cyassl-lib - fork of cyassl-lib

Users » feb11 » Code » cyassl-lib

fork of cyassl-lib

keys.c@4:f377303c41be, 2013-09-16 (annotated)

Committer:: feb11
Date:: Mon Sep 16 09:53:35 2013 +0000
Revision:: 4:f377303c41be
Parent:: 0:714293de3836

changed settings

Who changed what in which revision?

User	Revision	Line number	New contents of line
ashleymills	0:714293de3836	1	/* keys.c
ashleymills	0:714293de3836	2	*
ashleymills	0:714293de3836	3	* Copyright (C) 2006-2013 wolfSSL Inc.
ashleymills	0:714293de3836	4	*
ashleymills	0:714293de3836	5	* This file is part of CyaSSL.
ashleymills	0:714293de3836	6	*
ashleymills	0:714293de3836	7	* CyaSSL is free software; you can redistribute it and/or modify
ashleymills	0:714293de3836	8	* it under the terms of the GNU General Public License as published by
ashleymills	0:714293de3836	9	* the Free Software Foundation; either version 2 of the License, or
ashleymills	0:714293de3836	10	* (at your option) any later version.
ashleymills	0:714293de3836	11	*
ashleymills	0:714293de3836	12	* CyaSSL is distributed in the hope that it will be useful,
ashleymills	0:714293de3836	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
ashleymills	0:714293de3836	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
ashleymills	0:714293de3836	15	* GNU General Public License for more details.
ashleymills	0:714293de3836	16	*
ashleymills	0:714293de3836	17	* You should have received a copy of the GNU General Public License
ashleymills	0:714293de3836	18	* along with this program; if not, write to the Free Software
ashleymills	0:714293de3836	19	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
ashleymills	0:714293de3836	20	*/
ashleymills	0:714293de3836	21
ashleymills	0:714293de3836	22
ashleymills	0:714293de3836	23	#ifdef HAVE_CONFIG_H
ashleymills	0:714293de3836	24	#include <config.h>
ashleymills	0:714293de3836	25	#endif
ashleymills	0:714293de3836	26
ashleymills	0:714293de3836	27	#include <cyassl/ctaocrypt/settings.h>
ashleymills	0:714293de3836	28
ashleymills	0:714293de3836	29	#include <cyassl/internal.h>
ashleymills	0:714293de3836	30	#include <cyassl/ctaoerror.h>
ashleymills	0:714293de3836	31	#ifdef SHOW_SECRETS
ashleymills	0:714293de3836	32	#ifdef FREESCALE_MQX
ashleymills	0:714293de3836	33	#include <fio.h>
ashleymills	0:714293de3836	34	#else
ashleymills	0:714293de3836	35	#include <stdio.h>
ashleymills	0:714293de3836	36	#endif
ashleymills	0:714293de3836	37	#endif
ashleymills	0:714293de3836	38
ashleymills	0:714293de3836	39
ashleymills	0:714293de3836	40	int SetCipherSpecs(CYASSL* ssl)
ashleymills	0:714293de3836	41	{
ashleymills	0:714293de3836	42	/* ECC extensions, or AES-CCM */
ashleymills	0:714293de3836	43	if (ssl->options.cipherSuite0 == ECC_BYTE) {
ashleymills	0:714293de3836	44
ashleymills	0:714293de3836	45	switch (ssl->options.cipherSuite) {
ashleymills	0:714293de3836	46
ashleymills	0:714293de3836	47	#ifdef HAVE_ECC
ashleymills	0:714293de3836	48
ashleymills	0:714293de3836	49	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
ashleymills	0:714293de3836	50	case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
ashleymills	0:714293de3836	51	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	52	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	53	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	54	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	55	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	56	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	57	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	58	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	59	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	60	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	61	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	62	break;
ashleymills	0:714293de3836	63	#endif
ashleymills	0:714293de3836	64
ashleymills	0:714293de3836	65	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
ashleymills	0:714293de3836	66	case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
ashleymills	0:714293de3836	67	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	68	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	69	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	70	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	71	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	72	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	73	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	74	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	75	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	76	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	77	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	78	break;
ashleymills	0:714293de3836	79	#endif
ashleymills	0:714293de3836	80
ashleymills	0:714293de3836	81	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
ashleymills	0:714293de3836	82	case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
ashleymills	0:714293de3836	83	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	84	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	85	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	86	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	87	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	88	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	89	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	90	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	91	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	92	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	93	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	94	break;
ashleymills	0:714293de3836	95	#endif
ashleymills	0:714293de3836	96
ashleymills	0:714293de3836	97	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
ashleymills	0:714293de3836	98	case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
ashleymills	0:714293de3836	99	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	100	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	101	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	102	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	103	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	104	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	105	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	106	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	107	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	108	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	109	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	110	break;
ashleymills	0:714293de3836	111	#endif
ashleymills	0:714293de3836	112
ashleymills	0:714293de3836	113	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
ashleymills	0:714293de3836	114	case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
ashleymills	0:714293de3836	115	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	116	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	117	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	118	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	119	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	120	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	121	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	122	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	123	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	124	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	125	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	126	break;
ashleymills	0:714293de3836	127	#endif
ashleymills	0:714293de3836	128
ashleymills	0:714293de3836	129	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
ashleymills	0:714293de3836	130	case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
ashleymills	0:714293de3836	131	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	132	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	133	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	134	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	135	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	136	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	137	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	138	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	139	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	140	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	141	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	142	break;
ashleymills	0:714293de3836	143	#endif
ashleymills	0:714293de3836	144
ashleymills	0:714293de3836	145	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
ashleymills	0:714293de3836	146	case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
ashleymills	0:714293de3836	147	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	148	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	149	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	150	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	151	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	152	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	153	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	154	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	155	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	156	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	157	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	158	break;
ashleymills	0:714293de3836	159	#endif
ashleymills	0:714293de3836	160
ashleymills	0:714293de3836	161	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
ashleymills	0:714293de3836	162	case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
ashleymills	0:714293de3836	163	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	164	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	165	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	166	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	167	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	168	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	169	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	170	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	171	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	172	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	173	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	174	break;
ashleymills	0:714293de3836	175	#endif
ashleymills	0:714293de3836	176
ashleymills	0:714293de3836	177	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
ashleymills	0:714293de3836	178	case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
ashleymills	0:714293de3836	179	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	180	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	181	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	182	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	183	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	184	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	185	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	186	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	187	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	188	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	189	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	190
ashleymills	0:714293de3836	191	break;
ashleymills	0:714293de3836	192	#endif
ashleymills	0:714293de3836	193
ashleymills	0:714293de3836	194	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
ashleymills	0:714293de3836	195	case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
ashleymills	0:714293de3836	196	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	197	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	198	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	199	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	200	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	201	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	202	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	203	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	204	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	205	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	206	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	207
ashleymills	0:714293de3836	208	break;
ashleymills	0:714293de3836	209	#endif
ashleymills	0:714293de3836	210
ashleymills	0:714293de3836	211	#ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
ashleymills	0:714293de3836	212	case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
ashleymills	0:714293de3836	213	ssl->specs.bulk_cipher_algorithm = triple_des;
ashleymills	0:714293de3836	214	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	215	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	216	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	217	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	218	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	219	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	220	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	221	ssl->specs.key_size = DES3_KEY_SIZE;
ashleymills	0:714293de3836	222	ssl->specs.block_size = DES_BLOCK_SIZE;
ashleymills	0:714293de3836	223	ssl->specs.iv_size = DES_IV_SIZE;
ashleymills	0:714293de3836	224
ashleymills	0:714293de3836	225	break;
ashleymills	0:714293de3836	226	#endif
ashleymills	0:714293de3836	227
ashleymills	0:714293de3836	228	#ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
ashleymills	0:714293de3836	229	case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
ashleymills	0:714293de3836	230	ssl->specs.bulk_cipher_algorithm = triple_des;
