CyaSSL - CyaSSL is an SSL library for devices like mbed.

Users » toddouska » Code » CyaSSL

CyaSSL is an SSL library for devices like mbed.

keys.c@0:5045d2638c29, 2011-02-05 (annotated)

Committer:: toddouska
Date:: Sat Feb 05 01:09:17 2011 +0000
Revision:: 0:5045d2638c29

Beta Version

Who changed what in which revision?

User	Revision	Line number	New contents of line
toddouska	0:5045d2638c29	1	/* keys.c
toddouska	0:5045d2638c29	2	*
toddouska	0:5045d2638c29	3	* Copyright (C) 2006-2009 Sawtooth Consulting Ltd.
toddouska	0:5045d2638c29	4	*
toddouska	0:5045d2638c29	5	* This file is part of CyaSSL.
toddouska	0:5045d2638c29	6	*
toddouska	0:5045d2638c29	7	* CyaSSL is free software; you can redistribute it and/or modify
toddouska	0:5045d2638c29	8	* it under the terms of the GNU General Public License as published by
toddouska	0:5045d2638c29	9	* the Free Software Foundation; either version 2 of the License, or
toddouska	0:5045d2638c29	10	* (at your option) any later version.
toddouska	0:5045d2638c29	11	*
toddouska	0:5045d2638c29	12	* CyaSSL is distributed in the hope that it will be useful,
toddouska	0:5045d2638c29	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
toddouska	0:5045d2638c29	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
toddouska	0:5045d2638c29	15	* GNU General Public License for more details.
toddouska	0:5045d2638c29	16	*
toddouska	0:5045d2638c29	17	* You should have received a copy of the GNU General Public License
toddouska	0:5045d2638c29	18	* along with this program; if not, write to the Free Software
toddouska	0:5045d2638c29	19	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
toddouska	0:5045d2638c29	20	*/
toddouska	0:5045d2638c29	21
toddouska	0:5045d2638c29	22
toddouska	0:5045d2638c29	23
toddouska	0:5045d2638c29	24	#include "cyassl_int.h"
toddouska	0:5045d2638c29	25	#include "cyassl_error.h"
toddouska	0:5045d2638c29	26	#ifdef SHOW_SECRETS
toddouska	0:5045d2638c29	27	#include <stdio.h>
toddouska	0:5045d2638c29	28	#endif
toddouska	0:5045d2638c29	29
toddouska	0:5045d2638c29	30
toddouska	0:5045d2638c29	31	#ifndef NO_TLS
toddouska	0:5045d2638c29	32	int MakeTlsMasterSecret(SSL*);
toddouska	0:5045d2638c29	33	void TLS_hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz,
toddouska	0:5045d2638c29	34	int content, int verify);
toddouska	0:5045d2638c29	35	#endif
toddouska	0:5045d2638c29	36
toddouska	0:5045d2638c29	37
toddouska	0:5045d2638c29	38
toddouska	0:5045d2638c29	39	int SetCipherSpecs(SSL* ssl)
toddouska	0:5045d2638c29	40	{
toddouska	0:5045d2638c29	41	switch (ssl->options.cipherSuite) {
toddouska	0:5045d2638c29	42
toddouska	0:5045d2638c29	43	#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
toddouska	0:5045d2638c29	44	case SSL_RSA_WITH_RC4_128_SHA :
toddouska	0:5045d2638c29	45	ssl->specs.bulk_cipher_algorithm = rc4;
toddouska	0:5045d2638c29	46	ssl->specs.cipher_type = stream;
toddouska	0:5045d2638c29	47	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	48	ssl->specs.kea = rsa_kea;
toddouska	0:5045d2638c29	49	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	50	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	51	ssl->specs.key_size = RC4_KEY_SIZE;
toddouska	0:5045d2638c29	52	ssl->specs.iv_size = 0;
toddouska	0:5045d2638c29	53	ssl->specs.block_size = 0;
toddouska	0:5045d2638c29	54
toddouska	0:5045d2638c29	55	break;
toddouska	0:5045d2638c29	56	#endif
toddouska	0:5045d2638c29	57
toddouska	0:5045d2638c29	58	#ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
toddouska	0:5045d2638c29	59	case TLS_NTRU_RSA_WITH_RC4_128_SHA :
toddouska	0:5045d2638c29	60	ssl->specs.bulk_cipher_algorithm = rc4;
toddouska	0:5045d2638c29	61	ssl->specs.cipher_type = stream;
toddouska	0:5045d2638c29	62	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	63	ssl->specs.kea = ntru_kea;
toddouska	0:5045d2638c29	64	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	65	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	66	ssl->specs.key_size = RC4_KEY_SIZE;
toddouska	0:5045d2638c29	67	ssl->specs.iv_size = 0;
toddouska	0:5045d2638c29	68	ssl->specs.block_size = 0;
toddouska	0:5045d2638c29	69
toddouska	0:5045d2638c29	70	break;
