 02374 #ifdef HAVE_SECURE_RENEGOTIATION 02375 if (copy) { 02376 int clientCopy = 0; 02377 02378 if (ssl->options.side == CYASSL_CLIENT_END && encrypt) 02379 clientCopy = 1; 02380 else if (ssl->options.side == CYASSL_SERVER_END && decrypt) 02381 clientCopy = 1; 02382 02383 if (clientCopy) { 02384 XMEMCPY(ssl->keys.client_write_MAC_secret, 02385 keys->client_write_MAC_secret, MAX_DIGEST_SIZE); 02386 XMEMCPY(ssl->keys.client_write_key, 02387 keys->client_write_key, AES_256_KEY_SIZE); 02388 XMEMCPY(ssl->keys.client_write_IV, 02389 keys->client_write_IV, AES_IV_SIZE); 02390 } else { 02391 XMEMCPY(ssl->keys.server_write_MAC_secret, 02392 keys->server_write_MAC_secret, MAX_DIGEST_SIZE); 02393 XMEMCPY(ssl->keys.server_write_key, 02394 keys->server_write_key, AES_256_KEY_SIZE); 02395 XMEMCPY(ssl->keys.server_write_IV, 02396 keys->server_write_IV, AES_IV_SIZE); 02397 } 02398 if (encrypt) { 02399 ssl->keys.sequence_number = keys->sequence_number; 02400 #ifdef HAVE_AEAD 02401 if (ssl->specs.cipher_type == aead) { 02402 /* Initialize the AES-GCM/CCM explicit IV to a zero. */ 02403 XMEMCPY(ssl->keys.aead_exp_IV, keys->aead_exp_IV, 02404 AEAD_EXP_IV_SZ); 02405 } 02406 #endif 02407 } 02408 if (decrypt) 02409 ssl->keys.peer_sequence_number = keys->peer_sequence_number; 02410 ssl->secure_renegotiation->cache_status++; 02411 } 02412 #endif /* HAVE_SECURE_RENEGOTIATION */ 02413 02414 return ret; 02415 } 02416 02417 02418 /* TLS can call too */ 02419 int StoreKeys(CYASSL* ssl, const byte* keyData) 02420 { 02421 int sz, i = 0; 02422 Keys* keys = &ssl->keys; 02423 02424 #ifdef HAVE_SECURE_RENEGOTIATION 02425 if (ssl->secure_renegotiation && ssl->secure_renegotiation->cache_status == 02426 SCR_CACHE_NEEDED) { 02427 keys = &ssl->secure_renegotiation->tmp_keys; 02428 ssl->secure_renegotiation->cache_status++; 02429 } 02430 #endif /* HAVE_SECURE_RENEGOTIATION */ 02431 02432 if (ssl->specs.cipher_type != aead) { 02433 sz = ssl->specs.hash_size; 02434 XMEMCPY(keys->client_write_MAC_secret,&keyData[i], sz); 02435 i += sz; 02436 XMEMCPY(keys->server_write_MAC_secret,&keyData[i], sz); 02437 i += sz; 02438 } 02439 sz = ssl->specs.key_size; 02440 XMEMCPY(keys->client_write_key, &keyData[i], sz); 02441 i += sz; 02442 XMEMCPY(keys->server_write_key, &keyData[i], sz); 02443 i += sz; 02444 02445 sz = ssl->specs.iv_size; 02446 XMEMCPY(keys->client_write_IV, &keyData[i], sz); 02447 i += sz; 02448 XMEMCPY(keys->server_write_IV, &keyData[i], sz); 02449 02450 #ifdef HAVE_AEAD 02451 if (ssl->specs.cipher_type == aead) { 02452 /* Initialize the AES-GCM/CCM explicit IV to a zero. */ 02453 XMEMSET(keys->aead_exp_IV, 0, AEAD_EXP_IV_SZ); 02454 } 02455 #endif 02456 02457 return 0; 02458 } 02459 02460 #ifndef NO_OLD_TLS 02461 int DeriveKeys(CYASSL* ssl) 02462 { 02463 int length = 2 * ssl->specs.hash_size + 02464 2 * ssl->specs.key_size + 02465 2 * ssl->specs.iv_size; 02466 int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i; 02467 int ret = 0; 02468 02469 #ifdef CYASSL_SMALL_STACK 02470 byte* shaOutput; 02471 byte* md5Input; 02472 byte* shaInput; 02473 byte* keyData; 02474 Md5* md5; 02475 Sha* sha; 02476 #else 02477 byte shaOutput[SHA_DIGEST_SIZE]; 02478 byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE]; 02479 byte shaInput[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN]; 02480 byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE]; 02481 Md5 md5[1]; 02482 Sha sha[1]; 02483 #endif 02484 02485 #ifdef CYASSL_SMALL_STACK 02486 shaOutput = (byte*)XMALLOC(SHA_DIGEST_SIZE, 02487 