ashleymills	0:714293de3836	231	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	232	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	233	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	234	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	235	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	236	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	237	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	238	ssl->specs.key_size = DES3_KEY_SIZE;
ashleymills	0:714293de3836	239	ssl->specs.block_size = DES_BLOCK_SIZE;
ashleymills	0:714293de3836	240	ssl->specs.iv_size = DES_IV_SIZE;
ashleymills	0:714293de3836	241
ashleymills	0:714293de3836	242	break;
ashleymills	0:714293de3836	243	#endif
ashleymills	0:714293de3836	244
ashleymills	0:714293de3836	245	#ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
ashleymills	0:714293de3836	246	case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
ashleymills	0:714293de3836	247	ssl->specs.bulk_cipher_algorithm = rc4;
ashleymills	0:714293de3836	248	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	249	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	250	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	251	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	252	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	253	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	254	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	255	ssl->specs.key_size = RC4_KEY_SIZE;
ashleymills	0:714293de3836	256	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	257	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	258
ashleymills	0:714293de3836	259	break;
ashleymills	0:714293de3836	260	#endif
ashleymills	0:714293de3836	261
ashleymills	0:714293de3836	262	#ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
ashleymills	0:714293de3836	263	case TLS_ECDH_RSA_WITH_RC4_128_SHA :
ashleymills	0:714293de3836	264	ssl->specs.bulk_cipher_algorithm = rc4;
ashleymills	0:714293de3836	265	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	266	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	267	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	268	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	269	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	270	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	271	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	272	ssl->specs.key_size = RC4_KEY_SIZE;
ashleymills	0:714293de3836	273	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	274	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	275
ashleymills	0:714293de3836	276	break;
ashleymills	0:714293de3836	277	#endif
ashleymills	0:714293de3836	278
ashleymills	0:714293de3836	279	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
ashleymills	0:714293de3836	280	case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
ashleymills	0:714293de3836	281	ssl->specs.bulk_cipher_algorithm = triple_des;
ashleymills	0:714293de3836	282	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	283	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	284	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	285	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	286	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	287	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	288	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	289	ssl->specs.key_size = DES3_KEY_SIZE;
ashleymills	0:714293de3836	290	ssl->specs.block_size = DES_BLOCK_SIZE;
ashleymills	0:714293de3836	291	ssl->specs.iv_size = DES_IV_SIZE;
ashleymills	0:714293de3836	292
ashleymills	0:714293de3836	293	break;
ashleymills	0:714293de3836	294	#endif
ashleymills	0:714293de3836	295
ashleymills	0:714293de3836	296	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
ashleymills	0:714293de3836	297	case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
ashleymills	0:714293de3836	298	ssl->specs.bulk_cipher_algorithm = triple_des;
ashleymills	0:714293de3836	299	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	300	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	301	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	302	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	303	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	304	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	305	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	306	ssl->specs.key_size = DES3_KEY_SIZE;
ashleymills	0:714293de3836	307	ssl->specs.block_size = DES_BLOCK_SIZE;
ashleymills	0:714293de3836	308	ssl->specs.iv_size = DES_IV_SIZE;
ashleymills	0:714293de3836	309
ashleymills	0:714293de3836	310	break;
ashleymills	0:714293de3836	311	#endif
ashleymills	0:714293de3836	312
ashleymills	0:714293de3836	313	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
ashleymills	0:714293de3836	314	case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
ashleymills	0:714293de3836	315	ssl->specs.bulk_cipher_algorithm = rc4;
ashleymills	0:714293de3836	316	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	317	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	318	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	319	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	320	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	321	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	322	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	323	ssl->specs.key_size = RC4_KEY_SIZE;
ashleymills	0:714293de3836	324	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	325	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	326
ashleymills	0:714293de3836	327	break;
ashleymills	0:714293de3836	328	#endif
ashleymills	0:714293de3836	329
ashleymills	0:714293de3836	330	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
ashleymills	0:714293de3836	331	case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
ashleymills	0:714293de3836	332	ssl->specs.bulk_cipher_algorithm = rc4;
ashleymills	0:714293de3836	333	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	334	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	335	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	336	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	337	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	338	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	339	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	340	ssl->specs.key_size = RC4_KEY_SIZE;
ashleymills	0:714293de3836	341	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	342	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	343
ashleymills	0:714293de3836	344	break;
ashleymills	0:714293de3836	345	#endif
ashleymills	0:714293de3836	346
ashleymills	0:714293de3836	347	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
ashleymills	0:714293de3836	348	case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
ashleymills	0:714293de3836	349	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	350	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	351	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	352	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	353	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	354	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	355	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	356	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	357	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	358	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	359	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	360
ashleymills	0:714293de3836	361	break;
ashleymills	0:714293de3836	362	#endif
ashleymills	0:714293de3836	363
ashleymills	0:714293de3836	364	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
ashleymills	0:714293de3836	365	case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
ashleymills	0:714293de3836	366	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	367	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	368	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	369	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	370	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	371	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	372	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	373	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	374	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	375	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	376	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	377
ashleymills	0:714293de3836	378	break;
ashleymills	0:714293de3836	379	#endif
ashleymills	0:714293de3836	380
ashleymills	0:714293de3836	381	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
ashleymills	0:714293de3836	382	case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
ashleymills	0:714293de3836	383	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	384	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	385	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	386	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	387	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	388	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	389	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	390	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	391	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	392	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	393	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	394
ashleymills	0:714293de3836	395	break;
ashleymills	0:714293de3836	396	#endif
ashleymills	0:714293de3836	397
ashleymills	0:714293de3836	398	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
ashleymills	0:714293de3836	399	case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
ashleymills	0:714293de3836	400	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	401	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	402	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	403	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	404	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	405	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	406	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	407	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	408	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	409	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	410	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	411
ashleymills	0:714293de3836	412	break;
ashleymills	0:714293de3836	413	#endif
ashleymills	0:714293de3836	414
ashleymills	0:714293de3836	415	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
ashleymills	0:714293de3836	416	case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
ashleymills	0:714293de3836	417	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	418	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	419	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	420	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	421	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	422	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	423	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	424	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	425	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	426	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	427	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	428
ashleymills	0:714293de3836	429	break;
ashleymills	0:714293de3836	430	#endif
ashleymills	0:714293de3836	431
ashleymills	0:714293de3836	432	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
ashleymills	0:714293de3836	433	case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
ashleymills	0:714293de3836	434	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	435	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	436	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	437	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	438	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	439	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	440	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	441	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	442	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	443	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	444	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	445
ashleymills	0:714293de3836	446	break;
ashleymills	0:714293de3836	447	#endif
ashleymills	0:714293de3836	448
ashleymills	0:714293de3836	449	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ashleymills	0:714293de3836	450	case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
ashleymills	0:714293de3836	451	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	452	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	453	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	454	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	455	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	456	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	457	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	458	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	459	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	460	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	461	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	462	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	463
ashleymills	0:714293de3836	464	break;
ashleymills	0:714293de3836	465	#endif
ashleymills	0:714293de3836	466
ashleymills	0:714293de3836	467	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ashleymills	0:714293de3836	468	case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
ashleymills	0:714293de3836	469	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	470	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	471	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	472	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	473	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	474	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	475	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	476	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	477	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	478	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	479	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	480	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	481
ashleymills	0:714293de3836	482	break;
ashleymills	0:714293de3836	483	#endif
ashleymills	0:714293de3836	484
ashleymills	0:714293de3836	485	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
ashleymills	0:714293de3836	486	case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
ashleymills	0:714293de3836	487	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	488	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	489	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	490	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	491	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	492	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	493	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	494	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	495	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	496	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	497	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	498	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	499
ashleymills	0:714293de3836	500	break;
ashleymills	0:714293de3836	501	#endif
ashleymills	0:714293de3836	502
ashleymills	0:714293de3836	503	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
ashleymills	0:714293de3836	504	case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
ashleymills	0:714293de3836	505	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	506	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	507	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	508	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	509	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	510	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	511	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	512	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	513	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	514	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	515	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	516	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	517
ashleymills	0:714293de3836	518	break;
ashleymills	0:714293de3836	519	#endif
ashleymills	0:714293de3836	520
ashleymills	0:714293de3836	521	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
ashleymills	0:714293de3836	522	case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
ashleymills	0:714293de3836	523	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	524	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	525	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	526	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	527	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	528	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	529	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	530	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	531	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	532	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	533	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	534	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	535
ashleymills	0:714293de3836	536	break;
ashleymills	0:714293de3836	537	#endif
ashleymills	0:714293de3836	538
ashleymills	0:714293de3836	539	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
ashleymills	0:714293de3836	540	case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
ashleymills	0:714293de3836	541	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	542	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	543	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	544	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	545	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	546	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	547	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	548	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	549	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	550	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	551	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	552	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	553
ashleymills	0:714293de3836	554	break;
ashleymills	0:714293de3836	555	#endif
ashleymills	0:714293de3836	556
ashleymills	0:714293de3836	557	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
ashleymills	0:714293de3836	558	case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
ashleymills	0:714293de3836	559	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	560	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	561	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	562	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	563	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	564	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	565	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	566	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	567	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	568	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	569	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	570	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	571
ashleymills	0:714293de3836	572	break;
ashleymills	0:714293de3836	573	#endif
ashleymills	0:714293de3836	574
ashleymills	0:714293de3836	575	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
ashleymills	0:714293de3836	576	case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
ashleymills	0:714293de3836	577	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	578	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	579	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	580	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	581	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	582	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	583	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	584	ssl->specs.static_ecdh = 1;
ashleymills	0:714293de3836	585	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	586	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	587	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	588	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	589
ashleymills	0:714293de3836	590	break;
ashleymills	0:714293de3836	591	#endif
ashleymills	0:714293de3836	592
ashleymills	0:714293de3836	593	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
ashleymills	0:714293de3836	594	case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
ashleymills	0:714293de3836	595	ssl->specs.bulk_cipher_algorithm = aes_ccm;
ashleymills	0:714293de3836	596	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	597	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	598	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	599	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	600	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	601	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	602	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	603	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	604	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	605	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	606	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
ashleymills	0:714293de3836	607
ashleymills	0:714293de3836	608	break;
ashleymills	0:714293de3836	609	#endif
ashleymills	0:714293de3836	610
ashleymills	0:714293de3836	611	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
ashleymills	0:714293de3836	612	case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
ashleymills	0:714293de3836	613	ssl->specs.bulk_cipher_algorithm = aes_ccm;
ashleymills	0:714293de3836	614	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	615	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	616	ssl->specs.kea = ecc_diffie_hellman_kea;
ashleymills	0:714293de3836	617	ssl->specs.sig_algo = ecc_dsa_sa_algo;
ashleymills	0:714293de3836	618	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	619	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	620	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	621	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	622	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	623	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	624	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
ashleymills	0:714293de3836	625
ashleymills	0:714293de3836	626	break;
ashleymills	0:714293de3836	627	#endif
ashleymills	0:714293de3836	628	#endif /* HAVE_ECC */
ashleymills	0:714293de3836	629
ashleymills	0:714293de3836	630	#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
ashleymills	0:714293de3836	631	case TLS_RSA_WITH_AES_128_CCM_8 :
ashleymills	0:714293de3836	632	ssl->specs.bulk_cipher_algorithm = aes_ccm;
ashleymills	0:714293de3836	633	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	634	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	635	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	636	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	637	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	638	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	639	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	640	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	641	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	642	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	643	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
ashleymills	0:714293de3836	644
ashleymills	0:714293de3836	645	break;
ashleymills	0:714293de3836	646	#endif
ashleymills	0:714293de3836	647
ashleymills	0:714293de3836	648	#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8
ashleymills	0:714293de3836	649	case TLS_RSA_WITH_AES_256_CCM_8 :
ashleymills	0:714293de3836	650	ssl->specs.bulk_cipher_algorithm = aes_ccm;
ashleymills	0:714293de3836	651	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	652	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	653	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	654	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	655	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	656	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	657	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	658	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	659	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	660	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	661	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
ashleymills	0:714293de3836	662
ashleymills	0:714293de3836	663	break;
ashleymills	0:714293de3836	664	#endif
ashleymills	0:714293de3836	665
ashleymills	0:714293de3836	666	#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
ashleymills	0:714293de3836	667	case TLS_PSK_WITH_AES_128_CCM_8 :
ashleymills	0:714293de3836	668	ssl->specs.bulk_cipher_algorithm = aes_ccm;
ashleymills	0:714293de3836	669	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	670	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	671	ssl->specs.kea = psk_kea;
ashleymills	0:714293de3836	672	ssl->specs.sig_algo = anonymous_sa_algo;
ashleymills	0:714293de3836	673	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	674	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	675	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	676	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	677	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	678	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	679	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
ashleymills	0:714293de3836	680
ashleymills	0:714293de3836	681	ssl->options.usingPSK_cipher = 1;
ashleymills	0:714293de3836	682	break;
ashleymills	0:714293de3836	683	#endif
ashleymills	0:714293de3836	684
ashleymills	0:714293de3836	685	#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8
ashleymills	0:714293de3836	686	case TLS_PSK_WITH_AES_256_CCM_8 :
ashleymills	0:714293de3836	687	ssl->specs.bulk_cipher_algorithm = aes_ccm;
ashleymills	0:714293de3836	688	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	689	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	690	ssl->specs.kea = psk_kea;
ashleymills	0:714293de3836	691	ssl->specs.sig_algo = anonymous_sa_algo;
ashleymills	0:714293de3836	692	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	693	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	694	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	695	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	696	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	697	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	698	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
ashleymills	0:714293de3836	699
ashleymills	0:714293de3836	700	ssl->options.usingPSK_cipher = 1;
ashleymills	0:714293de3836	701	break;
ashleymills	0:714293de3836	702	#endif
ashleymills	0:714293de3836	703
ashleymills	0:714293de3836	704	default:
ashleymills	0:714293de3836	705	CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC");
ashleymills	0:714293de3836	706	return UNSUPPORTED_SUITE;
ashleymills	0:714293de3836	707	} /* switch */
ashleymills	0:714293de3836	708	} /* if */
ashleymills	0:714293de3836	709	if (ssl->options.cipherSuite0 != ECC_BYTE) { /* normal suites */
ashleymills	0:714293de3836	710	switch (ssl->options.cipherSuite) {