toddouska	0:5045d2638c29	71	#endif
toddouska	0:5045d2638c29	72
toddouska	0:5045d2638c29	73	#ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
toddouska	0:5045d2638c29	74	case SSL_RSA_WITH_RC4_128_MD5 :
toddouska	0:5045d2638c29	75	ssl->specs.bulk_cipher_algorithm = rc4;
toddouska	0:5045d2638c29	76	ssl->specs.cipher_type = stream;
toddouska	0:5045d2638c29	77	ssl->specs.mac_algorithm = md5_mac;
toddouska	0:5045d2638c29	78	ssl->specs.kea = rsa_kea;
toddouska	0:5045d2638c29	79	ssl->specs.hash_size = MD5_DIGEST_SIZE;
toddouska	0:5045d2638c29	80	ssl->specs.pad_size = PAD_MD5;
toddouska	0:5045d2638c29	81	ssl->specs.key_size = RC4_KEY_SIZE;
toddouska	0:5045d2638c29	82	ssl->specs.iv_size = 0;
toddouska	0:5045d2638c29	83	ssl->specs.block_size = 0;
toddouska	0:5045d2638c29	84
toddouska	0:5045d2638c29	85	break;
toddouska	0:5045d2638c29	86	#endif
toddouska	0:5045d2638c29	87
toddouska	0:5045d2638c29	88	#ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
toddouska	0:5045d2638c29	89	case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
toddouska	0:5045d2638c29	90	ssl->specs.bulk_cipher_algorithm = triple_des;
toddouska	0:5045d2638c29	91	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	92	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	93	ssl->specs.kea = rsa_kea;
toddouska	0:5045d2638c29	94	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	95	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	96	ssl->specs.key_size = DES3_KEY_SIZE;
toddouska	0:5045d2638c29	97	ssl->specs.block_size = DES_BLOCK_SIZE;
toddouska	0:5045d2638c29	98	ssl->specs.iv_size = DES_IV_SIZE;
toddouska	0:5045d2638c29	99
toddouska	0:5045d2638c29	100	break;
toddouska	0:5045d2638c29	101	#endif
toddouska	0:5045d2638c29	102
toddouska	0:5045d2638c29	103	#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
toddouska	0:5045d2638c29	104	case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
toddouska	0:5045d2638c29	105	ssl->specs.bulk_cipher_algorithm = triple_des;
toddouska	0:5045d2638c29	106	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	107	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	108	ssl->specs.kea = ntru_kea;
toddouska	0:5045d2638c29	109	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	110	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	111	ssl->specs.key_size = DES3_KEY_SIZE;
toddouska	0:5045d2638c29	112	ssl->specs.block_size = DES_BLOCK_SIZE;
toddouska	0:5045d2638c29	113	ssl->specs.iv_size = DES_IV_SIZE;
toddouska	0:5045d2638c29	114
toddouska	0:5045d2638c29	115	break;
toddouska	0:5045d2638c29	116	#endif
toddouska	0:5045d2638c29	117
toddouska	0:5045d2638c29	118	#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
toddouska	0:5045d2638c29	119	case TLS_RSA_WITH_AES_128_CBC_SHA :
toddouska	0:5045d2638c29	120	ssl->specs.bulk_cipher_algorithm = aes;
toddouska	0:5045d2638c29	121	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	122	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	123	ssl->specs.kea = rsa_kea;
toddouska	0:5045d2638c29	124	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	125	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	126	ssl->specs.key_size = AES_128_KEY_SIZE;
toddouska	0:5045d2638c29	127	ssl->specs.block_size = AES_BLOCK_SIZE;
toddouska	0:5045d2638c29	128	ssl->specs.iv_size = AES_IV_SIZE;
toddouska	0:5045d2638c29	129
toddouska	0:5045d2638c29	130	break;
toddouska	0:5045d2638c29	131	#endif
toddouska	0:5045d2638c29	132
toddouska	0:5045d2638c29	133	#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
toddouska	0:5045d2638c29	134	case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
toddouska	0:5045d2638c29	135	ssl->specs.bulk_cipher_algorithm = aes;
toddouska	0:5045d2638c29	136	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	137	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	138	ssl->specs.kea = ntru_kea;
toddouska	0:5045d2638c29	139	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	140	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	141	ssl->specs.key_size = AES_128_KEY_SIZE;
toddouska	0:5045d2638c29	142	ssl->specs.block_size = AES_BLOCK_SIZE;
