CyaSSL - CyaSSL 3.0.0

Users » wolfSSL » Code » CyaSSL

CyaSSL 3.0.0

Dependents: HTTPClient-SSL HTTPClient HTTPClient-SSL http_access ... more

src/keys.c@3:64d4f7cb83d5, 2014-12-03 (annotated)

Committer:: wolfSSL
Date:: Wed Dec 03 05:24:18 2014 +0000
Revision:: 3:64d4f7cb83d5
Parent:: 0:1239e9b70ca2

added IGNORE_KEY_EXTENSIONS

Who changed what in which revision?

User	Revision	Line number	New contents of line
wolfSSL	0:1239e9b70ca2	1	/* keys.c
wolfSSL	0:1239e9b70ca2	2	*
wolfSSL	0:1239e9b70ca2	3	* Copyright (C) 2006-2014 wolfSSL Inc.
wolfSSL	0:1239e9b70ca2	4	*
wolfSSL	0:1239e9b70ca2	5	* This file is part of CyaSSL.
wolfSSL	0:1239e9b70ca2	6	*
wolfSSL	0:1239e9b70ca2	7	* CyaSSL is free software; you can redistribute it and/or modify
wolfSSL	0:1239e9b70ca2	8	* it under the terms of the GNU General Public License as published by
wolfSSL	0:1239e9b70ca2	9	* the Free Software Foundation; either version 2 of the License, or
wolfSSL	0:1239e9b70ca2	10	* (at your option) any later version.
wolfSSL	0:1239e9b70ca2	11	*
wolfSSL	0:1239e9b70ca2	12	* CyaSSL is distributed in the hope that it will be useful,
wolfSSL	0:1239e9b70ca2	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL	0:1239e9b70ca2	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL	0:1239e9b70ca2	15	* GNU General Public License for more details.
wolfSSL	0:1239e9b70ca2	16	*
wolfSSL	0:1239e9b70ca2	17	* You should have received a copy of the GNU General Public License
wolfSSL	0:1239e9b70ca2	18	* along with this program; if not, write to the Free Software
wolfSSL	0:1239e9b70ca2	19	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
wolfSSL	0:1239e9b70ca2	20	*/
wolfSSL	0:1239e9b70ca2	21
wolfSSL	0:1239e9b70ca2	22
wolfSSL	0:1239e9b70ca2	23	#ifdef HAVE_CONFIG_H
wolfSSL	0:1239e9b70ca2	24	#include <config.h>
wolfSSL	0:1239e9b70ca2	25	#endif
wolfSSL	0:1239e9b70ca2	26
wolfSSL	0:1239e9b70ca2	27	#include <cyassl/ctaocrypt/settings.h>
wolfSSL	0:1239e9b70ca2	28
wolfSSL	0:1239e9b70ca2	29	#include <cyassl/internal.h>
wolfSSL	0:1239e9b70ca2	30	#include <cyassl/error-ssl.h>
wolfSSL	0:1239e9b70ca2	31	#ifdef SHOW_SECRETS
wolfSSL	0:1239e9b70ca2	32	#ifdef FREESCALE_MQX
wolfSSL	0:1239e9b70ca2	33	#include <fio.h>
wolfSSL	0:1239e9b70ca2	34	#else
wolfSSL	0:1239e9b70ca2	35	#include <stdio.h>
wolfSSL	0:1239e9b70ca2	36	#endif
wolfSSL	0:1239e9b70ca2	37	#endif
wolfSSL	0:1239e9b70ca2	38
wolfSSL	0:1239e9b70ca2	39
wolfSSL	0:1239e9b70ca2	40	int SetCipherSpecs(CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	41	{
wolfSSL	0:1239e9b70ca2	42	if (ssl->options.side == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	43	/* server side verified before SetCipherSpecs call */
wolfSSL	0:1239e9b70ca2	44	if (VerifyClientSuite(ssl) != 1) {
wolfSSL	0:1239e9b70ca2	45	CYASSL_MSG("SetCipherSpecs() client has an unusuable suite");
wolfSSL	0:1239e9b70ca2	46	return UNSUPPORTED_SUITE;
wolfSSL	0:1239e9b70ca2	47	}
wolfSSL	0:1239e9b70ca2	48	}
wolfSSL	0:1239e9b70ca2	49	/* ECC extensions, or AES-CCM */
wolfSSL	0:1239e9b70ca2	50	if (ssl->options.cipherSuite0 == ECC_BYTE) {
wolfSSL	0:1239e9b70ca2	51
wolfSSL	0:1239e9b70ca2	52	switch (ssl->options.cipherSuite) {
wolfSSL	0:1239e9b70ca2	53
wolfSSL	0:1239e9b70ca2	54	#ifdef HAVE_ECC
wolfSSL	0:1239e9b70ca2	55
wolfSSL	0:1239e9b70ca2	56	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
wolfSSL	0:1239e9b70ca2	57	case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	58	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	59	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	60	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	61	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	62	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	63	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	64	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	65	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	66	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	67	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	68	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	69	break;
wolfSSL	0:1239e9b70ca2	70	#endif
wolfSSL	0:1239e9b70ca2	71
wolfSSL	0:1239e9b70ca2	72	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
wolfSSL	0:1239e9b70ca2	73	case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	74	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	75	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	76	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	77	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	78	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	79	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	80	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	81	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	82	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	83	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	84	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	85	break;
wolfSSL	0:1239e9b70ca2	86	#endif
wolfSSL	0:1239e9b70ca2	87
wolfSSL	0:1239e9b70ca2	88	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
wolfSSL	0:1239e9b70ca2	89	case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	90	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	91	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	92	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	93	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	94	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	95	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	96	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	97	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	98	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	99	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	100	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	101	break;
wolfSSL	0:1239e9b70ca2	102	#endif
wolfSSL	0:1239e9b70ca2	103
wolfSSL	0:1239e9b70ca2	104	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
wolfSSL	0:1239e9b70ca2	105	case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	106	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	107	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	108	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	109	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	110	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	111	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	112	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	113	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	114	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	115	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	116	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	117	break;
wolfSSL	0:1239e9b70ca2	118	#endif
wolfSSL	0:1239e9b70ca2	119
wolfSSL	0:1239e9b70ca2	120	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
wolfSSL	0:1239e9b70ca2	121	case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
wolfSSL	0:1239e9b70ca2	122	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	123	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	124	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	125	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	126	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	127	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	128	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	129	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	130	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	131	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	132	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	133	break;
wolfSSL	0:1239e9b70ca2	134	#endif
wolfSSL	0:1239e9b70ca2	135
wolfSSL	0:1239e9b70ca2	136	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
wolfSSL	0:1239e9b70ca2	137	case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
wolfSSL	0:1239e9b70ca2	138	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	139	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	140	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	141	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	142	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	143	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	144	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	145	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	146	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	147	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	148	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	149	break;
wolfSSL	0:1239e9b70ca2	150	#endif
wolfSSL	0:1239e9b70ca2	151
wolfSSL	0:1239e9b70ca2	152	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
wolfSSL	0:1239e9b70ca2	153	case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
wolfSSL	0:1239e9b70ca2	154	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	155	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	156	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	157	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	158	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	159	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	160	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	161	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	162	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	163	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	164	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	165	break;
wolfSSL	0:1239e9b70ca2	166	#endif
wolfSSL	0:1239e9b70ca2	167
wolfSSL	0:1239e9b70ca2	168	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
wolfSSL	0:1239e9b70ca2	169	case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
wolfSSL	0:1239e9b70ca2	170	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	171	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	172	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	173	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	174	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	175	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	176	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	177	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	178	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	179	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	180	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	181	break;
wolfSSL	0:1239e9b70ca2	182	#endif
wolfSSL	0:1239e9b70ca2	183
wolfSSL	0:1239e9b70ca2	184	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	185	case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	186	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	187	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	188	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	189	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	190	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	191	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	192	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	193	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	194	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	195	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	196	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	197
wolfSSL	0:1239e9b70ca2	198	break;
wolfSSL	0:1239e9b70ca2	199	#endif
wolfSSL	0:1239e9b70ca2	200
wolfSSL	0:1239e9b70ca2	201	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	202	case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	203	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	204	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	205	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	206	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	207	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	208	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	209	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	210	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	211	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	212	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	213	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	214
wolfSSL	0:1239e9b70ca2	215	break;
wolfSSL	0:1239e9b70ca2	216	#endif
wolfSSL	0:1239e9b70ca2	217
wolfSSL	0:1239e9b70ca2	218	#ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
wolfSSL	0:1239e9b70ca2	219	case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
wolfSSL	0:1239e9b70ca2	220	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
wolfSSL	0:1239e9b70ca2	221	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	222	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	223	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	224	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	225	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	226	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	227	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	228	ssl->specs.key_size = DES3_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	229	ssl->specs.block_size = DES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	230	ssl->specs.iv_size = DES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	231
wolfSSL	0:1239e9b70ca2	232	break;
wolfSSL	0:1239e9b70ca2	233	#endif
wolfSSL	0:1239e9b70ca2	234
wolfSSL	0:1239e9b70ca2	235	#ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
wolfSSL	0:1239e9b70ca2	236	case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
wolfSSL	0:1239e9b70ca2	237	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
wolfSSL	0:1239e9b70ca2	238	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	239	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	240	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	241	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	242	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	243	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	244	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	245	ssl->specs.key_size = DES3_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	246	ssl->specs.block_size = DES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	247	ssl->specs.iv_size = DES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	248
wolfSSL	0:1239e9b70ca2	249	break;
wolfSSL	0:1239e9b70ca2	250	#endif
wolfSSL	0:1239e9b70ca2	251
wolfSSL	0:1239e9b70ca2	252	#ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
wolfSSL	0:1239e9b70ca2	253	case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
wolfSSL	0:1239e9b70ca2	254	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
wolfSSL	0:1239e9b70ca2	255	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	256	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	257	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	258	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	259	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	260	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	261	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	262	ssl->specs.key_size = RC4_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	263	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	264	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	265
wolfSSL	0:1239e9b70ca2	266	break;
wolfSSL	0:1239e9b70ca2	267	#endif
wolfSSL	0:1239e9b70ca2	268
wolfSSL	0:1239e9b70ca2	269	#ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
wolfSSL	0:1239e9b70ca2	270	case TLS_ECDH_RSA_WITH_RC4_128_SHA :
wolfSSL	0:1239e9b70ca2	271	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
wolfSSL	0:1239e9b70ca2	272	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	273	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	274	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	275	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	276	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	277	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	278	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	279	ssl->specs.key_size = RC4_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	280	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	281	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	282
wolfSSL	0:1239e9b70ca2	283	break;
wolfSSL	0:1239e9b70ca2	284	#endif
wolfSSL	0:1239e9b70ca2	285
wolfSSL	0:1239e9b70ca2	286	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
wolfSSL	0:1239e9b70ca2	287	case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
wolfSSL	0:1239e9b70ca2	288	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
wolfSSL	0:1239e9b70ca2	289	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	290	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	291	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	292	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	293	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	294	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	295	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	296	ssl->specs.key_size = DES3_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	297	ssl->specs.block_size = DES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	298	ssl->specs.iv_size = DES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	299
wolfSSL	0:1239e9b70ca2	300	break;
wolfSSL	0:1239e9b70ca2	301	#endif
wolfSSL	0:1239e9b70ca2	302
wolfSSL	0:1239e9b70ca2	303	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
wolfSSL	0:1239e9b70ca2	304	case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
wolfSSL	0:1239e9b70ca2	305	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
wolfSSL	0:1239e9b70ca2	306	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	307	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	308	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	309	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	310	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	311	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	312	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	313	ssl->specs.key_size = DES3_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	314	ssl->specs.block_size = DES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	315	ssl->specs.iv_size = DES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	316
wolfSSL	0:1239e9b70ca2	317	break;
wolfSSL	0:1239e9b70ca2	318	#endif
wolfSSL	0:1239e9b70ca2	319
wolfSSL	0:1239e9b70ca2	320	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
wolfSSL	0:1239e9b70ca2	321	case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
wolfSSL	0:1239e9b70ca2	322	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
wolfSSL	0:1239e9b70ca2	323	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	324	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	325	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	326	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	327	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	328	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	329	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	330	ssl->specs.key_size = RC4_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	331	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	332	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	333
wolfSSL	0:1239e9b70ca2	334	break;
wolfSSL	0:1239e9b70ca2	335	#endif
wolfSSL	0:1239e9b70ca2	336
wolfSSL	0:1239e9b70ca2	337	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
wolfSSL	0:1239e9b70ca2	338	case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
wolfSSL	0:1239e9b70ca2	339	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
wolfSSL	0:1239e9b70ca2	340	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	341	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	342	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	343	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	344	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	345	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	346	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	347	ssl->specs.key_size = RC4_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	348	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	349	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	350
wolfSSL	0:1239e9b70ca2	351	break;
wolfSSL	0:1239e9b70ca2	352	#endif
wolfSSL	0:1239e9b70ca2	353
wolfSSL	0:1239e9b70ca2	354	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	355	case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	356	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	357	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	358	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	359	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	360	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	361	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	362	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	363	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	364	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	365	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	366	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	367
wolfSSL	0:1239e9b70ca2	368	break;
wolfSSL	0:1239e9b70ca2	369	#endif
wolfSSL	0:1239e9b70ca2	370
wolfSSL	0:1239e9b70ca2	371	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	372	case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	373	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	374	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	375	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	376	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	377	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	378	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	379	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	380	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	381	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	382	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	383	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	384
wolfSSL	0:1239e9b70ca2	385	break;
wolfSSL	0:1239e9b70ca2	386	#endif
wolfSSL	0:1239e9b70ca2	387
wolfSSL	0:1239e9b70ca2	388	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	389	case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	390	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	391	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	392	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	393	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	394	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	395	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	396	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	397	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	398	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	399	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	400	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	401
wolfSSL	0:1239e9b70ca2	402	break;
wolfSSL	0:1239e9b70ca2	403	#endif
wolfSSL	0:1239e9b70ca2	404
wolfSSL	0:1239e9b70ca2	405	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	406	case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	407	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	408	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	409	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	410	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	411	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	412	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	413	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	414	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	415	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	416	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	417	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	418
wolfSSL	0:1239e9b70ca2	419	break;
wolfSSL	0:1239e9b70ca2	420	#endif
wolfSSL	0:1239e9b70ca2	421
wolfSSL	0:1239e9b70ca2	422	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	423	case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	424	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	425	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	426	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	427	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	428	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	429	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	430	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	431	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	432	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	433	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	434	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	435
wolfSSL	0:1239e9b70ca2	436	break;
wolfSSL	0:1239e9b70ca2	437	#endif
wolfSSL	0:1239e9b70ca2	438
wolfSSL	0:1239e9b70ca2	439	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	440	case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	441	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	442	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	443	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	444	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	445	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	446	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	447	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	448	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	449	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	450	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	451	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	452
wolfSSL	0:1239e9b70ca2	453	break;
wolfSSL	0:1239e9b70ca2	454	#endif
wolfSSL	0:1239e9b70ca2	455
wolfSSL	0:1239e9b70ca2	456	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
wolfSSL	0:1239e9b70ca2	457	case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
wolfSSL	0:1239e9b70ca2	458	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	459	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	460	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	461	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	462	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	463	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	464	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	465	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	466	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	467	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	468	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	469	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	470
wolfSSL	0:1239e9b70ca2	471	break;
wolfSSL	0:1239e9b70ca2	472	#endif
wolfSSL	0:1239e9b70ca2	473
wolfSSL	0:1239e9b70ca2	474	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
wolfSSL	0:1239e9b70ca2	475	case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
wolfSSL	0:1239e9b70ca2	476	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	477	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	478	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	479	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	480	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	481	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	482	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	483	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	484	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	485	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	486	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	487	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	488
wolfSSL	0:1239e9b70ca2	489	break;
wolfSSL	0:1239e9b70ca2	490	#endif
wolfSSL	0:1239e9b70ca2	491
wolfSSL	0:1239e9b70ca2	492	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
wolfSSL	0:1239e9b70ca2	493	case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
wolfSSL	0:1239e9b70ca2	494	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	495	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	496	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	497	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	498	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	499	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	500	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	501	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	502	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	503	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	504	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	505	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	506
wolfSSL	0:1239e9b70ca2	507	break;
wolfSSL	0:1239e9b70ca2	508	#endif
wolfSSL	0:1239e9b70ca2	509
wolfSSL	0:1239e9b70ca2	510	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
wolfSSL	0:1239e9b70ca2	511	case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
wolfSSL	0:1239e9b70ca2	512	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	513	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	514	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	515	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	516	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	517	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	518	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	519	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	520	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	521	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	522	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	523	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	524
wolfSSL	0:1239e9b70ca2	525	break;
wolfSSL	0:1239e9b70ca2	526	#endif
wolfSSL	0:1239e9b70ca2	527
wolfSSL	0:1239e9b70ca2	528	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
wolfSSL	0:1239e9b70ca2	529	case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
wolfSSL	0:1239e9b70ca2	530	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	531	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	532	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	533	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	534	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	535	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	536	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	537	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	538	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	539	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	540	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	541	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	542
wolfSSL	0:1239e9b70ca2	543	break;
wolfSSL	0:1239e9b70ca2	544	#endif
wolfSSL	0:1239e9b70ca2	545
wolfSSL	0:1239e9b70ca2	546	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
wolfSSL	0:1239e9b70ca2	547	case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
wolfSSL	0:1239e9b70ca2	548	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	549	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	550	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	551	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	552	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	553	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	554	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	555	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	556	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	557	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	558	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	559	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	560
wolfSSL	0:1239e9b70ca2	561	break;
wolfSSL	0:1239e9b70ca2	562	#endif
wolfSSL	0:1239e9b70ca2	563
wolfSSL	0:1239e9b70ca2	564	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
wolfSSL	0:1239e9b70ca2	565	case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
wolfSSL	0:1239e9b70ca2	566	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	567	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	568	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	569	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	570	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	571	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	572	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	573	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	574	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	575	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	576	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	577	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	578
wolfSSL	0:1239e9b70ca2	579	break;
wolfSSL	0:1239e9b70ca2	580	#endif
wolfSSL	0:1239e9b70ca2	581
wolfSSL	0:1239e9b70ca2	582	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
wolfSSL	0:1239e9b70ca2	583	case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
wolfSSL	0:1239e9b70ca2	584	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	585	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	586	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	587	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	588	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	589	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	590	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	591	ssl->specs.static_ecdh = 1;
wolfSSL	0:1239e9b70ca2	592	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	593	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	594	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	595	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	596
wolfSSL	0:1239e9b70ca2	597	break;
wolfSSL	0:1239e9b70ca2	598	#endif
wolfSSL	0:1239e9b70ca2	599
wolfSSL	0:1239e9b70ca2	600	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
wolfSSL	0:1239e9b70ca2	601	case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
wolfSSL	0:1239e9b70ca2	602	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
wolfSSL	0:1239e9b70ca2	603	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	604	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	605	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	606	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	607	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	608	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	609	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	610	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	611	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	612	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	613	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	614
wolfSSL	0:1239e9b70ca2	615	break;
wolfSSL	0:1239e9b70ca2	616	#endif
wolfSSL	0:1239e9b70ca2	617
wolfSSL	0:1239e9b70ca2	618	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
wolfSSL	0:1239e9b70ca2	619	case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
wolfSSL	0:1239e9b70ca2	620	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
wolfSSL	0:1239e9b70ca2	621	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	622	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	623	ssl->specs.kea = ecc_diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	624	ssl->specs.sig_algo = ecc_dsa_sa_algo;
wolfSSL	0:1239e9b70ca2	625	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	626	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	627	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	628	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	629	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	630	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	631	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	632
wolfSSL	0:1239e9b70ca2	633	break;
wolfSSL	0:1239e9b70ca2	634	#endif
wolfSSL	0:1239e9b70ca2	635	#endif /* HAVE_ECC */
wolfSSL	0:1239e9b70ca2	636
wolfSSL	0:1239e9b70ca2	637	#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
wolfSSL	0:1239e9b70ca2	638	case TLS_RSA_WITH_AES_128_CCM_8 :
wolfSSL	0:1239e9b70ca2	639	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
wolfSSL	0:1239e9b70ca2	640	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	641	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	642	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	643	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	644	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	645	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	646	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	647	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	648	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	649	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	650	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	651
wolfSSL	0:1239e9b70ca2	652	break;
wolfSSL	0:1239e9b70ca2	653	#endif
wolfSSL	0:1239e9b70ca2	654
wolfSSL	0:1239e9b70ca2	655	#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8
wolfSSL	0:1239e9b70ca2	656	case TLS_RSA_WITH_AES_256_CCM_8 :
wolfSSL	0:1239e9b70ca2	657	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
wolfSSL	0:1239e9b70ca2	658	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	659	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	660	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	661	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	662	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	663	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	664	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	665	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	666	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	667	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	668	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	669
wolfSSL	0:1239e9b70ca2	670	break;
wolfSSL	0:1239e9b70ca2	671	#endif
wolfSSL	0:1239e9b70ca2	672
wolfSSL	0:1239e9b70ca2	673	#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
wolfSSL	0:1239e9b70ca2	674	case TLS_PSK_WITH_AES_128_CCM_8 :
wolfSSL	0:1239e9b70ca2	675	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
wolfSSL	0:1239e9b70ca2	676	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	677	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	678	ssl->specs.kea = psk_kea;
wolfSSL	0:1239e9b70ca2	679	ssl->specs.sig_algo = anonymous_sa_algo;
wolfSSL	0:1239e9b70ca2	680	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	681	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	682	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	683	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	684	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	685	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	686	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	687
wolfSSL	0:1239e9b70ca2	688	ssl->options.usingPSK_cipher = 1;
wolfSSL	0:1239e9b70ca2	689	break;
wolfSSL	0:1239e9b70ca2	690	#endif
wolfSSL	0:1239e9b70ca2	691
wolfSSL	0:1239e9b70ca2	692	#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8
wolfSSL	0:1239e9b70ca2	693	case TLS_PSK_WITH_AES_256_CCM_8 :
wolfSSL	0:1239e9b70ca2	694	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
wolfSSL	0:1239e9b70ca2	695	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	696	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	697	ssl->specs.kea = psk_kea;
wolfSSL	0:1239e9b70ca2	698	ssl->specs.sig_algo = anonymous_sa_algo;
wolfSSL	0:1239e9b70ca2	699	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	700	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	701	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	702	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	703	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	704	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	705	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	706
wolfSSL	0:1239e9b70ca2	707	ssl->options.usingPSK_cipher = 1;
wolfSSL	0:1239e9b70ca2	708	break;
wolfSSL	0:1239e9b70ca2	709	#endif
wolfSSL	0:1239e9b70ca2	710
wolfSSL	0:1239e9b70ca2	711	default:
wolfSSL	0:1239e9b70ca2	712	CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC");
wolfSSL	0:1239e9b70ca2	713	return UNSUPPORTED_SUITE;
wolfSSL	0:1239e9b70ca2	714	} /* switch */
wolfSSL	0:1239e9b70ca2	715	} /* if */
wolfSSL	0:1239e9b70ca2	716	if (ssl->options.cipherSuite0 != ECC_BYTE) { /* normal suites */
wolfSSL	0:1239e9b70ca2	717	switch (ssl->options.cipherSuite) {
wolfSSL	0:1239e9b70ca2	718
wolfSSL	0:1239e9b70ca2	719	#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
wolfSSL	0:1239e9b70ca2	720	case SSL_RSA_WITH_RC4_128_SHA :
wolfSSL	0:1239e9b70ca2	721	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
wolfSSL	0:1239e9b70ca2	722	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	723	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	724	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	725	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	726	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	727	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	728	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	729	ssl->specs.key_size = RC4_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	730	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	731	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	732
wolfSSL	0:1239e9b70ca2	733	break;
wolfSSL	0:1239e9b70ca2	734	#endif
wolfSSL	0:1239e9b70ca2	735
wolfSSL	0:1239e9b70ca2	736	#ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
wolfSSL	0:1239e9b70ca2	737	case TLS_NTRU_RSA_WITH_RC4_128_SHA :
wolfSSL	0:1239e9b70ca2	738	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
wolfSSL	0:1239e9b70ca2	739	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	740	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	741	ssl->specs.kea = ntru_kea;
wolfSSL	0:1239e9b70ca2	742	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	743	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	744	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	745	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	746	ssl->specs.key_size = RC4_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	747	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	748	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	749
wolfSSL	0:1239e9b70ca2	750	break;
wolfSSL	0:1239e9b70ca2	751	#endif
wolfSSL	0:1239e9b70ca2	752
wolfSSL	0:1239e9b70ca2	753	#ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
wolfSSL	0:1239e9b70ca2	754	case SSL_RSA_WITH_RC4_128_MD5 :
wolfSSL	0:1239e9b70ca2	755	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
wolfSSL	0:1239e9b70ca2	756	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	757	ssl->specs.mac_algorithm = md5_mac;
wolfSSL	0:1239e9b70ca2	758	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	759	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	760	ssl->specs.hash_size = MD5_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	761	ssl->specs.pad_size = PAD_MD5;
wolfSSL	0:1239e9b70ca2	762	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	763	ssl->specs.key_size = RC4_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	764	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	765	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	766
wolfSSL	0:1239e9b70ca2	767	break;
wolfSSL	0:1239e9b70ca2	768	#endif
wolfSSL	0:1239e9b70ca2	769
wolfSSL	0:1239e9b70ca2	770	#ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
wolfSSL	0:1239e9b70ca2	771	case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
wolfSSL	0:1239e9b70ca2	772	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
wolfSSL	0:1239e9b70ca2	773	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	774	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	775	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	776	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	777	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	778	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	779	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	780	ssl->specs.key_size = DES3_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	781	ssl->specs.block_size = DES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	782	ssl->specs.iv_size = DES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	783
wolfSSL	0:1239e9b70ca2	784	break;
wolfSSL	0:1239e9b70ca2	785	#endif
wolfSSL	0:1239e9b70ca2	786
wolfSSL	0:1239e9b70ca2	787	#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
wolfSSL	0:1239e9b70ca2	788	case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
wolfSSL	0:1239e9b70ca2	789	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
wolfSSL	0:1239e9b70ca2	790	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	791	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	792	ssl->specs.kea = ntru_kea;
wolfSSL	0:1239e9b70ca2	793	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	794	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	795	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	796	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	797	ssl->specs.key_size = DES3_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	798	ssl->specs.block_size = DES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	799	ssl->specs.iv_size = DES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	800
wolfSSL	0:1239e9b70ca2	801	break;
wolfSSL	0:1239e9b70ca2	802	#endif
wolfSSL	0:1239e9b70ca2	803
wolfSSL	0:1239e9b70ca2	804	#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	805	case TLS_RSA_WITH_AES_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	806	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	807	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	808	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	809	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	810	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	811	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	812	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	813	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	814	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	815	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	816	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	817
wolfSSL	0:1239e9b70ca2	818	break;
wolfSSL	0:1239e9b70ca2	819	#endif
wolfSSL	0:1239e9b70ca2	820
wolfSSL	0:1239e9b70ca2	821	#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
wolfSSL	0:1239e9b70ca2	822	case TLS_RSA_WITH_AES_128_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	823	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	824	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	825	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	826	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	827	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	828	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	829	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	830	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	831	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	832	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	833	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	834
wolfSSL	0:1239e9b70ca2	835	break;
wolfSSL	0:1239e9b70ca2	836	#endif
wolfSSL	0:1239e9b70ca2	837
wolfSSL	0:1239e9b70ca2	838	#ifdef BUILD_TLS_RSA_WITH_NULL_SHA
wolfSSL	0:1239e9b70ca2	839	case TLS_RSA_WITH_NULL_SHA :
wolfSSL	0:1239e9b70ca2	840	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
wolfSSL	0:1239e9b70ca2	841	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	842	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	843	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	844	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	845	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	846	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	847	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	848	ssl->specs.key_size = 0;
wolfSSL	0:1239e9b70ca2	849	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	850	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	851
wolfSSL	0:1239e9b70ca2	852	break;
wolfSSL	0:1239e9b70ca2	853	#endif
wolfSSL	0:1239e9b70ca2	854
wolfSSL	0:1239e9b70ca2	855	#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
wolfSSL	0:1239e9b70ca2	856	case TLS_RSA_WITH_NULL_SHA256 :
wolfSSL	0:1239e9b70ca2	857	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
wolfSSL	0:1239e9b70ca2	858	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	859	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	860	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	861	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	862	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	863	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	864	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	865	ssl->specs.key_size = 0;
wolfSSL	0:1239e9b70ca2	866	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	867	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	868
wolfSSL	0:1239e9b70ca2	869	break;
wolfSSL	0:1239e9b70ca2	870	#endif
wolfSSL	0:1239e9b70ca2	871
wolfSSL	0:1239e9b70ca2	872	#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	873	case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	874	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	875	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	876	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	877	ssl->specs.kea = ntru_kea;
wolfSSL	0:1239e9b70ca2	878	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	879	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	880	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	881	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	882	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	883	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	884	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	885
wolfSSL	0:1239e9b70ca2	886	break;
wolfSSL	0:1239e9b70ca2	887	#endif
wolfSSL	0:1239e9b70ca2	888
wolfSSL	0:1239e9b70ca2	889	#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	890	case TLS_RSA_WITH_AES_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	891	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	892	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	893	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	894	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	895	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	896	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	897	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	898	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	899	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	900	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	901	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	902
wolfSSL	0:1239e9b70ca2	903	break;
wolfSSL	0:1239e9b70ca2	904	#endif
wolfSSL	0:1239e9b70ca2	905
wolfSSL	0:1239e9b70ca2	906	#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
wolfSSL	0:1239e9b70ca2	907	case TLS_RSA_WITH_AES_256_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	908	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	909	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	910	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	911	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	912	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	913	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	914	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	915	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	916	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	917	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	918	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	919
wolfSSL	0:1239e9b70ca2	920	break;
wolfSSL	0:1239e9b70ca2	921	#endif
wolfSSL	0:1239e9b70ca2	922
wolfSSL	0:1239e9b70ca2	923	#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	924	case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	925	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	926	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	927	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	928	ssl->specs.kea = ntru_kea;
wolfSSL	0:1239e9b70ca2	929	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	930	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	931	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	932	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	933	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	934	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	935	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	936
wolfSSL	0:1239e9b70ca2	937	break;
wolfSSL	0:1239e9b70ca2	938	#endif
wolfSSL	0:1239e9b70ca2	939
wolfSSL	0:1239e9b70ca2	940	#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
wolfSSL	0:1239e9b70ca2	941	case TLS_PSK_WITH_AES_128_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	942	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	943	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	944	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	945	ssl->specs.kea = psk_kea;
wolfSSL	0:1239e9b70ca2	946	ssl->specs.sig_algo = anonymous_sa_algo;
wolfSSL	0:1239e9b70ca2	947	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	948	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	949	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	950	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	951	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	952	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	953
wolfSSL	0:1239e9b70ca2	954	ssl->options.usingPSK_cipher = 1;
wolfSSL	0:1239e9b70ca2	955	break;
wolfSSL	0:1239e9b70ca2	956	#endif
wolfSSL	0:1239e9b70ca2	957
wolfSSL	0:1239e9b70ca2	958	#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	959	case TLS_PSK_WITH_AES_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	960	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	961	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	962	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	963	ssl->specs.kea = psk_kea;
wolfSSL	0:1239e9b70ca2	964	ssl->specs.sig_algo = anonymous_sa_algo;
wolfSSL	0:1239e9b70ca2	965	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	966	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	967	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	968	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	969	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	970	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	971
wolfSSL	0:1239e9b70ca2	972	ssl->options.usingPSK_cipher = 1;
wolfSSL	0:1239e9b70ca2	973	break;
wolfSSL	0:1239e9b70ca2	974	#endif
wolfSSL	0:1239e9b70ca2	975
wolfSSL	0:1239e9b70ca2	976	#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	977	case TLS_PSK_WITH_AES_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	978	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	979	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	980	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	981	ssl->specs.kea = psk_kea;
wolfSSL	0:1239e9b70ca2	982	ssl->specs.sig_algo = anonymous_sa_algo;
wolfSSL	0:1239e9b70ca2	983	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	984	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	985	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	986	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	987	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	988	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	989
wolfSSL	0:1239e9b70ca2	990	ssl->options.usingPSK_cipher = 1;
wolfSSL	0:1239e9b70ca2	991	break;
wolfSSL	0:1239e9b70ca2	992	#endif
wolfSSL	0:1239e9b70ca2	993
wolfSSL	0:1239e9b70ca2	994	#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
wolfSSL	0:1239e9b70ca2	995	case TLS_PSK_WITH_NULL_SHA256 :
wolfSSL	0:1239e9b70ca2	996	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
wolfSSL	0:1239e9b70ca2	997	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	998	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	999	ssl->specs.kea = psk_kea;
wolfSSL	0:1239e9b70ca2	1000	ssl->specs.sig_algo = anonymous_sa_algo;
wolfSSL	0:1239e9b70ca2	1001	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1002	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1003	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1004	ssl->specs.key_size = 0;
wolfSSL	0:1239e9b70ca2	1005	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	1006	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	1007
wolfSSL	0:1239e9b70ca2	1008	ssl->options.usingPSK_cipher = 1;
wolfSSL	0:1239e9b70ca2	1009	break;
wolfSSL	0:1239e9b70ca2	1010	#endif
wolfSSL	0:1239e9b70ca2	1011
wolfSSL	0:1239e9b70ca2	1012	#ifdef BUILD_TLS_PSK_WITH_NULL_SHA
wolfSSL	0:1239e9b70ca2	1013	case TLS_PSK_WITH_NULL_SHA :
wolfSSL	0:1239e9b70ca2	1014	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
wolfSSL	0:1239e9b70ca2	1015	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	1016	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	1017	ssl->specs.kea = psk_kea;
wolfSSL	0:1239e9b70ca2	1018	ssl->specs.sig_algo = anonymous_sa_algo;
wolfSSL	0:1239e9b70ca2	1019	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1020	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1021	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1022	ssl->specs.key_size = 0;
wolfSSL	0:1239e9b70ca2	1023	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	1024	ssl->specs.iv_size = 0;
wolfSSL	0:1239e9b70ca2	1025
wolfSSL	0:1239e9b70ca2	1026	ssl->options.usingPSK_cipher = 1;
wolfSSL	0:1239e9b70ca2	1027	break;
wolfSSL	0:1239e9b70ca2	1028	#endif
wolfSSL	0:1239e9b70ca2	1029
wolfSSL	0:1239e9b70ca2	1030	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
wolfSSL	0:1239e9b70ca2	1031	case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	1032	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	1033	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1034	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	1035	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1036	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1037	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1038	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1039	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1040	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1041	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1042	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1043
wolfSSL	0:1239e9b70ca2	1044	break;
wolfSSL	0:1239e9b70ca2	1045	#endif
wolfSSL	0:1239e9b70ca2	1046
wolfSSL	0:1239e9b70ca2	1047	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
wolfSSL	0:1239e9b70ca2	1048	case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	1049	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	1050	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1051	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	1052	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1053	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1054	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1055	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1056	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1057	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1058	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1059	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1060
wolfSSL	0:1239e9b70ca2	1061	break;
wolfSSL	0:1239e9b70ca2	1062	#endif
wolfSSL	0:1239e9b70ca2	1063
wolfSSL	0:1239e9b70ca2	1064	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	1065	case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	1066	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	1067	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1068	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	1069	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1070	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1071	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1072	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1073	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1074	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1075	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1076	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1077
wolfSSL	0:1239e9b70ca2	1078	break;
wolfSSL	0:1239e9b70ca2	1079	#endif
wolfSSL	0:1239e9b70ca2	1080
wolfSSL	0:1239e9b70ca2	1081	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	1082	case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	1083	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	1084	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1085	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	1086	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1087	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1088	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1089	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1090	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1091	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1092	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1093	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1094
wolfSSL	0:1239e9b70ca2	1095	break;
wolfSSL	0:1239e9b70ca2	1096	#endif
wolfSSL	0:1239e9b70ca2	1097
wolfSSL	0:1239e9b70ca2	1098	#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5
wolfSSL	0:1239e9b70ca2	1099	case TLS_RSA_WITH_HC_128_MD5 :
wolfSSL	0:1239e9b70ca2	1100	ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
wolfSSL	0:1239e9b70ca2	1101	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	1102	ssl->specs.mac_algorithm = md5_mac;
wolfSSL	0:1239e9b70ca2	1103	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1104	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1105	ssl->specs.hash_size = MD5_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1106	ssl->specs.pad_size = PAD_MD5;
wolfSSL	0:1239e9b70ca2	1107	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1108	ssl->specs.key_size = HC_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1109	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	1110	ssl->specs.iv_size = HC_128_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1111
wolfSSL	0:1239e9b70ca2	1112	break;
wolfSSL	0:1239e9b70ca2	1113	#endif
wolfSSL	0:1239e9b70ca2	1114
wolfSSL	0:1239e9b70ca2	1115	#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA
wolfSSL	0:1239e9b70ca2	1116	case TLS_RSA_WITH_HC_128_SHA :
wolfSSL	0:1239e9b70ca2	1117	ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
wolfSSL	0:1239e9b70ca2	1118	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	1119	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	1120	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1121	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1122	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1123	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1124	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1125	ssl->specs.key_size = HC_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1126	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	1127	ssl->specs.iv_size = HC_128_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1128
wolfSSL	0:1239e9b70ca2	1129	break;
wolfSSL	0:1239e9b70ca2	1130	#endif
wolfSSL	0:1239e9b70ca2	1131
wolfSSL	0:1239e9b70ca2	1132	#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256
wolfSSL	0:1239e9b70ca2	1133	case TLS_RSA_WITH_HC_128_B2B256:
wolfSSL	0:1239e9b70ca2	1134	ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
wolfSSL	0:1239e9b70ca2	1135	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	1136	ssl->specs.mac_algorithm = blake2b_mac;
wolfSSL	0:1239e9b70ca2	1137	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1138	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1139	ssl->specs.hash_size = BLAKE2B_256;
wolfSSL	0:1239e9b70ca2	1140	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1141	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1142	ssl->specs.key_size = HC_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1143	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	1144	ssl->specs.iv_size = HC_128_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1145
wolfSSL	0:1239e9b70ca2	1146	break;
wolfSSL	0:1239e9b70ca2	1147	#endif
wolfSSL	0:1239e9b70ca2	1148
wolfSSL	0:1239e9b70ca2	1149	#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
wolfSSL	0:1239e9b70ca2	1150	case TLS_RSA_WITH_AES_128_CBC_B2B256:
wolfSSL	0:1239e9b70ca2	1151	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	1152	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1153	ssl->specs.mac_algorithm = blake2b_mac;
wolfSSL	0:1239e9b70ca2	1154	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1155	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1156	ssl->specs.hash_size = BLAKE2B_256;
wolfSSL	0:1239e9b70ca2	1157	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1158	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1159	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1160	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1161	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1162
wolfSSL	0:1239e9b70ca2	1163	break;
wolfSSL	0:1239e9b70ca2	1164	#endif
wolfSSL	0:1239e9b70ca2	1165
wolfSSL	0:1239e9b70ca2	1166	#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
wolfSSL	0:1239e9b70ca2	1167	case TLS_RSA_WITH_AES_256_CBC_B2B256:
wolfSSL	0:1239e9b70ca2	1168	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
wolfSSL	0:1239e9b70ca2	1169	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1170	ssl->specs.mac_algorithm = blake2b_mac;
wolfSSL	0:1239e9b70ca2	1171	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1172	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1173	ssl->specs.hash_size = BLAKE2B_256;
wolfSSL	0:1239e9b70ca2	1174	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1175	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1176	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1177	ssl->specs.iv_size = AES_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1178	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1179
wolfSSL	0:1239e9b70ca2	1180	break;
wolfSSL	0:1239e9b70ca2	1181	#endif
wolfSSL	0:1239e9b70ca2	1182
wolfSSL	0:1239e9b70ca2	1183	#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA
wolfSSL	0:1239e9b70ca2	1184	case TLS_RSA_WITH_RABBIT_SHA :
wolfSSL	0:1239e9b70ca2	1185	ssl->specs.bulk_cipher_algorithm = cyassl_rabbit;
wolfSSL	0:1239e9b70ca2	1186	ssl->specs.cipher_type = stream;
wolfSSL	0:1239e9b70ca2	1187	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	1188	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1189	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1190	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1191	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1192	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1193	ssl->specs.key_size = RABBIT_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1194	ssl->specs.block_size = 0;
wolfSSL	0:1239e9b70ca2	1195	ssl->specs.iv_size = RABBIT_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1196
wolfSSL	0:1239e9b70ca2	1197	break;
wolfSSL	0:1239e9b70ca2	1198	#endif
wolfSSL	0:1239e9b70ca2	1199
wolfSSL	0:1239e9b70ca2	1200	#ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
wolfSSL	0:1239e9b70ca2	1201	case TLS_RSA_WITH_AES_128_GCM_SHA256 :
wolfSSL	0:1239e9b70ca2	1202	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	1203	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	1204	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	1205	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1206	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1207	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1208	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1209	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1210	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1211	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1212	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	1213	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	1214
wolfSSL	0:1239e9b70ca2	1215	break;
wolfSSL	0:1239e9b70ca2	1216	#endif
wolfSSL	0:1239e9b70ca2	1217
wolfSSL	0:1239e9b70ca2	1218	#ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
wolfSSL	0:1239e9b70ca2	1219	case TLS_RSA_WITH_AES_256_GCM_SHA384 :
wolfSSL	0:1239e9b70ca2	1220	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	1221	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	1222	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	1223	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1224	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1225	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1226	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1227	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1228	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1229	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1230	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	1231	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	1232
wolfSSL	0:1239e9b70ca2	1233	break;
wolfSSL	0:1239e9b70ca2	1234	#endif
wolfSSL	0:1239e9b70ca2	1235
wolfSSL	0:1239e9b70ca2	1236	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
wolfSSL	0:1239e9b70ca2	1237	case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
wolfSSL	0:1239e9b70ca2	1238	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	1239	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	1240	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	1241	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1242	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1243	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1244	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1245	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1246	ssl->specs.key_size = AES_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1247	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1248	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	1249	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	1250
wolfSSL	0:1239e9b70ca2	1251	break;
wolfSSL	0:1239e9b70ca2	1252	#endif
wolfSSL	0:1239e9b70ca2	1253
wolfSSL	0:1239e9b70ca2	1254	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
wolfSSL	0:1239e9b70ca2	1255	case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
wolfSSL	0:1239e9b70ca2	1256	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
wolfSSL	0:1239e9b70ca2	1257	ssl->specs.cipher_type = aead;
wolfSSL	0:1239e9b70ca2	1258	ssl->specs.mac_algorithm = sha384_mac;
wolfSSL	0:1239e9b70ca2	1259	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1260	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1261	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1262	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1263	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1264	ssl->specs.key_size = AES_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1265	ssl->specs.block_size = AES_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1266	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
wolfSSL	0:1239e9b70ca2	1267	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
wolfSSL	0:1239e9b70ca2	1268
wolfSSL	0:1239e9b70ca2	1269	break;
wolfSSL	0:1239e9b70ca2	1270	#endif
wolfSSL	0:1239e9b70ca2	1271
wolfSSL	0:1239e9b70ca2	1272	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	1273	case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	1274	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
wolfSSL	0:1239e9b70ca2	1275	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1276	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	1277	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1278	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1279	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1280	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1281	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1282	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1283	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1284	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1285
wolfSSL	0:1239e9b70ca2	1286	break;
wolfSSL	0:1239e9b70ca2	1287	#endif
wolfSSL	0:1239e9b70ca2	1288
wolfSSL	0:1239e9b70ca2	1289	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	1290	case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	1291	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
wolfSSL	0:1239e9b70ca2	1292	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1293	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	1294	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1295	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1296	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1297	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1298	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1299	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1300	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1301	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1302
wolfSSL	0:1239e9b70ca2	1303	break;
wolfSSL	0:1239e9b70ca2	1304	#endif
wolfSSL	0:1239e9b70ca2	1305
wolfSSL	0:1239e9b70ca2	1306	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
wolfSSL	0:1239e9b70ca2	1307	case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	1308	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
wolfSSL	0:1239e9b70ca2	1309	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1310	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	1311	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1312	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1313	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1314	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1315	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1316	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1317	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1318	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1319
wolfSSL	0:1239e9b70ca2	1320	break;
wolfSSL	0:1239e9b70ca2	1321	#endif
wolfSSL	0:1239e9b70ca2	1322
wolfSSL	0:1239e9b70ca2	1323	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
wolfSSL	0:1239e9b70ca2	1324	case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	1325	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
wolfSSL	0:1239e9b70ca2	1326	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1327	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	1328	ssl->specs.kea = rsa_kea;
wolfSSL	0:1239e9b70ca2	1329	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1330	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1331	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1332	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1333	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1334	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1335	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1336
wolfSSL	0:1239e9b70ca2	1337	break;
wolfSSL	0:1239e9b70ca2	1338	#endif
wolfSSL	0:1239e9b70ca2	1339
wolfSSL	0:1239e9b70ca2	1340	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
wolfSSL	0:1239e9b70ca2	1341	case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
wolfSSL	0:1239e9b70ca2	1342	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
wolfSSL	0:1239e9b70ca2	1343	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1344	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	1345	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1346	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1347	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1348	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1349	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1350	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1351	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1352	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1353
wolfSSL	0:1239e9b70ca2	1354	break;
wolfSSL	0:1239e9b70ca2	1355	#endif
wolfSSL	0:1239e9b70ca2	1356
wolfSSL	0:1239e9b70ca2	1357	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
wolfSSL	0:1239e9b70ca2	1358	case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
wolfSSL	0:1239e9b70ca2	1359	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
wolfSSL	0:1239e9b70ca2	1360	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1361	ssl->specs.mac_algorithm = sha_mac;
wolfSSL	0:1239e9b70ca2	1362	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1363	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1364	ssl->specs.hash_size = SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1365	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1366	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1367	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1368	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1369	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1370
wolfSSL	0:1239e9b70ca2	1371	break;
wolfSSL	0:1239e9b70ca2	1372	#endif
wolfSSL	0:1239e9b70ca2	1373
wolfSSL	0:1239e9b70ca2	1374	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
wolfSSL	0:1239e9b70ca2	1375	case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	1376	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
wolfSSL	0:1239e9b70ca2	1377	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1378	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	1379	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1380	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1381	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1382	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1383	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1384	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1385	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1386	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1387
wolfSSL	0:1239e9b70ca2	1388	break;
wolfSSL	0:1239e9b70ca2	1389	#endif
wolfSSL	0:1239e9b70ca2	1390
wolfSSL	0:1239e9b70ca2	1391	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
wolfSSL	0:1239e9b70ca2	1392	case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
wolfSSL	0:1239e9b70ca2	1393	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
wolfSSL	0:1239e9b70ca2	1394	ssl->specs.cipher_type = block;
wolfSSL	0:1239e9b70ca2	1395	ssl->specs.mac_algorithm = sha256_mac;
wolfSSL	0:1239e9b70ca2	1396	ssl->specs.kea = diffie_hellman_kea;
wolfSSL	0:1239e9b70ca2	1397	ssl->specs.sig_algo = rsa_sa_algo;
wolfSSL	0:1239e9b70ca2	1398	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1399	ssl->specs.pad_size = PAD_SHA;
wolfSSL	0:1239e9b70ca2	1400	ssl->specs.static_ecdh = 0;
wolfSSL	0:1239e9b70ca2	1401	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
wolfSSL	0:1239e9b70ca2	1402	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
wolfSSL	0:1239e9b70ca2	1403	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
wolfSSL	0:1239e9b70ca2	1404
wolfSSL	0:1239e9b70ca2	1405	break;
wolfSSL	0:1239e9b70ca2	1406	#endif
wolfSSL	0:1239e9b70ca2	1407
wolfSSL	0:1239e9b70ca2	1408	default:
wolfSSL	0:1239e9b70ca2	1409	CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs");
wolfSSL	0:1239e9b70ca2	1410	return UNSUPPORTED_SUITE;
wolfSSL	0:1239e9b70ca2	1411	} /* switch */
wolfSSL	0:1239e9b70ca2	1412	} /* if ECC / Normal suites else */
wolfSSL	0:1239e9b70ca2	1413
wolfSSL	0:1239e9b70ca2	1414	/* set TLS if it hasn't been turned off */
wolfSSL	0:1239e9b70ca2	1415	if (ssl->version.major == 3 && ssl->version.minor >= 1) {
wolfSSL	0:1239e9b70ca2	1416	#ifndef NO_TLS
wolfSSL	0:1239e9b70ca2	1417	ssl->options.tls = 1;
wolfSSL	0:1239e9b70ca2	1418	ssl->hmac = TLS_hmac;
wolfSSL	0:1239e9b70ca2	1419	if (ssl->version.minor >= 2)
wolfSSL	0:1239e9b70ca2	1420	ssl->options.tls1_1 = 1;
wolfSSL	0:1239e9b70ca2	1421	#endif
wolfSSL	0:1239e9b70ca2	1422	}
wolfSSL	0:1239e9b70ca2	1423
wolfSSL	0:1239e9b70ca2	1424	#ifdef CYASSL_DTLS
wolfSSL	0:1239e9b70ca2	1425	if (ssl->options.dtls)
wolfSSL	0:1239e9b70ca2	1426	ssl->hmac = TLS_hmac;
wolfSSL	0:1239e9b70ca2	1427	#endif
wolfSSL	0:1239e9b70ca2	1428
wolfSSL	0:1239e9b70ca2	1429	return 0;
wolfSSL	0:1239e9b70ca2	1430	}
wolfSSL	0:1239e9b70ca2	1431
wolfSSL	0:1239e9b70ca2	1432
wolfSSL	0:1239e9b70ca2	1433	enum KeyStuff {
wolfSSL	0:1239e9b70ca2	1434	MASTER_ROUNDS = 3,
wolfSSL	0:1239e9b70ca2	1435	PREFIX = 3, /* up to three letters for master prefix */
wolfSSL	0:1239e9b70ca2	1436	KEY_PREFIX = 7 /* up to 7 prefix letters for key rounds */
wolfSSL	0:1239e9b70ca2	1437
wolfSSL	0:1239e9b70ca2	1438
wolfSSL	0:1239e9b70ca2	1439	};
wolfSSL	0:1239e9b70ca2	1440
wolfSSL	0:1239e9b70ca2	1441	#ifndef NO_OLD_TLS
wolfSSL	0:1239e9b70ca2	1442	/* true or false, zero for error */
wolfSSL	0:1239e9b70ca2	1443	static int SetPrefix(byte* sha_input, int idx)
wolfSSL	0:1239e9b70ca2	1444	{
wolfSSL	0:1239e9b70ca2	1445	switch (idx) {
wolfSSL	0:1239e9b70ca2	1446	case 0:
wolfSSL	0:1239e9b70ca2	1447	XMEMCPY(sha_input, "A", 1);
wolfSSL	0:1239e9b70ca2	1448	break;
wolfSSL	0:1239e9b70ca2	1449	case 1:
wolfSSL	0:1239e9b70ca2	1450	XMEMCPY(sha_input, "BB", 2);
wolfSSL	0:1239e9b70ca2	1451	break;
wolfSSL	0:1239e9b70ca2	1452	case 2:
wolfSSL	0:1239e9b70ca2	1453	XMEMCPY(sha_input, "CCC", 3);
wolfSSL	0:1239e9b70ca2	1454	break;
wolfSSL	0:1239e9b70ca2	1455	case 3:
wolfSSL	0:1239e9b70ca2	1456	XMEMCPY(sha_input, "DDDD", 4);
wolfSSL	0:1239e9b70ca2	1457	break;
wolfSSL	0:1239e9b70ca2	1458	case 4:
wolfSSL	0:1239e9b70ca2	1459	XMEMCPY(sha_input, "EEEEE", 5);
wolfSSL	0:1239e9b70ca2	1460	break;
wolfSSL	0:1239e9b70ca2	1461	case 5:
wolfSSL	0:1239e9b70ca2	1462	XMEMCPY(sha_input, "FFFFFF", 6);
wolfSSL	0:1239e9b70ca2	1463	break;
wolfSSL	0:1239e9b70ca2	1464	case 6:
wolfSSL	0:1239e9b70ca2	1465	XMEMCPY(sha_input, "GGGGGGG", 7);
wolfSSL	0:1239e9b70ca2	1466	break;
wolfSSL	0:1239e9b70ca2	1467	default:
wolfSSL	0:1239e9b70ca2	1468	CYASSL_MSG("Set Prefix error, bad input");
wolfSSL	0:1239e9b70ca2	1469	return 0;
wolfSSL	0:1239e9b70ca2	1470	}
wolfSSL	0:1239e9b70ca2	1471	return 1;
wolfSSL	0:1239e9b70ca2	1472	}
wolfSSL	0:1239e9b70ca2	1473	#endif
wolfSSL	0:1239e9b70ca2	1474
wolfSSL	0:1239e9b70ca2	1475
wolfSSL	0:1239e9b70ca2	1476	static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
wolfSSL	0:1239e9b70ca2	1477	byte side, void* heap, int devId)
wolfSSL	0:1239e9b70ca2	1478	{
wolfSSL	0:1239e9b70ca2	1479	#ifdef BUILD_ARC4
wolfSSL	0:1239e9b70ca2	1480	word32 sz = specs->key_size;
wolfSSL	0:1239e9b70ca2	1481	if (specs->bulk_cipher_algorithm == cyassl_rc4) {
wolfSSL	0:1239e9b70ca2	1482	if (enc->arc4 == NULL)
wolfSSL	0:1239e9b70ca2	1483	enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1484	if (enc->arc4 == NULL)
wolfSSL	0:1239e9b70ca2	1485	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1486	if (dec->arc4 == NULL)
wolfSSL	0:1239e9b70ca2	1487	dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1488	if (dec->arc4 == NULL)
wolfSSL	0:1239e9b70ca2	1489	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1490	#ifdef HAVE_CAVIUM
wolfSSL	0:1239e9b70ca2	1491	if (devId != NO_CAVIUM_DEVICE) {
wolfSSL	0:1239e9b70ca2	1492	if (Arc4InitCavium(enc->arc4, devId) != 0) {
wolfSSL	0:1239e9b70ca2	1493	CYASSL_MSG("Arc4InitCavium failed in SetKeys");
wolfSSL	0:1239e9b70ca2	1494	return CAVIUM_INIT_E;
wolfSSL	0:1239e9b70ca2	1495	}
wolfSSL	0:1239e9b70ca2	1496	if (Arc4InitCavium(dec->arc4, devId) != 0) {
wolfSSL	0:1239e9b70ca2	1497	CYASSL_MSG("Arc4InitCavium failed in SetKeys");
wolfSSL	0:1239e9b70ca2	1498	return CAVIUM_INIT_E;
wolfSSL	0:1239e9b70ca2	1499	}
wolfSSL	0:1239e9b70ca2	1500	}
wolfSSL	0:1239e9b70ca2	1501	#endif
wolfSSL	0:1239e9b70ca2	1502	if (side == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	1503	Arc4SetKey(enc->arc4, keys->client_write_key, sz);
wolfSSL	0:1239e9b70ca2	1504	Arc4SetKey(dec->arc4, keys->server_write_key, sz);
wolfSSL	0:1239e9b70ca2	1505	}
wolfSSL	0:1239e9b70ca2	1506	else {
wolfSSL	0:1239e9b70ca2	1507	Arc4SetKey(enc->arc4, keys->server_write_key, sz);
wolfSSL	0:1239e9b70ca2	1508	Arc4SetKey(dec->arc4, keys->client_write_key, sz);
wolfSSL	0:1239e9b70ca2	1509	}
wolfSSL	0:1239e9b70ca2	1510	enc->setup = 1;
wolfSSL	0:1239e9b70ca2	1511	dec->setup = 1;
wolfSSL	0:1239e9b70ca2	1512	}
wolfSSL	0:1239e9b70ca2	1513	#endif
wolfSSL	0:1239e9b70ca2	1514
wolfSSL	0:1239e9b70ca2	1515	#ifdef HAVE_HC128
wolfSSL	0:1239e9b70ca2	1516	if (specs->bulk_cipher_algorithm == cyassl_hc128) {
wolfSSL	0:1239e9b70ca2	1517	int hcRet;
wolfSSL	0:1239e9b70ca2	1518	if (enc->hc128 == NULL)
wolfSSL	0:1239e9b70ca2	1519	enc->hc128 =
wolfSSL	0:1239e9b70ca2	1520	(HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1521	if (enc->hc128 == NULL)
wolfSSL	0:1239e9b70ca2	1522	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1523	if (dec->hc128 == NULL)
wolfSSL	0:1239e9b70ca2	1524	dec->hc128 =
wolfSSL	0:1239e9b70ca2	1525	(HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1526	if (dec->hc128 == NULL)
wolfSSL	0:1239e9b70ca2	1527	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1528	if (side == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	1529	hcRet = Hc128_SetKey(enc->hc128, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1530	keys->client_write_IV);
wolfSSL	0:1239e9b70ca2	1531	if (hcRet != 0) return hcRet;
wolfSSL	0:1239e9b70ca2	1532	hcRet = Hc128_SetKey(dec->hc128, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1533	keys->server_write_IV);
wolfSSL	0:1239e9b70ca2	1534	if (hcRet != 0) return hcRet;
wolfSSL	0:1239e9b70ca2	1535	}
wolfSSL	0:1239e9b70ca2	1536	else {
wolfSSL	0:1239e9b70ca2	1537	hcRet = Hc128_SetKey(enc->hc128, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1538	keys->server_write_IV);
wolfSSL	0:1239e9b70ca2	1539	if (hcRet != 0) return hcRet;
wolfSSL	0:1239e9b70ca2	1540	hcRet = Hc128_SetKey(dec->hc128, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1541	keys->client_write_IV);
wolfSSL	0:1239e9b70ca2	1542	if (hcRet != 0) return hcRet;
wolfSSL	0:1239e9b70ca2	1543	}
wolfSSL	0:1239e9b70ca2	1544	enc->setup = 1;
wolfSSL	0:1239e9b70ca2	1545	dec->setup = 1;
wolfSSL	0:1239e9b70ca2	1546	}
wolfSSL	0:1239e9b70ca2	1547	#endif
wolfSSL	0:1239e9b70ca2	1548
wolfSSL	0:1239e9b70ca2	1549	#ifdef BUILD_RABBIT
wolfSSL	0:1239e9b70ca2	1550	if (specs->bulk_cipher_algorithm == cyassl_rabbit) {
wolfSSL	0:1239e9b70ca2	1551	int rabRet;
wolfSSL	0:1239e9b70ca2	1552	if (enc->rabbit == NULL)
wolfSSL	0:1239e9b70ca2	1553	enc->rabbit =
wolfSSL	0:1239e9b70ca2	1554	(Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1555	if (enc->rabbit == NULL)
wolfSSL	0:1239e9b70ca2	1556	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1557	if (dec->rabbit == NULL)
wolfSSL	0:1239e9b70ca2	1558	dec->rabbit =
wolfSSL	0:1239e9b70ca2	1559	(Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1560	if (dec->rabbit == NULL)
wolfSSL	0:1239e9b70ca2	1561	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1562	if (side == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	1563	rabRet = RabbitSetKey(enc->rabbit, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1564	keys->client_write_IV);
wolfSSL	0:1239e9b70ca2	1565	if (rabRet != 0) return rabRet;
wolfSSL	0:1239e9b70ca2	1566	rabRet = RabbitSetKey(dec->rabbit, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1567	keys->server_write_IV);
wolfSSL	0:1239e9b70ca2	1568	if (rabRet != 0) return rabRet;
wolfSSL	0:1239e9b70ca2	1569	}
wolfSSL	0:1239e9b70ca2	1570	else {
wolfSSL	0:1239e9b70ca2	1571	rabRet = RabbitSetKey(enc->rabbit, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1572	keys->server_write_IV);
wolfSSL	0:1239e9b70ca2	1573	if (rabRet != 0) return rabRet;
wolfSSL	0:1239e9b70ca2	1574	rabRet = RabbitSetKey(dec->rabbit, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1575	keys->client_write_IV);
wolfSSL	0:1239e9b70ca2	1576	if (rabRet != 0) return rabRet;
wolfSSL	0:1239e9b70ca2	1577	}
wolfSSL	0:1239e9b70ca2	1578	enc->setup = 1;
wolfSSL	0:1239e9b70ca2	1579	dec->setup = 1;
wolfSSL	0:1239e9b70ca2	1580	}
wolfSSL	0:1239e9b70ca2	1581	#endif
wolfSSL	0:1239e9b70ca2	1582
wolfSSL	0:1239e9b70ca2	1583	#ifdef BUILD_DES3
wolfSSL	0:1239e9b70ca2	1584	if (specs->bulk_cipher_algorithm == cyassl_triple_des) {
wolfSSL	0:1239e9b70ca2	1585	int desRet = 0;
wolfSSL	0:1239e9b70ca2	1586
wolfSSL	0:1239e9b70ca2	1587	if (enc->des3 == NULL)
wolfSSL	0:1239e9b70ca2	1588	enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1589	if (enc->des3 == NULL)
wolfSSL	0:1239e9b70ca2	1590	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1591	if (dec->des3 == NULL)
wolfSSL	0:1239e9b70ca2	1592	dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1593	if (dec->des3 == NULL)
wolfSSL	0:1239e9b70ca2	1594	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1595	#ifdef HAVE_CAVIUM
wolfSSL	0:1239e9b70ca2	1596	if (devId != NO_CAVIUM_DEVICE) {
wolfSSL	0:1239e9b70ca2	1597	if (Des3_InitCavium(enc->des3, devId) != 0) {
wolfSSL	0:1239e9b70ca2	1598	CYASSL_MSG("Des3_InitCavium failed in SetKeys");
wolfSSL	0:1239e9b70ca2	1599	return CAVIUM_INIT_E;
wolfSSL	0:1239e9b70ca2	1600	}
wolfSSL	0:1239e9b70ca2	1601	if (Des3_InitCavium(dec->des3, devId) != 0) {
wolfSSL	0:1239e9b70ca2	1602	CYASSL_MSG("Des3_InitCavium failed in SetKeys");
wolfSSL	0:1239e9b70ca2	1603	return CAVIUM_INIT_E;
wolfSSL	0:1239e9b70ca2	1604	}
wolfSSL	0:1239e9b70ca2	1605	}
wolfSSL	0:1239e9b70ca2	1606	#endif
wolfSSL	0:1239e9b70ca2	1607	if (side == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	1608	desRet = Des3_SetKey(enc->des3, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1609	keys->client_write_IV, DES_ENCRYPTION);
wolfSSL	0:1239e9b70ca2	1610	if (desRet != 0)
wolfSSL	0:1239e9b70ca2	1611	return desRet;
wolfSSL	0:1239e9b70ca2	1612	desRet = Des3_SetKey(dec->des3, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1613	keys->server_write_IV, DES_DECRYPTION);
wolfSSL	0:1239e9b70ca2	1614	if (desRet != 0)
wolfSSL	0:1239e9b70ca2	1615	return desRet;
wolfSSL	0:1239e9b70ca2	1616	}
wolfSSL	0:1239e9b70ca2	1617	else {
wolfSSL	0:1239e9b70ca2	1618	desRet = Des3_SetKey(enc->des3, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1619	keys->server_write_IV, DES_ENCRYPTION);
wolfSSL	0:1239e9b70ca2	1620	if (desRet != 0)
wolfSSL	0:1239e9b70ca2	1621	return desRet;
wolfSSL	0:1239e9b70ca2	1622	desRet = Des3_SetKey(dec->des3, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1623	keys->client_write_IV, DES_DECRYPTION);
wolfSSL	0:1239e9b70ca2	1624	if (desRet != 0)
wolfSSL	0:1239e9b70ca2	1625	return desRet;
wolfSSL	0:1239e9b70ca2	1626	}
wolfSSL	0:1239e9b70ca2	1627	enc->setup = 1;
wolfSSL	0:1239e9b70ca2	1628	dec->setup = 1;
wolfSSL	0:1239e9b70ca2	1629	}
wolfSSL	0:1239e9b70ca2	1630	#endif
wolfSSL	0:1239e9b70ca2	1631
wolfSSL	0:1239e9b70ca2	1632	#ifdef BUILD_AES
wolfSSL	0:1239e9b70ca2	1633	if (specs->bulk_cipher_algorithm == cyassl_aes) {
wolfSSL	0:1239e9b70ca2	1634	int aesRet = 0;
wolfSSL	0:1239e9b70ca2	1635
wolfSSL	0:1239e9b70ca2	1636	if (enc->aes == NULL)
wolfSSL	0:1239e9b70ca2	1637	enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1638	if (enc->aes == NULL)
wolfSSL	0:1239e9b70ca2	1639	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1640	if (dec->aes == NULL)
wolfSSL	0:1239e9b70ca2	1641	dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1642	if (dec->aes == NULL)
wolfSSL	0:1239e9b70ca2	1643	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1644	#ifdef HAVE_CAVIUM
wolfSSL	0:1239e9b70ca2	1645	if (devId != NO_CAVIUM_DEVICE) {
wolfSSL	0:1239e9b70ca2	1646	if (AesInitCavium(enc->aes, devId) != 0) {
wolfSSL	0:1239e9b70ca2	1647	CYASSL_MSG("AesInitCavium failed in SetKeys");
wolfSSL	0:1239e9b70ca2	1648	return CAVIUM_INIT_E;
wolfSSL	0:1239e9b70ca2	1649	}
wolfSSL	0:1239e9b70ca2	1650	if (AesInitCavium(dec->aes, devId) != 0) {
wolfSSL	0:1239e9b70ca2	1651	CYASSL_MSG("AesInitCavium failed in SetKeys");
wolfSSL	0:1239e9b70ca2	1652	return CAVIUM_INIT_E;
wolfSSL	0:1239e9b70ca2	1653	}
wolfSSL	0:1239e9b70ca2	1654	}
wolfSSL	0:1239e9b70ca2	1655	#endif
wolfSSL	0:1239e9b70ca2	1656	if (side == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	1657	aesRet = AesSetKey(enc->aes, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1658	specs->key_size, keys->client_write_IV,
wolfSSL	0:1239e9b70ca2	1659	AES_ENCRYPTION);
wolfSSL	0:1239e9b70ca2	1660	if (aesRet != 0)
wolfSSL	0:1239e9b70ca2	1661	return aesRet;
wolfSSL	0:1239e9b70ca2	1662	aesRet = AesSetKey(dec->aes, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1663	specs->key_size, keys->server_write_IV,
wolfSSL	0:1239e9b70ca2	1664	AES_DECRYPTION);
wolfSSL	0:1239e9b70ca2	1665	if (aesRet != 0)
wolfSSL	0:1239e9b70ca2	1666	return aesRet;
wolfSSL	0:1239e9b70ca2	1667	}
wolfSSL	0:1239e9b70ca2	1668	else {
wolfSSL	0:1239e9b70ca2	1669	aesRet = AesSetKey(enc->aes, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1670	specs->key_size, keys->server_write_IV,
wolfSSL	0:1239e9b70ca2	1671	AES_ENCRYPTION);
wolfSSL	0:1239e9b70ca2	1672	if (aesRet != 0)
wolfSSL	0:1239e9b70ca2	1673	return aesRet;
wolfSSL	0:1239e9b70ca2	1674	aesRet = AesSetKey(dec->aes, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1675	specs->key_size, keys->client_write_IV,
wolfSSL	0:1239e9b70ca2	1676	AES_DECRYPTION);
wolfSSL	0:1239e9b70ca2	1677	if (aesRet != 0)
wolfSSL	0:1239e9b70ca2	1678	return aesRet;
wolfSSL	0:1239e9b70ca2	1679	}
wolfSSL	0:1239e9b70ca2	1680	enc->setup = 1;
wolfSSL	0:1239e9b70ca2	1681	dec->setup = 1;
wolfSSL	0:1239e9b70ca2	1682	}
wolfSSL	0:1239e9b70ca2	1683	#endif
wolfSSL	0:1239e9b70ca2	1684
wolfSSL	0:1239e9b70ca2	1685	#ifdef BUILD_AESGCM
wolfSSL	0:1239e9b70ca2	1686	if (specs->bulk_cipher_algorithm == cyassl_aes_gcm) {
wolfSSL	0:1239e9b70ca2	1687	if (enc->aes == NULL)
wolfSSL	0:1239e9b70ca2	1688	enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1689	if (enc->aes == NULL)
wolfSSL	0:1239e9b70ca2	1690	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1691	if (dec->aes == NULL)
wolfSSL	0:1239e9b70ca2	1692	dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1693	if (dec->aes == NULL)
wolfSSL	0:1239e9b70ca2	1694	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1695
wolfSSL	0:1239e9b70ca2	1696	if (side == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	1697	AesGcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
wolfSSL	0:1239e9b70ca2	1698	XMEMCPY(keys->aead_enc_imp_IV,
wolfSSL	0:1239e9b70ca2	1699	keys->client_write_IV, AEAD_IMP_IV_SZ);
wolfSSL	0:1239e9b70ca2	1700	AesGcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
wolfSSL	0:1239e9b70ca2	1701	XMEMCPY(keys->aead_dec_imp_IV,
wolfSSL	0:1239e9b70ca2	1702	keys->server_write_IV, AEAD_IMP_IV_SZ);
wolfSSL	0:1239e9b70ca2	1703	}
wolfSSL	0:1239e9b70ca2	1704	else {
wolfSSL	0:1239e9b70ca2	1705	AesGcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
wolfSSL	0:1239e9b70ca2	1706	XMEMCPY(keys->aead_enc_imp_IV,
wolfSSL	0:1239e9b70ca2	1707	keys->server_write_IV, AEAD_IMP_IV_SZ);
wolfSSL	0:1239e9b70ca2	1708	AesGcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
wolfSSL	0:1239e9b70ca2	1709	XMEMCPY(keys->aead_dec_imp_IV,
wolfSSL	0:1239e9b70ca2	1710	keys->client_write_IV, AEAD_IMP_IV_SZ);
wolfSSL	0:1239e9b70ca2	1711	}
wolfSSL	0:1239e9b70ca2	1712	enc->setup = 1;
wolfSSL	0:1239e9b70ca2	1713	dec->setup = 1;
wolfSSL	0:1239e9b70ca2	1714	}
wolfSSL	0:1239e9b70ca2	1715	#endif
wolfSSL	0:1239e9b70ca2	1716
wolfSSL	0:1239e9b70ca2	1717	#ifdef HAVE_AESCCM
wolfSSL	0:1239e9b70ca2	1718	if (specs->bulk_cipher_algorithm == cyassl_aes_ccm) {
wolfSSL	0:1239e9b70ca2	1719	if (enc->aes == NULL)
wolfSSL	0:1239e9b70ca2	1720	enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1721	if (enc->aes == NULL)
wolfSSL	0:1239e9b70ca2	1722	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1723	if (dec->aes == NULL)
wolfSSL	0:1239e9b70ca2	1724	dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1725	if (dec->aes == NULL)
wolfSSL	0:1239e9b70ca2	1726	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1727
wolfSSL	0:1239e9b70ca2	1728	if (side == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	1729	AesCcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
wolfSSL	0:1239e9b70ca2	1730	XMEMCPY(keys->aead_enc_imp_IV,
wolfSSL	0:1239e9b70ca2	1731	keys->client_write_IV, AEAD_IMP_IV_SZ);
wolfSSL	0:1239e9b70ca2	1732	AesCcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
wolfSSL	0:1239e9b70ca2	1733	XMEMCPY(keys->aead_dec_imp_IV,
wolfSSL	0:1239e9b70ca2	1734	keys->server_write_IV, AEAD_IMP_IV_SZ);
wolfSSL	0:1239e9b70ca2	1735	}
wolfSSL	0:1239e9b70ca2	1736	else {
wolfSSL	0:1239e9b70ca2	1737	AesCcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
wolfSSL	0:1239e9b70ca2	1738	XMEMCPY(keys->aead_enc_imp_IV,
wolfSSL	0:1239e9b70ca2	1739	keys->server_write_IV, AEAD_IMP_IV_SZ);
wolfSSL	0:1239e9b70ca2	1740	AesCcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
wolfSSL	0:1239e9b70ca2	1741	XMEMCPY(keys->aead_dec_imp_IV,
wolfSSL	0:1239e9b70ca2	1742	keys->client_write_IV, AEAD_IMP_IV_SZ);
wolfSSL	0:1239e9b70ca2	1743	}
wolfSSL	0:1239e9b70ca2	1744	enc->setup = 1;
wolfSSL	0:1239e9b70ca2	1745	dec->setup = 1;
wolfSSL	0:1239e9b70ca2	1746	}
wolfSSL	0:1239e9b70ca2	1747	#endif
wolfSSL	0:1239e9b70ca2	1748
wolfSSL	0:1239e9b70ca2	1749	#ifdef HAVE_CAMELLIA
wolfSSL	0:1239e9b70ca2	1750	if (specs->bulk_cipher_algorithm == cyassl_camellia) {
wolfSSL	0:1239e9b70ca2	1751	int camRet;
wolfSSL	0:1239e9b70ca2	1752
wolfSSL	0:1239e9b70ca2	1753	if (enc->cam == NULL)
wolfSSL	0:1239e9b70ca2	1754	enc->cam =
wolfSSL	0:1239e9b70ca2	1755	(Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1756	if (enc->cam == NULL)
wolfSSL	0:1239e9b70ca2	1757	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1758
wolfSSL	0:1239e9b70ca2	1759	if (dec->cam == NULL)
wolfSSL	0:1239e9b70ca2	1760	dec->cam =
wolfSSL	0:1239e9b70ca2	1761	(Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
wolfSSL	0:1239e9b70ca2	1762	if (dec->cam == NULL)
wolfSSL	0:1239e9b70ca2	1763	return MEMORY_E;
wolfSSL	0:1239e9b70ca2	1764
wolfSSL	0:1239e9b70ca2	1765	if (side == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	1766	camRet = CamelliaSetKey(enc->cam, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1767	specs->key_size, keys->client_write_IV);
wolfSSL	0:1239e9b70ca2	1768	if (camRet != 0)
wolfSSL	0:1239e9b70ca2	1769	return camRet;
wolfSSL	0:1239e9b70ca2	1770
wolfSSL	0:1239e9b70ca2	1771	camRet = CamelliaSetKey(dec->cam, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1772	specs->key_size, keys->server_write_IV);
wolfSSL	0:1239e9b70ca2	1773	if (camRet != 0)
wolfSSL	0:1239e9b70ca2	1774	return camRet;
wolfSSL	0:1239e9b70ca2	1775	}
wolfSSL	0:1239e9b70ca2	1776	else {
wolfSSL	0:1239e9b70ca2	1777	camRet = CamelliaSetKey(enc->cam, keys->server_write_key,
wolfSSL	0:1239e9b70ca2	1778	specs->key_size, keys->server_write_IV);
wolfSSL	0:1239e9b70ca2	1779	if (camRet != 0)
wolfSSL	0:1239e9b70ca2	1780	return camRet;
wolfSSL	0:1239e9b70ca2	1781
wolfSSL	0:1239e9b70ca2	1782	camRet = CamelliaSetKey(dec->cam, keys->client_write_key,
wolfSSL	0:1239e9b70ca2	1783	specs->key_size, keys->client_write_IV);
wolfSSL	0:1239e9b70ca2	1784	if (camRet != 0)
wolfSSL	0:1239e9b70ca2	1785	return camRet;
wolfSSL	0:1239e9b70ca2	1786	}
wolfSSL	0:1239e9b70ca2	1787	enc->setup = 1;
wolfSSL	0:1239e9b70ca2	1788	dec->setup = 1;
wolfSSL	0:1239e9b70ca2	1789	}
wolfSSL	0:1239e9b70ca2	1790	#endif
wolfSSL	0:1239e9b70ca2	1791
wolfSSL	0:1239e9b70ca2	1792	#ifdef HAVE_NULL_CIPHER
wolfSSL	0:1239e9b70ca2	1793	if (specs->bulk_cipher_algorithm == cyassl_cipher_null) {
wolfSSL	0:1239e9b70ca2	1794	enc->setup = 1;
wolfSSL	0:1239e9b70ca2	1795	dec->setup = 1;
wolfSSL	0:1239e9b70ca2	1796	}
wolfSSL	0:1239e9b70ca2	1797	#endif
wolfSSL	0:1239e9b70ca2	1798
wolfSSL	0:1239e9b70ca2	1799	keys->sequence_number = 0;
wolfSSL	0:1239e9b70ca2	1800	keys->peer_sequence_number = 0;
wolfSSL	0:1239e9b70ca2	1801	keys->encryptionOn = 0;
wolfSSL	0:1239e9b70ca2	1802	(void)side;
wolfSSL	0:1239e9b70ca2	1803	(void)heap;
wolfSSL	0:1239e9b70ca2	1804	(void)enc;
wolfSSL	0:1239e9b70ca2	1805	(void)dec;
wolfSSL	0:1239e9b70ca2	1806	(void)specs;
wolfSSL	0:1239e9b70ca2	1807	(void)devId;
wolfSSL	0:1239e9b70ca2	1808
wolfSSL	0:1239e9b70ca2	1809	return 0;
wolfSSL	0:1239e9b70ca2	1810	}
wolfSSL	0:1239e9b70ca2	1811
wolfSSL	0:1239e9b70ca2	1812
wolfSSL	0:1239e9b70ca2	1813	/* TLS can call too */
wolfSSL	0:1239e9b70ca2	1814	int StoreKeys(CYASSL* ssl, const byte* keyData)
wolfSSL	0:1239e9b70ca2	1815	{
wolfSSL	0:1239e9b70ca2	1816	int sz, i = 0;
wolfSSL	0:1239e9b70ca2	1817	int devId = NO_CAVIUM_DEVICE;
wolfSSL	0:1239e9b70ca2	1818
wolfSSL	0:1239e9b70ca2	1819	#ifdef HAVE_CAVIUM
wolfSSL	0:1239e9b70ca2	1820	devId = ssl->devId;
wolfSSL	0:1239e9b70ca2	1821	#endif
wolfSSL	0:1239e9b70ca2	1822
wolfSSL	0:1239e9b70ca2	1823	if (ssl->specs.cipher_type != aead) {
wolfSSL	0:1239e9b70ca2	1824	sz = ssl->specs.hash_size;
wolfSSL	0:1239e9b70ca2	1825	XMEMCPY(ssl->keys.client_write_MAC_secret,&keyData[i], sz);
wolfSSL	0:1239e9b70ca2	1826	i += sz;
wolfSSL	0:1239e9b70ca2	1827	XMEMCPY(ssl->keys.server_write_MAC_secret,&keyData[i], sz);
wolfSSL	0:1239e9b70ca2	1828	i += sz;
wolfSSL	0:1239e9b70ca2	1829	}
wolfSSL	0:1239e9b70ca2	1830	sz = ssl->specs.key_size;
wolfSSL	0:1239e9b70ca2	1831	XMEMCPY(ssl->keys.client_write_key, &keyData[i], sz);
wolfSSL	0:1239e9b70ca2	1832	i += sz;
wolfSSL	0:1239e9b70ca2	1833	XMEMCPY(ssl->keys.server_write_key, &keyData[i], sz);
wolfSSL	0:1239e9b70ca2	1834	i += sz;
wolfSSL	0:1239e9b70ca2	1835
wolfSSL	0:1239e9b70ca2	1836	sz = ssl->specs.iv_size;
wolfSSL	0:1239e9b70ca2	1837	XMEMCPY(ssl->keys.client_write_IV, &keyData[i], sz);
wolfSSL	0:1239e9b70ca2	1838	i += sz;
wolfSSL	0:1239e9b70ca2	1839	XMEMCPY(ssl->keys.server_write_IV, &keyData[i], sz);
wolfSSL	0:1239e9b70ca2	1840
wolfSSL	0:1239e9b70ca2	1841	#ifdef HAVE_AEAD
wolfSSL	0:1239e9b70ca2	1842	if (ssl->specs.cipher_type == aead) {
wolfSSL	0:1239e9b70ca2	1843	/* Initialize the AES-GCM/CCM explicit IV to a zero. */
wolfSSL	0:1239e9b70ca2	1844	XMEMSET(ssl->keys.aead_exp_IV, 0, AEAD_EXP_IV_SZ);
wolfSSL	0:1239e9b70ca2	1845	}
wolfSSL	0:1239e9b70ca2	1846	#endif
wolfSSL	0:1239e9b70ca2	1847
wolfSSL	0:1239e9b70ca2	1848	return SetKeys(&ssl->encrypt, &ssl->decrypt, &ssl->keys, &ssl->specs,
wolfSSL	0:1239e9b70ca2	1849	ssl->options.side, ssl->heap, devId);
wolfSSL	0:1239e9b70ca2	1850	}
wolfSSL	0:1239e9b70ca2	1851
wolfSSL	0:1239e9b70ca2	1852	#ifndef NO_OLD_TLS
wolfSSL	0:1239e9b70ca2	1853	int DeriveKeys(CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	1854	{
wolfSSL	0:1239e9b70ca2	1855	int length = 2 * ssl->specs.hash_size +
wolfSSL	0:1239e9b70ca2	1856	2 * ssl->specs.key_size +
wolfSSL	0:1239e9b70ca2	1857	2 * ssl->specs.iv_size;
wolfSSL	0:1239e9b70ca2	1858	int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i;
wolfSSL	0:1239e9b70ca2	1859	int ret = 0;
wolfSSL	0:1239e9b70ca2	1860
wolfSSL	0:1239e9b70ca2	1861	byte shaOutput[SHA_DIGEST_SIZE];
wolfSSL	0:1239e9b70ca2	1862	byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE];
wolfSSL	0:1239e9b70ca2	1863	byte shaInput[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN];
wolfSSL	0:1239e9b70ca2	1864
wolfSSL	0:1239e9b70ca2	1865	Md5 md5;
wolfSSL	0:1239e9b70ca2	1866	Sha sha;
wolfSSL	0:1239e9b70ca2	1867
wolfSSL	0:1239e9b70ca2	1868	byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE]; /* max size */
wolfSSL	0:1239e9b70ca2	1869
wolfSSL	0:1239e9b70ca2	1870	InitMd5(&md5);
wolfSSL	0:1239e9b70ca2	1871	ret = InitSha(&sha);
wolfSSL	0:1239e9b70ca2	1872	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1873	return ret;
wolfSSL	0:1239e9b70ca2	1874
wolfSSL	0:1239e9b70ca2	1875	XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN);
wolfSSL	0:1239e9b70ca2	1876
wolfSSL	0:1239e9b70ca2	1877	for (i = 0; i < rounds; ++i) {
wolfSSL	0:1239e9b70ca2	1878	int j = i + 1;
wolfSSL	0:1239e9b70ca2	1879	int idx = j;
wolfSSL	0:1239e9b70ca2	1880
wolfSSL	0:1239e9b70ca2	1881	if (!SetPrefix(shaInput, i)) {
wolfSSL	0:1239e9b70ca2	1882	return PREFIX_ERROR;
wolfSSL	0:1239e9b70ca2	1883	}
wolfSSL	0:1239e9b70ca2	1884
wolfSSL	0:1239e9b70ca2	1885	XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN);
wolfSSL	0:1239e9b70ca2	1886	idx += SECRET_LEN;
wolfSSL	0:1239e9b70ca2	1887	XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
wolfSSL	0:1239e9b70ca2	1888	idx += RAN_LEN;
wolfSSL	0:1239e9b70ca2	1889	XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
wolfSSL	0:1239e9b70ca2	1890
wolfSSL	0:1239e9b70ca2	1891	ShaUpdate(&sha, shaInput, (word32)sizeof(shaInput) - KEY_PREFIX + j);
wolfSSL	0:1239e9b70ca2	1892	ShaFinal(&sha, shaOutput);
wolfSSL	0:1239e9b70ca2	1893
wolfSSL	0:1239e9b70ca2	1894	XMEMCPY(&md5Input[SECRET_LEN], shaOutput, SHA_DIGEST_SIZE);
wolfSSL	0:1239e9b70ca2	1895	Md5Update(&md5, md5Input, sizeof(md5Input));
wolfSSL	0:1239e9b70ca2	1896	Md5Final(&md5, keyData + i * MD5_DIGEST_SIZE);
wolfSSL	0:1239e9b70ca2	1897	}
wolfSSL	0:1239e9b70ca2	1898
wolfSSL	0:1239e9b70ca2	1899	return StoreKeys(ssl, keyData);
wolfSSL	0:1239e9b70ca2	1900	}
wolfSSL	0:1239e9b70ca2	1901
wolfSSL	0:1239e9b70ca2	1902
wolfSSL	0:1239e9b70ca2	1903	static int CleanPreMaster(CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	1904	{
wolfSSL	0:1239e9b70ca2	1905	int i, ret, sz = ssl->arrays->preMasterSz;
wolfSSL	0:1239e9b70ca2	1906
wolfSSL	0:1239e9b70ca2	1907	for (i = 0; i < sz; i++)
wolfSSL	0:1239e9b70ca2	1908	ssl->arrays->preMasterSecret[i] = 0;
wolfSSL	0:1239e9b70ca2	1909
wolfSSL	0:1239e9b70ca2	1910	ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz);
wolfSSL	0:1239e9b70ca2	1911	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1912	return ret;
wolfSSL	0:1239e9b70ca2	1913
wolfSSL	0:1239e9b70ca2	1914	for (i = 0; i < sz; i++)
wolfSSL	0:1239e9b70ca2	1915	ssl->arrays->preMasterSecret[i] = 0;
wolfSSL	0:1239e9b70ca2	1916
wolfSSL	0:1239e9b70ca2	1917	return 0;
wolfSSL	0:1239e9b70ca2	1918	}
wolfSSL	0:1239e9b70ca2	1919
wolfSSL	0:1239e9b70ca2	1920
wolfSSL	0:1239e9b70ca2	1921	/* Create and store the master secret see page 32, 6.1 */
wolfSSL	0:1239e9b70ca2	1922	static int MakeSslMasterSecret(CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	1923	{
wolfSSL	0:1239e9b70ca2	1924	byte shaOutput[SHA_DIGEST_SIZE];
wolfSSL	0:1239e9b70ca2	1925	byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE];
wolfSSL	0:1239e9b70ca2	1926	byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN];
wolfSSL	0:1239e9b70ca2	1927	int i, ret;
wolfSSL	0:1239e9b70ca2	1928	word32 idx;
wolfSSL	0:1239e9b70ca2	1929	word32 pmsSz = ssl->arrays->preMasterSz;
wolfSSL	0:1239e9b70ca2	1930
wolfSSL	0:1239e9b70ca2	1931	Md5 md5;
wolfSSL	0:1239e9b70ca2	1932	Sha sha;
wolfSSL	0:1239e9b70ca2	1933
wolfSSL	0:1239e9b70ca2	1934	#ifdef SHOW_SECRETS
wolfSSL	0:1239e9b70ca2	1935	{
wolfSSL	0:1239e9b70ca2	1936	word32 j;
wolfSSL	0:1239e9b70ca2	1937	printf("pre master secret: ");
wolfSSL	0:1239e9b70ca2	1938	for (j = 0; j < pmsSz; j++)
wolfSSL	0:1239e9b70ca2	1939	printf("%02x", ssl->arrays->preMasterSecret[j]);
wolfSSL	0:1239e9b70ca2	1940	printf("\n");
wolfSSL	0:1239e9b70ca2	1941	}
wolfSSL	0:1239e9b70ca2	1942	#endif
wolfSSL	0:1239e9b70ca2	1943
wolfSSL	0:1239e9b70ca2	1944	InitMd5(&md5);
wolfSSL	0:1239e9b70ca2	1945	ret = InitSha(&sha);
wolfSSL	0:1239e9b70ca2	1946	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1947	return ret;
wolfSSL	0:1239e9b70ca2	1948
wolfSSL	0:1239e9b70ca2	1949	XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz);
wolfSSL	0:1239e9b70ca2	1950
wolfSSL	0:1239e9b70ca2	1951	for (i = 0; i < MASTER_ROUNDS; ++i) {
wolfSSL	0:1239e9b70ca2	1952	byte prefix[PREFIX];
wolfSSL	0:1239e9b70ca2	1953	if (!SetPrefix(prefix, i)) {
wolfSSL	0:1239e9b70ca2	1954	return PREFIX_ERROR;
wolfSSL	0:1239e9b70ca2	1955	}
wolfSSL	0:1239e9b70ca2	1956
wolfSSL	0:1239e9b70ca2	1957	idx = 0;
wolfSSL	0:1239e9b70ca2	1958	XMEMCPY(shaInput, prefix, i + 1);
wolfSSL	0:1239e9b70ca2	1959	idx += i + 1;
wolfSSL	0:1239e9b70ca2	1960
wolfSSL	0:1239e9b70ca2	1961	XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz);
wolfSSL	0:1239e9b70ca2	1962	idx += pmsSz;
wolfSSL	0:1239e9b70ca2	1963	XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
wolfSSL	0:1239e9b70ca2	1964	idx += RAN_LEN;
wolfSSL	0:1239e9b70ca2	1965	XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
wolfSSL	0:1239e9b70ca2	1966	idx += RAN_LEN;
wolfSSL	0:1239e9b70ca2	1967	ShaUpdate(&sha, shaInput, idx);
wolfSSL	0:1239e9b70ca2	1968	ShaFinal(&sha, shaOutput);
wolfSSL	0:1239e9b70ca2	1969
wolfSSL	0:1239e9b70ca2	1970	idx = pmsSz; /* preSz */
wolfSSL	0:1239e9b70ca2	1971	XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
wolfSSL	0:1239e9b70ca2	1972	idx += SHA_DIGEST_SIZE;
wolfSSL	0:1239e9b70ca2	1973	Md5Update(&md5, md5Input, idx);
wolfSSL	0:1239e9b70ca2	1974	Md5Final(&md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]);
wolfSSL	0:1239e9b70ca2	1975	}
wolfSSL	0:1239e9b70ca2	1976
wolfSSL	0:1239e9b70ca2	1977	#ifdef SHOW_SECRETS
wolfSSL	0:1239e9b70ca2	1978	{
wolfSSL	0:1239e9b70ca2	1979	word32 j;
wolfSSL	0:1239e9b70ca2	1980	printf("master secret: ");
wolfSSL	0:1239e9b70ca2	1981	for (j = 0; j < SECRET_LEN; j++)
wolfSSL	0:1239e9b70ca2	1982	printf("%02x", ssl->arrays->masterSecret[j]);
wolfSSL	0:1239e9b70ca2	1983	printf("\n");
wolfSSL	0:1239e9b70ca2	1984	}
wolfSSL	0:1239e9b70ca2	1985	#endif
wolfSSL	0:1239e9b70ca2	1986
wolfSSL	0:1239e9b70ca2	1987	ret = DeriveKeys(ssl);
wolfSSL	0:1239e9b70ca2	1988	if (ret != 0) {
wolfSSL	0:1239e9b70ca2	1989	/* always try to clean PreMaster */
wolfSSL	0:1239e9b70ca2	1990	CleanPreMaster(ssl);
wolfSSL	0:1239e9b70ca2	1991	return ret;
wolfSSL	0:1239e9b70ca2	1992	}
wolfSSL	0:1239e9b70ca2	1993
wolfSSL	0:1239e9b70ca2	1994	return CleanPreMaster(ssl);
wolfSSL	0:1239e9b70ca2	1995	}
wolfSSL	0:1239e9b70ca2	1996	#endif
wolfSSL	0:1239e9b70ca2	1997
wolfSSL	0:1239e9b70ca2	1998
wolfSSL	0:1239e9b70ca2	1999	/* Master wrapper, doesn't use SSL stack space in TLS mode */
wolfSSL	0:1239e9b70ca2	2000	int MakeMasterSecret(CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	2001	{
wolfSSL	0:1239e9b70ca2	2002	#ifdef NO_OLD_TLS
wolfSSL	0:1239e9b70ca2	2003	return MakeTlsMasterSecret(ssl);
wolfSSL	0:1239e9b70ca2	2004	#elif !defined(NO_TLS)
wolfSSL	0:1239e9b70ca2	2005	if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
wolfSSL	0:1239e9b70ca2	2006	#endif
wolfSSL	0:1239e9b70ca2	2007
wolfSSL	0:1239e9b70ca2	2008	#ifndef NO_OLD_TLS
wolfSSL	0:1239e9b70ca2	2009	return MakeSslMasterSecret(ssl);
wolfSSL	0:1239e9b70ca2	2010	#endif
wolfSSL	0:1239e9b70ca2	2011	}
wolfSSL	0:1239e9b70ca2	2012
wolfSSL	0:1239e9b70ca2	2013

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	12 Jul 2014
Imports:	152
Forks:	2
Commits:	4
Dependents:	7
Dependencies:	0
Followers:	11

This repository is Public (Unlisted).

Developers

wolf SSL

Kojo

src/keys.c@3:64d4f7cb83d5, 2014-12-03 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Developers

Important Information for this Arm website

Access Warning