ashleymills	0:714293de3836	711
ashleymills	0:714293de3836	712	#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
ashleymills	0:714293de3836	713	case SSL_RSA_WITH_RC4_128_SHA :
ashleymills	0:714293de3836	714	ssl->specs.bulk_cipher_algorithm = rc4;
ashleymills	0:714293de3836	715	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	716	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	717	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	718	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	719	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	720	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	721	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	722	ssl->specs.key_size = RC4_KEY_SIZE;
ashleymills	0:714293de3836	723	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	724	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	725
ashleymills	0:714293de3836	726	break;
ashleymills	0:714293de3836	727	#endif
ashleymills	0:714293de3836	728
ashleymills	0:714293de3836	729	#ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
ashleymills	0:714293de3836	730	case TLS_NTRU_RSA_WITH_RC4_128_SHA :
ashleymills	0:714293de3836	731	ssl->specs.bulk_cipher_algorithm = rc4;
ashleymills	0:714293de3836	732	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	733	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	734	ssl->specs.kea = ntru_kea;
ashleymills	0:714293de3836	735	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	736	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	737	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	738	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	739	ssl->specs.key_size = RC4_KEY_SIZE;
ashleymills	0:714293de3836	740	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	741	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	742
ashleymills	0:714293de3836	743	break;
ashleymills	0:714293de3836	744	#endif
ashleymills	0:714293de3836	745
ashleymills	0:714293de3836	746	#ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
ashleymills	0:714293de3836	747	case SSL_RSA_WITH_RC4_128_MD5 :
ashleymills	0:714293de3836	748	ssl->specs.bulk_cipher_algorithm = rc4;
ashleymills	0:714293de3836	749	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	750	ssl->specs.mac_algorithm = md5_mac;
ashleymills	0:714293de3836	751	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	752	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	753	ssl->specs.hash_size = MD5_DIGEST_SIZE;
ashleymills	0:714293de3836	754	ssl->specs.pad_size = PAD_MD5;
ashleymills	0:714293de3836	755	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	756	ssl->specs.key_size = RC4_KEY_SIZE;
ashleymills	0:714293de3836	757	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	758	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	759
ashleymills	0:714293de3836	760	break;
ashleymills	0:714293de3836	761	#endif
ashleymills	0:714293de3836	762
ashleymills	0:714293de3836	763	#ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
ashleymills	0:714293de3836	764	case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
ashleymills	0:714293de3836	765	ssl->specs.bulk_cipher_algorithm = triple_des;
ashleymills	0:714293de3836	766	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	767	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	768	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	769	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	770	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	771	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	772	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	773	ssl->specs.key_size = DES3_KEY_SIZE;
ashleymills	0:714293de3836	774	ssl->specs.block_size = DES_BLOCK_SIZE;
ashleymills	0:714293de3836	775	ssl->specs.iv_size = DES_IV_SIZE;
ashleymills	0:714293de3836	776
ashleymills	0:714293de3836	777	break;
ashleymills	0:714293de3836	778	#endif
ashleymills	0:714293de3836	779
ashleymills	0:714293de3836	780	#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
ashleymills	0:714293de3836	781	case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
ashleymills	0:714293de3836	782	ssl->specs.bulk_cipher_algorithm = triple_des;
ashleymills	0:714293de3836	783	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	784	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	785	ssl->specs.kea = ntru_kea;
ashleymills	0:714293de3836	786	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	787	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	788	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	789	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	790	ssl->specs.key_size = DES3_KEY_SIZE;
ashleymills	0:714293de3836	791	ssl->specs.block_size = DES_BLOCK_SIZE;
ashleymills	0:714293de3836	792	ssl->specs.iv_size = DES_IV_SIZE;
ashleymills	0:714293de3836	793
ashleymills	0:714293de3836	794	break;
ashleymills	0:714293de3836	795	#endif
ashleymills	0:714293de3836	796
ashleymills	0:714293de3836	797	#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
ashleymills	0:714293de3836	798	case TLS_RSA_WITH_AES_128_CBC_SHA :
ashleymills	0:714293de3836	799	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	800	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	801	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	802	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	803	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	804	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	805	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	806	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	807	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	808	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	809	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	810
ashleymills	0:714293de3836	811	break;
ashleymills	0:714293de3836	812	#endif
ashleymills	0:714293de3836	813
ashleymills	0:714293de3836	814	#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
ashleymills	0:714293de3836	815	case TLS_RSA_WITH_AES_128_CBC_SHA256 :
ashleymills	0:714293de3836	816	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	817	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	818	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	819	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	820	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	821	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	822	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	823	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	824	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	825	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	826	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	827
ashleymills	0:714293de3836	828	break;
ashleymills	0:714293de3836	829	#endif
ashleymills	0:714293de3836	830
ashleymills	0:714293de3836	831	#ifdef BUILD_TLS_RSA_WITH_NULL_SHA
ashleymills	0:714293de3836	832	case TLS_RSA_WITH_NULL_SHA :
ashleymills	0:714293de3836	833	ssl->specs.bulk_cipher_algorithm = cipher_null;
ashleymills	0:714293de3836	834	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	835	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	836	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	837	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	838	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	839	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	840	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	841	ssl->specs.key_size = 0;
ashleymills	0:714293de3836	842	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	843	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	844
ashleymills	0:714293de3836	845	break;
ashleymills	0:714293de3836	846	#endif
ashleymills	0:714293de3836	847
ashleymills	0:714293de3836	848	#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
ashleymills	0:714293de3836	849	case TLS_RSA_WITH_NULL_SHA256 :
ashleymills	0:714293de3836	850	ssl->specs.bulk_cipher_algorithm = cipher_null;
ashleymills	0:714293de3836	851	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	852	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	853	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	854	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	855	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	856	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	857	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	858	ssl->specs.key_size = 0;
ashleymills	0:714293de3836	859	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	860	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	861
ashleymills	0:714293de3836	862	break;
ashleymills	0:714293de3836	863	#endif
ashleymills	0:714293de3836	864
ashleymills	0:714293de3836	865	#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
ashleymills	0:714293de3836	866	case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
ashleymills	0:714293de3836	867	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	868	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	869	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	870	ssl->specs.kea = ntru_kea;
ashleymills	0:714293de3836	871	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	872	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	873	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	874	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	875	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	876	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	877	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	878
ashleymills	0:714293de3836	879	break;
ashleymills	0:714293de3836	880	#endif
ashleymills	0:714293de3836	881
ashleymills	0:714293de3836	882	#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
ashleymills	0:714293de3836	883	case TLS_RSA_WITH_AES_256_CBC_SHA :
ashleymills	0:714293de3836	884	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	885	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	886	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	887	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	888	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	889	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	890	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	891	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	892	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	893	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	894	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	895
ashleymills	0:714293de3836	896	break;
ashleymills	0:714293de3836	897	#endif
ashleymills	0:714293de3836	898
ashleymills	0:714293de3836	899	#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
ashleymills	0:714293de3836	900	case TLS_RSA_WITH_AES_256_CBC_SHA256 :
ashleymills	0:714293de3836	901	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	902	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	903	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	904	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	905	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	906	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	907	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	908	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	909	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	910	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	911	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	912
ashleymills	0:714293de3836	913	break;
ashleymills	0:714293de3836	914	#endif
ashleymills	0:714293de3836	915
ashleymills	0:714293de3836	916	#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
ashleymills	0:714293de3836	917	case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
ashleymills	0:714293de3836	918	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	919	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	920	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	921	ssl->specs.kea = ntru_kea;
ashleymills	0:714293de3836	922	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	923	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	924	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	925	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	926	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	927	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	928	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	929
ashleymills	0:714293de3836	930	break;
ashleymills	0:714293de3836	931	#endif
ashleymills	0:714293de3836	932
ashleymills	0:714293de3836	933	#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
ashleymills	0:714293de3836	934	case TLS_PSK_WITH_AES_128_CBC_SHA256 :
ashleymills	0:714293de3836	935	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	936	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	937	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	938	ssl->specs.kea = psk_kea;
ashleymills	0:714293de3836	939	ssl->specs.sig_algo = anonymous_sa_algo;
ashleymills	0:714293de3836	940	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	941	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	942	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	943	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	944	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	945	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	946
ashleymills	0:714293de3836	947	ssl->options.usingPSK_cipher = 1;
ashleymills	0:714293de3836	948	break;
ashleymills	0:714293de3836	949	#endif
ashleymills	0:714293de3836	950
ashleymills	0:714293de3836	951	#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
ashleymills	0:714293de3836	952	case TLS_PSK_WITH_AES_128_CBC_SHA :