toddouska	0:5045d2638c29	143	ssl->specs.iv_size = AES_IV_SIZE;
toddouska	0:5045d2638c29	144
toddouska	0:5045d2638c29	145	break;
toddouska	0:5045d2638c29	146	#endif
toddouska	0:5045d2638c29	147
toddouska	0:5045d2638c29	148	#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
toddouska	0:5045d2638c29	149	case TLS_RSA_WITH_AES_256_CBC_SHA :
toddouska	0:5045d2638c29	150	ssl->specs.bulk_cipher_algorithm = aes;
toddouska	0:5045d2638c29	151	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	152	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	153	ssl->specs.kea = rsa_kea;
toddouska	0:5045d2638c29	154	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	155	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	156	ssl->specs.key_size = AES_256_KEY_SIZE;
toddouska	0:5045d2638c29	157	ssl->specs.block_size = AES_BLOCK_SIZE;
toddouska	0:5045d2638c29	158	ssl->specs.iv_size = AES_IV_SIZE;
toddouska	0:5045d2638c29	159
toddouska	0:5045d2638c29	160	break;
toddouska	0:5045d2638c29	161	#endif
toddouska	0:5045d2638c29	162
toddouska	0:5045d2638c29	163	#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
toddouska	0:5045d2638c29	164	case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
toddouska	0:5045d2638c29	165	ssl->specs.bulk_cipher_algorithm = aes;
toddouska	0:5045d2638c29	166	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	167	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	168	ssl->specs.kea = ntru_kea;
toddouska	0:5045d2638c29	169	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	170	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	171	ssl->specs.key_size = AES_256_KEY_SIZE;
toddouska	0:5045d2638c29	172	ssl->specs.block_size = AES_BLOCK_SIZE;
toddouska	0:5045d2638c29	173	ssl->specs.iv_size = AES_IV_SIZE;
toddouska	0:5045d2638c29	174
toddouska	0:5045d2638c29	175	break;
toddouska	0:5045d2638c29	176	#endif
toddouska	0:5045d2638c29	177
toddouska	0:5045d2638c29	178	#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
toddouska	0:5045d2638c29	179	case TLS_PSK_WITH_AES_128_CBC_SHA :
toddouska	0:5045d2638c29	180	ssl->specs.bulk_cipher_algorithm = aes;
toddouska	0:5045d2638c29	181	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	182	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	183	ssl->specs.kea = psk_kea;
toddouska	0:5045d2638c29	184	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	185	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	186	ssl->specs.key_size = AES_128_KEY_SIZE;
toddouska	0:5045d2638c29	187	ssl->specs.block_size = AES_BLOCK_SIZE;
toddouska	0:5045d2638c29	188	ssl->specs.iv_size = AES_IV_SIZE;
toddouska	0:5045d2638c29	189
toddouska	0:5045d2638c29	190	ssl->options.usingPSK_cipher = 1;
toddouska	0:5045d2638c29	191	break;
toddouska	0:5045d2638c29	192	#endif
toddouska	0:5045d2638c29	193
toddouska	0:5045d2638c29	194	#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
toddouska	0:5045d2638c29	195	case TLS_PSK_WITH_AES_256_CBC_SHA :
toddouska	0:5045d2638c29	196	ssl->specs.bulk_cipher_algorithm = aes;
toddouska	0:5045d2638c29	197	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	198	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	199	ssl->specs.kea = psk_kea;
toddouska	0:5045d2638c29	200	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	201	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	202	ssl->specs.key_size = AES_256_KEY_SIZE;
toddouska	0:5045d2638c29	203	ssl->specs.block_size = AES_BLOCK_SIZE;
toddouska	0:5045d2638c29	204	ssl->specs.iv_size = AES_IV_SIZE;
toddouska	0:5045d2638c29	205
toddouska	0:5045d2638c29	206	ssl->options.usingPSK_cipher = 1;
toddouska	0:5045d2638c29	207	break;
toddouska	0:5045d2638c29	208	#endif
toddouska	0:5045d2638c29	209
toddouska	0:5045d2638c29	210	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
toddouska	0:5045d2638c29	211	case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
toddouska	0:5045d2638c29	212	ssl->specs.bulk_cipher_algorithm = aes;
toddouska	0:5045d2638c29	213	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	214	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	215	ssl->specs.kea = diffie_hellman_kea;