NULL, DYNAMIC_TYPE_TMP_BUFFER); 02488 md5Input = (byte*)XMALLOC(SECRET_LEN + SHA_DIGEST_SIZE, 02489 NULL, DYNAMIC_TYPE_TMP_BUFFER); 02490 shaInput = (byte*)XMALLOC(KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN, 02491 NULL, DYNAMIC_TYPE_TMP_BUFFER); 02492 keyData = (byte*)XMALLOC(KEY_PREFIX * MD5_DIGEST_SIZE, 02493 NULL, DYNAMIC_TYPE_TMP_BUFFER); 02494 md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER); 02495 sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER); 02496 02497 if (shaOutput == NULL || md5Input == NULL || shaInput == NULL || 02498 keyData == NULL || md5 == NULL || sha == NULL) { 02499 if (shaOutput) XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02500 if (md5Input) XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02501 if (shaInput) XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02502 if (keyData) XFREE(keyData, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02503 if (md5) XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02504 if (sha) XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02505 02506 return MEMORY_E; 02507 } 02508 #endif 02509 02510 InitMd5(md5); 02511 02512 ret = InitSha(sha); 02513 02514 if (ret == 0) { 02515 XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN); 02516 02517 for (i = 0; i < rounds; ++i) { 02518 int j = i + 1; 02519 int idx = j; 02520 02521 if (!SetPrefix(shaInput, i)) { 02522 ret = PREFIX_ERROR; 02523 break; 02524 } 02525 02526 XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN); 02527 idx += SECRET_LEN; 02528 XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN); 02529 idx += RAN_LEN; 02530 XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN); 02531 02532 ShaUpdate(sha, shaInput, (KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN) 02533 - KEY_PREFIX + j); 02534 ShaFinal(sha, shaOutput); 02535 02536 XMEMCPY(md5Input + SECRET_LEN, shaOutput, SHA_DIGEST_SIZE); 02537 Md5Update(md5, md5Input, SECRET_LEN + SHA_DIGEST_SIZE); 02538 Md5Final(md5, keyData + i * MD5_DIGEST_SIZE); 02539 } 02540 02541 if (ret == 0) 02542 ret = StoreKeys(ssl, keyData); 02543 } 02544 02545 #ifdef CYASSL_SMALL_STACK 02546 XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02547 XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02548 XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02549 XFREE(keyData, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02550 XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02551 XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02552 #endif 02553 02554 return ret; 02555 } 02556 02557 02558 static int CleanPreMaster(CYASSL* ssl) 02559 { 02560 int i, ret, sz = ssl->arrays->preMasterSz; 02561 02562 for (i = 0; i < sz; i++) 02563 ssl->arrays->preMasterSecret[i] = 0; 02564 02565 ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz); 02566 if (ret != 0) 02567 return ret; 02568 02569 for (i = 0; i < sz; i++) 02570 ssl->arrays->preMasterSecret[i] = 0; 02571 02572 return 0; 02573 } 02574 02575 02576 /* Create and store the master secret see page 32, 6.1 */ 02577 static int MakeSslMasterSecret(CYASSL* ssl) 02578 { 02579 int i, ret; 02580 word32 idx; 02581 word32 pmsSz = ssl->arrays->preMasterSz; 02582 02583 #ifdef CYASSL_SMALL_STACK 02584 byte* shaOutput; 02585 byte* md5Input; 02586 byte* shaInput; 02587 Md5* md5; 02588 Sha* sha; 02589 #else 02590 byte shaOutput[SHA_DIGEST_SIZE]; 02591 byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE]; 02592 byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN]; 02593 Md5 md5[1]; 02594 Sha sha[1]; 02595 #endif 02596 02597 #ifdef SHOW_SECRETS 02598 { 02599 word32 j; 02600 printf("pre master secret: "); 02601 for (j = 0; j < pmsSz; j++) 02602 printf("%02x", ssl->arrays->preMasterSecret[j]); 02603 printf("\n"); 02604 } 02605 #endif 02606 02607 #ifdef CYASSL_SMALL_STACK 02608 shaOutput = (byte*)XMALLOC(SHA_DIGEST_SIZE, 02609 NULL, DYNAMIC_TYPE_TMP_BUFFER); 02610 md5Input = (byte*)XMALLOC(ENCRYPT_LEN + SHA_DIGEST_SIZE, 02611 NULL, DYNAMIC_TYPE_TMP_BUFFER); 02612 shaInput = (byte*)XMALLOC(PREFIX + ENCRYPT_LEN + 2 * RAN_LEN, 02613 NULL, DYNAMIC_TYPE_TMP_BUFFER); 02614 md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER); 02615 sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER); 02616 02617 if (shaOutput == NULL || md5Input == NULL || shaInput == NULL || 02618 md5 == NULL || sha == NULL) { 02619 if (shaOutput) XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02620 if (md5Input) XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02621 if (shaInput) XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02622 if (md5) XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02623 if (sha) XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02624 02625 return MEMORY_E; 02626 } 02627 #endif 02628 02629 InitMd5(md5); 02630 02631 ret = InitSha(sha); 02632 02633 if (ret == 0) { 02634 XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz); 02635 02636 for (i = 0; i < MASTER_ROUNDS; ++i) { 02637 byte prefix[KEY_PREFIX]; /* only need PREFIX bytes but static */ 02638 if (!SetPrefix(prefix, i)) { /* analysis thinks will overrun */ 02639 ret = PREFIX_ERROR; 02640 break; 02641 } 02642 02643 idx = 0; 02644 XMEMCPY(shaInput, prefix, i + 1); 02645 idx += i + 1; 02646 02647 XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz); 02648 idx += pmsSz; 02649 XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN); 02650 idx += RAN_LEN; 02651 XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN); 02652 idx += RAN_LEN; 02653 ShaUpdate(sha, shaInput, idx); 02654 ShaFinal(sha, shaOutput); 02655 02656 idx = pmsSz; /* preSz */ 02657 XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE); 02658 idx += SHA_DIGEST_SIZE; 02659 Md5Update(md5, md5Input, idx); 02660 Md5Final(md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]); 02661 } 02662 02663 #ifdef SHOW_SECRETS 02664 { 02665 word32 j; 02666 printf("master secret: "); 02667 for (j = 0; j < SECRET_LEN; j++) 02668 printf("%02x", ssl->arrays->masterSecret[j]); 02669 printf("\n"); 02670 } 02671 #endif 02672 02673 if (ret == 0) 02674 ret = DeriveKeys(ssl); 02675 } 02676 02677 #ifdef CYASSL_SMALL_STACK 02678 XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02679 XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02680 XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02681 XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02682 XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); 02683 #endif 02684 02685 if (ret == 0) 02686 ret = CleanPreMaster(ssl); 02687 else 02688 CleanPreMaster(ssl); 02689 02690 return ret; 02691 } 02692 #endif 02693 02694 02695 /* Master wrapper, doesn't use SSL stack space in TLS mode */ 02696 int MakeMasterSecret(CYASSL* ssl) 02697 { 02698 #ifdef NO_OLD_TLS 02699 return MakeTlsMasterSecret(ssl); 02700 #elif !defined(NO_TLS) 02701 if (ssl->options.tls) return MakeTlsMasterSecret(ssl); 02702 #endif 02703 02704 #ifndef NO_OLD_TLS 02705 return MakeSslMasterSecret(ssl); 02706 #endif 02707 } 02708
Generated on Wed Jul 13 2022 02:33:57 by
1.7.2