ashleymills	0:714293de3836	953	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	954	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	955	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	956	ssl->specs.kea = psk_kea;
ashleymills	0:714293de3836	957	ssl->specs.sig_algo = anonymous_sa_algo;
ashleymills	0:714293de3836	958	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	959	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	960	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	961	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	962	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	963	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	964
ashleymills	0:714293de3836	965	ssl->options.usingPSK_cipher = 1;
ashleymills	0:714293de3836	966	break;
ashleymills	0:714293de3836	967	#endif
ashleymills	0:714293de3836	968
ashleymills	0:714293de3836	969	#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
ashleymills	0:714293de3836	970	case TLS_PSK_WITH_AES_256_CBC_SHA :
ashleymills	0:714293de3836	971	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	972	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	973	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	974	ssl->specs.kea = psk_kea;
ashleymills	0:714293de3836	975	ssl->specs.sig_algo = anonymous_sa_algo;
ashleymills	0:714293de3836	976	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	977	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	978	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	979	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	980	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	981	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	982
ashleymills	0:714293de3836	983	ssl->options.usingPSK_cipher = 1;
ashleymills	0:714293de3836	984	break;
ashleymills	0:714293de3836	985	#endif
ashleymills	0:714293de3836	986
ashleymills	0:714293de3836	987	#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
ashleymills	0:714293de3836	988	case TLS_PSK_WITH_NULL_SHA256 :
ashleymills	0:714293de3836	989	ssl->specs.bulk_cipher_algorithm = cipher_null;
ashleymills	0:714293de3836	990	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	991	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	992	ssl->specs.kea = psk_kea;
ashleymills	0:714293de3836	993	ssl->specs.sig_algo = anonymous_sa_algo;
ashleymills	0:714293de3836	994	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	995	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	996	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	997	ssl->specs.key_size = 0;
ashleymills	0:714293de3836	998	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	999	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	1000
ashleymills	0:714293de3836	1001	ssl->options.usingPSK_cipher = 1;
ashleymills	0:714293de3836	1002	break;
ashleymills	0:714293de3836	1003	#endif
ashleymills	0:714293de3836	1004
ashleymills	0:714293de3836	1005	#ifdef BUILD_TLS_PSK_WITH_NULL_SHA
ashleymills	0:714293de3836	1006	case TLS_PSK_WITH_NULL_SHA :
ashleymills	0:714293de3836	1007	ssl->specs.bulk_cipher_algorithm = cipher_null;
ashleymills	0:714293de3836	1008	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	1009	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	1010	ssl->specs.kea = psk_kea;
ashleymills	0:714293de3836	1011	ssl->specs.sig_algo = anonymous_sa_algo;
ashleymills	0:714293de3836	1012	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1013	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1014	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1015	ssl->specs.key_size = 0;
ashleymills	0:714293de3836	1016	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	1017	ssl->specs.iv_size = 0;
ashleymills	0:714293de3836	1018
ashleymills	0:714293de3836	1019	ssl->options.usingPSK_cipher = 1;
ashleymills	0:714293de3836	1020	break;
ashleymills	0:714293de3836	1021	#endif
ashleymills	0:714293de3836	1022
ashleymills	0:714293de3836	1023	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
ashleymills	0:714293de3836	1024	case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
ashleymills	0:714293de3836	1025	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	1026	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1027	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	1028	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1029	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1030	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	1031	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1032	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1033	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	1034	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	1035	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	1036
ashleymills	0:714293de3836	1037	break;
ashleymills	0:714293de3836	1038	#endif
ashleymills	0:714293de3836	1039
ashleymills	0:714293de3836	1040	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
ashleymills	0:714293de3836	1041	case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
ashleymills	0:714293de3836	1042	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	1043	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1044	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	1045	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1046	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1047	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	1048	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1049	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1050	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	1051	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	1052	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	1053
ashleymills	0:714293de3836	1054	break;
ashleymills	0:714293de3836	1055	#endif
ashleymills	0:714293de3836	1056
ashleymills	0:714293de3836	1057	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
ashleymills	0:714293de3836	1058	case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
ashleymills	0:714293de3836	1059	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	1060	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1061	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	1062	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1063	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1064	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1065	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1066	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1067	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	1068	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	1069	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	1070
ashleymills	0:714293de3836	1071	break;
ashleymills	0:714293de3836	1072	#endif
ashleymills	0:714293de3836	1073
ashleymills	0:714293de3836	1074	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
ashleymills	0:714293de3836	1075	case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
ashleymills	0:714293de3836	1076	ssl->specs.bulk_cipher_algorithm = aes;
ashleymills	0:714293de3836	1077	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1078	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	1079	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1080	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1081	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1082	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1083	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1084	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	1085	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	1086	ssl->specs.iv_size = AES_IV_SIZE;
ashleymills	0:714293de3836	1087
ashleymills	0:714293de3836	1088	break;
ashleymills	0:714293de3836	1089	#endif
ashleymills	0:714293de3836	1090
ashleymills	0:714293de3836	1091	#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_MD5
ashleymills	0:714293de3836	1092	case TLS_RSA_WITH_HC_128_CBC_MD5 :
ashleymills	0:714293de3836	1093	ssl->specs.bulk_cipher_algorithm = hc128;
ashleymills	0:714293de3836	1094	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	1095	ssl->specs.mac_algorithm = md5_mac;
ashleymills	0:714293de3836	1096	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	1097	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1098	ssl->specs.hash_size = MD5_DIGEST_SIZE;
ashleymills	0:714293de3836	1099	ssl->specs.pad_size = PAD_MD5;
ashleymills	0:714293de3836	1100	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1101	ssl->specs.key_size = HC_128_KEY_SIZE;
ashleymills	0:714293de3836	1102	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	1103	ssl->specs.iv_size = HC_128_IV_SIZE;
ashleymills	0:714293de3836	1104
ashleymills	0:714293de3836	1105	break;
ashleymills	0:714293de3836	1106	#endif
ashleymills	0:714293de3836	1107
ashleymills	0:714293de3836	1108	#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_SHA
ashleymills	0:714293de3836	1109	case TLS_RSA_WITH_HC_128_CBC_SHA :
ashleymills	0:714293de3836	1110	ssl->specs.bulk_cipher_algorithm = hc128;
ashleymills	0:714293de3836	1111	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	1112	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	1113	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	1114	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1115	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1116	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1117	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1118	ssl->specs.key_size = HC_128_KEY_SIZE;
ashleymills	0:714293de3836	1119	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	1120	ssl->specs.iv_size = HC_128_IV_SIZE;
ashleymills	0:714293de3836	1121
ashleymills	0:714293de3836	1122	break;
ashleymills	0:714293de3836	1123	#endif
ashleymills	0:714293de3836	1124
ashleymills	0:714293de3836	1125	#ifdef BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA
ashleymills	0:714293de3836	1126	case TLS_RSA_WITH_RABBIT_CBC_SHA :
ashleymills	0:714293de3836	1127	ssl->specs.bulk_cipher_algorithm = rabbit;
ashleymills	0:714293de3836	1128	ssl->specs.cipher_type = stream;
ashleymills	0:714293de3836	1129	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	1130	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	1131	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1132	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1133	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1134	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1135	ssl->specs.key_size = RABBIT_KEY_SIZE;
ashleymills	0:714293de3836	1136	ssl->specs.block_size = 0;
ashleymills	0:714293de3836	1137	ssl->specs.iv_size = RABBIT_IV_SIZE;
ashleymills	0:714293de3836	1138
ashleymills	0:714293de3836	1139	break;
ashleymills	0:714293de3836	1140	#endif
ashleymills	0:714293de3836	1141
ashleymills	0:714293de3836	1142	#ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
ashleymills	0:714293de3836	1143	case TLS_RSA_WITH_AES_128_GCM_SHA256 :
ashleymills	0:714293de3836	1144	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	1145	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	1146	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	1147	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	1148	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1149	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	1150	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1151	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1152	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	1153	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	1154	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	1155	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	1156
ashleymills	0:714293de3836	1157	break;
ashleymills	0:714293de3836	1158	#endif
ashleymills	0:714293de3836	1159
ashleymills	0:714293de3836	1160	#ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
ashleymills	0:714293de3836	1161	case TLS_RSA_WITH_AES_256_GCM_SHA384 :
ashleymills	0:714293de3836	1162	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	1163	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	1164	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	1165	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	1166	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1167	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	1168	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1169	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1170	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	1171	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	1172	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	1173	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	1174
ashleymills	0:714293de3836	1175	break;
ashleymills	0:714293de3836	1176	#endif
ashleymills	0:714293de3836	1177
ashleymills	0:714293de3836	1178	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
ashleymills	0:714293de3836	1179	case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
ashleymills	0:714293de3836	1180	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	1181	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	1182	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	1183	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1184	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1185	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	1186	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1187	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1188	ssl->specs.key_size = AES_128_KEY_SIZE;
ashleymills	0:714293de3836	1189	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	1190	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	1191	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	1192
ashleymills	0:714293de3836	1193	break;
ashleymills	0:714293de3836	1194	#endif
ashleymills	0:714293de3836	1195
ashleymills	0:714293de3836	1196	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
ashleymills	0:714293de3836	1197	case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
ashleymills	0:714293de3836	1198	ssl->specs.bulk_cipher_algorithm = aes_gcm;
ashleymills	0:714293de3836	1199	ssl->specs.cipher_type = aead;
ashleymills	0:714293de3836	1200	ssl->specs.mac_algorithm = sha384_mac;
ashleymills	0:714293de3836	1201	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1202	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1203	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	1204	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1205	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1206	ssl->specs.key_size = AES_256_KEY_SIZE;
ashleymills	0:714293de3836	1207	ssl->specs.block_size = AES_BLOCK_SIZE;
ashleymills	0:714293de3836	1208	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ashleymills	0:714293de3836	1209	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ashleymills	0:714293de3836	1210
ashleymills	0:714293de3836	1211	break;
ashleymills	0:714293de3836	1212	#endif
ashleymills	0:714293de3836	1213
ashleymills	0:714293de3836	1214	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
ashleymills	0:714293de3836	1215	case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
ashleymills	0:714293de3836	1216	ssl->specs.bulk_cipher_algorithm = camellia;
ashleymills	0:714293de3836	1217	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1218	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	1219	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	1220	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1221	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1222	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1223	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1224	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
ashleymills	0:714293de3836	1225	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ashleymills	0:714293de3836	1226	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
ashleymills	0:714293de3836	1227
ashleymills	0:714293de3836	1228	break;
ashleymills	0:714293de3836	1229	#endif
ashleymills	0:714293de3836	1230
ashleymills	0:714293de3836	1231	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
ashleymills	0:714293de3836	1232	case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
ashleymills	0:714293de3836	1233	ssl->specs.bulk_cipher_algorithm = camellia;
ashleymills	0:714293de3836	1234	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1235	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	1236	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	1237	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1238	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1239	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1240	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1241	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
ashleymills	0:714293de3836	1242	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ashleymills	0:714293de3836	1243	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
ashleymills	0:714293de3836	1244
ashleymills	0:714293de3836	1245	break;
ashleymills	0:714293de3836	1246	#endif
ashleymills	0:714293de3836	1247
ashleymills	0:714293de3836	1248	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
ashleymills	0:714293de3836	1249	case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
ashleymills	0:714293de3836	1250	ssl->specs.bulk_cipher_algorithm = camellia;
ashleymills	0:714293de3836	1251	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1252	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	1253	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	1254	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1255	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	1256	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1257	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1258	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
ashleymills	0:714293de3836	1259	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ashleymills	0:714293de3836	1260	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
ashleymills	0:714293de3836	1261
ashleymills	0:714293de3836	1262	break;
ashleymills	0:714293de3836	1263	#endif
ashleymills	0:714293de3836	1264
ashleymills	0:714293de3836	1265	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
ashleymills	0:714293de3836	1266	case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
ashleymills	0:714293de3836	1267	ssl->specs.bulk_cipher_algorithm = camellia;
ashleymills	0:714293de3836	1268	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1269	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	1270	ssl->specs.kea = rsa_kea;
ashleymills	0:714293de3836	1271	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1272	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	1273	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1274	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1275	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
ashleymills	0:714293de3836	1276	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ashleymills	0:714293de3836	1277	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
ashleymills	0:714293de3836	1278
ashleymills	0:714293de3836	1279	break;
ashleymills	0:714293de3836	1280	#endif
ashleymills	0:714293de3836	1281
ashleymills	0:714293de3836	1282	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
ashleymills	0:714293de3836	1283	case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
ashleymills	0:714293de3836	1284	ssl->specs.bulk_cipher_algorithm = camellia;
ashleymills	0:714293de3836	1285	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1286	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	1287	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1288	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1289	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1290	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1291	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1292	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
ashleymills	0:714293de3836	1293	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ashleymills	0:714293de3836	1294	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
ashleymills	0:714293de3836	1295
ashleymills	0:714293de3836	1296	break;
ashleymills	0:714293de3836	1297	#endif
ashleymills	0:714293de3836	1298
ashleymills	0:714293de3836	1299	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
ashleymills	0:714293de3836	1300	case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
ashleymills	0:714293de3836	1301	ssl->specs.bulk_cipher_algorithm = camellia;
ashleymills	0:714293de3836	1302	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1303	ssl->specs.mac_algorithm = sha_mac;
ashleymills	0:714293de3836	1304	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1305	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1306	ssl->specs.hash_size = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1307	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1308	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1309	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
ashleymills	0:714293de3836	1310	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ashleymills	0:714293de3836	1311	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
ashleymills	0:714293de3836	1312
ashleymills	0:714293de3836	1313	break;
ashleymills	0:714293de3836	1314	#endif
ashleymills	0:714293de3836	1315
ashleymills	0:714293de3836	1316	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
ashleymills	0:714293de3836	1317	case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
ashleymills	0:714293de3836	1318	ssl->specs.bulk_cipher_algorithm = camellia;
ashleymills	0:714293de3836	1319	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1320	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	1321	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1322	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1323	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	1324	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1325	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1326	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
ashleymills	0:714293de3836	1327	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ashleymills	0:714293de3836	1328	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
ashleymills	0:714293de3836	1329
ashleymills	0:714293de3836	1330	break;
ashleymills	0:714293de3836	1331	#endif
ashleymills	0:714293de3836	1332
ashleymills	0:714293de3836	1333	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
ashleymills	0:714293de3836	1334	case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
ashleymills	0:714293de3836	1335	ssl->specs.bulk_cipher_algorithm = camellia;
ashleymills	0:714293de3836	1336	ssl->specs.cipher_type = block;
ashleymills	0:714293de3836	1337	ssl->specs.mac_algorithm = sha256_mac;
ashleymills	0:714293de3836	1338	ssl->specs.kea = diffie_hellman_kea;
ashleymills	0:714293de3836	1339	ssl->specs.sig_algo = rsa_sa_algo;
ashleymills	0:714293de3836	1340	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	1341	ssl->specs.pad_size = PAD_SHA;
ashleymills	0:714293de3836	1342	ssl->specs.static_ecdh = 0;
ashleymills	0:714293de3836	1343	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
ashleymills	0:714293de3836	1344	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ashleymills	0:714293de3836	1345	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
ashleymills	0:714293de3836	1346
ashleymills	0:714293de3836	1347	break;
ashleymills	0:714293de3836	1348	#endif
ashleymills	0:714293de3836	1349
ashleymills	0:714293de3836	1350	default:
ashleymills	0:714293de3836	1351	CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs");
ashleymills	0:714293de3836	1352	return UNSUPPORTED_SUITE;
ashleymills	0:714293de3836	1353	} /* switch */
ashleymills	0:714293de3836	1354	} /* if ECC / Normal suites else */
ashleymills	0:714293de3836	1355
ashleymills	0:714293de3836	1356	/* set TLS if it hasn't been turned off */
ashleymills	0:714293de3836	1357	if (ssl->version.major == 3 && ssl->version.minor >= 1) {
ashleymills	0:714293de3836	1358	#ifndef NO_TLS
ashleymills	0:714293de3836	1359	ssl->options.tls = 1;
ashleymills	0:714293de3836	1360	ssl->hmac = TLS_hmac;
ashleymills	0:714293de3836	1361	if (ssl->version.minor >= 2)
ashleymills	0:714293de3836	1362	ssl->options.tls1_1 = 1;
ashleymills	0:714293de3836	1363	#endif
ashleymills	0:714293de3836	1364	}
ashleymills	0:714293de3836	1365
ashleymills	0:714293de3836	1366	#ifdef CYASSL_DTLS
ashleymills	0:714293de3836	1367	if (ssl->options.dtls)
ashleymills	0:714293de3836	1368	ssl->hmac = TLS_hmac;
ashleymills	0:714293de3836	1369	#endif
ashleymills	0:714293de3836	1370
ashleymills	0:714293de3836	1371	return 0;
ashleymills	0:714293de3836	1372	}
ashleymills	0:714293de3836	1373
ashleymills	0:714293de3836	1374
ashleymills	0:714293de3836	1375	enum KeyStuff {
ashleymills	0:714293de3836	1376	MASTER_ROUNDS = 3,
ashleymills	0:714293de3836	1377	PREFIX = 3, /* up to three letters for master prefix */
ashleymills	0:714293de3836	1378	KEY_PREFIX = 7 /* up to 7 prefix letters for key rounds */
ashleymills	0:714293de3836	1379
ashleymills	0:714293de3836	1380
ashleymills	0:714293de3836	1381	};
ashleymills	0:714293de3836	1382
ashleymills	0:714293de3836	1383	#ifndef NO_OLD_TLS
ashleymills	0:714293de3836	1384	/* true or false, zero for error */
ashleymills	0:714293de3836	1385	static int SetPrefix(byte* sha_input, int idx)
ashleymills	0:714293de3836	1386	{
ashleymills	0:714293de3836	1387	switch (idx) {
ashleymills	0:714293de3836	1388	case 0:
ashleymills	0:714293de3836	1389	XMEMCPY(sha_input, "A", 1);
ashleymills	0:714293de3836	1390	break;
ashleymills	0:714293de3836	1391	case 1:
ashleymills	0:714293de3836	1392	XMEMCPY(sha_input, "BB", 2);
ashleymills	0:714293de3836	1393	break;
ashleymills	0:714293de3836	1394	case 2:
ashleymills	0:714293de3836	1395	XMEMCPY(sha_input, "CCC", 3);
ashleymills	0:714293de3836	1396	break;
ashleymills	0:714293de3836	1397	case 3:
ashleymills	0:714293de3836	1398	XMEMCPY(sha_input, "DDDD", 4);
ashleymills	0:714293de3836	1399	break;
ashleymills	0:714293de3836	1400	case 4:
ashleymills	0:714293de3836	1401	XMEMCPY(sha_input, "EEEEE", 5);
ashleymills	0:714293de3836	1402	break;
ashleymills	0:714293de3836	1403	case 5:
ashleymills	0:714293de3836	1404	XMEMCPY(sha_input, "FFFFFF", 6);
ashleymills	0:714293de3836	1405	break;
ashleymills	0:714293de3836	1406	case 6:
ashleymills	0:714293de3836	1407	XMEMCPY(sha_input, "GGGGGGG", 7);
ashleymills	0:714293de3836	1408	break;
ashleymills	0:714293de3836	1409	default:
ashleymills	0:714293de3836	1410	CYASSL_MSG("Set Prefix error, bad input");
ashleymills	0:714293de3836	1411	return 0;
ashleymills	0:714293de3836	1412	}
ashleymills	0:714293de3836	1413	return 1;
ashleymills	0:714293de3836	1414	}
ashleymills	0:714293de3836	1415	#endif
ashleymills	0:714293de3836	1416
ashleymills	0:714293de3836	1417
ashleymills	0:714293de3836	1418	static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
ashleymills	0:714293de3836	1419	byte side, void* heap, int devId)
ashleymills	0:714293de3836	1420	{
ashleymills	0:714293de3836	1421	#ifdef BUILD_ARC4
ashleymills	0:714293de3836	1422	word32 sz = specs->key_size;