toddouska	0:5045d2638c29	216	ssl->specs.sig_algo = rsa_sa_algo;
toddouska	0:5045d2638c29	217	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	218	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	219	ssl->specs.key_size = AES_128_KEY_SIZE;
toddouska	0:5045d2638c29	220	ssl->specs.block_size = AES_BLOCK_SIZE;
toddouska	0:5045d2638c29	221	ssl->specs.iv_size = AES_IV_SIZE;
toddouska	0:5045d2638c29	222
toddouska	0:5045d2638c29	223	break;
toddouska	0:5045d2638c29	224	#endif
toddouska	0:5045d2638c29	225
toddouska	0:5045d2638c29	226	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
toddouska	0:5045d2638c29	227	case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
toddouska	0:5045d2638c29	228	ssl->specs.bulk_cipher_algorithm = aes;
toddouska	0:5045d2638c29	229	ssl->specs.cipher_type = block;
toddouska	0:5045d2638c29	230	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	231	ssl->specs.kea = diffie_hellman_kea;
toddouska	0:5045d2638c29	232	ssl->specs.sig_algo = rsa_sa_algo;
toddouska	0:5045d2638c29	233	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	234	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	235	ssl->specs.key_size = AES_256_KEY_SIZE;
toddouska	0:5045d2638c29	236	ssl->specs.block_size = AES_BLOCK_SIZE;
toddouska	0:5045d2638c29	237	ssl->specs.iv_size = AES_IV_SIZE;
toddouska	0:5045d2638c29	238
toddouska	0:5045d2638c29	239	break;
toddouska	0:5045d2638c29	240	#endif
toddouska	0:5045d2638c29	241
toddouska	0:5045d2638c29	242	#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_MD5
toddouska	0:5045d2638c29	243	case TLS_RSA_WITH_HC_128_CBC_MD5 :
toddouska	0:5045d2638c29	244	ssl->specs.bulk_cipher_algorithm = hc128;
toddouska	0:5045d2638c29	245	ssl->specs.cipher_type = stream;
toddouska	0:5045d2638c29	246	ssl->specs.mac_algorithm = md5_mac;
toddouska	0:5045d2638c29	247	ssl->specs.kea = rsa_kea;
toddouska	0:5045d2638c29	248	ssl->specs.hash_size = MD5_DIGEST_SIZE;
toddouska	0:5045d2638c29	249	ssl->specs.pad_size = PAD_MD5;
toddouska	0:5045d2638c29	250	ssl->specs.key_size = HC_128_KEY_SIZE;
toddouska	0:5045d2638c29	251	ssl->specs.block_size = 0;
toddouska	0:5045d2638c29	252	ssl->specs.iv_size = HC_128_IV_SIZE;
toddouska	0:5045d2638c29	253
toddouska	0:5045d2638c29	254	break;
toddouska	0:5045d2638c29	255	#endif
toddouska	0:5045d2638c29	256
toddouska	0:5045d2638c29	257	#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_SHA
toddouska	0:5045d2638c29	258	case TLS_RSA_WITH_HC_128_CBC_SHA :
toddouska	0:5045d2638c29	259	ssl->specs.bulk_cipher_algorithm = hc128;
toddouska	0:5045d2638c29	260	ssl->specs.cipher_type = stream;
toddouska	0:5045d2638c29	261	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	262	ssl->specs.kea = rsa_kea;
toddouska	0:5045d2638c29	263	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	264	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	265	ssl->specs.key_size = HC_128_KEY_SIZE;
toddouska	0:5045d2638c29	266	ssl->specs.block_size = 0;
toddouska	0:5045d2638c29	267	ssl->specs.iv_size = HC_128_IV_SIZE;
toddouska	0:5045d2638c29	268
toddouska	0:5045d2638c29	269	break;
toddouska	0:5045d2638c29	270	#endif
toddouska	0:5045d2638c29	271
toddouska	0:5045d2638c29	272	#ifdef BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA
toddouska	0:5045d2638c29	273	case TLS_RSA_WITH_RABBIT_CBC_SHA :
toddouska	0:5045d2638c29	274	ssl->specs.bulk_cipher_algorithm = rabbit;
toddouska	0:5045d2638c29	275	ssl->specs.cipher_type = stream;
toddouska	0:5045d2638c29	276	ssl->specs.mac_algorithm = sha_mac;
toddouska	0:5045d2638c29	277	ssl->specs.kea = rsa_kea;
toddouska	0:5045d2638c29	278	ssl->specs.hash_size = SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	279	ssl->specs.pad_size = PAD_SHA;
toddouska	0:5045d2638c29	280	ssl->specs.key_size = RABBIT_KEY_SIZE;
toddouska	0:5045d2638c29	281	ssl->specs.block_size = 0;
toddouska	0:5045d2638c29	282	ssl->specs.iv_size = RABBIT_IV_SIZE;
toddouska	0:5045d2638c29	283
toddouska	0:5045d2638c29	284	break;
toddouska	0:5045d2638c29	285	#endif
toddouska	0:5045d2638c29	286
toddouska	0:5045d2638c29	287	default:
toddouska	0:5045d2638c29	288	return UNSUPPORTED_SUITE;
toddouska	0:5045d2638c29	289	}
toddouska	0:5045d2638c29	290
toddouska	0:5045d2638c29	291	/* set TLS if it hasn't been turned off */
toddouska	0:5045d2638c29	292	if (ssl->version.major == 3 && ssl->version.minor >= 1) {
toddouska	0:5045d2638c29	293	#ifndef NO_TLS
toddouska	0:5045d2638c29	294	ssl->options.tls = 1;
toddouska	0:5045d2638c29	295	ssl->hmac = TLS_hmac;
toddouska	0:5045d2638c29	296	if (ssl->version.minor == 2)
toddouska	0:5045d2638c29	297	ssl->options.tls1_1 = 1;
toddouska	0:5045d2638c29	298	#endif
toddouska	0:5045d2638c29	299	}
toddouska	0:5045d2638c29	300
toddouska	0:5045d2638c29	301	#ifdef CYASSL_DTLS
toddouska	0:5045d2638c29	302	if (ssl->options.dtls)
toddouska	0:5045d2638c29	303	ssl->hmac = TLS_hmac;
toddouska	0:5045d2638c29	304	#endif
toddouska	0:5045d2638c29	305
toddouska	0:5045d2638c29	306	return 0;
toddouska	0:5045d2638c29	307	}
toddouska	0:5045d2638c29	308
toddouska	0:5045d2638c29	309
toddouska	0:5045d2638c29	310	enum KeyStuff {
toddouska	0:5045d2638c29	311	MASTER_ROUNDS = 3,
toddouska	0:5045d2638c29	312	PREFIX = 3, /* up to three letters for master prefix */
toddouska	0:5045d2638c29	313	KEY_PREFIX = 7 /* up to 7 prefix letters for key rounds */
toddouska	0:5045d2638c29	314
toddouska	0:5045d2638c29	315
toddouska	0:5045d2638c29	316	};
toddouska	0:5045d2638c29	317
toddouska	0:5045d2638c29	318
toddouska	0:5045d2638c29	319	/* true or false, zero for error */
toddouska	0:5045d2638c29	320	static int SetPrefix(byte* sha_input, int index)
toddouska	0:5045d2638c29	321	{
toddouska	0:5045d2638c29	322	switch (index) {
toddouska	0:5045d2638c29	323	case 0:
toddouska	0:5045d2638c29	324	XMEMCPY(sha_input, "A", 1);
toddouska	0:5045d2638c29	325	break;
toddouska	0:5045d2638c29	326	case 1:
toddouska	0:5045d2638c29	327	XMEMCPY(sha_input, "BB", 2);
toddouska	0:5045d2638c29	328	break;
toddouska	0:5045d2638c29	329	case 2:
toddouska	0:5045d2638c29	330	XMEMCPY(sha_input, "CCC", 3);
toddouska	0:5045d2638c29	331	break;
toddouska	0:5045d2638c29	332	case 3:
toddouska	0:5045d2638c29	333	XMEMCPY(sha_input, "DDDD", 4);
toddouska	0:5045d2638c29	334	break;
toddouska	0:5045d2638c29	335	case 4:
toddouska	0:5045d2638c29	336	XMEMCPY(sha_input, "EEEEE", 5);
toddouska	0:5045d2638c29	337	break;
toddouska	0:5045d2638c29	338	case 5:
toddouska	0:5045d2638c29	339	XMEMCPY(sha_input, "FFFFFF", 6);
toddouska	0:5045d2638c29	340	break;
toddouska	0:5045d2638c29	341	case 6:
toddouska	0:5045d2638c29	342	XMEMCPY(sha_input, "GGGGGGG", 7);
toddouska	0:5045d2638c29	343	break;
toddouska	0:5045d2638c29	344	default:
toddouska	0:5045d2638c29	345	return 0;
toddouska	0:5045d2638c29	346	}
toddouska	0:5045d2638c29	347	return 1;
toddouska	0:5045d2638c29	348	}
toddouska	0:5045d2638c29	349
toddouska	0:5045d2638c29	350
toddouska	0:5045d2638c29	351	static int SetKeys(Ciphers* encrypt, Ciphers* decrypt, Keys* keys,
toddouska	0:5045d2638c29	352	CipherSpecs* specs, byte side)
toddouska	0:5045d2638c29	353	{
toddouska	0:5045d2638c29	354	#ifdef BUILD_ARC4
toddouska	0:5045d2638c29	355	word32 sz = specs->key_size;
toddouska	0:5045d2638c29	356	if (specs->bulk_cipher_algorithm == rc4) {
toddouska	0:5045d2638c29	357	if (side == CLIENT_END) {
toddouska	0:5045d2638c29	358	Arc4SetKey(&encrypt->arc4, keys->client_write_key, sz);
toddouska	0:5045d2638c29	359	Arc4SetKey(&decrypt->arc4, keys->server_write_key, sz);
toddouska	0:5045d2638c29	360	}
toddouska	0:5045d2638c29	361	else {
toddouska	0:5045d2638c29	362	Arc4SetKey(&encrypt->arc4, keys->server_write_key, sz);
toddouska	0:5045d2638c29	363	Arc4SetKey(&decrypt->arc4, keys->client_write_key, sz);
toddouska	0:5045d2638c29	364	}
toddouska	0:5045d2638c29	365	}
toddouska	0:5045d2638c29	366	#endif
toddouska	0:5045d2638c29	367
toddouska	0:5045d2638c29	368	#ifdef BUILD_HC128
toddouska	0:5045d2638c29	369	if (specs->bulk_cipher_algorithm == hc128) {
toddouska	0:5045d2638c29	370	if (side == CLIENT_END) {
toddouska	0:5045d2638c29	371	Hc128_SetKey(&encrypt->hc128, keys->client_write_key,
toddouska	0:5045d2638c29	372	keys->client_write_IV);
toddouska	0:5045d2638c29	373	Hc128_SetKey(&decrypt->hc128, keys->server_write_key,
toddouska	0:5045d2638c29	374	keys->server_write_IV);
toddouska	0:5045d2638c29	375	}
toddouska	0:5045d2638c29	376	else {
toddouska	0:5045d2638c29	377	Hc128_SetKey(&encrypt->hc128, keys->server_write_key,
toddouska	0:5045d2638c29	378	keys->server_write_IV);
toddouska	0:5045d2638c29	379	Hc128_SetKey(&decrypt->hc128, keys->client_write_key,
toddouska	0:5045d2638c29	380	keys->client_write_IV);
toddouska	0:5045d2638c29	381	}
toddouska	0:5045d2638c29	382	}
toddouska	0:5045d2638c29	383	#endif
toddouska	0:5045d2638c29	384
toddouska	0:5045d2638c29	385	#ifdef BUILD_RABBIT
toddouska	0:5045d2638c29	386	if (specs->bulk_cipher_algorithm == rabbit) {
toddouska	0:5045d2638c29	387	if (side == CLIENT_END) {
toddouska	0:5045d2638c29	388	RabbitSetKey(&encrypt->rabbit, keys->client_write_key,
toddouska	0:5045d2638c29	389	keys->client_write_IV);
toddouska	0:5045d2638c29	390	RabbitSetKey(&decrypt->rabbit, keys->server_write_key,
toddouska	0:5045d2638c29	391	keys->server_write_IV);
toddouska	0:5045d2638c29	392	}
toddouska	0:5045d2638c29	393	else {
toddouska	0:5045d2638c29	394	RabbitSetKey(&encrypt->rabbit, keys->server_write_key,
toddouska	0:5045d2638c29	395	keys->server_write_IV);
toddouska	0:5045d2638c29	396	RabbitSetKey(&decrypt->rabbit, keys->client_write_key,
toddouska	0:5045d2638c29	397	keys->client_write_IV);
toddouska	0:5045d2638c29	398	}
toddouska	0:5045d2638c29	399	}
toddouska	0:5045d2638c29	400	#endif
toddouska	0:5045d2638c29	401
toddouska	0:5045d2638c29	402	#ifdef BUILD_DES3
toddouska	0:5045d2638c29	403	if (specs->bulk_cipher_algorithm == triple_des) {
toddouska	0:5045d2638c29	404	if (side == CLIENT_END) {
toddouska	0:5045d2638c29	405	Des3_SetKey(&encrypt->des3, keys->client_write_key,
toddouska	0:5045d2638c29	406	keys->client_write_IV, DES_ENCRYPTION);
toddouska	0:5045d2638c29	407	Des3_SetKey(&decrypt->des3, keys->server_write_key,
toddouska	0:5045d2638c29	408	keys->server_write_IV, DES_DECRYPTION);
toddouska	0:5045d2638c29	409	}
toddouska	0:5045d2638c29	410	else {
toddouska	0:5045d2638c29	411	Des3_SetKey(&encrypt->des3, keys->server_write_key,
toddouska	0:5045d2638c29	412	keys->server_write_IV, DES_ENCRYPTION);
toddouska	0:5045d2638c29	413	Des3_SetKey(&decrypt->des3, keys->client_write_key,
toddouska	0:5045d2638c29	414	keys->client_write_IV, DES_DECRYPTION);
toddouska	0:5045d2638c29	415	}
toddouska	0:5045d2638c29	416	}
toddouska	0:5045d2638c29	417	#endif
toddouska	0:5045d2638c29	418
toddouska	0:5045d2638c29	419	#ifdef BUILD_AES
toddouska	0:5045d2638c29	420	if (specs->bulk_cipher_algorithm == aes) {
toddouska	0:5045d2638c29	421	if (side == CLIENT_END) {
toddouska	0:5045d2638c29	422	AesSetKey(&encrypt->aes, keys->client_write_key,
toddouska	0:5045d2638c29	423	specs->key_size, keys->client_write_IV,
toddouska	0:5045d2638c29	424	AES_ENCRYPTION);
toddouska	0:5045d2638c29	425	AesSetKey(&decrypt->aes, keys->server_write_key,
toddouska	0:5045d2638c29	426	specs->key_size, keys->server_write_IV,
toddouska	0:5045d2638c29	427	AES_DECRYPTION);
toddouska	0:5045d2638c29	428	}
toddouska	0:5045d2638c29	429	else {
toddouska	0:5045d2638c29	430	AesSetKey(&encrypt->aes, keys->server_write_key,
toddouska	0:5045d2638c29	431	specs->key_size, keys->server_write_IV,
toddouska	0:5045d2638c29	432	AES_ENCRYPTION);
toddouska	0:5045d2638c29	433	AesSetKey(&decrypt->aes, keys->client_write_key,
toddouska	0:5045d2638c29	434	specs->key_size, keys->client_write_IV,
toddouska	0:5045d2638c29	435	AES_DECRYPTION);
toddouska	0:5045d2638c29	436	}
toddouska	0:5045d2638c29	437	}
toddouska	0:5045d2638c29	438	#endif
toddouska	0:5045d2638c29	439
toddouska	0:5045d2638c29	440	keys->sequence_number = 0;
toddouska	0:5045d2638c29	441	keys->peer_sequence_number = 0;
toddouska	0:5045d2638c29	442	keys->encryptionOn = 0;
toddouska	0:5045d2638c29	443
toddouska	0:5045d2638c29	444	return 0;
toddouska	0:5045d2638c29	445	}
toddouska	0:5045d2638c29	446
toddouska	0:5045d2638c29	447
toddouska	0:5045d2638c29	448	/* TLS can call too */
toddouska	0:5045d2638c29	449	int StoreKeys(SSL* ssl, const byte* keyData)
toddouska	0:5045d2638c29	450	{
toddouska	0:5045d2638c29	451	int sz = ssl->specs.hash_size, i;
toddouska	0:5045d2638c29	452
toddouska	0:5045d2638c29	453	XMEMCPY(ssl->keys.client_write_MAC_secret, keyData, sz);
toddouska	0:5045d2638c29	454	i = sz;
toddouska	0:5045d2638c29	455	XMEMCPY(ssl->keys.server_write_MAC_secret,&keyData[i], sz);
toddouska	0:5045d2638c29	456	i += sz;
toddouska	0:5045d2638c29	457
toddouska	0:5045d2638c29	458	sz = ssl->specs.key_size;
toddouska	0:5045d2638c29	459	XMEMCPY(ssl->keys.client_write_key, &keyData[i], sz);
toddouska	0:5045d2638c29	460	i += sz;
toddouska	0:5045d2638c29	461	XMEMCPY(ssl->keys.server_write_key, &keyData[i], sz);
toddouska	0:5045d2638c29	462	i += sz;
toddouska	0:5045d2638c29	463
toddouska	0:5045d2638c29	464	sz = ssl->specs.iv_size;
toddouska	0:5045d2638c29	465	XMEMCPY(ssl->keys.client_write_IV, &keyData[i], sz);
toddouska	0:5045d2638c29	466	i += sz;
toddouska	0:5045d2638c29	467	XMEMCPY(ssl->keys.server_write_IV, &keyData[i], sz);
toddouska	0:5045d2638c29	468
toddouska	0:5045d2638c29	469	return SetKeys(&ssl->encrypt, &ssl->decrypt, &ssl->keys, &ssl->specs,
toddouska	0:5045d2638c29	470	ssl->options.side);
toddouska	0:5045d2638c29	471	}
toddouska	0:5045d2638c29	472
toddouska	0:5045d2638c29	473
toddouska	0:5045d2638c29	474	int DeriveKeys(SSL* ssl)
toddouska	0:5045d2638c29	475	{
toddouska	0:5045d2638c29	476	int length = 2 * ssl->specs.hash_size +
toddouska	0:5045d2638c29	477	2 * ssl->specs.key_size +
toddouska	0:5045d2638c29	478	2 * ssl->specs.iv_size;
toddouska	0:5045d2638c29	479	int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i;
toddouska	0:5045d2638c29	480
toddouska	0:5045d2638c29	481	byte shaOutput[SHA_DIGEST_SIZE];
toddouska	0:5045d2638c29	482	byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE];
toddouska	0:5045d2638c29	483	byte shaInput[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN];
toddouska	0:5045d2638c29	484
toddouska	0:5045d2638c29	485	Md5 md5;
toddouska	0:5045d2638c29	486	Sha sha;
toddouska	0:5045d2638c29	487
toddouska	0:5045d2638c29	488	byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE]; /* max size */
toddouska	0:5045d2638c29	489
toddouska	0:5045d2638c29	490	InitMd5(&md5);
toddouska	0:5045d2638c29	491	InitSha(&sha);
toddouska	0:5045d2638c29	492
toddouska	0:5045d2638c29	493	XMEMCPY(md5Input, ssl->arrays.masterSecret, SECRET_LEN);
toddouska	0:5045d2638c29	494
toddouska	0:5045d2638c29	495	for (i = 0; i < rounds; ++i) {
toddouska	0:5045d2638c29	496	int j = i + 1;
toddouska	0:5045d2638c29	497	int idx = j;
toddouska	0:5045d2638c29	498
toddouska	0:5045d2638c29	499	if (!SetPrefix(shaInput, i)) {
toddouska	0:5045d2638c29	500	return PREFIX_ERROR;
toddouska	0:5045d2638c29	501	}
toddouska	0:5045d2638c29	502
toddouska	0:5045d2638c29	503	XMEMCPY(shaInput + idx, ssl->arrays.masterSecret, SECRET_LEN);
toddouska	0:5045d2638c29	504	idx += SECRET_LEN;
toddouska	0:5045d2638c29	505	XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN);
toddouska	0:5045d2638c29	506	idx += RAN_LEN;
toddouska	0:5045d2638c29	507	XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN);
toddouska	0:5045d2638c29	508	idx += RAN_LEN;
toddouska	0:5045d2638c29	509
toddouska	0:5045d2638c29	510	ShaUpdate(&sha, shaInput, sizeof(shaInput) - KEY_PREFIX + j);
toddouska	0:5045d2638c29	511	ShaFinal(&sha, shaOutput);
toddouska	0:5045d2638c29	512
toddouska	0:5045d2638c29	513	XMEMCPY(&md5Input[SECRET_LEN], shaOutput, SHA_DIGEST_SIZE);
toddouska	0:5045d2638c29	514	Md5Update(&md5, md5Input, sizeof(md5Input));
toddouska	0:5045d2638c29	515	Md5Final(&md5, keyData + i * MD5_DIGEST_SIZE);
toddouska	0:5045d2638c29	516	}
toddouska	0:5045d2638c29	517
toddouska	0:5045d2638c29	518	return StoreKeys(ssl, keyData);
toddouska	0:5045d2638c29	519	}
toddouska	0:5045d2638c29	520
toddouska	0:5045d2638c29	521
toddouska	0:5045d2638c29	522	void CleanPreMaster(SSL* ssl)
toddouska	0:5045d2638c29	523	{
toddouska	0:5045d2638c29	524	int i, sz = ssl->arrays.preMasterSz;
toddouska	0:5045d2638c29	525
toddouska	0:5045d2638c29	526	for (i = 0; i < sz; i++)
toddouska	0:5045d2638c29	527	ssl->arrays.preMasterSecret[i] = 0;
toddouska	0:5045d2638c29	528
toddouska	0:5045d2638c29	529	RNG_GenerateBlock(&ssl->rng, ssl->arrays.preMasterSecret, sz);
toddouska	0:5045d2638c29	530
toddouska	0:5045d2638c29	531	for (i = 0; i < sz; i++)
toddouska	0:5045d2638c29	532	ssl->arrays.preMasterSecret[i] = 0;
toddouska	0:5045d2638c29	533
toddouska	0:5045d2638c29	534	}
toddouska	0:5045d2638c29	535
toddouska	0:5045d2638c29	536
toddouska	0:5045d2638c29	537	/* Create and store the master secret see page 32, 6.1 */
toddouska	0:5045d2638c29	538	int MakeMasterSecret(SSL* ssl)
toddouska	0:5045d2638c29	539	{
toddouska	0:5045d2638c29	540	byte shaOutput[SHA_DIGEST_SIZE];
toddouska	0:5045d2638c29	541	byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE];
toddouska	0:5045d2638c29	542	byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN];
toddouska	0:5045d2638c29	543	int i;
toddouska	0:5045d2638c29	544	word32 idx;
toddouska	0:5045d2638c29	545	word32 pmsSz = ssl->arrays.preMasterSz;
toddouska	0:5045d2638c29	546
toddouska	0:5045d2638c29	547	Md5 md5;
toddouska	0:5045d2638c29	548	Sha sha;
toddouska	0:5045d2638c29	549
toddouska	0:5045d2638c29	550	#ifdef SHOW_SECRETS
toddouska	0:5045d2638c29	551	{
toddouska	0:5045d2638c29	552	int j;
toddouska	0:5045d2638c29	553	printf("pre master secret: ");
toddouska	0:5045d2638c29	554	for (j = 0; j < pmsSz; j++)
toddouska	0:5045d2638c29	555	printf("%02x", ssl->arrays.preMasterSecret[j]);
toddouska	0:5045d2638c29	556	printf("\n");
toddouska	0:5045d2638c29	557	}
toddouska	0:5045d2638c29	558	#endif
toddouska	0:5045d2638c29	559
toddouska	0:5045d2638c29	560	#ifndef NO_TLS
toddouska	0:5045d2638c29	561	if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
toddouska	0:5045d2638c29	562	#endif
toddouska	0:5045d2638c29	563
toddouska	0:5045d2638c29	564	InitMd5(&md5);
toddouska	0:5045d2638c29	565	InitSha(&sha);
toddouska	0:5045d2638c29	566
toddouska	0:5045d2638c29	567	XMEMCPY(md5Input, ssl->arrays.preMasterSecret, pmsSz);
toddouska	0:5045d2638c29	568
toddouska	0:5045d2638c29	569	for (i = 0; i < MASTER_ROUNDS; ++i) {
toddouska	0:5045d2638c29	570	byte prefix[PREFIX];
toddouska	0:5045d2638c29	571	if (!SetPrefix(prefix, i)) {
toddouska	0:5045d2638c29	572	return PREFIX_ERROR;
toddouska	0:5045d2638c29	573	}
toddouska	0:5045d2638c29	574
toddouska	0:5045d2638c29	575	idx = 0;
toddouska	0:5045d2638c29	576	XMEMCPY(shaInput, prefix, i + 1);
toddouska	0:5045d2638c29	577	idx += i + 1;
toddouska	0:5045d2638c29	578
toddouska	0:5045d2638c29	579	XMEMCPY(shaInput + idx, ssl->arrays.preMasterSecret, pmsSz);
toddouska	0:5045d2638c29	580	idx += pmsSz;
toddouska	0:5045d2638c29	581	XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN);
toddouska	0:5045d2638c29	582	idx += RAN_LEN;
toddouska	0:5045d2638c29	583	XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN);
toddouska	0:5045d2638c29	584	idx += RAN_LEN;
toddouska	0:5045d2638c29	585	ShaUpdate(&sha, shaInput, idx);
toddouska	0:5045d2638c29	586	ShaFinal(&sha, shaOutput);
toddouska	0:5045d2638c29	587
toddouska	0:5045d2638c29	588	idx = pmsSz; /* preSz */
toddouska	0:5045d2638c29	589	XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
toddouska	0:5045d2638c29	590	idx += SHA_DIGEST_SIZE;
toddouska	0:5045d2638c29	591	Md5Update(&md5, md5Input, idx);
toddouska	0:5045d2638c29	592	Md5Final(&md5, &ssl->arrays.masterSecret[i * MD5_DIGEST_SIZE]);
toddouska	0:5045d2638c29	593	}
toddouska	0:5045d2638c29	594
toddouska	0:5045d2638c29	595	#ifdef SHOW_SECRETS
toddouska	0:5045d2638c29	596	{
toddouska	0:5045d2638c29	597	int i;
toddouska	0:5045d2638c29	598	printf("master secret: ");
toddouska	0:5045d2638c29	599	for (i = 0; i < SECRET_LEN; i++)
toddouska	0:5045d2638c29	600	printf("%02x", ssl->arrays.masterSecret[i]);
toddouska	0:5045d2638c29	601	printf("\n");
toddouska	0:5045d2638c29	602	}
toddouska	0:5045d2638c29	603	#endif
toddouska	0:5045d2638c29	604
toddouska	0:5045d2638c29	605	DeriveKeys(ssl);
toddouska	0:5045d2638c29	606	CleanPreMaster(ssl);
toddouska	0:5045d2638c29	607
toddouska	0:5045d2638c29	608	return 0;
toddouska	0:5045d2638c29	609	}
toddouska	0:5045d2638c29	610
toddouska	0:5045d2638c29	611
toddouska	0:5045d2638c29	612
toddouska	0:5045d2638c29	613

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	05 Feb 2011
Imports:	293
Forks:	2
Commits:	1
Dependents:	2
Dependencies:	0
Followers:	17

keys.c@0:5045d2638c29, 2011-02-05 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning