Francois Berder
/
cyassl-lib
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TLS_cyassl TLS_cyassl
Embed:
(wiki syntax)
Show/hide line numbers
keys.c
00001 /* keys.c 00002 * 00003 * Copyright (C) 2006-2013 wolfSSL Inc. 00004 * 00005 * This file is part of CyaSSL. 00006 * 00007 * CyaSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * CyaSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 00020 */ 00021 00022 00023 #ifdef HAVE_CONFIG_H 00024 #include <config.h> 00025 #endif 00026 00027 #include <cyassl/ctaocrypt/settings.h> 00028 00029 #include <cyassl/internal.h> 00030 #include <cyassl/ctaoerror.h> 00031 #ifdef SHOW_SECRETS 00032 #ifdef FREESCALE_MQX 00033 #include <fio.h> 00034 #else 00035 #include <stdio.h> 00036 #endif 00037 #endif 00038 00039 00040 int SetCipherSpecs(CYASSL* ssl) 00041 { 00042 /* ECC extensions, or AES-CCM */ 00043 if (ssl->options.cipherSuite0 == ECC_BYTE) { 00044 00045 switch (ssl->options.cipherSuite) { 00046 00047 #ifdef HAVE_ECC 00048 00049 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 00050 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : 00051 ssl->specs.bulk_cipher_algorithm = aes; 00052 ssl->specs.cipher_type = block; 00053 ssl->specs.mac_algorithm = sha256_mac; 00054 ssl->specs.kea = ecc_diffie_hellman_kea; 00055 ssl->specs.sig_algo = rsa_sa_algo; 00056 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00057 ssl->specs.pad_size = PAD_SHA; 00058 ssl->specs.static_ecdh = 0; 00059 ssl->specs.key_size = AES_128_KEY_SIZE; 00060 ssl->specs.iv_size = AES_IV_SIZE; 00061 ssl->specs.block_size = AES_BLOCK_SIZE; 00062 break; 00063 #endif 00064 00065 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 00066 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 : 00067 ssl->specs.bulk_cipher_algorithm = aes; 00068 ssl->specs.cipher_type = block; 00069 ssl->specs.mac_algorithm = sha256_mac; 00070 ssl->specs.kea = ecc_diffie_hellman_kea; 00071 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00072 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00073 ssl->specs.pad_size = PAD_SHA; 00074 ssl->specs.static_ecdh = 0; 00075 ssl->specs.key_size = AES_128_KEY_SIZE; 00076 ssl->specs.iv_size = AES_IV_SIZE; 00077 ssl->specs.block_size = AES_BLOCK_SIZE; 00078 break; 00079 #endif 00080 00081 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 00082 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 : 00083 ssl->specs.bulk_cipher_algorithm = aes; 00084 ssl->specs.cipher_type = block; 00085 ssl->specs.mac_algorithm = sha256_mac; 00086 ssl->specs.kea = ecc_diffie_hellman_kea; 00087 ssl->specs.sig_algo = rsa_sa_algo; 00088 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00089 ssl->specs.pad_size = PAD_SHA; 00090 ssl->specs.static_ecdh = 1; 00091 ssl->specs.key_size = AES_128_KEY_SIZE; 00092 ssl->specs.iv_size = AES_IV_SIZE; 00093 ssl->specs.block_size = AES_BLOCK_SIZE; 00094 break; 00095 #endif 00096 00097 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 00098 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 : 00099 ssl->specs.bulk_cipher_algorithm = aes; 00100 ssl->specs.cipher_type = block; 00101 ssl->specs.mac_algorithm = sha256_mac; 00102 ssl->specs.kea = ecc_diffie_hellman_kea; 00103 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00104 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00105 ssl->specs.pad_size = PAD_SHA; 00106 ssl->specs.static_ecdh = 1; 00107 ssl->specs.key_size = AES_128_KEY_SIZE; 00108 ssl->specs.iv_size = AES_IV_SIZE; 00109 ssl->specs.block_size = AES_BLOCK_SIZE; 00110 break; 00111 #endif 00112 00113 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 00114 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : 00115 ssl->specs.bulk_cipher_algorithm = aes; 00116 ssl->specs.cipher_type = block; 00117 ssl->specs.mac_algorithm = sha384_mac; 00118 ssl->specs.kea = ecc_diffie_hellman_kea; 00119 ssl->specs.sig_algo = rsa_sa_algo; 00120 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00121 ssl->specs.pad_size = PAD_SHA; 00122 ssl->specs.static_ecdh = 0; 00123 ssl->specs.key_size = AES_256_KEY_SIZE; 00124 ssl->specs.iv_size = AES_IV_SIZE; 00125 ssl->specs.block_size = AES_BLOCK_SIZE; 00126 break; 00127 #endif 00128 00129 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 00130 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 : 00131 ssl->specs.bulk_cipher_algorithm = aes; 00132 ssl->specs.cipher_type = block; 00133 ssl->specs.mac_algorithm = sha384_mac; 00134 ssl->specs.kea = ecc_diffie_hellman_kea; 00135 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00136 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00137 ssl->specs.pad_size = PAD_SHA; 00138 ssl->specs.static_ecdh = 0; 00139 ssl->specs.key_size = AES_256_KEY_SIZE; 00140 ssl->specs.iv_size = AES_IV_SIZE; 00141 ssl->specs.block_size = AES_BLOCK_SIZE; 00142 break; 00143 #endif 00144 00145 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 00146 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 : 00147 ssl->specs.bulk_cipher_algorithm = aes; 00148 ssl->specs.cipher_type = block; 00149 ssl->specs.mac_algorithm = sha384_mac; 00150 ssl->specs.kea = ecc_diffie_hellman_kea; 00151 ssl->specs.sig_algo = rsa_sa_algo; 00152 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00153 ssl->specs.pad_size = PAD_SHA; 00154 ssl->specs.static_ecdh = 1; 00155 ssl->specs.key_size = AES_256_KEY_SIZE; 00156 ssl->specs.iv_size = AES_IV_SIZE; 00157 ssl->specs.block_size = AES_BLOCK_SIZE; 00158 break; 00159 #endif 00160 00161 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 00162 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 : 00163 ssl->specs.bulk_cipher_algorithm = aes; 00164 ssl->specs.cipher_type = block; 00165 ssl->specs.mac_algorithm = sha384_mac; 00166 ssl->specs.kea = ecc_diffie_hellman_kea; 00167 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00168 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00169 ssl->specs.pad_size = PAD_SHA; 00170 ssl->specs.static_ecdh = 1; 00171 ssl->specs.key_size = AES_256_KEY_SIZE; 00172 ssl->specs.iv_size = AES_IV_SIZE; 00173 ssl->specs.block_size = AES_BLOCK_SIZE; 00174 break; 00175 #endif 00176 00177 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 00178 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : 00179 ssl->specs.bulk_cipher_algorithm = aes; 00180 ssl->specs.cipher_type = block; 00181 ssl->specs.mac_algorithm = sha_mac; 00182 ssl->specs.kea = ecc_diffie_hellman_kea; 00183 ssl->specs.sig_algo = rsa_sa_algo; 00184 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00185 ssl->specs.pad_size = PAD_SHA; 00186 ssl->specs.static_ecdh = 0; 00187 ssl->specs.key_size = AES_128_KEY_SIZE; 00188 ssl->specs.block_size = AES_BLOCK_SIZE; 00189 ssl->specs.iv_size = AES_IV_SIZE; 00190 00191 break; 00192 #endif 00193 00194 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 00195 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA : 00196 ssl->specs.bulk_cipher_algorithm = aes; 00197 ssl->specs.cipher_type = block; 00198 ssl->specs.mac_algorithm = sha_mac; 00199 ssl->specs.kea = ecc_diffie_hellman_kea; 00200 ssl->specs.sig_algo = rsa_sa_algo; 00201 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00202 ssl->specs.pad_size = PAD_SHA; 00203 ssl->specs.static_ecdh = 1; 00204 ssl->specs.key_size = AES_128_KEY_SIZE; 00205 ssl->specs.block_size = AES_BLOCK_SIZE; 00206 ssl->specs.iv_size = AES_IV_SIZE; 00207 00208 break; 00209 #endif 00210 00211 #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 00212 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : 00213 ssl->specs.bulk_cipher_algorithm = triple_des; 00214 ssl->specs.cipher_type = block; 00215 ssl->specs.mac_algorithm = sha_mac; 00216 ssl->specs.kea = ecc_diffie_hellman_kea; 00217 ssl->specs.sig_algo = rsa_sa_algo; 00218 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00219 ssl->specs.pad_size = PAD_SHA; 00220 ssl->specs.static_ecdh = 0; 00221 ssl->specs.key_size = DES3_KEY_SIZE; 00222 ssl->specs.block_size = DES_BLOCK_SIZE; 00223 ssl->specs.iv_size = DES_IV_SIZE; 00224 00225 break; 00226 #endif 00227 00228 #ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 00229 case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA : 00230 ssl->specs.bulk_cipher_algorithm = triple_des; 00231 ssl->specs.cipher_type = block; 00232 ssl->specs.mac_algorithm = sha_mac; 00233 ssl->specs.kea = ecc_diffie_hellman_kea; 