ashleymills	0:714293de3836	1423	if (specs->bulk_cipher_algorithm == rc4) {
ashleymills	0:714293de3836	1424	if (enc->arc4 == NULL)
ashleymills	0:714293de3836	1425	enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1426	if (enc->arc4 == NULL)
ashleymills	0:714293de3836	1427	return MEMORY_E;
ashleymills	0:714293de3836	1428	if (dec->arc4 == NULL)
ashleymills	0:714293de3836	1429	dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1430	if (dec->arc4 == NULL)
ashleymills	0:714293de3836	1431	return MEMORY_E;
ashleymills	0:714293de3836	1432	#ifdef HAVE_CAVIUM
ashleymills	0:714293de3836	1433	if (devId != NO_CAVIUM_DEVICE) {
ashleymills	0:714293de3836	1434	if (Arc4InitCavium(enc->arc4, devId) != 0) {
ashleymills	0:714293de3836	1435	CYASSL_MSG("Arc4InitCavium failed in SetKeys");
ashleymills	0:714293de3836	1436	return CAVIUM_INIT_E;
ashleymills	0:714293de3836	1437	}
ashleymills	0:714293de3836	1438	if (Arc4InitCavium(dec->arc4, devId) != 0) {
ashleymills	0:714293de3836	1439	CYASSL_MSG("Arc4InitCavium failed in SetKeys");
ashleymills	0:714293de3836	1440	return CAVIUM_INIT_E;
ashleymills	0:714293de3836	1441	}
ashleymills	0:714293de3836	1442	}
ashleymills	0:714293de3836	1443	#endif
ashleymills	0:714293de3836	1444	if (side == CLIENT_END) {
ashleymills	0:714293de3836	1445	Arc4SetKey(enc->arc4, keys->client_write_key, sz);
ashleymills	0:714293de3836	1446	Arc4SetKey(dec->arc4, keys->server_write_key, sz);
ashleymills	0:714293de3836	1447	}
ashleymills	0:714293de3836	1448	else {
ashleymills	0:714293de3836	1449	Arc4SetKey(enc->arc4, keys->server_write_key, sz);
ashleymills	0:714293de3836	1450	Arc4SetKey(dec->arc4, keys->client_write_key, sz);
ashleymills	0:714293de3836	1451	}
ashleymills	0:714293de3836	1452	enc->setup = 1;
ashleymills	0:714293de3836	1453	dec->setup = 1;
ashleymills	0:714293de3836	1454	}
ashleymills	0:714293de3836	1455	#endif
ashleymills	0:714293de3836	1456
ashleymills	0:714293de3836	1457	#ifdef HAVE_HC128
ashleymills	0:714293de3836	1458	if (specs->bulk_cipher_algorithm == hc128) {
ashleymills	0:714293de3836	1459	int hcRet;
ashleymills	0:714293de3836	1460	if (enc->hc128 == NULL)
ashleymills	0:714293de3836	1461	enc->hc128 =
ashleymills	0:714293de3836	1462	(HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1463	if (enc->hc128 == NULL)
ashleymills	0:714293de3836	1464	return MEMORY_E;
ashleymills	0:714293de3836	1465	if (dec->hc128 == NULL)
ashleymills	0:714293de3836	1466	dec->hc128 =
ashleymills	0:714293de3836	1467	(HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1468	if (dec->hc128 == NULL)
ashleymills	0:714293de3836	1469	return MEMORY_E;
ashleymills	0:714293de3836	1470	if (side == CLIENT_END) {
ashleymills	0:714293de3836	1471	hcRet = Hc128_SetKey(enc->hc128, keys->client_write_key,
ashleymills	0:714293de3836	1472	keys->client_write_IV);
ashleymills	0:714293de3836	1473	if (hcRet != 0) return hcRet;
ashleymills	0:714293de3836	1474	hcRet = Hc128_SetKey(dec->hc128, keys->server_write_key,
ashleymills	0:714293de3836	1475	keys->server_write_IV);
ashleymills	0:714293de3836	1476	if (hcRet != 0) return hcRet;
ashleymills	0:714293de3836	1477	}
ashleymills	0:714293de3836	1478	else {
ashleymills	0:714293de3836	1479	hcRet = Hc128_SetKey(enc->hc128, keys->server_write_key,
ashleymills	0:714293de3836	1480	keys->server_write_IV);
ashleymills	0:714293de3836	1481	if (hcRet != 0) return hcRet;
ashleymills	0:714293de3836	1482	hcRet = Hc128_SetKey(dec->hc128, keys->client_write_key,
ashleymills	0:714293de3836	1483	keys->client_write_IV);
ashleymills	0:714293de3836	1484	if (hcRet != 0) return hcRet;
ashleymills	0:714293de3836	1485	}
ashleymills	0:714293de3836	1486	enc->setup = 1;
ashleymills	0:714293de3836	1487	dec->setup = 1;
ashleymills	0:714293de3836	1488	}
ashleymills	0:714293de3836	1489	#endif
ashleymills	0:714293de3836	1490
ashleymills	0:714293de3836	1491	#ifdef BUILD_RABBIT
ashleymills	0:714293de3836	1492	if (specs->bulk_cipher_algorithm == rabbit) {
ashleymills	0:714293de3836	1493	int rabRet;
ashleymills	0:714293de3836	1494	if (enc->rabbit == NULL)
ashleymills	0:714293de3836	1495	enc->rabbit =
ashleymills	0:714293de3836	1496	(Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1497	if (enc->rabbit == NULL)
ashleymills	0:714293de3836	1498	return MEMORY_E;
ashleymills	0:714293de3836	1499	if (dec->rabbit == NULL)
ashleymills	0:714293de3836	1500	dec->rabbit =
ashleymills	0:714293de3836	1501	(Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1502	if (dec->rabbit == NULL)
ashleymills	0:714293de3836	1503	return MEMORY_E;
ashleymills	0:714293de3836	1504	if (side == CLIENT_END) {
ashleymills	0:714293de3836	1505	rabRet = RabbitSetKey(enc->rabbit, keys->client_write_key,
ashleymills	0:714293de3836	1506	keys->client_write_IV);
ashleymills	0:714293de3836	1507	if (rabRet != 0) return rabRet;
ashleymills	0:714293de3836	1508	rabRet = RabbitSetKey(dec->rabbit, keys->server_write_key,
ashleymills	0:714293de3836	1509	keys->server_write_IV);
ashleymills	0:714293de3836	1510	if (rabRet != 0) return rabRet;
ashleymills	0:714293de3836	1511	}
ashleymills	0:714293de3836	1512	else {
ashleymills	0:714293de3836	1513	rabRet = RabbitSetKey(enc->rabbit, keys->server_write_key,
ashleymills	0:714293de3836	1514	keys->server_write_IV);
ashleymills	0:714293de3836	1515	if (rabRet != 0) return rabRet;
ashleymills	0:714293de3836	1516	rabRet = RabbitSetKey(dec->rabbit, keys->client_write_key,
ashleymills	0:714293de3836	1517	keys->client_write_IV);
ashleymills	0:714293de3836	1518	if (rabRet != 0) return rabRet;
ashleymills	0:714293de3836	1519	}
ashleymills	0:714293de3836	1520	enc->setup = 1;
ashleymills	0:714293de3836	1521	dec->setup = 1;
ashleymills	0:714293de3836	1522	}
ashleymills	0:714293de3836	1523	#endif
ashleymills	0:714293de3836	1524
ashleymills	0:714293de3836	1525	#ifdef BUILD_DES3
ashleymills	0:714293de3836	1526	if (specs->bulk_cipher_algorithm == triple_des) {
ashleymills	0:714293de3836	1527	if (enc->des3 == NULL)
ashleymills	0:714293de3836	1528	enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1529	if (enc->des3 == NULL)
ashleymills	0:714293de3836	1530	return MEMORY_E;
ashleymills	0:714293de3836	1531	if (dec->des3 == NULL)
ashleymills	0:714293de3836	1532	dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1533	if (dec->des3 == NULL)
ashleymills	0:714293de3836	1534	return MEMORY_E;
ashleymills	0:714293de3836	1535	#ifdef HAVE_CAVIUM
ashleymills	0:714293de3836	1536	if (devId != NO_CAVIUM_DEVICE) {
ashleymills	0:714293de3836	1537	if (Des3_InitCavium(enc->des3, devId) != 0) {
ashleymills	0:714293de3836	1538	CYASSL_MSG("Des3_InitCavium failed in SetKeys");
ashleymills	0:714293de3836	1539	return CAVIUM_INIT_E;
ashleymills	0:714293de3836	1540	}
ashleymills	0:714293de3836	1541	if (Des3_InitCavium(dec->des3, devId) != 0) {
ashleymills	0:714293de3836	1542	CYASSL_MSG("Des3_InitCavium failed in SetKeys");
ashleymills	0:714293de3836	1543	return CAVIUM_INIT_E;
ashleymills	0:714293de3836	1544	}
ashleymills	0:714293de3836	1545	}
ashleymills	0:714293de3836	1546	#endif
ashleymills	0:714293de3836	1547	if (side == CLIENT_END) {
ashleymills	0:714293de3836	1548	Des3_SetKey(enc->des3, keys->client_write_key,
ashleymills	0:714293de3836	1549	keys->client_write_IV, DES_ENCRYPTION);
ashleymills	0:714293de3836	1550	Des3_SetKey(dec->des3, keys->server_write_key,
ashleymills	0:714293de3836	1551	keys->server_write_IV, DES_DECRYPTION);
ashleymills	0:714293de3836	1552	}
ashleymills	0:714293de3836	1553	else {
ashleymills	0:714293de3836	1554	Des3_SetKey(enc->des3, keys->server_write_key,
ashleymills	0:714293de3836	1555	keys->server_write_IV, DES_ENCRYPTION);
ashleymills	0:714293de3836	1556	Des3_SetKey(dec->des3, keys->client_write_key,
ashleymills	0:714293de3836	1557	keys->client_write_IV, DES_DECRYPTION);
ashleymills	0:714293de3836	1558	}
ashleymills	0:714293de3836	1559	enc->setup = 1;
ashleymills	0:714293de3836	1560	dec->setup = 1;
ashleymills	0:714293de3836	1561	}
ashleymills	0:714293de3836	1562	#endif
ashleymills	0:714293de3836	1563
ashleymills	0:714293de3836	1564	#ifdef BUILD_AES
ashleymills	0:714293de3836	1565	if (specs->bulk_cipher_algorithm == aes) {
ashleymills	0:714293de3836	1566	if (enc->aes == NULL)
ashleymills	0:714293de3836	1567	enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1568	if (enc->aes == NULL)
ashleymills	0:714293de3836	1569	return MEMORY_E;
ashleymills	0:714293de3836	1570	if (dec->aes == NULL)
ashleymills	0:714293de3836	1571	dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1572	if (dec->aes == NULL)
ashleymills	0:714293de3836	1573	return MEMORY_E;
ashleymills	0:714293de3836	1574	#ifdef HAVE_CAVIUM
ashleymills	0:714293de3836	1575	if (devId != NO_CAVIUM_DEVICE) {
ashleymills	0:714293de3836	1576	if (AesInitCavium(enc->aes, devId) != 0) {
ashleymills	0:714293de3836	1577	CYASSL_MSG("AesInitCavium failed in SetKeys");
ashleymills	0:714293de3836	1578	return CAVIUM_INIT_E;
ashleymills	0:714293de3836	1579	}
ashleymills	0:714293de3836	1580	if (AesInitCavium(dec->aes, devId) != 0) {
ashleymills	0:714293de3836	1581	CYASSL_MSG("AesInitCavium failed in SetKeys");
ashleymills	0:714293de3836	1582	return CAVIUM_INIT_E;
ashleymills	0:714293de3836	1583	}
ashleymills	0:714293de3836	1584	}
ashleymills	0:714293de3836	1585	#endif
ashleymills	0:714293de3836	1586	if (side == CLIENT_END) {
ashleymills	0:714293de3836	1587	AesSetKey(enc->aes, keys->client_write_key,
ashleymills	0:714293de3836	1588	specs->key_size, keys->client_write_IV,
ashleymills	0:714293de3836	1589	AES_ENCRYPTION);
ashleymills	0:714293de3836	1590	AesSetKey(dec->aes, keys->server_write_key,
ashleymills	0:714293de3836	1591	specs->key_size, keys->server_write_IV,
ashleymills	0:714293de3836	1592	AES_DECRYPTION);
ashleymills	0:714293de3836	1593	}
ashleymills	0:714293de3836	1594	else {
ashleymills	0:714293de3836	1595	AesSetKey(enc->aes, keys->server_write_key,
ashleymills	0:714293de3836	1596	specs->key_size, keys->server_write_IV,
ashleymills	0:714293de3836	1597	AES_ENCRYPTION);
ashleymills	0:714293de3836	1598	AesSetKey(dec->aes, keys->client_write_key,
ashleymills	0:714293de3836	1599	specs->key_size, keys->client_write_IV,
ashleymills	0:714293de3836	1600	AES_DECRYPTION);
ashleymills	0:714293de3836	1601	}
ashleymills	0:714293de3836	1602	enc->setup = 1;
ashleymills	0:714293de3836	1603	dec->setup = 1;
ashleymills	0:714293de3836	1604	}
ashleymills	0:714293de3836	1605	#endif
ashleymills	0:714293de3836	1606
ashleymills	0:714293de3836	1607	#ifdef BUILD_AESGCM
ashleymills	0:714293de3836	1608	if (specs->bulk_cipher_algorithm == aes_gcm) {
ashleymills	0:714293de3836	1609	if (enc->aes == NULL)
ashleymills	0:714293de3836	1610	enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1611	if (enc->aes == NULL)
ashleymills	0:714293de3836	1612	return MEMORY_E;
ashleymills	0:714293de3836	1613	if (dec->aes == NULL)
ashleymills	0:714293de3836	1614	dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1615	if (dec->aes == NULL)
ashleymills	0:714293de3836	1616	return MEMORY_E;
ashleymills	0:714293de3836	1617
ashleymills	0:714293de3836	1618	if (side == CLIENT_END) {
ashleymills	0:714293de3836	1619	AesGcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
ashleymills	0:714293de3836	1620	XMEMCPY(keys->aead_enc_imp_IV,
ashleymills	0:714293de3836	1621	keys->client_write_IV, AEAD_IMP_IV_SZ);
ashleymills	0:714293de3836	1622	AesGcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
ashleymills	0:714293de3836	1623	XMEMCPY(keys->aead_dec_imp_IV,
ashleymills	0:714293de3836	1624	keys->server_write_IV, AEAD_IMP_IV_SZ);
ashleymills	0:714293de3836	1625	}
ashleymills	0:714293de3836	1626	else {
ashleymills	0:714293de3836	1627	AesGcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
ashleymills	0:714293de3836	1628	XMEMCPY(keys->aead_enc_imp_IV,
ashleymills	0:714293de3836	1629	keys->server_write_IV, AEAD_IMP_IV_SZ);
ashleymills	0:714293de3836	1630	AesGcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
ashleymills	0:714293de3836	1631	XMEMCPY(keys->aead_dec_imp_IV,
ashleymills	0:714293de3836	1632	keys->client_write_IV, AEAD_IMP_IV_SZ);
ashleymills	0:714293de3836	1633	}
ashleymills	0:714293de3836	1634	enc->setup = 1;
ashleymills	0:714293de3836	1635	dec->setup = 1;
ashleymills	0:714293de3836	1636	}
ashleymills	0:714293de3836	1637	#endif
ashleymills	0:714293de3836	1638
ashleymills	0:714293de3836	1639	#ifdef HAVE_AESCCM
ashleymills	0:714293de3836	1640	if (specs->bulk_cipher_algorithm == aes_ccm) {
ashleymills	0:714293de3836	1641	if (enc->aes == NULL)
ashleymills	0:714293de3836	1642	enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1643	if (enc->aes == NULL)
ashleymills	0:714293de3836	1644	return MEMORY_E;
ashleymills	0:714293de3836	1645	if (dec->aes == NULL)
ashleymills	0:714293de3836	1646	dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1647	if (dec->aes == NULL)
ashleymills	0:714293de3836	1648	return MEMORY_E;
ashleymills	0:714293de3836	1649
ashleymills	0:714293de3836	1650	if (side == CLIENT_END) {
ashleymills	0:714293de3836	1651	AesCcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
ashleymills	0:714293de3836	1652	XMEMCPY(keys->aead_enc_imp_IV,
ashleymills	0:714293de3836	1653	keys->client_write_IV, AEAD_IMP_IV_SZ);
ashleymills	0:714293de3836	1654	AesCcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
ashleymills	0:714293de3836	1655	XMEMCPY(keys->aead_dec_imp_IV,
ashleymills	0:714293de3836	1656	keys->server_write_IV, AEAD_IMP_IV_SZ);
ashleymills	0:714293de3836	1657	}
ashleymills	0:714293de3836	1658	else {
ashleymills	0:714293de3836	1659	AesCcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
ashleymills	0:714293de3836	1660	XMEMCPY(keys->aead_enc_imp_IV,
ashleymills	0:714293de3836	1661	keys->server_write_IV, AEAD_IMP_IV_SZ);
ashleymills	0:714293de3836	1662	AesCcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
ashleymills	0:714293de3836	1663	XMEMCPY(keys->aead_dec_imp_IV,
ashleymills	0:714293de3836	1664	keys->client_write_IV, AEAD_IMP_IV_SZ);
ashleymills	0:714293de3836	1665	}
ashleymills	0:714293de3836	1666	enc->setup = 1;
ashleymills	0:714293de3836	1667	dec->setup = 1;
ashleymills	0:714293de3836	1668	}
ashleymills	0:714293de3836	1669	#endif
ashleymills	0:714293de3836	1670
ashleymills	0:714293de3836	1671	#ifdef HAVE_CAMELLIA
ashleymills	0:714293de3836	1672	if (specs->bulk_cipher_algorithm == camellia) {
ashleymills	0:714293de3836	1673	if (enc->cam == NULL)
ashleymills	0:714293de3836	1674	enc->cam =
ashleymills	0:714293de3836	1675	(Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1676	if (enc->cam == NULL)
ashleymills	0:714293de3836	1677	return MEMORY_E;
ashleymills	0:714293de3836	1678	if (dec->cam == NULL)
ashleymills	0:714293de3836	1679	dec->cam =
ashleymills	0:714293de3836	1680	(Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
ashleymills	0:714293de3836	1681	if (dec->cam == NULL)
ashleymills	0:714293de3836	1682	return MEMORY_E;
ashleymills	0:714293de3836	1683	if (side == CLIENT_END) {
ashleymills	0:714293de3836	1684	CamelliaSetKey(enc->cam, keys->client_write_key,
ashleymills	0:714293de3836	1685	specs->key_size, keys->client_write_IV);
ashleymills	0:714293de3836	1686	CamelliaSetKey(dec->cam, keys->server_write_key,
ashleymills	0:714293de3836	1687	specs->key_size, keys->server_write_IV);
ashleymills	0:714293de3836	1688	}
ashleymills	0:714293de3836	1689	else {
ashleymills	0:714293de3836	1690	CamelliaSetKey(enc->cam, keys->server_write_key,
ashleymills	0:714293de3836	1691	specs->key_size, keys->server_write_IV);
ashleymills	0:714293de3836	1692	CamelliaSetKey(dec->cam, keys->client_write_key,
ashleymills	0:714293de3836	1693	specs->key_size, keys->client_write_IV);
ashleymills	0:714293de3836	1694	}
ashleymills	0:714293de3836	1695	enc->setup = 1;
ashleymills	0:714293de3836	1696	dec->setup = 1;
ashleymills	0:714293de3836	1697	}
ashleymills	0:714293de3836	1698	#endif
ashleymills	0:714293de3836	1699
ashleymills	0:714293de3836	1700	#ifdef HAVE_NULL_CIPHER
ashleymills	0:714293de3836	1701	if (specs->bulk_cipher_algorithm == cipher_null) {
ashleymills	0:714293de3836	1702	enc->setup = 1;
ashleymills	0:714293de3836	1703	dec->setup = 1;
ashleymills	0:714293de3836	1704	}
ashleymills	0:714293de3836	1705	#endif
ashleymills	0:714293de3836	1706
ashleymills	0:714293de3836	1707	keys->sequence_number = 0;
ashleymills	0:714293de3836	1708	keys->peer_sequence_number = 0;
ashleymills	0:714293de3836	1709	keys->encryptionOn = 0;
ashleymills	0:714293de3836	1710	(void)side;
ashleymills	0:714293de3836	1711	(void)heap;
ashleymills	0:714293de3836	1712	(void)enc;
ashleymills	0:714293de3836	1713	(void)dec;
ashleymills	0:714293de3836	1714	(void)specs;
ashleymills	0:714293de3836	1715	(void)devId;
ashleymills	0:714293de3836	1716
ashleymills	0:714293de3836	1717	return 0;
ashleymills	0:714293de3836	1718	}
ashleymills	0:714293de3836	1719
ashleymills	0:714293de3836	1720
ashleymills	0:714293de3836	1721	/* TLS can call too */
ashleymills	0:714293de3836	1722	int StoreKeys(CYASSL* ssl, const byte* keyData)
ashleymills	0:714293de3836	1723	{
ashleymills	0:714293de3836	1724	int sz, i = 0;
ashleymills	0:714293de3836	1725	int devId = NO_CAVIUM_DEVICE;
ashleymills	0:714293de3836	1726
ashleymills	0:714293de3836	1727	#ifdef HAVE_CAVIUM
ashleymills	0:714293de3836	1728	devId = ssl->devId;
ashleymills	0:714293de3836	1729	#endif
ashleymills	0:714293de3836	1730
ashleymills	0:714293de3836	1731	if (ssl->specs.cipher_type != aead) {
ashleymills	0:714293de3836	1732	sz = ssl->specs.hash_size;
ashleymills	0:714293de3836	1733	XMEMCPY(ssl->keys.client_write_MAC_secret,&keyData[i], sz);
ashleymills	0:714293de3836	1734	i += sz;
ashleymills	0:714293de3836	1735	XMEMCPY(ssl->keys.server_write_MAC_secret,&keyData[i], sz);
ashleymills	0:714293de3836	1736	i += sz;
ashleymills	0:714293de3836	1737	}
ashleymills	0:714293de3836	1738	sz = ssl->specs.key_size;
ashleymills	0:714293de3836	1739	XMEMCPY(ssl->keys.client_write_key, &keyData[i], sz);
ashleymills	0:714293de3836	1740	i += sz;
ashleymills	0:714293de3836	1741	XMEMCPY(ssl->keys.server_write_key, &keyData[i], sz);
ashleymills	0:714293de3836	1742	i += sz;
ashleymills	0:714293de3836	1743
ashleymills	0:714293de3836	1744	sz = ssl->specs.iv_size;
ashleymills	0:714293de3836	1745	XMEMCPY(ssl->keys.client_write_IV, &keyData[i], sz);
ashleymills	0:714293de3836	1746	i += sz;
ashleymills	0:714293de3836	1747	XMEMCPY(ssl->keys.server_write_IV, &keyData[i], sz);
ashleymills	0:714293de3836	1748
ashleymills	0:714293de3836	1749	#ifdef HAVE_AEAD
ashleymills	0:714293de3836	1750	if (ssl->specs.cipher_type == aead) {
ashleymills	0:714293de3836	1751	/* Initialize the AES-GCM explicit IV to a random number. */
ashleymills	0:714293de3836	1752	RNG_GenerateBlock(ssl->rng, ssl->keys.aead_exp_IV, AEAD_EXP_IV_SZ);
ashleymills	0:714293de3836	1753	}
ashleymills	0:714293de3836	1754	#endif
ashleymills	0:714293de3836	1755
ashleymills	0:714293de3836	1756	return SetKeys(&ssl->encrypt, &ssl->decrypt, &ssl->keys, &ssl->specs,
ashleymills	0:714293de3836	1757	ssl->options.side, ssl->heap, devId);
ashleymills	0:714293de3836	1758	}
ashleymills	0:714293de3836	1759
ashleymills	0:714293de3836	1760	#ifndef NO_OLD_TLS
ashleymills	0:714293de3836	1761	int DeriveKeys(CYASSL* ssl)
ashleymills	0:714293de3836	1762	{
ashleymills	0:714293de3836	1763	int length = 2 * ssl->specs.hash_size +
ashleymills	0:714293de3836	1764	2 * ssl->specs.key_size +
ashleymills	0:714293de3836	1765	2 * ssl->specs.iv_size;
ashleymills	0:714293de3836	1766	int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i;
ashleymills	0:714293de3836	1767
ashleymills	0:714293de3836	1768	byte shaOutput[SHA_DIGEST_SIZE];
ashleymills	0:714293de3836	1769	byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE];
ashleymills	0:714293de3836	1770	byte shaInput[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN];
ashleymills	0:714293de3836	1771
ashleymills	0:714293de3836	1772	Md5 md5;
ashleymills	0:714293de3836	1773	Sha sha;
ashleymills	0:714293de3836	1774
ashleymills	0:714293de3836	1775	byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE]; /* max size */
ashleymills	0:714293de3836	1776
ashleymills	0:714293de3836	1777	InitMd5(&md5);
ashleymills	0:714293de3836	1778	InitSha(&sha);
ashleymills	0:714293de3836	1779
ashleymills	0:714293de3836	1780	XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN);
ashleymills	0:714293de3836	1781
ashleymills	0:714293de3836	1782	for (i = 0; i < rounds; ++i) {
ashleymills	0:714293de3836	1783	int j = i + 1;
ashleymills	0:714293de3836	1784	int idx = j;
ashleymills	0:714293de3836	1785
ashleymills	0:714293de3836	1786	if (!SetPrefix(shaInput, i)) {
ashleymills	0:714293de3836	1787	return PREFIX_ERROR;
ashleymills	0:714293de3836	1788	}
ashleymills	0:714293de3836	1789
ashleymills	0:714293de3836	1790	XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN);
ashleymills	0:714293de3836	1791	idx += SECRET_LEN;
ashleymills	0:714293de3836	1792	XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
ashleymills	0:714293de3836	1793	idx += RAN_LEN;
ashleymills	0:714293de3836	1794	XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
ashleymills	0:714293de3836	1795
ashleymills	0:714293de3836	1796	ShaUpdate(&sha, shaInput, (word32)sizeof(shaInput) - KEY_PREFIX + j);
ashleymills	0:714293de3836	1797	ShaFinal(&sha, shaOutput);
ashleymills	0:714293de3836	1798
ashleymills	0:714293de3836	1799	XMEMCPY(&md5Input[SECRET_LEN], shaOutput, SHA_DIGEST_SIZE);
ashleymills	0:714293de3836	1800	Md5Update(&md5, md5Input, sizeof(md5Input));
ashleymills	0:714293de3836	1801	Md5Final(&md5, keyData + i * MD5_DIGEST_SIZE);
ashleymills	0:714293de3836	1802	}
ashleymills	0:714293de3836	1803
ashleymills	0:714293de3836	1804	return StoreKeys(ssl, keyData);
ashleymills	0:714293de3836	1805	}
ashleymills	0:714293de3836	1806
ashleymills	0:714293de3836	1807
ashleymills	0:714293de3836	1808	static void CleanPreMaster(CYASSL* ssl)
ashleymills	0:714293de3836	1809	{
ashleymills	0:714293de3836	1810	int i, sz = ssl->arrays->preMasterSz;
ashleymills	0:714293de3836	1811
ashleymills	0:714293de3836	1812	for (i = 0; i < sz; i++)
ashleymills	0:714293de3836	1813	ssl->arrays->preMasterSecret[i] = 0;
ashleymills	0:714293de3836	1814
ashleymills	0:714293de3836	1815	RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz);
ashleymills	0:714293de3836	1816
ashleymills	0:714293de3836	1817	for (i = 0; i < sz; i++)
ashleymills	0:714293de3836	1818	ssl->arrays->preMasterSecret[i] = 0;
ashleymills	0:714293de3836	1819
ashleymills	0:714293de3836	1820	}
ashleymills	0:714293de3836	1821
ashleymills	0:714293de3836	1822
ashleymills	0:714293de3836	1823	/* Create and store the master secret see page 32, 6.1 */
ashleymills	0:714293de3836	1824	static int MakeSslMasterSecret(CYASSL* ssl)
ashleymills	0:714293de3836	1825	{
ashleymills	0:714293de3836	1826	byte shaOutput[SHA_DIGEST_SIZE];
ashleymills	0:714293de3836	1827	byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE];
ashleymills	0:714293de3836	1828	byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN];
ashleymills	0:714293de3836	1829	int i, ret;
ashleymills	0:714293de3836	1830	word32 idx;
ashleymills	0:714293de3836	1831	word32 pmsSz = ssl->arrays->preMasterSz;
ashleymills	0:714293de3836	1832
ashleymills	0:714293de3836	1833	Md5 md5;
ashleymills	0:714293de3836	1834	Sha sha;
ashleymills	0:714293de3836	1835
ashleymills	0:714293de3836	1836	#ifdef SHOW_SECRETS
ashleymills	0:714293de3836	1837	{
ashleymills	0:714293de3836	1838	word32 j;
ashleymills	0:714293de3836	1839	printf("pre master secret: ");
ashleymills	0:714293de3836	1840	for (j = 0; j < pmsSz; j++)
ashleymills	0:714293de3836	1841	printf("%02x", ssl->arrays->preMasterSecret[j]);
ashleymills	0:714293de3836	1842	printf("\n");
ashleymills	0:714293de3836	1843	}
ashleymills	0:714293de3836	1844	#endif
ashleymills	0:714293de3836	1845
ashleymills	0:714293de3836	1846	InitMd5(&md5);
ashleymills	0:714293de3836	1847	InitSha(&sha);
ashleymills	0:714293de3836	1848
ashleymills	0:714293de3836	1849	XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz);
ashleymills	0:714293de3836	1850
ashleymills	0:714293de3836	1851	for (i = 0; i < MASTER_ROUNDS; ++i) {
ashleymills	0:714293de3836	1852	byte prefix[PREFIX];
ashleymills	0:714293de3836	1853	if (!SetPrefix(prefix, i)) {
ashleymills	0:714293de3836	1854	return PREFIX_ERROR;
ashleymills	0:714293de3836	1855	}
ashleymills	0:714293de3836	1856
ashleymills	0:714293de3836	1857	idx = 0;
ashleymills	0:714293de3836	1858	XMEMCPY(shaInput, prefix, i + 1);
ashleymills	0:714293de3836	1859	idx += i + 1;
ashleymills	0:714293de3836	1860
ashleymills	0:714293de3836	1861	XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz);
ashleymills	0:714293de3836	1862	idx += pmsSz;
ashleymills	0:714293de3836	1863	XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
ashleymills	0:714293de3836	1864	idx += RAN_LEN;
ashleymills	0:714293de3836	1865	XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
ashleymills	0:714293de3836	1866	idx += RAN_LEN;
ashleymills	0:714293de3836	1867	ShaUpdate(&sha, shaInput, idx);
ashleymills	0:714293de3836	1868	ShaFinal(&sha, shaOutput);
ashleymills	0:714293de3836	1869
ashleymills	0:714293de3836	1870	idx = pmsSz; /* preSz */
ashleymills	0:714293de3836	1871	XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
ashleymills	0:714293de3836	1872	idx += SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	1873	Md5Update(&md5, md5Input, idx);
ashleymills	0:714293de3836	1874	Md5Final(&md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]);
ashleymills	0:714293de3836	1875	}
ashleymills	0:714293de3836	1876
ashleymills	0:714293de3836	1877	#ifdef SHOW_SECRETS
ashleymills	0:714293de3836	1878	{
ashleymills	0:714293de3836	1879	word32 j;
ashleymills	0:714293de3836	1880	printf("master secret: ");
ashleymills	0:714293de3836	1881	for (j = 0; j < SECRET_LEN; j++)
ashleymills	0:714293de3836	1882	printf("%02x", ssl->arrays->masterSecret[j]);
ashleymills	0:714293de3836	1883	printf("\n");
ashleymills	0:714293de3836	1884	}
ashleymills	0:714293de3836	1885	#endif
ashleymills	0:714293de3836	1886
ashleymills	0:714293de3836	1887	ret = DeriveKeys(ssl);
ashleymills	0:714293de3836	1888	CleanPreMaster(ssl);
ashleymills	0:714293de3836	1889
ashleymills	0:714293de3836	1890	return ret;
ashleymills	0:714293de3836	1891	}
ashleymills	0:714293de3836	1892	#endif
ashleymills	0:714293de3836	1893
ashleymills	0:714293de3836	1894
ashleymills	0:714293de3836	1895	/* Master wrapper, doesn't use SSL stack space in TLS mode */
ashleymills	0:714293de3836	1896	int MakeMasterSecret(CYASSL* ssl)
ashleymills	0:714293de3836	1897	{
ashleymills	0:714293de3836	1898	#ifdef NO_OLD_TLS
ashleymills	0:714293de3836	1899	return MakeTlsMasterSecret(ssl);
ashleymills	0:714293de3836	1900	#elif !defined(NO_TLS)
ashleymills	0:714293de3836	1901	if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
ashleymills	0:714293de3836	1902	#endif
ashleymills	0:714293de3836	1903
ashleymills	0:714293de3836	1904	#ifndef NO_OLD_TLS
ashleymills	0:714293de3836	1905	return MakeSslMasterSecret(ssl);
ashleymills	0:714293de3836	1906	#endif
ashleymills	0:714293de3836	1907	}
ashleymills	0:714293de3836	1908

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	18 Sep 2013
Imports:	7
Forks:	0
Commits:	5
Dependents:	2
Dependencies:	0
Followers:	2

The code in this repository is Apache licensed.

keys.c@4:f377303c41be, 2013-09-16 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning