Elijah P / CyaSSL

CyaSSL changed for NucleoF401RE board: implemented random and time functions for build. (Has trouble with wildcard domains like *.google.com, *.yahoo.com)

Fork of CyaSSL by wolf SSL

src/keys.c@4:e505054279ed, 2015-01-14 (annotated)

Committer:
Vanger
Date:
Wed Jan 14 22:07:14 2015 +0000
Revision:
4:e505054279ed
Parent:
0:1239e9b70ca2 
Implemented some platform specific functions in the Cyassl library code: time functions, seed random functions, and also changed the settings.h file to define settings specific to the platform being used

Who changed what in which revision?

UserRevisionLine numberNew contents of line
Vanger 4:e505054279ed 1 /* keys.c
Vanger 4:e505054279ed 2 *
Vanger 4:e505054279ed 3 * Copyright (C) 2006-2014 wolfSSL Inc.
Vanger 4:e505054279ed 4 *
Vanger 4:e505054279ed 5 * This file is part of CyaSSL.
Vanger 4:e505054279ed 6 *
Vanger 4:e505054279ed 7 * CyaSSL is free software; you can redistribute it and/or modify
Vanger 4:e505054279ed 8 * it under the terms of the GNU General Public License as published by
Vanger 4:e505054279ed 9 * the Free Software Foundation; either version 2 of the License, or
Vanger 4:e505054279ed 10 * (at your option) any later version.
Vanger 4:e505054279ed 11 *
Vanger 4:e505054279ed 12 * CyaSSL is distributed in the hope that it will be useful,
Vanger 4:e505054279ed 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
Vanger 4:e505054279ed 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Vanger 4:e505054279ed 15 * GNU General Public License for more details.
Vanger 4:e505054279ed 16 *
Vanger 4:e505054279ed 17 * You should have received a copy of the GNU General Public License
Vanger 4:e505054279ed 18 * along with this program; if not, write to the Free Software
Vanger 4:e505054279ed 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
Vanger 4:e505054279ed 20 */
Vanger 4:e505054279ed 21
Vanger 4:e505054279ed 22
Vanger 4:e505054279ed 23 #ifdef HAVE_CONFIG_H
Vanger 4:e505054279ed 24 #include <config.h>
Vanger 4:e505054279ed 25 #endif
Vanger 4:e505054279ed 26
Vanger 4:e505054279ed 27 #include <cyassl/ctaocrypt/settings.h>
Vanger 4:e505054279ed 28
Vanger 4:e505054279ed 29 #include <cyassl/internal.h>
Vanger 4:e505054279ed 30 #include <cyassl/error-ssl.h>
Vanger 4:e505054279ed 31 #ifdef SHOW_SECRETS
Vanger 4:e505054279ed 32 #ifdef FREESCALE_MQX
Vanger 4:e505054279ed 33 #include <fio.h>
Vanger 4:e505054279ed 34 #else
Vanger 4:e505054279ed 35 #include <stdio.h>
Vanger 4:e505054279ed 36 #endif
Vanger 4:e505054279ed 37 #endif
Vanger 4:e505054279ed 38
Vanger 4:e505054279ed 39 int SetCipherSpecs(CYASSL* ssl)
Vanger 4:e505054279ed 40 {
Vanger 4:e505054279ed 41 #ifndef NO_CYASSL_SERVER
Vanger 4:e505054279ed 42 if (ssl->options.side == CYASSL_CLIENT_END) {
Vanger 4:e505054279ed 43 /* server side verified before SetCipherSpecs call */
Vanger 4:e505054279ed 44 if (VerifyClientSuite(ssl) != 1) {
Vanger 4:e505054279ed 45 CYASSL_MSG("SetCipherSpecs() client has an unusuable suite");
Vanger 4:e505054279ed 46 return UNSUPPORTED_SUITE;
Vanger 4:e505054279ed 47 }
Vanger 4:e505054279ed 48 }
Vanger 4:e505054279ed 49 #endif /* NO_CYASSL_SERVER */
Vanger 4:e505054279ed 50 /* ECC extensions, or AES-CCM */
Vanger 4:e505054279ed 51 if (ssl->options.cipherSuite0 == ECC_BYTE) {
Vanger 4:e505054279ed 52
Vanger 4:e505054279ed 53 switch (ssl->options.cipherSuite) {
Vanger 4:e505054279ed 54
Vanger 4:e505054279ed 55 #ifdef HAVE_ECC
Vanger 4:e505054279ed 56
Vanger 4:e505054279ed 57 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Vanger 4:e505054279ed 58 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
Vanger 4:e505054279ed 59 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 60 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 61 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 62 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 63 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 64 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 65 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 66 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 67 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 68 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 69 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 70 break;
Vanger 4:e505054279ed 71 #endif
Vanger 4:e505054279ed 72
Vanger 4:e505054279ed 73 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Vanger 4:e505054279ed 74 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
Vanger 4:e505054279ed 75 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 76 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 77 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 78 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 79 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 80 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 81 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 82 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 83 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 84 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 85 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 86 break;
Vanger 4:e505054279ed 87 #endif
Vanger 4:e505054279ed 88
Vanger 4:e505054279ed 89 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Vanger 4:e505054279ed 90 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
Vanger 4:e505054279ed 91 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 92 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 93 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 94 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 95 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 96 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 97 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 98 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 99 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 100 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 101 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 102 break;
Vanger 4:e505054279ed 103 #endif
Vanger 4:e505054279ed 104
Vanger 4:e505054279ed 105 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Vanger 4:e505054279ed 106 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
Vanger 4:e505054279ed 107 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 108 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 109 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 110 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 111 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 112 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 113 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 114 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 115 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 116 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 117 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 118 break;
Vanger 4:e505054279ed 119 #endif
Vanger 4:e505054279ed 120
Vanger 4:e505054279ed 121 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Vanger 4:e505054279ed 122 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
Vanger 4:e505054279ed 123 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 124 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 125 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 126 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 127 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 128 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 129 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 130 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 131 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 132 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 133 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 134 break;
Vanger 4:e505054279ed 135 #endif
Vanger 4:e505054279ed 136
Vanger 4:e505054279ed 137 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Vanger 4:e505054279ed 138 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
Vanger 4:e505054279ed 139 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 140 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 141 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 142 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 143 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 144 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 145 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 146 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 147 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 148 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 149 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 150 break;
Vanger 4:e505054279ed 151 #endif
Vanger 4:e505054279ed 152
Vanger 4:e505054279ed 153 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Vanger 4:e505054279ed 154 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
Vanger 4:e505054279ed 155 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 156 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 157 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 158 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 159 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 160 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 161 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 162 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 163 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 164 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 165 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 166 break;
Vanger 4:e505054279ed 167 #endif
Vanger 4:e505054279ed 168
Vanger 4:e505054279ed 169 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Vanger 4:e505054279ed 170 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
Vanger 4:e505054279ed 171 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 172 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 173 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 174 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 175 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 176 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 177 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 178 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 179 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 180 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 181 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 182 break;
Vanger 4:e505054279ed 183 #endif
Vanger 4:e505054279ed 184
Vanger 4:e505054279ed 185 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Vanger 4:e505054279ed 186 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
Vanger 4:e505054279ed 187 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 188 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 189 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 190 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 191 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 192 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 193 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 194 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 195 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 196 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 197 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 198
Vanger 4:e505054279ed 199 break;
Vanger 4:e505054279ed 200 #endif
Vanger 4:e505054279ed 201
Vanger 4:e505054279ed 202 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
Vanger 4:e505054279ed 203 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
Vanger 4:e505054279ed 204 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 205 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 206 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 207 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 208 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 209 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 210 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 211 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 212 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 213 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 214 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 215
Vanger 4:e505054279ed 216 break;
Vanger 4:e505054279ed 217 #endif
Vanger 4:e505054279ed 218
Vanger 4:e505054279ed 219 #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Vanger 4:e505054279ed 220 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
Vanger 4:e505054279ed 221 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger 4:e505054279ed 222 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 223 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 224 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 225 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 226 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 227 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 228 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 229 ssl->specs.key_size = DES3_KEY_SIZE;
Vanger 4:e505054279ed 230 ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger 4:e505054279ed 231 ssl->specs.iv_size = DES_IV_SIZE;
Vanger 4:e505054279ed 232
Vanger 4:e505054279ed 233 break;
Vanger 4:e505054279ed 234 #endif
Vanger 4:e505054279ed 235
Vanger 4:e505054279ed 236 #ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Vanger 4:e505054279ed 237 case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
Vanger 4:e505054279ed 238 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger 4:e505054279ed 239 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 240 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 241 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 242 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 243 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 244 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 245 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 246 ssl->specs.key_size = DES3_KEY_SIZE;
Vanger 4:e505054279ed 247 ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger 4:e505054279ed 248 ssl->specs.iv_size = DES_IV_SIZE;
Vanger 4:e505054279ed 249
Vanger 4:e505054279ed 250 break;
Vanger 4:e505054279ed 251 #endif
Vanger 4:e505054279ed 252
Vanger 4:e505054279ed 253 #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
Vanger 4:e505054279ed 254 case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
Vanger 4:e505054279ed 255 ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger 4:e505054279ed 256 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 257 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 258 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 259 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 260 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 261 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 262 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 263 ssl->specs.key_size = RC4_KEY_SIZE;
Vanger 4:e505054279ed 264 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 265 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 266
Vanger 4:e505054279ed 267 break;
Vanger 4:e505054279ed 268 #endif
Vanger 4:e505054279ed 269
Vanger 4:e505054279ed 270 #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
Vanger 4:e505054279ed 271 case TLS_ECDH_RSA_WITH_RC4_128_SHA :
Vanger 4:e505054279ed 272 ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger 4:e505054279ed 273 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 274 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 275 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 276 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 277 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 278 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 279 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 280 ssl->specs.key_size = RC4_KEY_SIZE;
Vanger 4:e505054279ed 281 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 282 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 283
Vanger 4:e505054279ed 284 break;
Vanger 4:e505054279ed 285 #endif
Vanger 4:e505054279ed 286
Vanger 4:e505054279ed 287 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Vanger 4:e505054279ed 288 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
Vanger 4:e505054279ed 289 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger 4:e505054279ed 290 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 291 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 292 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 293 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 294 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 295 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 296 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 297 ssl->specs.key_size = DES3_KEY_SIZE;
Vanger 4:e505054279ed 298 ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger 4:e505054279ed 299 ssl->specs.iv_size = DES_IV_SIZE;
Vanger 4:e505054279ed 300
Vanger 4:e505054279ed 301 break;
Vanger 4:e505054279ed 302 #endif
Vanger 4:e505054279ed 303
Vanger 4:e505054279ed 304 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Vanger 4:e505054279ed 305 case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
Vanger 4:e505054279ed 306 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger 4:e505054279ed 307 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 308 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 309 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 310 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 311 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 312 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 313 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 314 ssl->specs.key_size = DES3_KEY_SIZE;
Vanger 4:e505054279ed 315 ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger 4:e505054279ed 316 ssl->specs.iv_size = DES_IV_SIZE;
Vanger 4:e505054279ed 317
Vanger 4:e505054279ed 318 break;
Vanger 4:e505054279ed 319 #endif
Vanger 4:e505054279ed 320
Vanger 4:e505054279ed 321 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Vanger 4:e505054279ed 322 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
Vanger 4:e505054279ed 323 ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger 4:e505054279ed 324 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 325 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 326 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 327 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 328 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 329 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 330 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 331 ssl->specs.key_size = RC4_KEY_SIZE;
Vanger 4:e505054279ed 332 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 333 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 334
Vanger 4:e505054279ed 335 break;
Vanger 4:e505054279ed 336 #endif
Vanger 4:e505054279ed 337
Vanger 4:e505054279ed 338 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
Vanger 4:e505054279ed 339 case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
Vanger 4:e505054279ed 340 ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger 4:e505054279ed 341 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 342 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 343 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 344 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 345 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 346 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 347 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 348 ssl->specs.key_size = RC4_KEY_SIZE;
Vanger 4:e505054279ed 349 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 350 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 351
Vanger 4:e505054279ed 352 break;
Vanger 4:e505054279ed 353 #endif
Vanger 4:e505054279ed 354
Vanger 4:e505054279ed 355 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Vanger 4:e505054279ed 356 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
Vanger 4:e505054279ed 357 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 358 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 359 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 360 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 361 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 362 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 363 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 364 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 365 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 366 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 367 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 368
Vanger 4:e505054279ed 369 break;
Vanger 4:e505054279ed 370 #endif
Vanger 4:e505054279ed 371
Vanger 4:e505054279ed 372 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Vanger 4:e505054279ed 373 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
Vanger 4:e505054279ed 374 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 375 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 376 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 377 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 378 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 379 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 380 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 381 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 382 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 383 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 384 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 385
Vanger 4:e505054279ed 386 break;
Vanger 4:e505054279ed 387 #endif
Vanger 4:e505054279ed 388
Vanger 4:e505054279ed 389 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Vanger 4:e505054279ed 390 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
Vanger 4:e505054279ed 391 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 392 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 393 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 394 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 395 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 396 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 397 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 398 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 399 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 400 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 401 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 402
Vanger 4:e505054279ed 403 break;
Vanger 4:e505054279ed 404 #endif
Vanger 4:e505054279ed 405
Vanger 4:e505054279ed 406 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
Vanger 4:e505054279ed 407 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
Vanger 4:e505054279ed 408 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 409 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 410 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 411 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 412 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 413 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 414 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 415 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 416 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 417 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 418 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 419
Vanger 4:e505054279ed 420 break;
Vanger 4:e505054279ed 421 #endif
Vanger 4:e505054279ed 422
Vanger 4:e505054279ed 423 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Vanger 4:e505054279ed 424 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
Vanger 4:e505054279ed 425 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 426 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 427 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 428 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 429 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 430 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 431 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 432 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 433 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 434 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 435 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 436
Vanger 4:e505054279ed 437 break;
Vanger 4:e505054279ed 438 #endif
Vanger 4:e505054279ed 439
Vanger 4:e505054279ed 440 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Vanger 4:e505054279ed 441 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
Vanger 4:e505054279ed 442 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 443 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 444 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 445 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 446 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 447 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 448 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 449 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 450 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 451 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 452 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 453
Vanger 4:e505054279ed 454 break;
Vanger 4:e505054279ed 455 #endif
Vanger 4:e505054279ed 456
Vanger 4:e505054279ed 457 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Vanger 4:e505054279ed 458 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
Vanger 4:e505054279ed 459 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 460 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 461 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 462 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 463 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 464 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 465 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 466 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 467 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 468 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 469 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 470 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 471
Vanger 4:e505054279ed 472 break;
Vanger 4:e505054279ed 473 #endif
Vanger 4:e505054279ed 474
Vanger 4:e505054279ed 475 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Vanger 4:e505054279ed 476 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
Vanger 4:e505054279ed 477 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 478 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 479 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 480 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 481 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 482 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 483 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 484 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 485 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 486 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 487 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 488 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 489
Vanger 4:e505054279ed 490 break;
Vanger 4:e505054279ed 491 #endif
Vanger 4:e505054279ed 492
Vanger 4:e505054279ed 493 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Vanger 4:e505054279ed 494 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
Vanger 4:e505054279ed 495 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 496 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 497 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 498 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 499 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 500 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 501 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 502 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 503 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 504 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 505 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 506 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 507
Vanger 4:e505054279ed 508 break;
Vanger 4:e505054279ed 509 #endif
Vanger 4:e505054279ed 510
Vanger 4:e505054279ed 511 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Vanger 4:e505054279ed 512 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
Vanger 4:e505054279ed 513 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 514 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 515 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 516 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 517 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 518 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 519 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 520 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 521 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 522 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 523 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 524 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 525
Vanger 4:e505054279ed 526 break;
Vanger 4:e505054279ed 527 #endif
Vanger 4:e505054279ed 528
Vanger 4:e505054279ed 529 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
Vanger 4:e505054279ed 530 case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
Vanger 4:e505054279ed 531 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 532 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 533 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 534 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 535 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 536 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 537 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 538 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 539 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 540 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 541 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 542 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 543
Vanger 4:e505054279ed 544 break;
Vanger 4:e505054279ed 545 #endif
Vanger 4:e505054279ed 546
Vanger 4:e505054279ed 547 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Vanger 4:e505054279ed 548 case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
Vanger 4:e505054279ed 549 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 550 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 551 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 552 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 553 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 554 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 555 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 556 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 557 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 558 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 559 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 560 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 561
Vanger 4:e505054279ed 562 break;
Vanger 4:e505054279ed 563 #endif
Vanger 4:e505054279ed 564
Vanger 4:e505054279ed 565 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
Vanger 4:e505054279ed 566 case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
Vanger 4:e505054279ed 567 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 568 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 569 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 570 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 571 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 572 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 573 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 574 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 575 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 576 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 577 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 578 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 579
Vanger 4:e505054279ed 580 break;
Vanger 4:e505054279ed 581 #endif
Vanger 4:e505054279ed 582
Vanger 4:e505054279ed 583 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Vanger 4:e505054279ed 584 case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
Vanger 4:e505054279ed 585 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 586 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 587 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 588 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 589 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 590 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 591 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 592 ssl->specs.static_ecdh = 1;
Vanger 4:e505054279ed 593 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 594 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 595 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 596 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 597
Vanger 4:e505054279ed 598 break;
Vanger 4:e505054279ed 599 #endif
Vanger 4:e505054279ed 600
Vanger 4:e505054279ed 601 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
Vanger 4:e505054279ed 602 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
Vanger 4:e505054279ed 603 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger 4:e505054279ed 604 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 605 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 606 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 607 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 608 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 609 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 610 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 611 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 612 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 613 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 614 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger 4:e505054279ed 615
Vanger 4:e505054279ed 616 break;
Vanger 4:e505054279ed 617 #endif
Vanger 4:e505054279ed 618
Vanger 4:e505054279ed 619 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
Vanger 4:e505054279ed 620 case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
Vanger 4:e505054279ed 621 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger 4:e505054279ed 622 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 623 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 624 ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger 4:e505054279ed 625 ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger 4:e505054279ed 626 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 627 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 628 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 629 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 630 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 631 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 632 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger 4:e505054279ed 633
Vanger 4:e505054279ed 634 break;
Vanger 4:e505054279ed 635 #endif
Vanger 4:e505054279ed 636 #endif /* HAVE_ECC */
Vanger 4:e505054279ed 637
Vanger 4:e505054279ed 638 #ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
Vanger 4:e505054279ed 639 case TLS_RSA_WITH_AES_128_CCM_8 :
Vanger 4:e505054279ed 640 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger 4:e505054279ed 641 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 642 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 643 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 644 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 645 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 646 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 647 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 648 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 649 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 650 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 651 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger 4:e505054279ed 652
Vanger 4:e505054279ed 653 break;
Vanger 4:e505054279ed 654 #endif
Vanger 4:e505054279ed 655
Vanger 4:e505054279ed 656 #ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8
Vanger 4:e505054279ed 657 case TLS_RSA_WITH_AES_256_CCM_8 :
Vanger 4:e505054279ed 658 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger 4:e505054279ed 659 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 660 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 661 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 662 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 663 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 664 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 665 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 666 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 667 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 668 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 669 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger 4:e505054279ed 670
Vanger 4:e505054279ed 671 break;
Vanger 4:e505054279ed 672 #endif
Vanger 4:e505054279ed 673
Vanger 4:e505054279ed 674 #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
Vanger 4:e505054279ed 675 case TLS_PSK_WITH_AES_128_CCM_8 :
Vanger 4:e505054279ed 676 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger 4:e505054279ed 677 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 678 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 679 ssl->specs.kea = psk_kea;
Vanger 4:e505054279ed 680 ssl->specs.sig_algo = anonymous_sa_algo;
Vanger 4:e505054279ed 681 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 682 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 683 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 684 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 685 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 686 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 687 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger 4:e505054279ed 688
Vanger 4:e505054279ed 689 ssl->options.usingPSK_cipher = 1;
Vanger 4:e505054279ed 690 break;
Vanger 4:e505054279ed 691 #endif
Vanger 4:e505054279ed 692
Vanger 4:e505054279ed 693 #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8
Vanger 4:e505054279ed 694 case TLS_PSK_WITH_AES_256_CCM_8 :
Vanger 4:e505054279ed 695 ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger 4:e505054279ed 696 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 697 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 698 ssl->specs.kea = psk_kea;
Vanger 4:e505054279ed 699 ssl->specs.sig_algo = anonymous_sa_algo;
Vanger 4:e505054279ed 700 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 701 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 702 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 703 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 704 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 705 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 706 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger 4:e505054279ed 707
Vanger 4:e505054279ed 708 ssl->options.usingPSK_cipher = 1;
Vanger 4:e505054279ed 709 break;
Vanger 4:e505054279ed 710 #endif
Vanger 4:e505054279ed 711
Vanger 4:e505054279ed 712 default:
Vanger 4:e505054279ed 713 CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC");
Vanger 4:e505054279ed 714 return UNSUPPORTED_SUITE;
Vanger 4:e505054279ed 715 } /* switch */
Vanger 4:e505054279ed 716 } /* if */
Vanger 4:e505054279ed 717 if (ssl->options.cipherSuite0 != ECC_BYTE) { /* normal suites */
Vanger 4:e505054279ed 718 switch (ssl->options.cipherSuite) {
Vanger 4:e505054279ed 719
Vanger 4:e505054279ed 720 #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
Vanger 4:e505054279ed 721 case SSL_RSA_WITH_RC4_128_SHA :
Vanger 4:e505054279ed 722 ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger 4:e505054279ed 723 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 724 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 725 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 726 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 727 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 728 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 729 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 730 ssl->specs.key_size = RC4_KEY_SIZE;
Vanger 4:e505054279ed 731 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 732 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 733
Vanger 4:e505054279ed 734 break;
Vanger 4:e505054279ed 735 #endif
Vanger 4:e505054279ed 736
Vanger 4:e505054279ed 737 #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
Vanger 4:e505054279ed 738 case TLS_NTRU_RSA_WITH_RC4_128_SHA :
Vanger 4:e505054279ed 739 ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger 4:e505054279ed 740 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 741 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 742 ssl->specs.kea = ntru_kea;
Vanger 4:e505054279ed 743 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 744 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 745 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 746 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 747 ssl->specs.key_size = RC4_KEY_SIZE;
Vanger 4:e505054279ed 748 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 749 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 750
Vanger 4:e505054279ed 751 break;
Vanger 4:e505054279ed 752 #endif
Vanger 4:e505054279ed 753
Vanger 4:e505054279ed 754 #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
Vanger 4:e505054279ed 755 case SSL_RSA_WITH_RC4_128_MD5 :
Vanger 4:e505054279ed 756 ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger 4:e505054279ed 757 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 758 ssl->specs.mac_algorithm = md5_mac;
Vanger 4:e505054279ed 759 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 760 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 761 ssl->specs.hash_size = MD5_DIGEST_SIZE;
Vanger 4:e505054279ed 762 ssl->specs.pad_size = PAD_MD5;
Vanger 4:e505054279ed 763 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 764 ssl->specs.key_size = RC4_KEY_SIZE;
Vanger 4:e505054279ed 765 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 766 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 767
Vanger 4:e505054279ed 768 break;
Vanger 4:e505054279ed 769 #endif
Vanger 4:e505054279ed 770
Vanger 4:e505054279ed 771 #ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
Vanger 4:e505054279ed 772 case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
Vanger 4:e505054279ed 773 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger 4:e505054279ed 774 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 775 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 776 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 777 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 778 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 779 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 780 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 781 ssl->specs.key_size = DES3_KEY_SIZE;
Vanger 4:e505054279ed 782 ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger 4:e505054279ed 783 ssl->specs.iv_size = DES_IV_SIZE;
Vanger 4:e505054279ed 784
Vanger 4:e505054279ed 785 break;
Vanger 4:e505054279ed 786 #endif
Vanger 4:e505054279ed 787
Vanger 4:e505054279ed 788 #ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
Vanger 4:e505054279ed 789 case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
Vanger 4:e505054279ed 790 ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger 4:e505054279ed 791 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 792 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 793 ssl->specs.kea = ntru_kea;
Vanger 4:e505054279ed 794 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 795 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 796 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 797 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 798 ssl->specs.key_size = DES3_KEY_SIZE;
Vanger 4:e505054279ed 799 ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger 4:e505054279ed 800 ssl->specs.iv_size = DES_IV_SIZE;
Vanger 4:e505054279ed 801
Vanger 4:e505054279ed 802 break;
Vanger 4:e505054279ed 803 #endif
Vanger 4:e505054279ed 804
Vanger 4:e505054279ed 805 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
Vanger 4:e505054279ed 806 case TLS_RSA_WITH_AES_128_CBC_SHA :
Vanger 4:e505054279ed 807 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 808 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 809 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 810 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 811 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 812 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 813 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 814 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 815 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 816 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 817 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 818
Vanger 4:e505054279ed 819 break;
Vanger 4:e505054279ed 820 #endif
Vanger 4:e505054279ed 821
Vanger 4:e505054279ed 822 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
Vanger 4:e505054279ed 823 case TLS_RSA_WITH_AES_128_CBC_SHA256 :
Vanger 4:e505054279ed 824 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 825 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 826 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 827 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 828 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 829 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 830 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 831 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 832 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 833 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 834 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 835
Vanger 4:e505054279ed 836 break;
Vanger 4:e505054279ed 837 #endif
Vanger 4:e505054279ed 838
Vanger 4:e505054279ed 839 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA
Vanger 4:e505054279ed 840 case TLS_RSA_WITH_NULL_SHA :
Vanger 4:e505054279ed 841 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger 4:e505054279ed 842 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 843 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 844 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 845 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 846 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 847 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 848 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 849 ssl->specs.key_size = 0;
Vanger 4:e505054279ed 850 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 851 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 852
Vanger 4:e505054279ed 853 break;
Vanger 4:e505054279ed 854 #endif
Vanger 4:e505054279ed 855
Vanger 4:e505054279ed 856 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
Vanger 4:e505054279ed 857 case TLS_RSA_WITH_NULL_SHA256 :
Vanger 4:e505054279ed 858 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger 4:e505054279ed 859 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 860 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 861 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 862 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 863 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 864 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 865 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 866 ssl->specs.key_size = 0;
Vanger 4:e505054279ed 867 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 868 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 869
Vanger 4:e505054279ed 870 break;
Vanger 4:e505054279ed 871 #endif
Vanger 4:e505054279ed 872
Vanger 4:e505054279ed 873 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
Vanger 4:e505054279ed 874 case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
Vanger 4:e505054279ed 875 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 876 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 877 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 878 ssl->specs.kea = ntru_kea;
Vanger 4:e505054279ed 879 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 880 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 881 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 882 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 883 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 884 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 885 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 886
Vanger 4:e505054279ed 887 break;
Vanger 4:e505054279ed 888 #endif
Vanger 4:e505054279ed 889
Vanger 4:e505054279ed 890 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
Vanger 4:e505054279ed 891 case TLS_RSA_WITH_AES_256_CBC_SHA :
Vanger 4:e505054279ed 892 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 893 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 894 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 895 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 896 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 897 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 898 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 899 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 900 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 901 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 902 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 903
Vanger 4:e505054279ed 904 break;
Vanger 4:e505054279ed 905 #endif
Vanger 4:e505054279ed 906
Vanger 4:e505054279ed 907 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
Vanger 4:e505054279ed 908 case TLS_RSA_WITH_AES_256_CBC_SHA256 :
Vanger 4:e505054279ed 909 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 910 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 911 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 912 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 913 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 914 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 915 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 916 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 917 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 918 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 919 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 920
Vanger 4:e505054279ed 921 break;
Vanger 4:e505054279ed 922 #endif
Vanger 4:e505054279ed 923
Vanger 4:e505054279ed 924 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
Vanger 4:e505054279ed 925 case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
Vanger 4:e505054279ed 926 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 927 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 928 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 929 ssl->specs.kea = ntru_kea;
Vanger 4:e505054279ed 930 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 931 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 932 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 933 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 934 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 935 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 936 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 937
Vanger 4:e505054279ed 938 break;
Vanger 4:e505054279ed 939 #endif
Vanger 4:e505054279ed 940
Vanger 4:e505054279ed 941 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
Vanger 4:e505054279ed 942 case TLS_PSK_WITH_AES_128_CBC_SHA256 :
Vanger 4:e505054279ed 943 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 944 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 945 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 946 ssl->specs.kea = psk_kea;
Vanger 4:e505054279ed 947 ssl->specs.sig_algo = anonymous_sa_algo;
Vanger 4:e505054279ed 948 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 949 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 950 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 951 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 952 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 953 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 954
Vanger 4:e505054279ed 955 ssl->options.usingPSK_cipher = 1;
Vanger 4:e505054279ed 956 break;
Vanger 4:e505054279ed 957 #endif
Vanger 4:e505054279ed 958
Vanger 4:e505054279ed 959 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
Vanger 4:e505054279ed 960 case TLS_PSK_WITH_AES_128_CBC_SHA :
Vanger 4:e505054279ed 961 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 962 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 963 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 964 ssl->specs.kea = psk_kea;
Vanger 4:e505054279ed 965 ssl->specs.sig_algo = anonymous_sa_algo;
Vanger 4:e505054279ed 966 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 967 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 968 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 969 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 970 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 971 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 972
Vanger 4:e505054279ed 973 ssl->options.usingPSK_cipher = 1;
Vanger 4:e505054279ed 974 break;
Vanger 4:e505054279ed 975 #endif
Vanger 4:e505054279ed 976
Vanger 4:e505054279ed 977 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
Vanger 4:e505054279ed 978 case TLS_PSK_WITH_AES_256_CBC_SHA :
Vanger 4:e505054279ed 979 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 980 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 981 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 982 ssl->specs.kea = psk_kea;
Vanger 4:e505054279ed 983 ssl->specs.sig_algo = anonymous_sa_algo;
Vanger 4:e505054279ed 984 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 985 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 986 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 987 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 988 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 989 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 990
Vanger 4:e505054279ed 991 ssl->options.usingPSK_cipher = 1;
Vanger 4:e505054279ed 992 break;
Vanger 4:e505054279ed 993 #endif
wolfSSL 0:1239e9b70ca2 994
Vanger 4:e505054279ed 995 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
Vanger 4:e505054279ed 996 case TLS_PSK_WITH_NULL_SHA256 :
Vanger 4:e505054279ed 997 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger 4:e505054279ed 998 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 999 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 1000 ssl->specs.kea = psk_kea;
Vanger 4:e505054279ed 1001 ssl->specs.sig_algo = anonymous_sa_algo;
Vanger 4:e505054279ed 1002 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 1003 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1004 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1005 ssl->specs.key_size = 0;
Vanger 4:e505054279ed 1006 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 1007 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 1008
Vanger 4:e505054279ed 1009 ssl->options.usingPSK_cipher = 1;
Vanger 4:e505054279ed 1010 break;
Vanger 4:e505054279ed 1011 #endif
Vanger 4:e505054279ed 1012
Vanger 4:e505054279ed 1013 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA
Vanger 4:e505054279ed 1014 case TLS_PSK_WITH_NULL_SHA :
Vanger 4:e505054279ed 1015 ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger 4:e505054279ed 1016 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 1017 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 1018 ssl->specs.kea = psk_kea;
Vanger 4:e505054279ed 1019 ssl->specs.sig_algo = anonymous_sa_algo;
Vanger 4:e505054279ed 1020 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1021 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1022 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1023 ssl->specs.key_size = 0;
Vanger 4:e505054279ed 1024 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 1025 ssl->specs.iv_size = 0;
Vanger 4:e505054279ed 1026
Vanger 4:e505054279ed 1027 ssl->options.usingPSK_cipher = 1;
Vanger 4:e505054279ed 1028 break;
Vanger 4:e505054279ed 1029 #endif
Vanger 4:e505054279ed 1030
Vanger 4:e505054279ed 1031 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Vanger 4:e505054279ed 1032 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
Vanger 4:e505054279ed 1033 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 1034 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1035 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 1036 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1037 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1038 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 1039 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1040 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1041 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 1042 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1043 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 1044
Vanger 4:e505054279ed 1045 break;
Vanger 4:e505054279ed 1046 #endif
Vanger 4:e505054279ed 1047
Vanger 4:e505054279ed 1048 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Vanger 4:e505054279ed 1049 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
Vanger 4:e505054279ed 1050 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 1051 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1052 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 1053 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1054 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1055 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 1056 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1057 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1058 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 1059 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1060 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 1061
Vanger 4:e505054279ed 1062 break;
Vanger 4:e505054279ed 1063 #endif
Vanger 4:e505054279ed 1064
Vanger 4:e505054279ed 1065 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Vanger 4:e505054279ed 1066 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
Vanger 4:e505054279ed 1067 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 1068 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1069 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 1070 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1071 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1072 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1073 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1074 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1075 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 1076 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1077 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 1078
Vanger 4:e505054279ed 1079 break;
Vanger 4:e505054279ed 1080 #endif
Vanger 4:e505054279ed 1081
Vanger 4:e505054279ed 1082 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Vanger 4:e505054279ed 1083 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
Vanger 4:e505054279ed 1084 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 1085 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1086 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 1087 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1088 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1089 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1090 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1091 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1092 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 1093 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1094 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 1095
Vanger 4:e505054279ed 1096 break;
Vanger 4:e505054279ed 1097 #endif
Vanger 4:e505054279ed 1098
Vanger 4:e505054279ed 1099 #ifdef BUILD_TLS_RSA_WITH_HC_128_MD5
Vanger 4:e505054279ed 1100 case TLS_RSA_WITH_HC_128_MD5 :
Vanger 4:e505054279ed 1101 ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
Vanger 4:e505054279ed 1102 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 1103 ssl->specs.mac_algorithm = md5_mac;
Vanger 4:e505054279ed 1104 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1105 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1106 ssl->specs.hash_size = MD5_DIGEST_SIZE;
Vanger 4:e505054279ed 1107 ssl->specs.pad_size = PAD_MD5;
Vanger 4:e505054279ed 1108 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1109 ssl->specs.key_size = HC_128_KEY_SIZE;
Vanger 4:e505054279ed 1110 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 1111 ssl->specs.iv_size = HC_128_IV_SIZE;
Vanger 4:e505054279ed 1112
Vanger 4:e505054279ed 1113 break;
Vanger 4:e505054279ed 1114 #endif
Vanger 4:e505054279ed 1115
Vanger 4:e505054279ed 1116 #ifdef BUILD_TLS_RSA_WITH_HC_128_SHA
Vanger 4:e505054279ed 1117 case TLS_RSA_WITH_HC_128_SHA :
Vanger 4:e505054279ed 1118 ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
Vanger 4:e505054279ed 1119 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 1120 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 1121 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1122 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1123 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1124 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1125 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1126 ssl->specs.key_size = HC_128_KEY_SIZE;
Vanger 4:e505054279ed 1127 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 1128 ssl->specs.iv_size = HC_128_IV_SIZE;
Vanger 4:e505054279ed 1129
Vanger 4:e505054279ed 1130 break;
Vanger 4:e505054279ed 1131 #endif
Vanger 4:e505054279ed 1132
Vanger 4:e505054279ed 1133 #ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256
Vanger 4:e505054279ed 1134 case TLS_RSA_WITH_HC_128_B2B256:
Vanger 4:e505054279ed 1135 ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
Vanger 4:e505054279ed 1136 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 1137 ssl->specs.mac_algorithm = blake2b_mac;
Vanger 4:e505054279ed 1138 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1139 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1140 ssl->specs.hash_size = BLAKE2B_256;
Vanger 4:e505054279ed 1141 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1142 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1143 ssl->specs.key_size = HC_128_KEY_SIZE;
Vanger 4:e505054279ed 1144 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 1145 ssl->specs.iv_size = HC_128_IV_SIZE;
Vanger 4:e505054279ed 1146
Vanger 4:e505054279ed 1147 break;
Vanger 4:e505054279ed 1148 #endif
Vanger 4:e505054279ed 1149
Vanger 4:e505054279ed 1150 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
Vanger 4:e505054279ed 1151 case TLS_RSA_WITH_AES_128_CBC_B2B256:
Vanger 4:e505054279ed 1152 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 1153 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1154 ssl->specs.mac_algorithm = blake2b_mac;
Vanger 4:e505054279ed 1155 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1156 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1157 ssl->specs.hash_size = BLAKE2B_256;
Vanger 4:e505054279ed 1158 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1159 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1160 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 1161 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 1162 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1163
Vanger 4:e505054279ed 1164 break;
Vanger 4:e505054279ed 1165 #endif
Vanger 4:e505054279ed 1166
Vanger 4:e505054279ed 1167 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
Vanger 4:e505054279ed 1168 case TLS_RSA_WITH_AES_256_CBC_B2B256:
Vanger 4:e505054279ed 1169 ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger 4:e505054279ed 1170 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1171 ssl->specs.mac_algorithm = blake2b_mac;
Vanger 4:e505054279ed 1172 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1173 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1174 ssl->specs.hash_size = BLAKE2B_256;
Vanger 4:e505054279ed 1175 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1176 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1177 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 1178 ssl->specs.iv_size = AES_IV_SIZE;
Vanger 4:e505054279ed 1179 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1180
Vanger 4:e505054279ed 1181 break;
Vanger 4:e505054279ed 1182 #endif
Vanger 4:e505054279ed 1183
Vanger 4:e505054279ed 1184 #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA
Vanger 4:e505054279ed 1185 case TLS_RSA_WITH_RABBIT_SHA :
Vanger 4:e505054279ed 1186 ssl->specs.bulk_cipher_algorithm = cyassl_rabbit;
Vanger 4:e505054279ed 1187 ssl->specs.cipher_type = stream;
Vanger 4:e505054279ed 1188 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 1189 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1190 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1191 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1192 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1193 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1194 ssl->specs.key_size = RABBIT_KEY_SIZE;
Vanger 4:e505054279ed 1195 ssl->specs.block_size = 0;
Vanger 4:e505054279ed 1196 ssl->specs.iv_size = RABBIT_IV_SIZE;
Vanger 4:e505054279ed 1197
Vanger 4:e505054279ed 1198 break;
Vanger 4:e505054279ed 1199 #endif
Vanger 4:e505054279ed 1200
Vanger 4:e505054279ed 1201 #ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
Vanger 4:e505054279ed 1202 case TLS_RSA_WITH_AES_128_GCM_SHA256 :
Vanger 4:e505054279ed 1203 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 1204 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 1205 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 1206 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1207 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1208 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 1209 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1210 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1211 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 1212 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1213 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 1214 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 1215
Vanger 4:e505054279ed 1216 break;
Vanger 4:e505054279ed 1217 #endif
Vanger 4:e505054279ed 1218
Vanger 4:e505054279ed 1219 #ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
Vanger 4:e505054279ed 1220 case TLS_RSA_WITH_AES_256_GCM_SHA384 :
Vanger 4:e505054279ed 1221 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 1222 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 1223 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 1224 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1225 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1226 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 1227 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1228 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1229 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 1230 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1231 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 1232 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 1233
Vanger 4:e505054279ed 1234 break;
Vanger 4:e505054279ed 1235 #endif
Vanger 4:e505054279ed 1236
Vanger 4:e505054279ed 1237 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Vanger 4:e505054279ed 1238 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
Vanger 4:e505054279ed 1239 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 1240 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 1241 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 1242 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1243 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1244 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 1245 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1246 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1247 ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger 4:e505054279ed 1248 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1249 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 1250 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 1251
Vanger 4:e505054279ed 1252 break;
Vanger 4:e505054279ed 1253 #endif
Vanger 4:e505054279ed 1254
Vanger 4:e505054279ed 1255 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Vanger 4:e505054279ed 1256 case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
Vanger 4:e505054279ed 1257 ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger 4:e505054279ed 1258 ssl->specs.cipher_type = aead;
Vanger 4:e505054279ed 1259 ssl->specs.mac_algorithm = sha384_mac;
Vanger 4:e505054279ed 1260 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1261 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1262 ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger 4:e505054279ed 1263 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1264 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1265 ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger 4:e505054279ed 1266 ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger 4:e505054279ed 1267 ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger 4:e505054279ed 1268 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger 4:e505054279ed 1269
Vanger 4:e505054279ed 1270 break;
Vanger 4:e505054279ed 1271 #endif
Vanger 4:e505054279ed 1272
Vanger 4:e505054279ed 1273 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
Vanger 4:e505054279ed 1274 case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
Vanger 4:e505054279ed 1275 ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger 4:e505054279ed 1276 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1277 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 1278 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1279 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1280 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1281 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1282 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1283 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
Vanger 4:e505054279ed 1284 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger 4:e505054279ed 1285 ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger 4:e505054279ed 1286
Vanger 4:e505054279ed 1287 break;
Vanger 4:e505054279ed 1288 #endif
Vanger 4:e505054279ed 1289
Vanger 4:e505054279ed 1290 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
Vanger 4:e505054279ed 1291 case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
Vanger 4:e505054279ed 1292 ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger 4:e505054279ed 1293 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1294 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 1295 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1296 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1297 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1298 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1299 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1300 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
Vanger 4:e505054279ed 1301 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger 4:e505054279ed 1302 ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger 4:e505054279ed 1303
Vanger 4:e505054279ed 1304 break;
Vanger 4:e505054279ed 1305 #endif
Vanger 4:e505054279ed 1306
Vanger 4:e505054279ed 1307 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
Vanger 4:e505054279ed 1308 case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
Vanger 4:e505054279ed 1309 ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger 4:e505054279ed 1310 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1311 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 1312 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1313 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1314 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 1315 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1316 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1317 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
Vanger 4:e505054279ed 1318 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger 4:e505054279ed 1319 ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger 4:e505054279ed 1320
Vanger 4:e505054279ed 1321 break;
Vanger 4:e505054279ed 1322 #endif
Vanger 4:e505054279ed 1323
Vanger 4:e505054279ed 1324 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
Vanger 4:e505054279ed 1325 case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
Vanger 4:e505054279ed 1326 ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger 4:e505054279ed 1327 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1328 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 1329 ssl->specs.kea = rsa_kea;
Vanger 4:e505054279ed 1330 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1331 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 1332 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1333 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1334 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
Vanger 4:e505054279ed 1335 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger 4:e505054279ed 1336 ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger 4:e505054279ed 1337
Vanger 4:e505054279ed 1338 break;
Vanger 4:e505054279ed 1339 #endif
Vanger 4:e505054279ed 1340
Vanger 4:e505054279ed 1341 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
Vanger 4:e505054279ed 1342 case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
Vanger 4:e505054279ed 1343 ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger 4:e505054279ed 1344 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1345 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 1346 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1347 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1348 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1349 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1350 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1351 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
Vanger 4:e505054279ed 1352 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger 4:e505054279ed 1353 ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger 4:e505054279ed 1354
Vanger 4:e505054279ed 1355 break;
Vanger 4:e505054279ed 1356 #endif
Vanger 4:e505054279ed 1357
Vanger 4:e505054279ed 1358 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
Vanger 4:e505054279ed 1359 case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
Vanger 4:e505054279ed 1360 ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger 4:e505054279ed 1361 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1362 ssl->specs.mac_algorithm = sha_mac;
Vanger 4:e505054279ed 1363 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1364 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1365 ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1366 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1367 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1368 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
Vanger 4:e505054279ed 1369 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger 4:e505054279ed 1370 ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger 4:e505054279ed 1371
Vanger 4:e505054279ed 1372 break;
Vanger 4:e505054279ed 1373 #endif
Vanger 4:e505054279ed 1374
Vanger 4:e505054279ed 1375 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
Vanger 4:e505054279ed 1376 case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
Vanger 4:e505054279ed 1377 ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger 4:e505054279ed 1378 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1379 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 1380 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1381 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1382 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 1383 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1384 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1385 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
Vanger 4:e505054279ed 1386 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger 4:e505054279ed 1387 ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger 4:e505054279ed 1388
Vanger 4:e505054279ed 1389 break;
Vanger 4:e505054279ed 1390 #endif
Vanger 4:e505054279ed 1391
Vanger 4:e505054279ed 1392 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
Vanger 4:e505054279ed 1393 case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
Vanger 4:e505054279ed 1394 ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger 4:e505054279ed 1395 ssl->specs.cipher_type = block;
Vanger 4:e505054279ed 1396 ssl->specs.mac_algorithm = sha256_mac;
Vanger 4:e505054279ed 1397 ssl->specs.kea = diffie_hellman_kea;
Vanger 4:e505054279ed 1398 ssl->specs.sig_algo = rsa_sa_algo;
Vanger 4:e505054279ed 1399 ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger 4:e505054279ed 1400 ssl->specs.pad_size = PAD_SHA;
Vanger 4:e505054279ed 1401 ssl->specs.static_ecdh = 0;
Vanger 4:e505054279ed 1402 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
Vanger 4:e505054279ed 1403 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger 4:e505054279ed 1404 ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger 4:e505054279ed 1405
Vanger 4:e505054279ed 1406 break;
Vanger 4:e505054279ed 1407 #endif
Vanger 4:e505054279ed 1408
Vanger 4:e505054279ed 1409 default:
Vanger 4:e505054279ed 1410 CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs");
Vanger 4:e505054279ed 1411 return UNSUPPORTED_SUITE;
Vanger 4:e505054279ed 1412 } /* switch */
Vanger 4:e505054279ed 1413 } /* if ECC / Normal suites else */
Vanger 4:e505054279ed 1414
Vanger 4:e505054279ed 1415 /* set TLS if it hasn't been turned off */
Vanger 4:e505054279ed 1416 if (ssl->version.major == 3 && ssl->version.minor >= 1) {
Vanger 4:e505054279ed 1417 #ifndef NO_TLS
Vanger 4:e505054279ed 1418 ssl->options.tls = 1;
Vanger 4:e505054279ed 1419 ssl->hmac = TLS_hmac;
Vanger 4:e505054279ed 1420 if (ssl->version.minor >= 2)
Vanger 4:e505054279ed 1421 ssl->options.tls1_1 = 1;
Vanger 4:e505054279ed 1422 #endif
Vanger 4:e505054279ed 1423 }
Vanger 4:e505054279ed 1424
Vanger 4:e505054279ed 1425 #ifdef CYASSL_DTLS
Vanger 4:e505054279ed 1426 if (ssl->options.dtls)
Vanger 4:e505054279ed 1427 ssl->hmac = TLS_hmac;
Vanger 4:e505054279ed 1428 #endif
Vanger 4:e505054279ed 1429
Vanger 4:e505054279ed 1430 return 0;
Vanger 4:e505054279ed 1431 }
Vanger 4:e505054279ed 1432
Vanger 4:e505054279ed 1433
Vanger 4:e505054279ed 1434 enum KeyStuff {
Vanger 4:e505054279ed 1435 MASTER_ROUNDS = 3,
Vanger 4:e505054279ed 1436 PREFIX = 3, /* up to three letters for master prefix */
Vanger 4:e505054279ed 1437 KEY_PREFIX = 7 /* up to 7 prefix letters for key rounds */
Vanger 4:e505054279ed 1438
Vanger 4:e505054279ed 1439
Vanger 4:e505054279ed 1440 };
Vanger 4:e505054279ed 1441
Vanger 4:e505054279ed 1442 #ifndef NO_OLD_TLS
Vanger 4:e505054279ed 1443 /* true or false, zero for error */
Vanger 4:e505054279ed 1444 static int SetPrefix(byte* sha_input, int idx)
Vanger 4:e505054279ed 1445 {
Vanger 4:e505054279ed 1446 switch (idx) {
Vanger 4:e505054279ed 1447 case 0:
Vanger 4:e505054279ed 1448 XMEMCPY(sha_input, "A", 1);
Vanger 4:e505054279ed 1449 break;
Vanger 4:e505054279ed 1450 case 1:
Vanger 4:e505054279ed 1451 XMEMCPY(sha_input, "BB", 2);
Vanger 4:e505054279ed 1452 break;
Vanger 4:e505054279ed 1453 case 2:
Vanger 4:e505054279ed 1454 XMEMCPY(sha_input, "CCC", 3);
Vanger 4:e505054279ed 1455 break;
Vanger 4:e505054279ed 1456 case 3:
Vanger 4:e505054279ed 1457 XMEMCPY(sha_input, "DDDD", 4);
Vanger 4:e505054279ed 1458 break;
Vanger 4:e505054279ed 1459 case 4:
Vanger 4:e505054279ed 1460 XMEMCPY(sha_input, "EEEEE", 5);
Vanger 4:e505054279ed 1461 break;
Vanger 4:e505054279ed 1462 case 5:
Vanger 4:e505054279ed 1463 XMEMCPY(sha_input, "FFFFFF", 6);
Vanger 4:e505054279ed 1464 break;
Vanger 4:e505054279ed 1465 case 6:
Vanger 4:e505054279ed 1466 XMEMCPY(sha_input, "GGGGGGG", 7);
Vanger 4:e505054279ed 1467 break;
Vanger 4:e505054279ed 1468 default:
Vanger 4:e505054279ed 1469 CYASSL_MSG("Set Prefix error, bad input");
Vanger 4:e505054279ed 1470 return 0;
Vanger 4:e505054279ed 1471 }
Vanger 4:e505054279ed 1472 return 1;
Vanger 4:e505054279ed 1473 }
Vanger 4:e505054279ed 1474 #endif
Vanger 4:e505054279ed 1475
Vanger 4:e505054279ed 1476
Vanger 4:e505054279ed 1477 static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
Vanger 4:e505054279ed 1478 byte side, void* heap, int devId)
Vanger 4:e505054279ed 1479 {
Vanger 4:e505054279ed 1480 #ifdef BUILD_ARC4
Vanger 4:e505054279ed 1481 word32 sz = specs->key_size;
Vanger 4:e505054279ed 1482 if (specs->bulk_cipher_algorithm == cyassl_rc4) {
Vanger 4:e505054279ed 1483 if (enc->arc4 == NULL)
Vanger 4:e505054279ed 1484 enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1485 if (enc->arc4 == NULL)
Vanger 4:e505054279ed 1486 return MEMORY_E;
Vanger 4:e505054279ed 1487 if (dec->arc4 == NULL)
Vanger 4:e505054279ed 1488 dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1489 if (dec->arc4 == NULL)
Vanger 4:e505054279ed 1490 return MEMORY_E;
Vanger 4:e505054279ed 1491 #ifdef HAVE_CAVIUM
Vanger 4:e505054279ed 1492 if (devId != NO_CAVIUM_DEVICE) {
Vanger 4:e505054279ed 1493 if (Arc4InitCavium(enc->arc4, devId) != 0) {
Vanger 4:e505054279ed 1494 CYASSL_MSG("Arc4InitCavium failed in SetKeys");
Vanger 4:e505054279ed 1495 return CAVIUM_INIT_E;
Vanger 4:e505054279ed 1496 }
Vanger 4:e505054279ed 1497 if (Arc4InitCavium(dec->arc4, devId) != 0) {
Vanger 4:e505054279ed 1498 CYASSL_MSG("Arc4InitCavium failed in SetKeys");
Vanger 4:e505054279ed 1499 return CAVIUM_INIT_E;
Vanger 4:e505054279ed 1500 }
Vanger 4:e505054279ed 1501 }
Vanger 4:e505054279ed 1502 #endif
Vanger 4:e505054279ed 1503 if (side == CYASSL_CLIENT_END) {
Vanger 4:e505054279ed 1504 Arc4SetKey(enc->arc4, keys->client_write_key, sz);
Vanger 4:e505054279ed 1505 Arc4SetKey(dec->arc4, keys->server_write_key, sz);
Vanger 4:e505054279ed 1506 }
Vanger 4:e505054279ed 1507 else {
Vanger 4:e505054279ed 1508 Arc4SetKey(enc->arc4, keys->server_write_key, sz);
Vanger 4:e505054279ed 1509 Arc4SetKey(dec->arc4, keys->client_write_key, sz);
Vanger 4:e505054279ed 1510 }
Vanger 4:e505054279ed 1511 enc->setup = 1;
Vanger 4:e505054279ed 1512 dec->setup = 1;
Vanger 4:e505054279ed 1513 }
Vanger 4:e505054279ed 1514 #endif
Vanger 4:e505054279ed 1515
Vanger 4:e505054279ed 1516 #ifdef HAVE_HC128
Vanger 4:e505054279ed 1517 if (specs->bulk_cipher_algorithm == cyassl_hc128) {
Vanger 4:e505054279ed 1518 int hcRet;
Vanger 4:e505054279ed 1519 if (enc->hc128 == NULL)
Vanger 4:e505054279ed 1520 enc->hc128 =
Vanger 4:e505054279ed 1521 (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1522 if (enc->hc128 == NULL)
Vanger 4:e505054279ed 1523 return MEMORY_E;
Vanger 4:e505054279ed 1524 if (dec->hc128 == NULL)
Vanger 4:e505054279ed 1525 dec->hc128 =
Vanger 4:e505054279ed 1526 (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1527 if (dec->hc128 == NULL)
Vanger 4:e505054279ed 1528 return MEMORY_E;
Vanger 4:e505054279ed 1529 if (side == CYASSL_CLIENT_END) {
Vanger 4:e505054279ed 1530 hcRet = Hc128_SetKey(enc->hc128, keys->client_write_key,
Vanger 4:e505054279ed 1531 keys->client_write_IV);
Vanger 4:e505054279ed 1532 if (hcRet != 0) return hcRet;
Vanger 4:e505054279ed 1533 hcRet = Hc128_SetKey(dec->hc128, keys->server_write_key,
Vanger 4:e505054279ed 1534 keys->server_write_IV);
Vanger 4:e505054279ed 1535 if (hcRet != 0) return hcRet;
Vanger 4:e505054279ed 1536 }
Vanger 4:e505054279ed 1537 else {
Vanger 4:e505054279ed 1538 hcRet = Hc128_SetKey(enc->hc128, keys->server_write_key,
Vanger 4:e505054279ed 1539 keys->server_write_IV);
Vanger 4:e505054279ed 1540 if (hcRet != 0) return hcRet;
Vanger 4:e505054279ed 1541 hcRet = Hc128_SetKey(dec->hc128, keys->client_write_key,
Vanger 4:e505054279ed 1542 keys->client_write_IV);
Vanger 4:e505054279ed 1543 if (hcRet != 0) return hcRet;
Vanger 4:e505054279ed 1544 }
Vanger 4:e505054279ed 1545 enc->setup = 1;
Vanger 4:e505054279ed 1546 dec->setup = 1;
Vanger 4:e505054279ed 1547 }
Vanger 4:e505054279ed 1548 #endif
Vanger 4:e505054279ed 1549
Vanger 4:e505054279ed 1550 #ifdef BUILD_RABBIT
Vanger 4:e505054279ed 1551 if (specs->bulk_cipher_algorithm == cyassl_rabbit) {
Vanger 4:e505054279ed 1552 int rabRet;
Vanger 4:e505054279ed 1553 if (enc->rabbit == NULL)
Vanger 4:e505054279ed 1554 enc->rabbit =
Vanger 4:e505054279ed 1555 (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1556 if (enc->rabbit == NULL)
Vanger 4:e505054279ed 1557 return MEMORY_E;
Vanger 4:e505054279ed 1558 if (dec->rabbit == NULL)
Vanger 4:e505054279ed 1559 dec->rabbit =
Vanger 4:e505054279ed 1560 (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1561 if (dec->rabbit == NULL)
Vanger 4:e505054279ed 1562 return MEMORY_E;
Vanger 4:e505054279ed 1563 if (side == CYASSL_CLIENT_END) {
Vanger 4:e505054279ed 1564 rabRet = RabbitSetKey(enc->rabbit, keys->client_write_key,
Vanger 4:e505054279ed 1565 keys->client_write_IV);
Vanger 4:e505054279ed 1566 if (rabRet != 0) return rabRet;
Vanger 4:e505054279ed 1567 rabRet = RabbitSetKey(dec->rabbit, keys->server_write_key,
Vanger 4:e505054279ed 1568 keys->server_write_IV);
Vanger 4:e505054279ed 1569 if (rabRet != 0) return rabRet;
Vanger 4:e505054279ed 1570 }
Vanger 4:e505054279ed 1571 else {
Vanger 4:e505054279ed 1572 rabRet = RabbitSetKey(enc->rabbit, keys->server_write_key,
Vanger 4:e505054279ed 1573 keys->server_write_IV);
Vanger 4:e505054279ed 1574 if (rabRet != 0) return rabRet;
Vanger 4:e505054279ed 1575 rabRet = RabbitSetKey(dec->rabbit, keys->client_write_key,
Vanger 4:e505054279ed 1576 keys->client_write_IV);
Vanger 4:e505054279ed 1577 if (rabRet != 0) return rabRet;
Vanger 4:e505054279ed 1578 }
Vanger 4:e505054279ed 1579 enc->setup = 1;
Vanger 4:e505054279ed 1580 dec->setup = 1;
Vanger 4:e505054279ed 1581 }
Vanger 4:e505054279ed 1582 #endif
Vanger 4:e505054279ed 1583
Vanger 4:e505054279ed 1584 #ifdef BUILD_DES3
Vanger 4:e505054279ed 1585 if (specs->bulk_cipher_algorithm == cyassl_triple_des) {
Vanger 4:e505054279ed 1586 int desRet = 0;
Vanger 4:e505054279ed 1587
Vanger 4:e505054279ed 1588 if (enc->des3 == NULL)
Vanger 4:e505054279ed 1589 enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1590 if (enc->des3 == NULL)
Vanger 4:e505054279ed 1591 return MEMORY_E;
Vanger 4:e505054279ed 1592 if (dec->des3 == NULL)
Vanger 4:e505054279ed 1593 dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1594 if (dec->des3 == NULL)
Vanger 4:e505054279ed 1595 return MEMORY_E;
Vanger 4:e505054279ed 1596 #ifdef HAVE_CAVIUM
Vanger 4:e505054279ed 1597 if (devId != NO_CAVIUM_DEVICE) {
Vanger 4:e505054279ed 1598 if (Des3_InitCavium(enc->des3, devId) != 0) {
Vanger 4:e505054279ed 1599 CYASSL_MSG("Des3_InitCavium failed in SetKeys");
Vanger 4:e505054279ed 1600 return CAVIUM_INIT_E;
Vanger 4:e505054279ed 1601 }
Vanger 4:e505054279ed 1602 if (Des3_InitCavium(dec->des3, devId) != 0) {
Vanger 4:e505054279ed 1603 CYASSL_MSG("Des3_InitCavium failed in SetKeys");
Vanger 4:e505054279ed 1604 return CAVIUM_INIT_E;
Vanger 4:e505054279ed 1605 }
Vanger 4:e505054279ed 1606 }
Vanger 4:e505054279ed 1607 #endif
Vanger 4:e505054279ed 1608 if (side == CYASSL_CLIENT_END) {
Vanger 4:e505054279ed 1609 desRet = Des3_SetKey(enc->des3, keys->client_write_key,
Vanger 4:e505054279ed 1610 keys->client_write_IV, DES_ENCRYPTION);
Vanger 4:e505054279ed 1611 if (desRet != 0)
Vanger 4:e505054279ed 1612 return desRet;
Vanger 4:e505054279ed 1613 desRet = Des3_SetKey(dec->des3, keys->server_write_key,
Vanger 4:e505054279ed 1614 keys->server_write_IV, DES_DECRYPTION);
Vanger 4:e505054279ed 1615 if (desRet != 0)
Vanger 4:e505054279ed 1616 return desRet;
Vanger 4:e505054279ed 1617 }
Vanger 4:e505054279ed 1618 else {
Vanger 4:e505054279ed 1619 desRet = Des3_SetKey(enc->des3, keys->server_write_key,
Vanger 4:e505054279ed 1620 keys->server_write_IV, DES_ENCRYPTION);
Vanger 4:e505054279ed 1621 if (desRet != 0)
Vanger 4:e505054279ed 1622 return desRet;
Vanger 4:e505054279ed 1623 desRet = Des3_SetKey(dec->des3, keys->client_write_key,
Vanger 4:e505054279ed 1624 keys->client_write_IV, DES_DECRYPTION);
Vanger 4:e505054279ed 1625 if (desRet != 0)
Vanger 4:e505054279ed 1626 return desRet;
Vanger 4:e505054279ed 1627 }
Vanger 4:e505054279ed 1628 enc->setup = 1;
Vanger 4:e505054279ed 1629 dec->setup = 1;
Vanger 4:e505054279ed 1630 }
Vanger 4:e505054279ed 1631 #endif
Vanger 4:e505054279ed 1632
Vanger 4:e505054279ed 1633 #ifdef BUILD_AES
Vanger 4:e505054279ed 1634 if (specs->bulk_cipher_algorithm == cyassl_aes) {
Vanger 4:e505054279ed 1635 int aesRet = 0;
Vanger 4:e505054279ed 1636
Vanger 4:e505054279ed 1637 if (enc->aes == NULL)
Vanger 4:e505054279ed 1638 enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1639 if (enc->aes == NULL)
Vanger 4:e505054279ed 1640 return MEMORY_E;
Vanger 4:e505054279ed 1641 if (dec->aes == NULL)
Vanger 4:e505054279ed 1642 dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1643 if (dec->aes == NULL)
Vanger 4:e505054279ed 1644 return MEMORY_E;
Vanger 4:e505054279ed 1645 #ifdef HAVE_CAVIUM
Vanger 4:e505054279ed 1646 if (devId != NO_CAVIUM_DEVICE) {
Vanger 4:e505054279ed 1647 if (AesInitCavium(enc->aes, devId) != 0) {
Vanger 4:e505054279ed 1648 CYASSL_MSG("AesInitCavium failed in SetKeys");
Vanger 4:e505054279ed 1649 return CAVIUM_INIT_E;
Vanger 4:e505054279ed 1650 }
Vanger 4:e505054279ed 1651 if (AesInitCavium(dec->aes, devId) != 0) {
Vanger 4:e505054279ed 1652 CYASSL_MSG("AesInitCavium failed in SetKeys");
Vanger 4:e505054279ed 1653 return CAVIUM_INIT_E;
Vanger 4:e505054279ed 1654 }
Vanger 4:e505054279ed 1655 }
Vanger 4:e505054279ed 1656 #endif
Vanger 4:e505054279ed 1657 if (side == CYASSL_CLIENT_END) {
Vanger 4:e505054279ed 1658 aesRet = AesSetKey(enc->aes, keys->client_write_key,
Vanger 4:e505054279ed 1659 specs->key_size, keys->client_write_IV,
Vanger 4:e505054279ed 1660 AES_ENCRYPTION);
Vanger 4:e505054279ed 1661 if (aesRet != 0)
Vanger 4:e505054279ed 1662 return aesRet;
Vanger 4:e505054279ed 1663 aesRet = AesSetKey(dec->aes, keys->server_write_key,
Vanger 4:e505054279ed 1664 specs->key_size, keys->server_write_IV,
Vanger 4:e505054279ed 1665 AES_DECRYPTION);
Vanger 4:e505054279ed 1666 if (aesRet != 0)
Vanger 4:e505054279ed 1667 return aesRet;
Vanger 4:e505054279ed 1668 }
Vanger 4:e505054279ed 1669 else {
Vanger 4:e505054279ed 1670 aesRet = AesSetKey(enc->aes, keys->server_write_key,
Vanger 4:e505054279ed 1671 specs->key_size, keys->server_write_IV,
Vanger 4:e505054279ed 1672 AES_ENCRYPTION);
Vanger 4:e505054279ed 1673 if (aesRet != 0)
Vanger 4:e505054279ed 1674 return aesRet;
Vanger 4:e505054279ed 1675 aesRet = AesSetKey(dec->aes, keys->client_write_key,
Vanger 4:e505054279ed 1676 specs->key_size, keys->client_write_IV,
Vanger 4:e505054279ed 1677 AES_DECRYPTION);
Vanger 4:e505054279ed 1678 if (aesRet != 0)
Vanger 4:e505054279ed 1679 return aesRet;
Vanger 4:e505054279ed 1680 }
Vanger 4:e505054279ed 1681 enc->setup = 1;
Vanger 4:e505054279ed 1682 dec->setup = 1;
Vanger 4:e505054279ed 1683 }
Vanger 4:e505054279ed 1684 #endif
Vanger 4:e505054279ed 1685
Vanger 4:e505054279ed 1686 #ifdef BUILD_AESGCM
Vanger 4:e505054279ed 1687 if (specs->bulk_cipher_algorithm == cyassl_aes_gcm) {
Vanger 4:e505054279ed 1688 if (enc->aes == NULL)
Vanger 4:e505054279ed 1689 enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1690 if (enc->aes == NULL)
Vanger 4:e505054279ed 1691 return MEMORY_E;
Vanger 4:e505054279ed 1692 if (dec->aes == NULL)
Vanger 4:e505054279ed 1693 dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1694 if (dec->aes == NULL)
Vanger 4:e505054279ed 1695 return MEMORY_E;
Vanger 4:e505054279ed 1696
Vanger 4:e505054279ed 1697 if (side == CYASSL_CLIENT_END) {
Vanger 4:e505054279ed 1698 AesGcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
Vanger 4:e505054279ed 1699 XMEMCPY(keys->aead_enc_imp_IV,
Vanger 4:e505054279ed 1700 keys->client_write_IV, AEAD_IMP_IV_SZ);
Vanger 4:e505054279ed 1701 AesGcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
Vanger 4:e505054279ed 1702 XMEMCPY(keys->aead_dec_imp_IV,
Vanger 4:e505054279ed 1703 keys->server_write_IV, AEAD_IMP_IV_SZ);
Vanger 4:e505054279ed 1704 }
Vanger 4:e505054279ed 1705 else {
Vanger 4:e505054279ed 1706 AesGcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
Vanger 4:e505054279ed 1707 XMEMCPY(keys->aead_enc_imp_IV,
Vanger 4:e505054279ed 1708 keys->server_write_IV, AEAD_IMP_IV_SZ);
Vanger 4:e505054279ed 1709 AesGcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
Vanger 4:e505054279ed 1710 XMEMCPY(keys->aead_dec_imp_IV,
Vanger 4:e505054279ed 1711 keys->client_write_IV, AEAD_IMP_IV_SZ);
Vanger 4:e505054279ed 1712 }
Vanger 4:e505054279ed 1713 enc->setup = 1;
Vanger 4:e505054279ed 1714 dec->setup = 1;
Vanger 4:e505054279ed 1715 }
Vanger 4:e505054279ed 1716 #endif
Vanger 4:e505054279ed 1717
Vanger 4:e505054279ed 1718 #ifdef HAVE_AESCCM
Vanger 4:e505054279ed 1719 if (specs->bulk_cipher_algorithm == cyassl_aes_ccm) {
Vanger 4:e505054279ed 1720 if (enc->aes == NULL)
Vanger 4:e505054279ed 1721 enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1722 if (enc->aes == NULL)
Vanger 4:e505054279ed 1723 return MEMORY_E;
Vanger 4:e505054279ed 1724 if (dec->aes == NULL)
Vanger 4:e505054279ed 1725 dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1726 if (dec->aes == NULL)
Vanger 4:e505054279ed 1727 return MEMORY_E;
Vanger 4:e505054279ed 1728
Vanger 4:e505054279ed 1729 if (side == CYASSL_CLIENT_END) {
Vanger 4:e505054279ed 1730 AesCcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
Vanger 4:e505054279ed 1731 XMEMCPY(keys->aead_enc_imp_IV,
Vanger 4:e505054279ed 1732 keys->client_write_IV, AEAD_IMP_IV_SZ);
Vanger 4:e505054279ed 1733 AesCcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
Vanger 4:e505054279ed 1734 XMEMCPY(keys->aead_dec_imp_IV,
Vanger 4:e505054279ed 1735 keys->server_write_IV, AEAD_IMP_IV_SZ);
Vanger 4:e505054279ed 1736 }
Vanger 4:e505054279ed 1737 else {
Vanger 4:e505054279ed 1738 AesCcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
Vanger 4:e505054279ed 1739 XMEMCPY(keys->aead_enc_imp_IV,
Vanger 4:e505054279ed 1740 keys->server_write_IV, AEAD_IMP_IV_SZ);
Vanger 4:e505054279ed 1741 AesCcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
Vanger 4:e505054279ed 1742 XMEMCPY(keys->aead_dec_imp_IV,
Vanger 4:e505054279ed 1743 keys->client_write_IV, AEAD_IMP_IV_SZ);
Vanger 4:e505054279ed 1744 }
Vanger 4:e505054279ed 1745 enc->setup = 1;
Vanger 4:e505054279ed 1746 dec->setup = 1;
Vanger 4:e505054279ed 1747 }
Vanger 4:e505054279ed 1748 #endif
Vanger 4:e505054279ed 1749
Vanger 4:e505054279ed 1750 #ifdef HAVE_CAMELLIA
Vanger 4:e505054279ed 1751 if (specs->bulk_cipher_algorithm == cyassl_camellia) {
Vanger 4:e505054279ed 1752 int camRet;
Vanger 4:e505054279ed 1753
Vanger 4:e505054279ed 1754 if (enc->cam == NULL)
Vanger 4:e505054279ed 1755 enc->cam =
Vanger 4:e505054279ed 1756 (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1757 if (enc->cam == NULL)
Vanger 4:e505054279ed 1758 return MEMORY_E;
Vanger 4:e505054279ed 1759
Vanger 4:e505054279ed 1760 if (dec->cam == NULL)
Vanger 4:e505054279ed 1761 dec->cam =
Vanger 4:e505054279ed 1762 (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
Vanger 4:e505054279ed 1763 if (dec->cam == NULL)
Vanger 4:e505054279ed 1764 return MEMORY_E;
Vanger 4:e505054279ed 1765
Vanger 4:e505054279ed 1766 if (side == CYASSL_CLIENT_END) {
Vanger 4:e505054279ed 1767 camRet = CamelliaSetKey(enc->cam, keys->client_write_key,
Vanger 4:e505054279ed 1768 specs->key_size, keys->client_write_IV);
Vanger 4:e505054279ed 1769 if (camRet != 0)
Vanger 4:e505054279ed 1770 return camRet;
Vanger 4:e505054279ed 1771
Vanger 4:e505054279ed 1772 camRet = CamelliaSetKey(dec->cam, keys->server_write_key,
Vanger 4:e505054279ed 1773 specs->key_size, keys->server_write_IV);
Vanger 4:e505054279ed 1774 if (camRet != 0)
Vanger 4:e505054279ed 1775 return camRet;
Vanger 4:e505054279ed 1776 }
Vanger 4:e505054279ed 1777 else {
Vanger 4:e505054279ed 1778 camRet = CamelliaSetKey(enc->cam, keys->server_write_key,
Vanger 4:e505054279ed 1779 specs->key_size, keys->server_write_IV);
Vanger 4:e505054279ed 1780 if (camRet != 0)
Vanger 4:e505054279ed 1781 return camRet;
Vanger 4:e505054279ed 1782
Vanger 4:e505054279ed 1783 camRet = CamelliaSetKey(dec->cam, keys->client_write_key,
Vanger 4:e505054279ed 1784 specs->key_size, keys->client_write_IV);
Vanger 4:e505054279ed 1785 if (camRet != 0)
Vanger 4:e505054279ed 1786 return camRet;
Vanger 4:e505054279ed 1787 }
Vanger 4:e505054279ed 1788 enc->setup = 1;
Vanger 4:e505054279ed 1789 dec->setup = 1;
Vanger 4:e505054279ed 1790 }
Vanger 4:e505054279ed 1791 #endif
Vanger 4:e505054279ed 1792
Vanger 4:e505054279ed 1793 #ifdef HAVE_NULL_CIPHER
Vanger 4:e505054279ed 1794 if (specs->bulk_cipher_algorithm == cyassl_cipher_null) {
Vanger 4:e505054279ed 1795 enc->setup = 1;
Vanger 4:e505054279ed 1796 dec->setup = 1;
Vanger 4:e505054279ed 1797 }
Vanger 4:e505054279ed 1798 #endif
Vanger 4:e505054279ed 1799
Vanger 4:e505054279ed 1800 keys->sequence_number = 0;
Vanger 4:e505054279ed 1801 keys->peer_sequence_number = 0;
Vanger 4:e505054279ed 1802 keys->encryptionOn = 0;
Vanger 4:e505054279ed 1803 (void)side;
Vanger 4:e505054279ed 1804 (void)heap;
Vanger 4:e505054279ed 1805 (void)enc;
Vanger 4:e505054279ed 1806 (void)dec;
Vanger 4:e505054279ed 1807 (void)specs;
Vanger 4:e505054279ed 1808 (void)devId;
Vanger 4:e505054279ed 1809
Vanger 4:e505054279ed 1810 return 0;
Vanger 4:e505054279ed 1811 }
Vanger 4:e505054279ed 1812
Vanger 4:e505054279ed 1813
Vanger 4:e505054279ed 1814 /* TLS can call too */
Vanger 4:e505054279ed 1815 int StoreKeys(CYASSL* ssl, const byte* keyData)
Vanger 4:e505054279ed 1816 {
Vanger 4:e505054279ed 1817 int sz, i = 0;
Vanger 4:e505054279ed 1818 int devId = NO_CAVIUM_DEVICE;
Vanger 4:e505054279ed 1819
Vanger 4:e505054279ed 1820 #ifdef HAVE_CAVIUM
Vanger 4:e505054279ed 1821 devId = ssl->devId;
Vanger 4:e505054279ed 1822 #endif
Vanger 4:e505054279ed 1823
Vanger 4:e505054279ed 1824 if (ssl->specs.cipher_type != aead) {
Vanger 4:e505054279ed 1825 sz = ssl->specs.hash_size;
Vanger 4:e505054279ed 1826 XMEMCPY(ssl->keys.client_write_MAC_secret,&keyData[i], sz);
Vanger 4:e505054279ed 1827 i += sz;
Vanger 4:e505054279ed 1828 XMEMCPY(ssl->keys.server_write_MAC_secret,&keyData[i], sz);
Vanger 4:e505054279ed 1829 i += sz;
Vanger 4:e505054279ed 1830 }
Vanger 4:e505054279ed 1831 sz = ssl->specs.key_size;
Vanger 4:e505054279ed 1832 XMEMCPY(ssl->keys.client_write_key, &keyData[i], sz);
Vanger 4:e505054279ed 1833 i += sz;
Vanger 4:e505054279ed 1834 XMEMCPY(ssl->keys.server_write_key, &keyData[i], sz);
Vanger 4:e505054279ed 1835 i += sz;
Vanger 4:e505054279ed 1836
Vanger 4:e505054279ed 1837 sz = ssl->specs.iv_size;
Vanger 4:e505054279ed 1838 XMEMCPY(ssl->keys.client_write_IV, &keyData[i], sz);
Vanger 4:e505054279ed 1839 i += sz;
Vanger 4:e505054279ed 1840 XMEMCPY(ssl->keys.server_write_IV, &keyData[i], sz);
Vanger 4:e505054279ed 1841
Vanger 4:e505054279ed 1842 #ifdef HAVE_AEAD
Vanger 4:e505054279ed 1843 if (ssl->specs.cipher_type == aead) {
Vanger 4:e505054279ed 1844 /* Initialize the AES-GCM/CCM explicit IV to a zero. */
Vanger 4:e505054279ed 1845 XMEMSET(ssl->keys.aead_exp_IV, 0, AEAD_EXP_IV_SZ);
Vanger 4:e505054279ed 1846 }
Vanger 4:e505054279ed 1847 #endif
Vanger 4:e505054279ed 1848
Vanger 4:e505054279ed 1849 return SetKeys(&ssl->encrypt, &ssl->decrypt, &ssl->keys, &ssl->specs,
Vanger 4:e505054279ed 1850 ssl->options.side, ssl->heap, devId);
Vanger 4:e505054279ed 1851 }
Vanger 4:e505054279ed 1852
Vanger 4:e505054279ed 1853 #ifndef NO_OLD_TLS
Vanger 4:e505054279ed 1854 int DeriveKeys(CYASSL* ssl)
Vanger 4:e505054279ed 1855 {
Vanger 4:e505054279ed 1856 int length = 2 * ssl->specs.hash_size +
Vanger 4:e505054279ed 1857 2 * ssl->specs.key_size +
Vanger 4:e505054279ed 1858 2 * ssl->specs.iv_size;
Vanger 4:e505054279ed 1859 int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i;
Vanger 4:e505054279ed 1860 int ret = 0;
Vanger 4:e505054279ed 1861
Vanger 4:e505054279ed 1862 byte shaOutput[SHA_DIGEST_SIZE];
Vanger 4:e505054279ed 1863 byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE];
Vanger 4:e505054279ed 1864 byte shaInput[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN];
Vanger 4:e505054279ed 1865
Vanger 4:e505054279ed 1866 Md5 md5;
Vanger 4:e505054279ed 1867 Sha sha;
Vanger 4:e505054279ed 1868
Vanger 4:e505054279ed 1869 byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE]; /* max size */
Vanger 4:e505054279ed 1870
Vanger 4:e505054279ed 1871 InitMd5(&md5);
Vanger 4:e505054279ed 1872 ret = InitSha(&sha);
Vanger 4:e505054279ed 1873 if (ret != 0)
Vanger 4:e505054279ed 1874 return ret;
Vanger 4:e505054279ed 1875
Vanger 4:e505054279ed 1876 XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN);
Vanger 4:e505054279ed 1877
Vanger 4:e505054279ed 1878 for (i = 0; i < rounds; ++i) {
Vanger 4:e505054279ed 1879 int j = i + 1;
Vanger 4:e505054279ed 1880 int idx = j;
Vanger 4:e505054279ed 1881
Vanger 4:e505054279ed 1882 if (!SetPrefix(shaInput, i)) {
Vanger 4:e505054279ed 1883 return PREFIX_ERROR;
Vanger 4:e505054279ed 1884 }
Vanger 4:e505054279ed 1885
Vanger 4:e505054279ed 1886 XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN);
Vanger 4:e505054279ed 1887 idx += SECRET_LEN;
Vanger 4:e505054279ed 1888 XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
Vanger 4:e505054279ed 1889 idx += RAN_LEN;
Vanger 4:e505054279ed 1890 XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
Vanger 4:e505054279ed 1891
Vanger 4:e505054279ed 1892 ShaUpdate(&sha, shaInput, (word32)sizeof(shaInput) - KEY_PREFIX + j);
Vanger 4:e505054279ed 1893 ShaFinal(&sha, shaOutput);
Vanger 4:e505054279ed 1894
Vanger 4:e505054279ed 1895 XMEMCPY(&md5Input[SECRET_LEN], shaOutput, SHA_DIGEST_SIZE);
Vanger 4:e505054279ed 1896 Md5Update(&md5, md5Input, sizeof(md5Input));
Vanger 4:e505054279ed 1897 Md5Final(&md5, keyData + i * MD5_DIGEST_SIZE);
Vanger 4:e505054279ed 1898 }
Vanger 4:e505054279ed 1899
Vanger 4:e505054279ed 1900 return StoreKeys(ssl, keyData);
Vanger 4:e505054279ed 1901 }
Vanger 4:e505054279ed 1902
Vanger 4:e505054279ed 1903
Vanger 4:e505054279ed 1904 static int CleanPreMaster(CYASSL* ssl)
Vanger 4:e505054279ed 1905 {
Vanger 4:e505054279ed 1906 int i, ret, sz = ssl->arrays->preMasterSz;
Vanger 4:e505054279ed 1907
Vanger 4:e505054279ed 1908 for (i = 0; i < sz; i++)
Vanger 4:e505054279ed 1909 ssl->arrays->preMasterSecret[i] = 0;
Vanger 4:e505054279ed 1910
Vanger 4:e505054279ed 1911 ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz);
Vanger 4:e505054279ed 1912 if (ret != 0)
Vanger 4:e505054279ed 1913 return ret;
Vanger 4:e505054279ed 1914
Vanger 4:e505054279ed 1915 for (i = 0; i < sz; i++)
Vanger 4:e505054279ed 1916 ssl->arrays->preMasterSecret[i] = 0;
Vanger 4:e505054279ed 1917
Vanger 4:e505054279ed 1918 return 0;
Vanger 4:e505054279ed 1919 }
Vanger 4:e505054279ed 1920
Vanger 4:e505054279ed 1921
Vanger 4:e505054279ed 1922 /* Create and store the master secret see page 32, 6.1 */
Vanger 4:e505054279ed 1923 static int MakeSslMasterSecret(CYASSL* ssl)
Vanger 4:e505054279ed 1924 {
Vanger 4:e505054279ed 1925 byte shaOutput[SHA_DIGEST_SIZE];
Vanger 4:e505054279ed 1926 byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE];
Vanger 4:e505054279ed 1927 byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN];
Vanger 4:e505054279ed 1928 int i, ret;
Vanger 4:e505054279ed 1929 word32 idx;
Vanger 4:e505054279ed 1930 word32 pmsSz = ssl->arrays->preMasterSz;
Vanger 4:e505054279ed 1931
Vanger 4:e505054279ed 1932 Md5 md5;
Vanger 4:e505054279ed 1933 Sha sha;
Vanger 4:e505054279ed 1934
Vanger 4:e505054279ed 1935 #ifdef SHOW_SECRETS
Vanger 4:e505054279ed 1936 {
Vanger 4:e505054279ed 1937 word32 j;
Vanger 4:e505054279ed 1938 printf("pre master secret: ");
Vanger 4:e505054279ed 1939 for (j = 0; j < pmsSz; j++)
Vanger 4:e505054279ed 1940 printf("%02x", ssl->arrays->preMasterSecret[j]);
Vanger 4:e505054279ed 1941 printf("\n");
Vanger 4:e505054279ed 1942 }
Vanger 4:e505054279ed 1943 #endif
Vanger 4:e505054279ed 1944
Vanger 4:e505054279ed 1945 InitMd5(&md5);
Vanger 4:e505054279ed 1946 ret = InitSha(&sha);
Vanger 4:e505054279ed 1947 if (ret != 0)
Vanger 4:e505054279ed 1948 return ret;
Vanger 4:e505054279ed 1949
Vanger 4:e505054279ed 1950 XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz);
Vanger 4:e505054279ed 1951
Vanger 4:e505054279ed 1952 for (i = 0; i < MASTER_ROUNDS; ++i) {
Vanger 4:e505054279ed 1953 byte prefix[PREFIX];
Vanger 4:e505054279ed 1954 if (!SetPrefix(prefix, i)) {
Vanger 4:e505054279ed 1955 return PREFIX_ERROR;
Vanger 4:e505054279ed 1956 }
Vanger 4:e505054279ed 1957
Vanger 4:e505054279ed 1958 idx = 0;
Vanger 4:e505054279ed 1959 XMEMCPY(shaInput, prefix, i + 1);
Vanger 4:e505054279ed 1960 idx += i + 1;
Vanger 4:e505054279ed 1961
Vanger 4:e505054279ed 1962 XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz);
Vanger 4:e505054279ed 1963 idx += pmsSz;
Vanger 4:e505054279ed 1964 XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
Vanger 4:e505054279ed 1965 idx += RAN_LEN;
Vanger 4:e505054279ed 1966 XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
Vanger 4:e505054279ed 1967 idx += RAN_LEN;
Vanger 4:e505054279ed 1968 ShaUpdate(&sha, shaInput, idx);
Vanger 4:e505054279ed 1969 ShaFinal(&sha, shaOutput);
Vanger 4:e505054279ed 1970
Vanger 4:e505054279ed 1971 idx = pmsSz; /* preSz */
Vanger 4:e505054279ed 1972 XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
Vanger 4:e505054279ed 1973 idx += SHA_DIGEST_SIZE;
Vanger 4:e505054279ed 1974 Md5Update(&md5, md5Input, idx);
Vanger 4:e505054279ed 1975 Md5Final(&md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]);
Vanger 4:e505054279ed 1976 }
Vanger 4:e505054279ed 1977
Vanger 4:e505054279ed 1978 #ifdef SHOW_SECRETS
Vanger 4:e505054279ed 1979 {
Vanger 4:e505054279ed 1980 word32 j;
Vanger 4:e505054279ed 1981 printf("master secret: ");
Vanger 4:e505054279ed 1982 for (j = 0; j < SECRET_LEN; j++)
Vanger 4:e505054279ed 1983 printf("%02x", ssl->arrays->masterSecret[j]);
Vanger 4:e505054279ed 1984 printf("\n");
Vanger 4:e505054279ed 1985 }
Vanger 4:e505054279ed 1986 #endif
Vanger 4:e505054279ed 1987
Vanger 4:e505054279ed 1988 ret = DeriveKeys(ssl);
Vanger 4:e505054279ed 1989 if (ret != 0) {
Vanger 4:e505054279ed 1990 /* always try to clean PreMaster */
Vanger 4:e505054279ed 1991 CleanPreMaster(ssl);
Vanger 4:e505054279ed 1992 return ret;
Vanger 4:e505054279ed 1993 }
Vanger 4:e505054279ed 1994
Vanger 4:e505054279ed 1995 return CleanPreMaster(ssl);
Vanger 4:e505054279ed 1996 }
Vanger 4:e505054279ed 1997 #endif
Vanger 4:e505054279ed 1998
Vanger 4:e505054279ed 1999
Vanger 4:e505054279ed 2000 /* Master wrapper, doesn't use SSL stack space in TLS mode */
Vanger 4:e505054279ed 2001 int MakeMasterSecret(CYASSL* ssl)
Vanger 4:e505054279ed 2002 {
Vanger 4:e505054279ed 2003 #ifdef NO_OLD_TLS
Vanger 4:e505054279ed 2004 return MakeTlsMasterSecret(ssl);
Vanger 4:e505054279ed 2005 #elif !defined(NO_TLS)
Vanger 4:e505054279ed 2006 if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
Vanger 4:e505054279ed 2007 #endif
Vanger 4:e505054279ed 2008
Vanger 4:e505054279ed 2009 #ifndef NO_OLD_TLS
Vanger 4:e505054279ed 2010 return MakeSslMasterSecret(ssl);
Vanger 4:e505054279ed 2011 #endif
Vanger 4:e505054279ed 2012 }
Vanger 4:e505054279ed 2013
Vanger 4:e505054279ed 2014