00234 ssl->specs.sig_algo = rsa_sa_algo; 00235 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00236 ssl->specs.pad_size = PAD_SHA; 00237 ssl->specs.static_ecdh = 1; 00238 ssl->specs.key_size = DES3_KEY_SIZE; 00239 ssl->specs.block_size = DES_BLOCK_SIZE; 00240 ssl->specs.iv_size = DES_IV_SIZE; 00241 00242 break; 00243 #endif 00244 00245 #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA 00246 case TLS_ECDHE_RSA_WITH_RC4_128_SHA : 00247 ssl->specs.bulk_cipher_algorithm = rc4; 00248 ssl->specs.cipher_type = stream; 00249 ssl->specs.mac_algorithm = sha_mac; 00250 ssl->specs.kea = ecc_diffie_hellman_kea; 00251 ssl->specs.sig_algo = rsa_sa_algo; 00252 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00253 ssl->specs.pad_size = PAD_SHA; 00254 ssl->specs.static_ecdh = 0; 00255 ssl->specs.key_size = RC4_KEY_SIZE; 00256 ssl->specs.iv_size = 0; 00257 ssl->specs.block_size = 0; 00258 00259 break; 00260 #endif 00261 00262 #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA 00263 case TLS_ECDH_RSA_WITH_RC4_128_SHA : 00264 ssl->specs.bulk_cipher_algorithm = rc4; 00265 ssl->specs.cipher_type = stream; 00266 ssl->specs.mac_algorithm = sha_mac; 00267 ssl->specs.kea = ecc_diffie_hellman_kea; 00268 ssl->specs.sig_algo = rsa_sa_algo; 00269 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00270 ssl->specs.pad_size = PAD_SHA; 00271 ssl->specs.static_ecdh = 1; 00272 ssl->specs.key_size = RC4_KEY_SIZE; 00273 ssl->specs.iv_size = 0; 00274 ssl->specs.block_size = 0; 00275 00276 break; 00277 #endif 00278 00279 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 00280 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : 00281 ssl->specs.bulk_cipher_algorithm = triple_des; 00282 ssl->specs.cipher_type = block; 00283 ssl->specs.mac_algorithm = sha_mac; 00284 ssl->specs.kea = ecc_diffie_hellman_kea; 00285 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00286 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00287 ssl->specs.pad_size = PAD_SHA; 00288 ssl->specs.static_ecdh = 0; 00289 ssl->specs.key_size = DES3_KEY_SIZE; 00290 ssl->specs.block_size = DES_BLOCK_SIZE; 00291 ssl->specs.iv_size = DES_IV_SIZE; 00292 00293 break; 00294 #endif 00295 00296 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 00297 case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : 00298 ssl->specs.bulk_cipher_algorithm = triple_des; 00299 ssl->specs.cipher_type = block; 00300 ssl->specs.mac_algorithm = sha_mac; 00301 ssl->specs.kea = ecc_diffie_hellman_kea; 00302 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00303 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00304 ssl->specs.pad_size = PAD_SHA; 00305 ssl->specs.static_ecdh = 1; 00306 ssl->specs.key_size = DES3_KEY_SIZE; 00307 ssl->specs.block_size = DES_BLOCK_SIZE; 00308 ssl->specs.iv_size = DES_IV_SIZE; 00309 00310 break; 00311 #endif 00312 00313 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 00314 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : 00315 ssl->specs.bulk_cipher_algorithm = rc4; 00316 ssl->specs.cipher_type = stream; 00317 ssl->specs.mac_algorithm = sha_mac; 00318 ssl->specs.kea = ecc_diffie_hellman_kea; 00319 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00320 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00321 ssl->specs.pad_size = PAD_SHA; 00322 ssl->specs.static_ecdh = 0; 00323 ssl->specs.key_size = RC4_KEY_SIZE; 00324 ssl->specs.iv_size = 0; 00325 ssl->specs.block_size = 0; 00326 00327 break; 00328 #endif 00329 00330 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 00331 case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : 00332 ssl->specs.bulk_cipher_algorithm = rc4; 00333 ssl->specs.cipher_type = stream; 00334 ssl->specs.mac_algorithm = sha_mac; 00335 ssl->specs.kea = ecc_diffie_hellman_kea; 00336 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00337 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00338 ssl->specs.pad_size = PAD_SHA; 00339 ssl->specs.static_ecdh = 1; 00340 ssl->specs.key_size = RC4_KEY_SIZE; 00341 ssl->specs.iv_size = 0; 00342 ssl->specs.block_size = 0; 00343 00344 break; 00345 #endif 00346 00347 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 00348 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : 00349 ssl->specs.bulk_cipher_algorithm = aes; 00350 ssl->specs.cipher_type = block; 00351 ssl->specs.mac_algorithm = sha_mac; 00352 ssl->specs.kea = ecc_diffie_hellman_kea; 00353 ssl->specs.sig_algo = rsa_sa_algo; 00354 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00355 ssl->specs.pad_size = PAD_SHA; 00356 ssl->specs.static_ecdh = 0; 00357 ssl->specs.key_size = AES_256_KEY_SIZE; 00358 ssl->specs.block_size = AES_BLOCK_SIZE; 00359 ssl->specs.iv_size = AES_IV_SIZE; 00360 00361 break; 00362 #endif 00363 00364 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 00365 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : 00366 ssl->specs.bulk_cipher_algorithm = aes; 00367 ssl->specs.cipher_type = block; 00368 ssl->specs.mac_algorithm = sha_mac; 00369 ssl->specs.kea = ecc_diffie_hellman_kea; 00370 ssl->specs.sig_algo = rsa_sa_algo; 00371 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00372 ssl->specs.pad_size = PAD_SHA; 00373 ssl->specs.static_ecdh = 1; 00374 ssl->specs.key_size = AES_256_KEY_SIZE; 00375 ssl->specs.block_size = AES_BLOCK_SIZE; 00376 ssl->specs.iv_size = AES_IV_SIZE; 00377 00378 break; 00379 #endif 00380 00381 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 00382 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : 00383 ssl->specs.bulk_cipher_algorithm = aes; 00384 ssl->specs.cipher_type = block; 00385 ssl->specs.mac_algorithm = sha_mac; 00386 ssl->specs.kea = ecc_diffie_hellman_kea; 00387 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00388 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00389 ssl->specs.pad_size = PAD_SHA; 00390 ssl->specs.static_ecdh = 0; 00391 ssl->specs.key_size = AES_128_KEY_SIZE; 00392 ssl->specs.block_size = AES_BLOCK_SIZE; 00393 ssl->specs.iv_size = AES_IV_SIZE; 00394 00395 break; 00396 #endif 00397 00398 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 00399 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : 00400 ssl->specs.bulk_cipher_algorithm = aes; 00401 ssl->specs.cipher_type = block; 00402 ssl->specs.mac_algorithm = sha_mac; 00403 ssl->specs.kea = ecc_diffie_hellman_kea; 00404 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00405 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00406 ssl->specs.pad_size = PAD_SHA; 00407 ssl->specs.static_ecdh = 1; 00408 ssl->specs.key_size = AES_128_KEY_SIZE; 00409 ssl->specs.block_size = AES_BLOCK_SIZE; 00410 ssl->specs.iv_size = AES_IV_SIZE; 00411 00412 break; 00413 #endif 00414 00415 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 00416 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : 00417 ssl->specs.bulk_cipher_algorithm = aes; 00418 ssl->specs.cipher_type = block; 00419 ssl->specs.mac_algorithm = sha_mac; 00420 ssl->specs.kea = ecc_diffie_hellman_kea; 00421 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00422 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00423 ssl->specs.pad_size = PAD_SHA; 00424 ssl->specs.static_ecdh = 0; 00425 ssl->specs.key_size = AES_256_KEY_SIZE; 00426 ssl->specs.block_size = AES_BLOCK_SIZE; 00427 ssl->specs.iv_size = AES_IV_SIZE; 00428 00429 break; 00430 #endif 00431 00432 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 00433 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : 00434 ssl->specs.bulk_cipher_algorithm = aes; 00435 ssl->specs.cipher_type = block; 00436 ssl->specs.mac_algorithm = sha_mac; 00437 ssl->specs.kea = ecc_diffie_hellman_kea; 00438 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00439 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00440 ssl->specs.pad_size = PAD_SHA; 00441 ssl->specs.static_ecdh = 1; 00442 ssl->specs.key_size = AES_256_KEY_SIZE; 00443 ssl->specs.block_size = AES_BLOCK_SIZE; 00444 ssl->specs.iv_size = AES_IV_SIZE; 00445 00446 break; 00447 #endif 00448 00449 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 00450 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : 00451 ssl->specs.bulk_cipher_algorithm = aes_gcm; 00452 ssl->specs.cipher_type = aead; 00453 ssl->specs.mac_algorithm = sha256_mac; 00454 ssl->specs.kea = ecc_diffie_hellman_kea; 00455 ssl->specs.sig_algo = rsa_sa_algo; 00456 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00457 ssl->specs.pad_size = PAD_SHA; 00458 ssl->specs.static_ecdh = 0; 00459 ssl->specs.key_size = AES_128_KEY_SIZE; 00460 ssl->specs.block_size = AES_BLOCK_SIZE; 00461 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00462 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00463 00464 break; 00465 #endif 00466 00467 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 00468 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 : 00469 ssl->specs.bulk_cipher_algorithm = aes_gcm; 00470 ssl->specs.cipher_type = aead; 00471 ssl->specs.mac_algorithm = sha384_mac; 00472 ssl->specs.kea = ecc_diffie_hellman_kea; 00473 ssl->specs.sig_algo = rsa_sa_algo; 00474 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00475 ssl->specs.pad_size = PAD_SHA; 00476 ssl->specs.static_ecdh = 0; 00477 ssl->specs.key_size = AES_256_KEY_SIZE; 00478 ssl->specs.block_size = AES_BLOCK_SIZE; 00479 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00480 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00481 00482 break; 00483 #endif 00484 00485 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 00486 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 : 00487 ssl->specs.bulk_cipher_algorithm = aes_gcm; 00488 ssl->specs.cipher_type = aead; 00489 ssl->specs.mac_algorithm = sha256_mac; 00490 ssl->specs.kea = ecc_diffie_hellman_kea; 00491 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00492 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00493 ssl->specs.pad_size = PAD_SHA; 00494 ssl->specs.static_ecdh = 0; 00495 ssl->specs.key_size = AES_128_KEY_SIZE; 00496 ssl->specs.block_size = AES_BLOCK_SIZE; 00497 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00498 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00499 00500 break; 00501 #endif 00502 00503 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 00504 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 : 00505 ssl->specs.bulk_cipher_algorithm = aes_gcm; 00506 ssl->specs.cipher_type = aead; 00507 ssl->specs.mac_algorithm = sha384_mac; 00508 ssl->specs.kea = ecc_diffie_hellman_kea; 00509 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00510 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00511 ssl->specs.pad_size = PAD_SHA; 00512 ssl->specs.static_ecdh = 0; 00513 ssl->specs.key_size = AES_256_KEY_SIZE; 00514 ssl->specs.block_size = AES_BLOCK_SIZE; 00515 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00516 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00517 00518 break; 00519 #endif 00520 00521 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 00522 case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 : 00523 ssl->specs.bulk_cipher_algorithm = aes_gcm; 00524 ssl->specs.cipher_type = aead; 00525 ssl->specs.mac_algorithm = sha256_mac; 00526 ssl->specs.kea = ecc_diffie_hellman_kea; 00527 ssl->specs.sig_algo = rsa_sa_algo; 00528 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00529 ssl->specs.pad_size = PAD_SHA; 00530 ssl->specs.static_ecdh = 1; 00531 ssl->specs.key_size = AES_128_KEY_SIZE; 00532 ssl->specs.block_size = AES_BLOCK_SIZE; 00533 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00534 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00535 00536 break; 00537 #endif 00538 00539 #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 00540 case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 : 00541 ssl->specs.bulk_cipher_algorithm = aes_gcm; 00542 ssl->specs.cipher_type = aead; 00543 ssl->specs.mac_algorithm = sha384_mac; 00544 ssl->specs.kea = ecc_diffie_hellman_kea; 00545 ssl->specs.sig_algo = rsa_sa_algo; 00546 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00547 ssl->specs.pad_size = PAD_SHA; 00548 ssl->specs.static_ecdh = 1; 00549 ssl->specs.key_size = AES_256_KEY_SIZE; 00550 ssl->specs.block_size = AES_BLOCK_SIZE; 00551 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00552 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00553 00554 break; 00555 #endif 00556 00557 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 00558 case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 : 00559 ssl->specs.bulk_cipher_algorithm = aes_gcm; 00560 ssl->specs.cipher_type = aead; 00561 ssl->specs.mac_algorithm = sha256_mac; 00562 ssl->specs.kea = ecc_diffie_hellman_kea; 00563 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00564 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00565 ssl->specs.pad_size = PAD_SHA; 00566 ssl->specs.static_ecdh = 1; 00567 ssl->specs.key_size = AES_128_KEY_SIZE; 00568 ssl->specs.block_size = AES_BLOCK_SIZE; 00569 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00570 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00571 00572 break; 00573 #endif 00574 00575 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 00576 case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 : 00577 ssl->specs.bulk_cipher_algorithm = aes_gcm; 00578 ssl->specs.cipher_type = aead; 00579 ssl->specs.mac_algorithm = sha384_mac; 00580 ssl->specs.kea = ecc_diffie_hellman_kea; 00581 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00582 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 00583 ssl->specs.pad_size = PAD_SHA; 00584 ssl->specs.static_ecdh = 1; 00585 ssl->specs.key_size = AES_256_KEY_SIZE; 00586 ssl->specs.block_size = AES_BLOCK_SIZE; 00587 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00588 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 00589 00590 break; 00591 #endif 00592 00593 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 00594 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : 00595 ssl->specs.bulk_cipher_algorithm = aes_ccm; 00596 ssl->specs.cipher_type = aead; 00597 ssl->specs.mac_algorithm = sha256_mac; 00598 ssl->specs.kea = ecc_diffie_hellman_kea; 00599 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00600 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00601 ssl->specs.pad_size = PAD_SHA; 00602 ssl->specs.static_ecdh = 0; 00603 ssl->specs.key_size = AES_128_KEY_SIZE; 00604 ssl->specs.block_size = AES_BLOCK_SIZE; 00605 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00606 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00607 00608 break; 00609 #endif 00610 00611 #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 00612 case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : 00613 ssl->specs.bulk_cipher_algorithm = aes_ccm; 00614 ssl->specs.cipher_type = aead; 00615 ssl->specs.mac_algorithm = sha256_mac; 00616 ssl->specs.kea = ecc_diffie_hellman_kea; 00617 ssl->specs.sig_algo = ecc_dsa_sa_algo; 00618 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00619 ssl->specs.pad_size = PAD_SHA; 00620 ssl->specs.static_ecdh = 0; 00621 ssl->specs.key_size = AES_256_KEY_SIZE; 00622 ssl->specs.block_size = AES_BLOCK_SIZE; 00623 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00624 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00625 00626 break; 00627 #endif 00628 #endif /* HAVE_ECC */ 00629 00630 #ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8 00631 case TLS_RSA_WITH_AES_128_CCM_8 : 00632 ssl->specs.bulk_cipher_algorithm = aes_ccm; 00633 ssl->specs.cipher_type = aead; 00634 ssl->specs.mac_algorithm = sha256_mac; 00635 ssl->specs.kea = rsa_kea; 00636 ssl->specs.sig_algo = rsa_sa_algo; 00637 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00638 ssl->specs.pad_size = PAD_SHA; 00639 ssl->specs.static_ecdh = 0; 00640 ssl->specs.key_size = AES_128_KEY_SIZE; 00641 ssl->specs.block_size = AES_BLOCK_SIZE; 00642 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00643 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00644 00645 break; 00646 #endif 00647 00648 #ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8 00649 case TLS_RSA_WITH_AES_256_CCM_8 : 00650 ssl->specs.bulk_cipher_algorithm = aes_ccm; 00651 ssl->specs.cipher_type = aead; 00652 ssl->specs.mac_algorithm = sha256_mac; 00653 ssl->specs.kea = rsa_kea; 00654 ssl->specs.sig_algo = rsa_sa_algo; 00655 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00656 ssl->specs.pad_size = PAD_SHA; 00657 ssl->specs.static_ecdh = 0; 00658 ssl->specs.key_size = AES_256_KEY_SIZE; 00659 ssl->specs.block_size = AES_BLOCK_SIZE; 00660 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00661 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00662 00663 break; 00664 #endif 00665 00666 #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8 00667 case TLS_PSK_WITH_AES_128_CCM_8 : 00668 ssl->specs.bulk_cipher_algorithm = aes_ccm; 00669 ssl->specs.cipher_type = aead; 00670 ssl->specs.mac_algorithm = sha256_mac; 00671 ssl->specs.kea = psk_kea; 00672 ssl->specs.sig_algo = anonymous_sa_algo; 00673 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00674 ssl->specs.pad_size = PAD_SHA; 00675 ssl->specs.static_ecdh = 0; 00676 ssl->specs.key_size = AES_128_KEY_SIZE; 00677 ssl->specs.block_size = AES_BLOCK_SIZE; 00678 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00679 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00680 00681 ssl->options.usingPSK_cipher = 1; 00682 break; 00683 #endif 00684 00685 #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8 00686 case TLS_PSK_WITH_AES_256_CCM_8 : 00687 ssl->specs.bulk_cipher_algorithm = aes_ccm; 00688 ssl->specs.cipher_type = aead; 00689 ssl->specs.mac_algorithm = sha256_mac; 00690 ssl->specs.kea = psk_kea; 00691 ssl->specs.sig_algo = anonymous_sa_algo; 00692 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00693 ssl->specs.pad_size = PAD_SHA; 00694 ssl->specs.static_ecdh = 0; 00695 ssl->specs.key_size = AES_256_KEY_SIZE; 00696 ssl->specs.block_size = AES_BLOCK_SIZE; 00697 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 00698 ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; 00699 00700 ssl->options.usingPSK_cipher = 1; 00701 break; 00702 #endif 00703 00704 default: 00705 CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC"); 00706 return UNSUPPORTED_SUITE; 00707 } /* switch */ 00708 } /* if */ 00709 if (ssl->options.cipherSuite0 != ECC_BYTE) { /* normal suites */ 00710 switch (ssl->options.cipherSuite) { 00711 00712 #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA 00713 case SSL_RSA_WITH_RC4_128_SHA : 00714 ssl->specs.bulk_cipher_algorithm = rc4; 00715 ssl->specs.cipher_type = stream; 00716 ssl->specs.mac_algorithm = sha_mac; 00717 ssl->specs.kea = rsa_kea; 00718 ssl->specs.sig_algo = rsa_sa_algo; 00719 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00720 ssl->specs.pad_size = PAD_SHA; 00721 ssl->specs.static_ecdh = 0; 00722 ssl->specs.key_size = RC4_KEY_SIZE; 00723 ssl->specs.iv_size = 0; 00724 ssl->specs.block_size = 0; 00725 00726 break; 00727 #endif 00728 00729 #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA 00730 case TLS_NTRU_RSA_WITH_RC4_128_SHA : 00731 ssl->specs.bulk_cipher_algorithm = rc4; 00732 ssl->specs.cipher_type = stream; 00733 ssl->specs.mac_algorithm = sha_mac; 00734 ssl->specs.kea = ntru_kea; 00735 ssl->specs.sig_algo = rsa_sa_algo; 00736 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00737 ssl->specs.pad_size = PAD_SHA; 00738 ssl->specs.static_ecdh = 0; 00739 ssl->specs.key_size = RC4_KEY_SIZE; 00740 ssl->specs.iv_size = 0; 00741 ssl->specs.block_size = 0; 00742 00743 break; 00744 #endif 00745 00746 #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5 00747 case SSL_RSA_WITH_RC4_128_MD5 : 00748 ssl->specs.bulk_cipher_algorithm = rc4; 00749 ssl->specs.cipher_type = stream; 00750 ssl->specs.mac_algorithm = md5_mac; 00751 ssl->specs.kea = rsa_kea; 00752 ssl->specs.sig_algo = rsa_sa_algo; 00753 ssl->specs.hash_size = MD5_DIGEST_SIZE; 00754 ssl->specs.pad_size = PAD_MD5; 00755 ssl->specs.static_ecdh = 0; 00756 ssl->specs.key_size = RC4_KEY_SIZE; 00757 ssl->specs.iv_size = 0; 00758 ssl->specs.block_size = 0; 00759 00760 break; 00761 #endif 00762 00763 #ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA 00764 case SSL_RSA_WITH_3DES_EDE_CBC_SHA : 00765 ssl->specs.bulk_cipher_algorithm = triple_des; 00766 ssl->specs.cipher_type = block; 00767 ssl->specs.mac_algorithm = sha_mac; 00768 ssl->specs.kea = rsa_kea; 00769 ssl->specs.sig_algo = rsa_sa_algo; 00770 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00771 ssl->specs.pad_size = PAD_SHA; 00772 ssl->specs.static_ecdh = 0; 00773 ssl->specs.key_size = DES3_KEY_SIZE; 00774 ssl->specs.block_size = DES_BLOCK_SIZE; 00775 ssl->specs.iv_size = DES_IV_SIZE; 00776 00777 break; 00778 #endif 00779 00780 #ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA 00781 case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : 00782 ssl->specs.bulk_cipher_algorithm = triple_des; 00783 ssl->specs.cipher_type = block; 00784 ssl->specs.mac_algorithm = sha_mac; 00785 ssl->specs.kea = ntru_kea; 00786 ssl->specs.sig_algo = rsa_sa_algo; 00787 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00788 ssl->specs.pad_size = PAD_SHA; 00789 ssl->specs.static_ecdh = 0; 00790 ssl->specs.key_size = DES3_KEY_SIZE; 00791 ssl->specs.block_size = DES_BLOCK_SIZE; 00792 ssl->specs.iv_size = DES_IV_SIZE; 00793 00794 break; 00795 #endif 00796 00797 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA 00798 case TLS_RSA_WITH_AES_128_CBC_SHA : 00799 ssl->specs.bulk_cipher_algorithm = aes; 00800 ssl->specs.cipher_type = block; 00801 ssl->specs.mac_algorithm = sha_mac; 00802 ssl->specs.kea = rsa_kea; 00803 ssl->specs.sig_algo = rsa_sa_algo; 00804 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00805 ssl->specs.pad_size = PAD_SHA; 00806 ssl->specs.static_ecdh = 0; 00807 ssl->specs.key_size = AES_128_KEY_SIZE; 00808 ssl->specs.block_size = AES_BLOCK_SIZE; 00809 ssl->specs.iv_size = AES_IV_SIZE; 00810 00811 break; 00812 #endif 00813 00814 #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 00815 case TLS_RSA_WITH_AES_128_CBC_SHA256 : 00816 ssl->specs.bulk_cipher_algorithm = aes; 00817 ssl->specs.cipher_type = block; 00818 ssl->specs.mac_algorithm = sha256_mac; 00819 ssl->specs.kea = rsa_kea; 00820 ssl->specs.sig_algo = rsa_sa_algo; 00821 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00822 ssl->specs.pad_size = PAD_SHA; 00823 ssl->specs.static_ecdh = 0; 00824 ssl->specs.key_size = AES_128_KEY_SIZE; 00825 ssl->specs.block_size = AES_BLOCK_SIZE; 00826 ssl->specs.iv_size = AES_IV_SIZE; 00827 00828 break; 00829 #endif 00830 00831 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA 00832 case TLS_RSA_WITH_NULL_SHA : 00833 ssl->specs.bulk_cipher_algorithm = cipher_null; 00834 ssl->specs.cipher_type = stream; 00835 ssl->specs.mac_algorithm = sha_mac; 00836 ssl->specs.kea = rsa_kea; 00837 ssl->specs.sig_algo = rsa_sa_algo; 00838 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00839 ssl->specs.pad_size = PAD_SHA; 00840 ssl->specs.static_ecdh = 0; 00841 ssl->specs.key_size = 0; 00842 ssl->specs.block_size = 0; 00843 ssl->specs.iv_size = 0; 00844 00845 break; 00846 #endif 00847 00848 #ifdef BUILD_TLS_RSA_WITH_NULL_SHA256 00849 case TLS_RSA_WITH_NULL_SHA256 : 00850 ssl->specs.bulk_cipher_algorithm = cipher_null; 00851 ssl->specs.cipher_type = stream; 00852 ssl->specs.mac_algorithm = sha256_mac; 00853 ssl->specs.kea = rsa_kea; 00854 ssl->specs.sig_algo = rsa_sa_algo; 00855 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00856 ssl->specs.pad_size = PAD_SHA; 00857 ssl->specs.static_ecdh = 0; 00858 ssl->specs.key_size = 0; 00859 ssl->specs.block_size = 0; 00860 ssl->specs.iv_size = 0; 00861 00862 break; 00863 #endif 00864 00865 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA 00866 case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : 00867 ssl->specs.bulk_cipher_algorithm = aes; 00868 ssl->specs.cipher_type = block; 00869 ssl->specs.mac_algorithm = sha_mac; 00870 ssl->specs.kea = ntru_kea; 00871 ssl->specs.sig_algo = rsa_sa_algo; 00872 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00873 ssl->specs.pad_size = PAD_SHA; 00874 ssl->specs.static_ecdh = 0; 00875 ssl->specs.key_size = AES_128_KEY_SIZE; 00876 ssl->specs.block_size = AES_BLOCK_SIZE; 00877 ssl->specs.iv_size = AES_IV_SIZE; 00878 00879 break; 00880 #endif 00881 00882 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA 00883 case TLS_RSA_WITH_AES_256_CBC_SHA : 00884 ssl->specs.bulk_cipher_algorithm = aes; 00885 ssl->specs.cipher_type = block; 00886 ssl->specs.mac_algorithm = sha_mac; 00887 ssl->specs.kea = rsa_kea; 00888 ssl->specs.sig_algo = rsa_sa_algo; 00889 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00890 ssl->specs.pad_size = PAD_SHA; 00891 ssl->specs.static_ecdh = 0; 00892 ssl->specs.key_size = AES_256_KEY_SIZE; 00893 ssl->specs.block_size = AES_BLOCK_SIZE; 00894 ssl->specs.iv_size = AES_IV_SIZE; 00895 00896 break; 00897 #endif 00898 00899 #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 00900 case TLS_RSA_WITH_AES_256_CBC_SHA256 : 00901 ssl->specs.bulk_cipher_algorithm = aes; 00902 ssl->specs.cipher_type = block; 00903 ssl->specs.mac_algorithm = sha256_mac; 00904 ssl->specs.kea = rsa_kea; 00905 ssl->specs.sig_algo = rsa_sa_algo; 00906 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00907 ssl->specs.pad_size = PAD_SHA; 00908 ssl->specs.static_ecdh = 0; 00909 ssl->specs.key_size = AES_256_KEY_SIZE; 00910 ssl->specs.block_size = AES_BLOCK_SIZE; 00911 ssl->specs.iv_size = AES_IV_SIZE; 00912 00913 break; 00914 #endif 00915 00916 #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA 00917 case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : 00918 ssl->specs.bulk_cipher_algorithm = aes; 00919 ssl->specs.cipher_type = block; 00920 ssl->specs.mac_algorithm = sha_mac; 00921 ssl->specs.kea = ntru_kea; 00922 ssl->specs.sig_algo = rsa_sa_algo; 00923 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00924 ssl->specs.pad_size = PAD_SHA; 00925 ssl->specs.static_ecdh = 0; 00926 ssl->specs.key_size = AES_256_KEY_SIZE; 00927 ssl->specs.block_size = AES_BLOCK_SIZE; 00928 ssl->specs.iv_size = AES_IV_SIZE; 00929 00930 break; 00931 #endif 00932 00933 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 00934 case TLS_PSK_WITH_AES_128_CBC_SHA256 : 00935 ssl->specs.bulk_cipher_algorithm = aes; 00936 ssl->specs.cipher_type = block; 00937 ssl->specs.mac_algorithm = sha256_mac; 00938 ssl->specs.kea = psk_kea; 00939 ssl->specs.sig_algo = anonymous_sa_algo; 00940 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00941 ssl->specs.pad_size = PAD_SHA; 00942 ssl->specs.static_ecdh = 0; 00943 ssl->specs.key_size = AES_128_KEY_SIZE; 00944 ssl->specs.block_size = AES_BLOCK_SIZE; 00945 ssl->specs.iv_size = AES_IV_SIZE; 00946 00947 ssl->options.usingPSK_cipher = 1; 00948 break; 00949 #endif 00950 00951 #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA 00952 case TLS_PSK_WITH_AES_128_CBC_SHA : 00953 ssl->specs.bulk_cipher_algorithm = aes; 00954 ssl->specs.cipher_type = block; 00955 ssl->specs.mac_algorithm = sha_mac; 00956 ssl->specs.kea = psk_kea; 00957 ssl->specs.sig_algo = anonymous_sa_algo; 00958 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00959 ssl->specs.pad_size = PAD_SHA; 00960 ssl->specs.static_ecdh = 0; 00961 ssl->specs.key_size = AES_128_KEY_SIZE; 00962 ssl->specs.block_size = AES_BLOCK_SIZE; 00963 ssl->specs.iv_size = AES_IV_SIZE; 00964 00965 ssl->options.usingPSK_cipher = 1; 00966 break; 00967 #endif 00968 00969 #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA 00970 case TLS_PSK_WITH_AES_256_CBC_SHA : 00971 ssl->specs.bulk_cipher_algorithm = aes; 00972 ssl->specs.cipher_type = block; 00973 ssl->specs.mac_algorithm = sha_mac; 00974 ssl->specs.kea = psk_kea; 00975 ssl->specs.sig_algo = anonymous_sa_algo; 00976 ssl->specs.hash_size = SHA_DIGEST_SIZE; 00977 ssl->specs.pad_size = PAD_SHA; 00978 ssl->specs.static_ecdh = 0; 00979 ssl->specs.key_size = AES_256_KEY_SIZE; 00980 ssl->specs.block_size = AES_BLOCK_SIZE; 00981 ssl->specs.iv_size = AES_IV_SIZE; 00982 00983 ssl->options.usingPSK_cipher = 1; 00984 break; 00985 #endif 00986 00987 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA256 00988 case TLS_PSK_WITH_NULL_SHA256 : 00989 ssl->specs.bulk_cipher_algorithm = cipher_null; 00990 ssl->specs.cipher_type = stream; 00991 ssl->specs.mac_algorithm = sha256_mac; 00992 ssl->specs.kea = psk_kea; 00993 ssl->specs.sig_algo = anonymous_sa_algo; 00994 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 00995 ssl->specs.pad_size = PAD_SHA; 00996 ssl->specs.static_ecdh = 0; 00997 ssl->specs.key_size = 0; 00998 ssl->specs.block_size = 0; 00999 ssl->specs.iv_size = 0; 01000 01001 ssl->options.usingPSK_cipher = 1; 01002 break; 01003 #endif 01004 01005 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA 01006 case TLS_PSK_WITH_NULL_SHA : 01007 ssl->specs.bulk_cipher_algorithm = cipher_null; 01008 ssl->specs.cipher_type = stream; 01009 ssl->specs.mac_algorithm = sha_mac; 01010 ssl->specs.kea = psk_kea; 01011 ssl->specs.sig_algo = anonymous_sa_algo; 01012 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01013 ssl->specs.pad_size = PAD_SHA; 01014 ssl->specs.static_ecdh = 0; 01015 ssl->specs.key_size = 0; 01016 ssl->specs.block_size = 0; 01017 ssl->specs.iv_size = 0; 01018 01019 ssl->options.usingPSK_cipher = 1; 01020 break; 01021 #endif 01022 01023 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 01024 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : 01025 ssl->specs.bulk_cipher_algorithm = aes; 01026 ssl->specs.cipher_type = block; 01027 ssl->specs.mac_algorithm = sha256_mac; 01028 ssl->specs.kea = diffie_hellman_kea; 01029 ssl->specs.sig_algo = rsa_sa_algo; 01030 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01031 ssl->specs.pad_size = PAD_SHA; 01032 ssl->specs.static_ecdh = 0; 01033 ssl->specs.key_size = AES_128_KEY_SIZE; 01034 ssl->specs.block_size = AES_BLOCK_SIZE; 01035 ssl->specs.iv_size = AES_IV_SIZE; 01036 01037 break; 01038 #endif 01039 01040 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 01041 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 : 01042 ssl->specs.bulk_cipher_algorithm = aes; 01043 ssl->specs.cipher_type = block; 01044 ssl->specs.mac_algorithm = sha256_mac; 01045 ssl->specs.kea = diffie_hellman_kea; 01046 ssl->specs.sig_algo = rsa_sa_algo; 01047 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01048 ssl->specs.pad_size = PAD_SHA; 01049 ssl->specs.static_ecdh = 0; 01050 ssl->specs.key_size = AES_256_KEY_SIZE; 01051 ssl->specs.block_size = AES_BLOCK_SIZE; 01052 ssl->specs.iv_size = AES_IV_SIZE; 01053 01054 break; 01055 #endif 01056 01057 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 01058 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA : 01059 ssl->specs.bulk_cipher_algorithm = aes; 01060 ssl->specs.cipher_type = block; 01061 ssl->specs.mac_algorithm = sha_mac; 01062 ssl->specs.kea = diffie_hellman_kea; 01063 ssl->specs.sig_algo = rsa_sa_algo; 01064 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01065 ssl->specs.pad_size = PAD_SHA; 01066 ssl->specs.static_ecdh = 0; 01067 ssl->specs.key_size = AES_128_KEY_SIZE; 01068 ssl->specs.block_size = AES_BLOCK_SIZE; 01069 ssl->specs.iv_size = AES_IV_SIZE; 01070 01071 break; 01072 #endif 01073 01074 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 01075 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA : 01076 ssl->specs.bulk_cipher_algorithm = aes; 01077 ssl->specs.cipher_type = block; 01078 ssl->specs.mac_algorithm = sha_mac; 01079 ssl->specs.kea = diffie_hellman_kea; 01080 ssl->specs.sig_algo = rsa_sa_algo; 01081 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01082 ssl->specs.pad_size = PAD_SHA; 01083 ssl->specs.static_ecdh = 0; 01084 ssl->specs.key_size = AES_256_KEY_SIZE; 01085 ssl->specs.block_size = AES_BLOCK_SIZE; 01086 ssl->specs.iv_size = AES_IV_SIZE; 01087 01088 break; 01089 #endif 01090 01091 #ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_MD5 01092 case TLS_RSA_WITH_HC_128_CBC_MD5 : 01093 ssl->specs.bulk_cipher_algorithm = hc128; 01094 ssl->specs.cipher_type = stream; 01095 ssl->specs.mac_algorithm = md5_mac; 01096 ssl->specs.kea = rsa_kea; 01097 ssl->specs.sig_algo = rsa_sa_algo; 01098 ssl->specs.hash_size = MD5_DIGEST_SIZE; 01099 ssl->specs.pad_size = PAD_MD5; 01100 ssl->specs.static_ecdh = 0; 01101 ssl->specs.key_size = HC_128_KEY_SIZE; 01102 ssl->specs.block_size = 0; 01103 ssl->specs.iv_size = HC_128_IV_SIZE; 01104 01105 break; 01106 #endif 01107 01108 #ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_SHA 01109 case TLS_RSA_WITH_HC_128_CBC_SHA : 01110 ssl->specs.bulk_cipher_algorithm = hc128; 01111 ssl->specs.cipher_type = stream; 01112 ssl->specs.mac_algorithm = sha_mac; 01113 ssl->specs.kea = rsa_kea; 01114 ssl->specs.sig_algo = rsa_sa_algo; 01115 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01116 ssl->specs.pad_size = PAD_SHA; 01117 ssl->specs.static_ecdh = 0; 01118 ssl->specs.key_size = HC_128_KEY_SIZE; 01119 ssl->specs.block_size = 0; 01120 ssl->specs.iv_size = HC_128_IV_SIZE; 01121 01122 break; 01123 #endif 01124 01125 #ifdef BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA 01126 case TLS_RSA_WITH_RABBIT_CBC_SHA : 01127 ssl->specs.bulk_cipher_algorithm = rabbit; 01128 ssl->specs.cipher_type = stream; 01129 ssl->specs.mac_algorithm = sha_mac; 01130 ssl->specs.kea = rsa_kea; 01131 ssl->specs.sig_algo = rsa_sa_algo; 01132 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01133 ssl->specs.pad_size = PAD_SHA; 01134 ssl->specs.static_ecdh = 0; 01135 ssl->specs.key_size = RABBIT_KEY_SIZE; 01136 ssl->specs.block_size = 0; 01137 ssl->specs.iv_size = RABBIT_IV_SIZE; 01138 01139 break; 01140 #endif 01141 01142 #ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 01143 case TLS_RSA_WITH_AES_128_GCM_SHA256 : 01144 ssl->specs.bulk_cipher_algorithm = aes_gcm; 01145 ssl->specs.cipher_type = aead; 01146 ssl->specs.mac_algorithm = sha256_mac; 01147 ssl->specs.kea = rsa_kea; 01148 ssl->specs.sig_algo = rsa_sa_algo; 01149 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01150 ssl->specs.pad_size = PAD_SHA; 01151 ssl->specs.static_ecdh = 0; 01152 ssl->specs.key_size = AES_128_KEY_SIZE; 01153 ssl->specs.block_size = AES_BLOCK_SIZE; 01154 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01155 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01156 01157 break; 01158 #endif 01159 01160 #ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 01161 case TLS_RSA_WITH_AES_256_GCM_SHA384 : 01162 ssl->specs.bulk_cipher_algorithm = aes_gcm; 01163 ssl->specs.cipher_type = aead; 01164 ssl->specs.mac_algorithm = sha384_mac; 01165 ssl->specs.kea = rsa_kea; 01166 ssl->specs.sig_algo = rsa_sa_algo; 01167 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01168 ssl->specs.pad_size = PAD_SHA; 01169 ssl->specs.static_ecdh = 0; 01170 ssl->specs.key_size = AES_256_KEY_SIZE; 01171 ssl->specs.block_size = AES_BLOCK_SIZE; 01172 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01173 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01174 01175 break; 01176 #endif 01177 01178 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 01179 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 : 01180 ssl->specs.bulk_cipher_algorithm = aes_gcm; 01181 ssl->specs.cipher_type = aead; 01182 ssl->specs.mac_algorithm = sha256_mac; 01183 ssl->specs.kea = diffie_hellman_kea; 01184 ssl->specs.sig_algo = rsa_sa_algo; 01185 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01186 ssl->specs.pad_size = PAD_SHA; 01187 ssl->specs.static_ecdh = 0; 01188 ssl->specs.key_size = AES_128_KEY_SIZE; 01189 ssl->specs.block_size = AES_BLOCK_SIZE; 01190 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01191 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01192 01193 break; 01194 #endif 01195 01196 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 01197 case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 : 01198 ssl->specs.bulk_cipher_algorithm = aes_gcm; 01199 ssl->specs.cipher_type = aead; 01200 ssl->specs.mac_algorithm = sha384_mac; 01201 ssl->specs.kea = diffie_hellman_kea; 01202 ssl->specs.sig_algo = rsa_sa_algo; 01203 ssl->specs.hash_size = SHA384_DIGEST_SIZE; 01204 ssl->specs.pad_size = PAD_SHA; 01205 ssl->specs.static_ecdh = 0; 01206 ssl->specs.key_size = AES_256_KEY_SIZE; 01207 ssl->specs.block_size = AES_BLOCK_SIZE; 01208 ssl->specs.iv_size = AEAD_IMP_IV_SZ; 01209 ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; 01210 01211 break; 01212 #endif 01213 01214 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 01215 case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : 01216 ssl->specs.bulk_cipher_algorithm = camellia; 01217 ssl->specs.cipher_type = block; 01218 ssl->specs.mac_algorithm = sha_mac; 01219 ssl->specs.kea = rsa_kea; 01220 ssl->specs.sig_algo = rsa_sa_algo; 01221 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01222 ssl->specs.pad_size = PAD_SHA; 01223 ssl->specs.static_ecdh = 0; 01224 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; 01225 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01226 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01227 01228 break; 01229 #endif 01230 01231 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 01232 case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : 01233 ssl->specs.bulk_cipher_algorithm = camellia; 01234 ssl->specs.cipher_type = block; 01235 ssl->specs.mac_algorithm = sha_mac; 01236 ssl->specs.kea = rsa_kea; 01237 ssl->specs.sig_algo = rsa_sa_algo; 01238 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01239 ssl->specs.pad_size = PAD_SHA; 01240 ssl->specs.static_ecdh = 0; 01241 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; 01242 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01243 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01244 01245 break; 01246 #endif 01247 01248 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 01249 case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : 01250 ssl->specs.bulk_cipher_algorithm = camellia; 01251 ssl->specs.cipher_type = block; 01252 ssl->specs.mac_algorithm = sha256_mac; 01253 ssl->specs.kea = rsa_kea; 01254 ssl->specs.sig_algo = rsa_sa_algo; 01255 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01256 ssl->specs.pad_size = PAD_SHA; 01257 ssl->specs.static_ecdh = 0; 01258 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; 01259 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01260 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01261 01262 break; 01263 #endif 01264 01265 #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 01266 case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 : 01267 ssl->specs.bulk_cipher_algorithm = camellia; 01268 ssl->specs.cipher_type = block; 01269 ssl->specs.mac_algorithm = sha256_mac; 01270 ssl->specs.kea = rsa_kea; 01271 ssl->specs.sig_algo = rsa_sa_algo; 01272 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01273 ssl->specs.pad_size = PAD_SHA; 01274 ssl->specs.static_ecdh = 0; 01275 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; 01276 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01277 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01278 01279 break; 01280 #endif 01281 01282 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 01283 case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : 01284 ssl->specs.bulk_cipher_algorithm = camellia; 01285 ssl->specs.cipher_type = block; 01286 ssl->specs.mac_algorithm = sha_mac; 01287 ssl->specs.kea = diffie_hellman_kea; 01288 ssl->specs.sig_algo = rsa_sa_algo; 01289 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01290 ssl->specs.pad_size = PAD_SHA; 01291 ssl->specs.static_ecdh = 0; 01292 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; 01293 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01294 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01295 01296 break; 01297 #endif 01298 01299 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 01300 case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : 01301 ssl->specs.bulk_cipher_algorithm = camellia; 01302 ssl->specs.cipher_type = block; 01303 ssl->specs.mac_algorithm = sha_mac; 01304 ssl->specs.kea = diffie_hellman_kea; 01305 ssl->specs.sig_algo = rsa_sa_algo; 01306 ssl->specs.hash_size = SHA_DIGEST_SIZE; 01307 ssl->specs.pad_size = PAD_SHA; 01308 ssl->specs.static_ecdh = 0; 01309 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; 01310 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01311 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01312 01313 break; 01314 #endif 01315 01316 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 01317 case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 : 01318 ssl->specs.bulk_cipher_algorithm = camellia; 01319 ssl->specs.cipher_type = block; 01320 ssl->specs.mac_algorithm = sha256_mac; 01321 ssl->specs.kea = diffie_hellman_kea; 01322 ssl->specs.sig_algo = rsa_sa_algo; 01323 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01324 ssl->specs.pad_size = PAD_SHA; 01325 ssl->specs.static_ecdh = 0; 01326 ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; 01327 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01328 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01329 01330 break; 01331 #endif 01332 01333 #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 01334 case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 : 01335 ssl->specs.bulk_cipher_algorithm = camellia; 01336 ssl->specs.cipher_type = block; 01337 ssl->specs.mac_algorithm = sha256_mac; 01338 ssl->specs.kea = diffie_hellman_kea; 01339 ssl->specs.sig_algo = rsa_sa_algo; 01340 ssl->specs.hash_size = SHA256_DIGEST_SIZE; 01341 ssl->specs.pad_size = PAD_SHA; 01342 ssl->specs.static_ecdh = 0; 01343 ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; 01344 ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; 01345 ssl->specs.iv_size = CAMELLIA_IV_SIZE; 01346 01347 break; 01348 #endif 01349 01350 default: 01351 CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs"); 01352 return UNSUPPORTED_SUITE; 01353 } /* switch */ 01354 } /* if ECC / Normal suites else */ 01355 01356 /* set TLS if it hasn't been turned off */ 01357 if (ssl->version.major == 3 && ssl->version.minor >= 1) { 01358 #ifndef NO_TLS 01359 ssl->options.tls = 1; 01360 ssl->hmac = TLS_hmac; 01361 if (ssl->version.minor >= 2) 01362 ssl->options.tls1_1 = 1; 01363 #endif 01364 } 01365 01366 #ifdef CYASSL_DTLS 01367 if (ssl->options.dtls) 01368 ssl->hmac = TLS_hmac; 01369 #endif 01370 01371 return 0; 01372 } 01373 01374 01375 enum KeyStuff { 01376 MASTER_ROUNDS = 3, 01377 PREFIX = 3, /* up to three letters for master prefix */ 01378 KEY_PREFIX = 7 /* up to 7 prefix letters for key rounds */ 01379 01380 01381 }; 01382 01383 #ifndef NO_OLD_TLS 01384 /* true or false, zero for error */ 01385 static int SetPrefix(byte* sha_input, int idx) 01386 { 01387 switch (idx) { 01388 case 0: 01389 XMEMCPY(sha_input, "A", 1); 01390 break; 01391 case 1: 01392 XMEMCPY(sha_input, "BB", 2); 01393 break; 01394 case 2: 01395 XMEMCPY(sha_input, "CCC", 3); 01396 break; 01397 case 3: 01398 XMEMCPY(sha_input, "DDDD", 4); 01399 break; 01400 case 4: 01401 XMEMCPY(sha_input, "EEEEE", 5); 01402 break; 01403 case 5: 01404 XMEMCPY(sha_input, "FFFFFF", 6); 01405 break; 01406 case 6: 01407 XMEMCPY(sha_input, "GGGGGGG", 7); 01408 break; 01409 default: 01410 CYASSL_MSG("Set Prefix error, bad input"); 01411 return 0; 01412 } 01413 return 1; 01414 } 01415 #endif 01416 01417 01418 static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, 01419 byte side, void* heap, int devId) 01420 { 01421 #ifdef BUILD_ARC4 01422 word32 sz = specs->key_size; 01423 if (specs->bulk_cipher_algorithm == rc4) { 01424 if (enc->arc4 == NULL) 01425 enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); 01426 if (enc->arc4 == NULL) 01427 return MEMORY_E; 01428 if (dec->arc4 == NULL) 01429 dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); 01430 if (dec->arc4 == NULL) 01431 return MEMORY_E; 01432 #ifdef HAVE_CAVIUM 01433 if (devId != NO_CAVIUM_DEVICE) { 01434 if (Arc4InitCavium(enc->arc4, devId) != 0) { 01435 CYASSL_MSG("Arc4InitCavium failed in SetKeys"); 01436 return CAVIUM_INIT_E; 01437 } 01438 if (Arc4InitCavium(dec->arc4, devId) != 0) { 01439 CYASSL_MSG("Arc4InitCavium failed in SetKeys"); 01440 return CAVIUM_INIT_E; 01441 } 01442 } 01443 #endif 01444 if (side == CLIENT_END) { 01445 Arc4SetKey(enc->arc4, keys->client_write_key, sz); 01446 Arc4SetKey(dec->arc4, keys->server_write_key, sz); 01447 } 01448 else { 01449 Arc4SetKey(enc->arc4, keys->server_write_key, sz); 01450 Arc4SetKey(dec->arc4, keys->client_write_key, sz); 01451 } 01452 enc->setup = 1; 01453 dec->setup = 1; 01454 } 01455 #endif 01456 01457 #ifdef HAVE_HC128 01458 if (specs->bulk_cipher_algorithm == hc128) { 01459 int hcRet; 01460 if (enc->hc128 == NULL) 01461 enc->hc128 = 01462 (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER); 01463 if (enc->hc128 == NULL) 01464 return MEMORY_E; 01465 if (dec->hc128 == NULL) 01466 dec->hc128 = 01467 (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER); 01468 if (dec->hc128 == NULL) 01469 return MEMORY_E; 01470 if (side == CLIENT_END) { 01471 hcRet = Hc128_SetKey(enc->hc128, keys->client_write_key, 01472 keys->client_write_IV); 01473 if (hcRet != 0) return hcRet; 01474 hcRet = Hc128_SetKey(dec->hc128, keys->server_write_key, 01475 keys->server_write_IV); 01476 if (hcRet != 0) return hcRet; 01477 } 01478 else { 01479 hcRet = Hc128_SetKey(enc->hc128, keys->server_write_key, 01480 keys->server_write_IV); 01481 if (hcRet != 0) return hcRet; 01482 hcRet = Hc128_SetKey(dec->hc128, keys->client_write_key, 01483 keys->client_write_IV); 01484 if (hcRet != 0) return hcRet; 01485 } 01486 enc->setup = 1; 01487 dec->setup = 1; 01488 } 01489 #endif 01490 01491 #ifdef BUILD_RABBIT 01492 if (specs->bulk_cipher_algorithm == rabbit) { 01493 int rabRet; 01494 if (enc->rabbit == NULL) 01495 enc->rabbit = 01496 (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER); 01497 if (enc->rabbit == NULL) 01498 return MEMORY_E; 01499 if (dec->rabbit == NULL) 01500 dec->rabbit = 01501 (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER); 01502 if (dec->rabbit == NULL) 01503 return MEMORY_E; 01504 if (side == CLIENT_END) { 01505 rabRet = RabbitSetKey(enc->rabbit, keys->client_write_key, 01506 keys->client_write_IV); 01507 if (rabRet != 0) return rabRet; 01508 rabRet = RabbitSetKey(dec->rabbit, keys->server_write_key, 01509 keys->server_write_IV); 01510 if (rabRet != 0) return rabRet; 01511 } 01512 else { 01513 rabRet = RabbitSetKey(enc->rabbit, keys->server_write_key, 01514 keys->server_write_IV); 01515 if (rabRet != 0) return rabRet; 01516 rabRet = RabbitSetKey(dec->rabbit, keys->client_write_key, 01517 keys->client_write_IV); 01518 if (rabRet != 0) return rabRet; 01519 } 01520 enc->setup = 1; 01521 dec->setup = 1; 01522 } 01523 #endif 01524 01525 #ifdef BUILD_DES3 01526 if (specs->bulk_cipher_algorithm == triple_des) { 01527 if (enc->des3 == NULL) 01528 enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER); 01529 if (enc->des3 == NULL) 01530 return MEMORY_E; 01531 if (dec->des3 == NULL) 01532 dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER); 01533 if (dec->des3 == NULL) 01534 return MEMORY_E; 01535 #ifdef HAVE_CAVIUM 01536 if (devId != NO_CAVIUM_DEVICE) { 01537 if (Des3_InitCavium(enc->des3, devId) != 0) { 01538 CYASSL_MSG("Des3_InitCavium failed in SetKeys"); 01539 return CAVIUM_INIT_E; 01540 } 01541 if (Des3_InitCavium(dec->des3, devId) != 0) { 01542 CYASSL_MSG("Des3_InitCavium failed in SetKeys"); 01543 return CAVIUM_INIT_E; 01544 } 01545 } 01546 #endif 01547 if (side == CLIENT_END) { 01548 Des3_SetKey(enc->des3, keys->client_write_key, 01549 keys->client_write_IV, DES_ENCRYPTION); 01550 Des3_SetKey(dec->des3, keys->server_write_key, 01551 keys->server_write_IV, DES_DECRYPTION); 01552 } 01553 else { 01554 Des3_SetKey(enc->des3, keys->server_write_key, 01555 keys->server_write_IV, DES_ENCRYPTION); 01556 Des3_SetKey(dec->des3, keys->client_write_key, 01557 keys->client_write_IV, DES_DECRYPTION); 01558 } 01559 enc->setup = 1; 01560 dec->setup = 1; 01561 } 01562 #endif 01563 01564 #ifdef BUILD_AES 01565 if (specs->bulk_cipher_algorithm == aes) { 01566 if (enc->aes == NULL) 01567 enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 01568 if (enc->aes == NULL) 01569 return MEMORY_E; 01570 if (dec->aes == NULL) 01571 dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 01572 if (dec->aes == NULL) 01573 return MEMORY_E; 01574 #ifdef HAVE_CAVIUM 01575 if (devId != NO_CAVIUM_DEVICE) { 01576 if (AesInitCavium(enc->aes, devId) != 0) { 01577 CYASSL_MSG("AesInitCavium failed in SetKeys"); 01578 return CAVIUM_INIT_E; 01579 } 01580 if (AesInitCavium(dec->aes, devId) != 0) { 01581 CYASSL_MSG("AesInitCavium failed in SetKeys"); 01582 return CAVIUM_INIT_E; 01583 } 01584 } 01585 #endif 01586 if (side == CLIENT_END) { 01587 AesSetKey(enc->aes, keys->client_write_key, 01588 specs->key_size, keys->client_write_IV, 01589 AES_ENCRYPTION); 01590 AesSetKey(dec->aes, keys->server_write_key, 01591 specs->key_size, keys->server_write_IV, 01592 AES_DECRYPTION); 01593 } 01594 else { 01595 AesSetKey(enc->aes, keys->server_write_key, 01596 specs->key_size, keys->server_write_IV, 01597 AES_ENCRYPTION); 01598 AesSetKey(dec->aes, keys->client_write_key, 01599 specs->key_size, keys->client_write_IV, 01600 AES_DECRYPTION); 01601 } 01602 enc->setup = 1; 01603 dec->setup = 1; 01604 } 01605 #endif 01606 01607 #ifdef BUILD_AESGCM 01608 if (specs->bulk_cipher_algorithm == aes_gcm) { 01609 if (enc->aes == NULL) 01610 enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 01611 if (enc->aes == NULL) 01612 return MEMORY_E; 01613 if (dec->aes == NULL) 01614 dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 01615 if (dec->aes == NULL) 01616 return MEMORY_E; 01617 01618 if (side == CLIENT_END) { 01619 AesGcmSetKey(enc->aes, keys->client_write_key, specs->key_size); 01620 XMEMCPY(keys->aead_enc_imp_IV, 01621 keys->client_write_IV, AEAD_IMP_IV_SZ); 01622 AesGcmSetKey(dec->aes, keys->server_write_key, specs->key_size); 01623 XMEMCPY(keys->aead_dec_imp_IV, 01624 keys->server_write_IV, AEAD_IMP_IV_SZ); 01625 } 01626 else { 01627 AesGcmSetKey(enc->aes, keys->server_write_key, specs->key_size); 01628 XMEMCPY(keys->aead_enc_imp_IV, 01629 keys->server_write_IV, AEAD_IMP_IV_SZ); 01630 AesGcmSetKey(dec->aes, keys->client_write_key, specs->key_size); 01631 XMEMCPY(keys->aead_dec_imp_IV, 01632 keys->client_write_IV, AEAD_IMP_IV_SZ); 01633 } 01634 enc->setup = 1; 01635 dec->setup = 1; 01636 } 01637 #endif 01638 01639 #ifdef HAVE_AESCCM 01640 if (specs->bulk_cipher_algorithm == aes_ccm) { 01641 if (enc->aes == NULL) 01642 enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 01643 if (enc->aes == NULL) 01644 return MEMORY_E; 01645 if (dec->aes == NULL) 01646 dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); 01647 if (dec->aes == NULL) 01648 return MEMORY_E; 01649 01650 if (side == CLIENT_END) { 01651 AesCcmSetKey(enc->aes, keys->client_write_key, specs->key_size); 01652 XMEMCPY(keys->aead_enc_imp_IV, 01653 keys->client_write_IV, AEAD_IMP_IV_SZ); 01654 AesCcmSetKey(dec->aes, keys->server_write_key, specs->key_size); 01655 XMEMCPY(keys->aead_dec_imp_IV, 01656 keys->server_write_IV, AEAD_IMP_IV_SZ); 01657 } 01658 else { 01659 AesCcmSetKey(enc->aes, keys->server_write_key, specs->key_size); 01660 XMEMCPY(keys->aead_enc_imp_IV, 01661 keys->server_write_IV, AEAD_IMP_IV_SZ); 01662 AesCcmSetKey(dec->aes, keys->client_write_key, specs->key_size); 01663 XMEMCPY(keys->aead_dec_imp_IV, 01664 keys->client_write_IV, AEAD_IMP_IV_SZ); 01665 } 01666 enc->setup = 1; 01667 dec->setup = 1; 01668 } 01669 #endif 01670 01671 #ifdef HAVE_CAMELLIA 01672 if (specs->bulk_cipher_algorithm == camellia) { 01673 if (enc->cam == NULL) 01674 enc->cam = 01675 (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER); 01676 if (enc->cam == NULL) 01677 return MEMORY_E; 01678 if (dec->cam == NULL) 01679 dec->cam = 01680 (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER); 01681 if (dec->cam == NULL) 01682 return MEMORY_E; 01683 if (side == CLIENT_END) { 01684 CamelliaSetKey(enc->cam, keys->client_write_key, 01685 specs->key_size, keys->client_write_IV); 01686 CamelliaSetKey(dec->cam, keys->server_write_key, 01687 specs->key_size, keys->server_write_IV); 01688 } 01689 else { 01690 CamelliaSetKey(enc->cam, keys->server_write_key, 01691 specs->key_size, keys->server_write_IV); 01692 CamelliaSetKey(dec->cam, keys->client_write_key, 01693 specs->key_size, keys->client_write_IV); 01694 } 01695 enc->setup = 1; 01696 dec->setup = 1; 01697 } 01698 #endif 01699 01700 #ifdef HAVE_NULL_CIPHER 01701 if (specs->bulk_cipher_algorithm == cipher_null) { 01702 enc->setup = 1; 01703 dec->setup = 1; 01704 } 01705 #endif 01706 01707 keys->sequence_number = 0; 01708 keys->peer_sequence_number = 0; 01709 keys->encryptionOn = 0; 01710 (void)side; 01711 (void)heap; 01712 (void)enc; 01713 (void)dec; 01714 (void)specs; 01715 (void)devId; 01716 01717 return 0; 01718 } 01719 01720 01721 /* TLS can call too */ 01722 int StoreKeys(CYASSL* ssl, const byte* keyData) 01723 { 01724 int sz, i = 0; 01725 int devId = NO_CAVIUM_DEVICE; 01726 01727 #ifdef HAVE_CAVIUM 01728 devId = ssl->devId; 01729 #endif 01730 01731 if (ssl->specs.cipher_type != aead) { 01732 sz = ssl->specs.hash_size; 01733 XMEMCPY(ssl->keys.client_write_MAC_secret,&keyData[i], sz); 01734 i += sz; 01735 XMEMCPY(ssl->keys.server_write_MAC_secret,&keyData[i], sz); 01736 i += sz; 01737 } 01738 sz = ssl->specs.key_size; 01739 XMEMCPY(ssl->keys.client_write_key, &keyData[i], sz); 01740 i += sz; 01741 XMEMCPY(ssl->keys.server_write_key, &keyData[i], sz); 01742 i += sz; 01743 01744 sz = ssl->specs.iv_size; 01745 XMEMCPY(ssl->keys.client_write_IV, &keyData[i], sz); 01746 i += sz; 01747 XMEMCPY(ssl->keys.server_write_IV, &keyData[i], sz); 01748 01749 #ifdef HAVE_AEAD 01750 if (ssl->specs.cipher_type == aead) { 01751 /* Initialize the AES-GCM explicit IV to a random number. */ 01752 RNG_GenerateBlock(ssl->rng, ssl->keys.aead_exp_IV, AEAD_EXP_IV_SZ); 01753 } 01754 #endif 01755 01756 return SetKeys(&ssl->encrypt, &ssl->decrypt, &ssl->keys, &ssl->specs, 01757 ssl->options.side, ssl->heap, devId); 01758 } 01759 01760 #ifndef NO_OLD_TLS 01761 int DeriveKeys(CYASSL* ssl) 01762 { 01763 int length = 2 * ssl->specs.hash_size + 01764 2 * ssl->specs.key_size + 01765 2 * ssl->specs.iv_size; 01766 int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i; 01767 01768 byte shaOutput[SHA_DIGEST_SIZE]; 01769 byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE]; 01770 byte shaInput[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN]; 01771 01772 Md5 md5; 01773 Sha sha; 01774 01775 byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE]; /* max size */ 01776 01777 InitMd5(&md5); 01778 InitSha(&sha); 01779 01780 XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN); 01781 01782 for (i = 0; i < rounds; ++i) { 01783 int j = i + 1; 01784 int idx = j; 01785 01786 if (!SetPrefix(shaInput, i)) { 01787 return PREFIX_ERROR; 01788 } 01789 01790 XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN); 01791 idx += SECRET_LEN; 01792 XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN); 01793 idx += RAN_LEN; 01794 XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN); 01795 01796 ShaUpdate(&sha, shaInput, (word32)sizeof(shaInput) - KEY_PREFIX + j); 01797 ShaFinal(&sha, shaOutput); 01798 01799 XMEMCPY(&md5Input[SECRET_LEN], shaOutput, SHA_DIGEST_SIZE); 01800 Md5Update(&md5, md5Input, sizeof(md5Input)); 01801 Md5Final(&md5, keyData + i * MD5_DIGEST_SIZE); 01802 } 01803 01804 return StoreKeys(ssl, keyData); 01805 } 01806 01807 01808 static void CleanPreMaster(CYASSL* ssl) 01809 { 01810 int i, sz = ssl->arrays->preMasterSz; 01811 01812 for (i = 0; i < sz; i++) 01813 ssl->arrays->preMasterSecret[i] = 0; 01814 01815 RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz); 01816 01817 for (i = 0; i < sz; i++) 01818 ssl->arrays->preMasterSecret[i] = 0; 01819 01820 } 01821 01822 01823 /* Create and store the master secret see page 32, 6.1 */ 01824 static int MakeSslMasterSecret(CYASSL* ssl) 01825 { 01826 byte shaOutput[SHA_DIGEST_SIZE]; 01827 byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE]; 01828 byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN]; 01829 int i, ret; 01830 word32 idx; 01831 word32 pmsSz = ssl->arrays->preMasterSz; 01832 01833 Md5 md5; 01834 Sha sha; 01835 01836 #ifdef SHOW_SECRETS 01837 { 01838 word32 j; 01839 printf("pre master secret: "); 01840 for (j = 0; j < pmsSz; j++) 01841 printf("%02x", ssl->arrays->preMasterSecret[j]); 01842 printf("\n"); 01843 } 01844 #endif 01845 01846 InitMd5(&md5); 01847 InitSha(&sha); 01848 01849 XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz); 01850 01851 for (i = 0; i < MASTER_ROUNDS; ++i) { 01852 byte prefix[PREFIX]; 01853 if (!SetPrefix(prefix, i)) { 01854 return PREFIX_ERROR; 01855 } 01856 01857 idx = 0; 01858 XMEMCPY(shaInput, prefix, i + 1); 01859 idx += i + 1; 01860 01861 XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz); 01862 idx += pmsSz; 01863 XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN); 01864 idx += RAN_LEN; 01865 XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN); 01866 idx += RAN_LEN; 01867 ShaUpdate(&sha, shaInput, idx); 01868 ShaFinal(&sha, shaOutput); 01869 01870 idx = pmsSz; /* preSz */ 01871 XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE); 01872 idx += SHA_DIGEST_SIZE; 01873 Md5Update(&md5, md5Input, idx); 01874 Md5Final(&md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]); 01875 } 01876 01877 #ifdef SHOW_SECRETS 01878 { 01879 word32 j; 01880 printf("master secret: "); 01881 for (j = 0; j < SECRET_LEN; j++) 01882 printf("%02x", ssl->arrays->masterSecret[j]); 01883 printf("\n"); 01884 } 01885 #endif 01886 01887 ret = DeriveKeys(ssl); 01888 CleanPreMaster(ssl); 01889 01890 return ret; 01891 } 01892 #endif 01893 01894 01895 /* Master wrapper, doesn't use SSL stack space in TLS mode */ 01896 int MakeMasterSecret(CYASSL* ssl) 01897 { 01898 #ifdef NO_OLD_TLS 01899 return MakeTlsMasterSecret(ssl); 01900 #elif !defined(NO_TLS) 01901 if (ssl->options.tls) return MakeTlsMasterSecret(ssl); 01902 #endif 01903 01904 #ifndef NO_OLD_TLS 01905 return MakeSslMasterSecret(ssl); 01906 #endif 01907 } 01908
Generated on Thu Jul 14 2022 20:26:03 by
1.7.2