1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482 |
- /* keys.c
- *
- * Copyright (C) 2006-2014 wolfSSL Inc.
- *
- * This file is part of CyaSSL.
- *
- * CyaSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * CyaSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
- #ifdef HAVE_CONFIG_H
- #include <config.h>
- #endif
- #include <cyassl/ctaocrypt/settings.h>
- #include <cyassl/internal.h>
- #include <cyassl/error-ssl.h>
- #if defined(SHOW_SECRETS) || defined(CHACHA_AEAD_TEST)
- #ifdef FREESCALE_MQX
- #include <fio.h>
- #else
- #include <stdio.h>
- #endif
- #endif
- int SetCipherSpecs(CYASSL* ssl)
- {
- #ifndef NO_CYASSL_CLIENT
- if (ssl->options.side == CYASSL_CLIENT_END) {
- /* server side verified before SetCipherSpecs call */
- if (VerifyClientSuite(ssl) != 1) {
- CYASSL_MSG("SetCipherSpecs() client has an unusuable suite");
- return UNSUPPORTED_SUITE;
- }
- }
- #endif /* NO_CYASSL_CLIENT */
- /* Chacha extensions, 0xcc */
- if (ssl->options.cipherSuite0 == CHACHA_BYTE) {
-
- switch (ssl->options.cipherSuite) {
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
- ssl->specs.bulk_cipher_algorithm = cyassl_chacha;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CHACHA20_256_KEY_SIZE;
- ssl->specs.block_size = CHACHA20_BLOCK_SIZE;
- ssl->specs.iv_size = CHACHA20_IV_SIZE;
- ssl->specs.aead_mac_size = POLY1305_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
- ssl->specs.bulk_cipher_algorithm = cyassl_chacha;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CHACHA20_256_KEY_SIZE;
- ssl->specs.block_size = CHACHA20_BLOCK_SIZE;
- ssl->specs.iv_size = CHACHA20_IV_SIZE;
- ssl->specs.aead_mac_size = POLY1305_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
- ssl->specs.bulk_cipher_algorithm = cyassl_chacha;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CHACHA20_256_KEY_SIZE;
- ssl->specs.block_size = CHACHA20_BLOCK_SIZE;
- ssl->specs.iv_size = CHACHA20_IV_SIZE;
- ssl->specs.aead_mac_size = POLY1305_AUTH_SZ;
- break;
- #endif
- default:
- CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ChaCha");
- return UNSUPPORTED_SUITE;
- }
- }
- /* ECC extensions, or AES-CCM */
- if (ssl->options.cipherSuite0 == ECC_BYTE) {
-
- switch (ssl->options.cipherSuite) {
- #ifdef HAVE_ECC
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
- case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
- case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
- case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
- case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = DES3_KEY_SIZE;
- ssl->specs.block_size = DES_BLOCK_SIZE;
- ssl->specs.iv_size = DES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = DES3_KEY_SIZE;
- ssl->specs.block_size = DES_BLOCK_SIZE;
- ssl->specs.iv_size = DES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
- case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = RC4_KEY_SIZE;
- ssl->specs.iv_size = 0;
- ssl->specs.block_size = 0;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
- case TLS_ECDH_RSA_WITH_RC4_128_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = RC4_KEY_SIZE;
- ssl->specs.iv_size = 0;
- ssl->specs.block_size = 0;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = DES3_KEY_SIZE;
- ssl->specs.block_size = DES_BLOCK_SIZE;
- ssl->specs.iv_size = DES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = DES3_KEY_SIZE;
- ssl->specs.block_size = DES_BLOCK_SIZE;
- ssl->specs.iv_size = DES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = RC4_KEY_SIZE;
- ssl->specs.iv_size = 0;
- ssl->specs.block_size = 0;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
- case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = RC4_KEY_SIZE;
- ssl->specs.iv_size = 0;
- ssl->specs.block_size = 0;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
- case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
- case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 1;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
- case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
- case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = ecc_diffie_hellman_kea;
- ssl->specs.sig_algo = ecc_dsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
- break;
- #endif
- #endif /* HAVE_ECC */
- #ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
- case TLS_RSA_WITH_AES_128_CCM_8 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8
- case TLS_RSA_WITH_AES_256_CCM_8 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
- case TLS_PSK_WITH_AES_128_CCM_8 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8
- case TLS_PSK_WITH_AES_256_CCM_8 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
- case TLS_PSK_WITH_AES_128_CCM :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
- case TLS_PSK_WITH_AES_256_CCM :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
- case TLS_DHE_PSK_WITH_AES_128_CCM :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = dhe_psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
- case TLS_DHE_PSK_WITH_AES_256_CCM :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = dhe_psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- default:
- CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC");
- return UNSUPPORTED_SUITE;
- } /* switch */
- } /* if */
- if (ssl->options.cipherSuite0 != ECC_BYTE &&
- ssl->options.cipherSuite0 != CHACHA_BYTE) { /* normal suites */
- switch (ssl->options.cipherSuite) {
- #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
- case SSL_RSA_WITH_RC4_128_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = RC4_KEY_SIZE;
- ssl->specs.iv_size = 0;
- ssl->specs.block_size = 0;
- break;
- #endif
- #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
- case TLS_NTRU_RSA_WITH_RC4_128_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ntru_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = RC4_KEY_SIZE;
- ssl->specs.iv_size = 0;
- ssl->specs.block_size = 0;
- break;
- #endif
- #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
- case SSL_RSA_WITH_RC4_128_MD5 :
- ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = md5_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = MD5_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_MD5;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = RC4_KEY_SIZE;
- ssl->specs.iv_size = 0;
- ssl->specs.block_size = 0;
- break;
- #endif
- #ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
- case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = DES3_KEY_SIZE;
- ssl->specs.block_size = DES_BLOCK_SIZE;
- ssl->specs.iv_size = DES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
- case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ntru_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = DES3_KEY_SIZE;
- ssl->specs.block_size = DES_BLOCK_SIZE;
- ssl->specs.iv_size = DES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
- case TLS_RSA_WITH_AES_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
- case TLS_RSA_WITH_AES_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_NULL_SHA
- case TLS_RSA_WITH_NULL_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = 0;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = 0;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
- case TLS_RSA_WITH_NULL_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = 0;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = 0;
- break;
- #endif
- #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
- case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ntru_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
- case TLS_RSA_WITH_AES_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
- case TLS_RSA_WITH_AES_256_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
- case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = ntru_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
- case TLS_PSK_WITH_AES_128_GCM_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
- case TLS_PSK_WITH_AES_256_GCM_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
- case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = dhe_psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
- case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = dhe_psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
- case TLS_PSK_WITH_AES_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
- case TLS_PSK_WITH_AES_256_CBC_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
- case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = dhe_psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
- case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = dhe_psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
- case TLS_PSK_WITH_AES_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
- case TLS_PSK_WITH_AES_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
- case TLS_PSK_WITH_NULL_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = 0;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = 0;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
- case TLS_PSK_WITH_NULL_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = 0;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = 0;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_PSK_WITH_NULL_SHA
- case TLS_PSK_WITH_NULL_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = 0;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = 0;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
- case TLS_DHE_PSK_WITH_NULL_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = dhe_psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = 0;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = 0;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
- case TLS_DHE_PSK_WITH_NULL_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = dhe_psk_kea;
- ssl->specs.sig_algo = anonymous_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = 0;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = 0;
- ssl->options.usingPSK_cipher = 1;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_HC_128_MD5
- case TLS_RSA_WITH_HC_128_MD5 :
- ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = md5_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = MD5_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_MD5;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = HC_128_KEY_SIZE;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = HC_128_IV_SIZE;
- break;
- #endif
-
- #ifdef BUILD_TLS_RSA_WITH_HC_128_SHA
- case TLS_RSA_WITH_HC_128_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = HC_128_KEY_SIZE;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = HC_128_IV_SIZE;
-
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256
- case TLS_RSA_WITH_HC_128_B2B256:
- ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = blake2b_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = BLAKE2B_256;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = HC_128_KEY_SIZE;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = HC_128_IV_SIZE;
-
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
- case TLS_RSA_WITH_AES_128_CBC_B2B256:
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = blake2b_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = BLAKE2B_256;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
-
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
- case TLS_RSA_WITH_AES_256_CBC_B2B256:
- ssl->specs.bulk_cipher_algorithm = cyassl_aes;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = blake2b_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = BLAKE2B_256;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.iv_size = AES_IV_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
-
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA
- case TLS_RSA_WITH_RABBIT_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_rabbit;
- ssl->specs.cipher_type = stream;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = RABBIT_KEY_SIZE;
- ssl->specs.block_size = 0;
- ssl->specs.iv_size = RABBIT_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
- case TLS_RSA_WITH_AES_128_GCM_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
- case TLS_RSA_WITH_AES_256_GCM_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_128_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
- ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
- ssl->specs.cipher_type = aead;
- ssl->specs.mac_algorithm = sha384_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA384_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = AES_256_KEY_SIZE;
- ssl->specs.block_size = AES_BLOCK_SIZE;
- ssl->specs.iv_size = AEAD_IMP_IV_SZ;
- ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
- ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
- ssl->specs.iv_size = CAMELLIA_IV_SIZE;
- break;
- #endif
-
- #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
- ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
- ssl->specs.iv_size = CAMELLIA_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
- case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
- ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
- ssl->specs.iv_size = CAMELLIA_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
- case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = rsa_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
- ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
- ssl->specs.iv_size = CAMELLIA_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
- ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
- ssl->specs.iv_size = CAMELLIA_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
- case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
- ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
- ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
- ssl->specs.iv_size = CAMELLIA_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
- ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
- ssl->specs.iv_size = CAMELLIA_IV_SIZE;
- break;
- #endif
- #ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
- case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
- ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
- ssl->specs.cipher_type = block;
- ssl->specs.mac_algorithm = sha256_mac;
- ssl->specs.kea = diffie_hellman_kea;
- ssl->specs.sig_algo = rsa_sa_algo;
- ssl->specs.hash_size = SHA256_DIGEST_SIZE;
- ssl->specs.pad_size = PAD_SHA;
- ssl->specs.static_ecdh = 0;
- ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
- ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
- ssl->specs.iv_size = CAMELLIA_IV_SIZE;
- break;
- #endif
- default:
- CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs");
- return UNSUPPORTED_SUITE;
- } /* switch */
- } /* if ECC / Normal suites else */
- /* set TLS if it hasn't been turned off */
- if (ssl->version.major == 3 && ssl->version.minor >= 1) {
- #ifndef NO_TLS
- ssl->options.tls = 1;
- ssl->hmac = TLS_hmac;
- if (ssl->version.minor >= 2)
- ssl->options.tls1_1 = 1;
- #endif
- }
- #ifdef CYASSL_DTLS
- if (ssl->options.dtls)
- ssl->hmac = TLS_hmac;
- #endif
- return 0;
- }
- enum KeyStuff {
- MASTER_ROUNDS = 3,
- PREFIX = 3, /* up to three letters for master prefix */
- KEY_PREFIX = 7 /* up to 7 prefix letters for key rounds */
- };
- #ifndef NO_OLD_TLS
- /* true or false, zero for error */
- static int SetPrefix(byte* sha_input, int idx)
- {
- switch (idx) {
- case 0:
- XMEMCPY(sha_input, "A", 1);
- break;
- case 1:
- XMEMCPY(sha_input, "BB", 2);
- break;
- case 2:
- XMEMCPY(sha_input, "CCC", 3);
- break;
- case 3:
- XMEMCPY(sha_input, "DDDD", 4);
- break;
- case 4:
- XMEMCPY(sha_input, "EEEEE", 5);
- break;
- case 5:
- XMEMCPY(sha_input, "FFFFFF", 6);
- break;
- case 6:
- XMEMCPY(sha_input, "GGGGGGG", 7);
- break;
- default:
- CYASSL_MSG("Set Prefix error, bad input");
- return 0;
- }
- return 1;
- }
- #endif
- static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
- byte side, void* heap, int devId)
- {
- #ifdef BUILD_ARC4
- word32 sz = specs->key_size;
- if (specs->bulk_cipher_algorithm == cyassl_rc4) {
- if (enc->arc4 == NULL)
- enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
- if (enc->arc4 == NULL)
- return MEMORY_E;
- if (dec->arc4 == NULL)
- dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->arc4 == NULL)
- return MEMORY_E;
- #ifdef HAVE_CAVIUM
- if (devId != NO_CAVIUM_DEVICE) {
- if (Arc4InitCavium(enc->arc4, devId) != 0) {
- CYASSL_MSG("Arc4InitCavium failed in SetKeys");
- return CAVIUM_INIT_E;
- }
- if (Arc4InitCavium(dec->arc4, devId) != 0) {
- CYASSL_MSG("Arc4InitCavium failed in SetKeys");
- return CAVIUM_INIT_E;
- }
- }
- #endif
- if (side == CYASSL_CLIENT_END) {
- Arc4SetKey(enc->arc4, keys->client_write_key, sz);
- Arc4SetKey(dec->arc4, keys->server_write_key, sz);
- }
- else {
- Arc4SetKey(enc->arc4, keys->server_write_key, sz);
- Arc4SetKey(dec->arc4, keys->client_write_key, sz);
- }
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
- #ifdef HAVE_POLY1305
- /* set up memory space for poly1305 */
- if (enc->poly1305 == NULL)
- enc->poly1305 = (Poly1305*)malloc(sizeof(Poly1305));
- if (enc->poly1305 == NULL)
- return MEMORY_E;
- if (dec->poly1305 == NULL)
- dec->poly1305 =
- (Poly1305*)XMALLOC(sizeof(Poly1305), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->poly1305 == NULL)
- return MEMORY_E;
- #endif
-
- #ifdef HAVE_CHACHA
- if (specs->bulk_cipher_algorithm == cyassl_chacha) {
- int chachaRet;
- if (enc->chacha == NULL)
- enc->chacha = (ChaCha*)malloc(sizeof(ChaCha));
- if (enc->chacha == NULL)
- return MEMORY_E;
- if (dec->chacha == NULL)
- dec->chacha =
- (ChaCha*)XMALLOC(sizeof(ChaCha), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->chacha == NULL)
- return MEMORY_E;
- if (side == CYASSL_CLIENT_END) {
- chachaRet = Chacha_SetKey(enc->chacha, keys->client_write_key,
- specs->key_size);
- XMEMCPY(keys->aead_enc_imp_IV,
- keys->client_write_IV, AEAD_IMP_IV_SZ);
- if (chachaRet != 0) return chachaRet;
- chachaRet = Chacha_SetKey(dec->chacha, keys->server_write_key,
- specs->key_size);
- XMEMCPY(keys->aead_dec_imp_IV,
- keys->server_write_IV, AEAD_IMP_IV_SZ);
- if (chachaRet != 0) return chachaRet;
- }
- else {
- chachaRet = Chacha_SetKey(enc->chacha, keys->server_write_key,
- specs->key_size);
- XMEMCPY(keys->aead_enc_imp_IV,
- keys->server_write_IV, AEAD_IMP_IV_SZ);
- if (chachaRet != 0) return chachaRet;
- chachaRet = Chacha_SetKey(dec->chacha, keys->client_write_key,
- specs->key_size);
- XMEMCPY(keys->aead_dec_imp_IV,
- keys->client_write_IV, AEAD_IMP_IV_SZ);
- if (chachaRet != 0) return chachaRet;
- }
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
- #ifdef HAVE_HC128
- if (specs->bulk_cipher_algorithm == cyassl_hc128) {
- int hcRet;
- if (enc->hc128 == NULL)
- enc->hc128 =
- (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
- if (enc->hc128 == NULL)
- return MEMORY_E;
- if (dec->hc128 == NULL)
- dec->hc128 =
- (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->hc128 == NULL)
- return MEMORY_E;
- if (side == CYASSL_CLIENT_END) {
- hcRet = Hc128_SetKey(enc->hc128, keys->client_write_key,
- keys->client_write_IV);
- if (hcRet != 0) return hcRet;
- hcRet = Hc128_SetKey(dec->hc128, keys->server_write_key,
- keys->server_write_IV);
- if (hcRet != 0) return hcRet;
- }
- else {
- hcRet = Hc128_SetKey(enc->hc128, keys->server_write_key,
- keys->server_write_IV);
- if (hcRet != 0) return hcRet;
- hcRet = Hc128_SetKey(dec->hc128, keys->client_write_key,
- keys->client_write_IV);
- if (hcRet != 0) return hcRet;
- }
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
-
- #ifdef BUILD_RABBIT
- if (specs->bulk_cipher_algorithm == cyassl_rabbit) {
- int rabRet;
- if (enc->rabbit == NULL)
- enc->rabbit =
- (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
- if (enc->rabbit == NULL)
- return MEMORY_E;
- if (dec->rabbit == NULL)
- dec->rabbit =
- (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->rabbit == NULL)
- return MEMORY_E;
- if (side == CYASSL_CLIENT_END) {
- rabRet = RabbitSetKey(enc->rabbit, keys->client_write_key,
- keys->client_write_IV);
- if (rabRet != 0) return rabRet;
- rabRet = RabbitSetKey(dec->rabbit, keys->server_write_key,
- keys->server_write_IV);
- if (rabRet != 0) return rabRet;
- }
- else {
- rabRet = RabbitSetKey(enc->rabbit, keys->server_write_key,
- keys->server_write_IV);
- if (rabRet != 0) return rabRet;
- rabRet = RabbitSetKey(dec->rabbit, keys->client_write_key,
- keys->client_write_IV);
- if (rabRet != 0) return rabRet;
- }
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
-
- #ifdef BUILD_DES3
- if (specs->bulk_cipher_algorithm == cyassl_triple_des) {
- int desRet = 0;
- if (enc->des3 == NULL)
- enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
- if (enc->des3 == NULL)
- return MEMORY_E;
- if (dec->des3 == NULL)
- dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->des3 == NULL)
- return MEMORY_E;
- #ifdef HAVE_CAVIUM
- if (devId != NO_CAVIUM_DEVICE) {
- if (Des3_InitCavium(enc->des3, devId) != 0) {
- CYASSL_MSG("Des3_InitCavium failed in SetKeys");
- return CAVIUM_INIT_E;
- }
- if (Des3_InitCavium(dec->des3, devId) != 0) {
- CYASSL_MSG("Des3_InitCavium failed in SetKeys");
- return CAVIUM_INIT_E;
- }
- }
- #endif
- if (side == CYASSL_CLIENT_END) {
- desRet = Des3_SetKey(enc->des3, keys->client_write_key,
- keys->client_write_IV, DES_ENCRYPTION);
- if (desRet != 0)
- return desRet;
- desRet = Des3_SetKey(dec->des3, keys->server_write_key,
- keys->server_write_IV, DES_DECRYPTION);
- if (desRet != 0)
- return desRet;
- }
- else {
- desRet = Des3_SetKey(enc->des3, keys->server_write_key,
- keys->server_write_IV, DES_ENCRYPTION);
- if (desRet != 0)
- return desRet;
- desRet = Des3_SetKey(dec->des3, keys->client_write_key,
- keys->client_write_IV, DES_DECRYPTION);
- if (desRet != 0)
- return desRet;
- }
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
- #ifdef BUILD_AES
- if (specs->bulk_cipher_algorithm == cyassl_aes) {
- int aesRet = 0;
- if (enc->aes == NULL)
- enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
- if (enc->aes == NULL)
- return MEMORY_E;
- if (dec->aes == NULL)
- dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->aes == NULL)
- return MEMORY_E;
- #ifdef HAVE_CAVIUM
- if (devId != NO_CAVIUM_DEVICE) {
- if (AesInitCavium(enc->aes, devId) != 0) {
- CYASSL_MSG("AesInitCavium failed in SetKeys");
- return CAVIUM_INIT_E;
- }
- if (AesInitCavium(dec->aes, devId) != 0) {
- CYASSL_MSG("AesInitCavium failed in SetKeys");
- return CAVIUM_INIT_E;
- }
- }
- #endif
- if (side == CYASSL_CLIENT_END) {
- aesRet = AesSetKey(enc->aes, keys->client_write_key,
- specs->key_size, keys->client_write_IV,
- AES_ENCRYPTION);
- if (aesRet != 0)
- return aesRet;
- aesRet = AesSetKey(dec->aes, keys->server_write_key,
- specs->key_size, keys->server_write_IV,
- AES_DECRYPTION);
- if (aesRet != 0)
- return aesRet;
- }
- else {
- aesRet = AesSetKey(enc->aes, keys->server_write_key,
- specs->key_size, keys->server_write_IV,
- AES_ENCRYPTION);
- if (aesRet != 0)
- return aesRet;
- aesRet = AesSetKey(dec->aes, keys->client_write_key,
- specs->key_size, keys->client_write_IV,
- AES_DECRYPTION);
- if (aesRet != 0)
- return aesRet;
- }
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
- #ifdef BUILD_AESGCM
- if (specs->bulk_cipher_algorithm == cyassl_aes_gcm) {
- if (enc->aes == NULL)
- enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
- if (enc->aes == NULL)
- return MEMORY_E;
- if (dec->aes == NULL)
- dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->aes == NULL)
- return MEMORY_E;
- if (side == CYASSL_CLIENT_END) {
- AesGcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
- XMEMCPY(keys->aead_enc_imp_IV,
- keys->client_write_IV, AEAD_IMP_IV_SZ);
- AesGcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
- XMEMCPY(keys->aead_dec_imp_IV,
- keys->server_write_IV, AEAD_IMP_IV_SZ);
- }
- else {
- AesGcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
- XMEMCPY(keys->aead_enc_imp_IV,
- keys->server_write_IV, AEAD_IMP_IV_SZ);
- AesGcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
- XMEMCPY(keys->aead_dec_imp_IV,
- keys->client_write_IV, AEAD_IMP_IV_SZ);
- }
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
- #ifdef HAVE_AESCCM
- if (specs->bulk_cipher_algorithm == cyassl_aes_ccm) {
- if (enc->aes == NULL)
- enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
- if (enc->aes == NULL)
- return MEMORY_E;
- if (dec->aes == NULL)
- dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->aes == NULL)
- return MEMORY_E;
- if (side == CYASSL_CLIENT_END) {
- AesCcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
- XMEMCPY(keys->aead_enc_imp_IV,
- keys->client_write_IV, AEAD_IMP_IV_SZ);
- AesCcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
- XMEMCPY(keys->aead_dec_imp_IV,
- keys->server_write_IV, AEAD_IMP_IV_SZ);
- }
- else {
- AesCcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
- XMEMCPY(keys->aead_enc_imp_IV,
- keys->server_write_IV, AEAD_IMP_IV_SZ);
- AesCcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
- XMEMCPY(keys->aead_dec_imp_IV,
- keys->client_write_IV, AEAD_IMP_IV_SZ);
- }
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
- #ifdef HAVE_CAMELLIA
- if (specs->bulk_cipher_algorithm == cyassl_camellia) {
- int camRet;
- if (enc->cam == NULL)
- enc->cam =
- (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
- if (enc->cam == NULL)
- return MEMORY_E;
- if (dec->cam == NULL)
- dec->cam =
- (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
- if (dec->cam == NULL)
- return MEMORY_E;
- if (side == CYASSL_CLIENT_END) {
- camRet = CamelliaSetKey(enc->cam, keys->client_write_key,
- specs->key_size, keys->client_write_IV);
- if (camRet != 0)
- return camRet;
- camRet = CamelliaSetKey(dec->cam, keys->server_write_key,
- specs->key_size, keys->server_write_IV);
- if (camRet != 0)
- return camRet;
- }
- else {
- camRet = CamelliaSetKey(enc->cam, keys->server_write_key,
- specs->key_size, keys->server_write_IV);
- if (camRet != 0)
- return camRet;
- camRet = CamelliaSetKey(dec->cam, keys->client_write_key,
- specs->key_size, keys->client_write_IV);
- if (camRet != 0)
- return camRet;
- }
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
- #ifdef HAVE_NULL_CIPHER
- if (specs->bulk_cipher_algorithm == cyassl_cipher_null) {
- enc->setup = 1;
- dec->setup = 1;
- }
- #endif
- keys->sequence_number = 0;
- keys->peer_sequence_number = 0;
- keys->encryptionOn = 0;
- (void)side;
- (void)heap;
- (void)enc;
- (void)dec;
- (void)specs;
- (void)devId;
- return 0;
- }
- /* TLS can call too */
- int StoreKeys(CYASSL* ssl, const byte* keyData)
- {
- int sz, i = 0;
- int devId = NO_CAVIUM_DEVICE;
- #ifdef HAVE_CAVIUM
- devId = ssl->devId;
- #endif
- if (ssl->specs.cipher_type != aead) {
- sz = ssl->specs.hash_size;
- XMEMCPY(ssl->keys.client_write_MAC_secret,&keyData[i], sz);
- i += sz;
- XMEMCPY(ssl->keys.server_write_MAC_secret,&keyData[i], sz);
- i += sz;
- }
- sz = ssl->specs.key_size;
- XMEMCPY(ssl->keys.client_write_key, &keyData[i], sz);
- i += sz;
- XMEMCPY(ssl->keys.server_write_key, &keyData[i], sz);
- i += sz;
- sz = ssl->specs.iv_size;
- XMEMCPY(ssl->keys.client_write_IV, &keyData[i], sz);
- i += sz;
- XMEMCPY(ssl->keys.server_write_IV, &keyData[i], sz);
- #ifdef HAVE_AEAD
- if (ssl->specs.cipher_type == aead) {
- /* Initialize the AES-GCM/CCM explicit IV to a zero. */
- XMEMSET(ssl->keys.aead_exp_IV, 0, AEAD_EXP_IV_SZ);
- }
- #endif
- return SetKeys(&ssl->encrypt, &ssl->decrypt, &ssl->keys, &ssl->specs,
- ssl->options.side, ssl->heap, devId);
- }
- #ifndef NO_OLD_TLS
- int DeriveKeys(CYASSL* ssl)
- {
- int length = 2 * ssl->specs.hash_size +
- 2 * ssl->specs.key_size +
- 2 * ssl->specs.iv_size;
- int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i;
- int ret = 0;
-
- #ifdef CYASSL_SMALL_STACK
- byte* shaOutput;
- byte* md5Input;
- byte* shaInput;
- byte* keyData;
- Md5* md5;
- Sha* sha;
- #else
- byte shaOutput[SHA_DIGEST_SIZE];
- byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE];
- byte shaInput[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN];
- byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE];
- Md5 md5[1];
- Sha sha[1];
- #endif
-
- #ifdef CYASSL_SMALL_STACK
- shaOutput = (byte*)XMALLOC(SHA_DIGEST_SIZE,
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
- md5Input = (byte*)XMALLOC(SECRET_LEN + SHA_DIGEST_SIZE,
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
- shaInput = (byte*)XMALLOC(KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN,
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
- keyData = (byte*)XMALLOC(KEY_PREFIX * MD5_DIGEST_SIZE,
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
- md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
- sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- if (shaOutput == NULL || md5Input == NULL || shaInput == NULL ||
- keyData == NULL || md5 == NULL || sha == NULL) {
- if (shaOutput) XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (md5Input) XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (shaInput) XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (keyData) XFREE(keyData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (md5) XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (sha) XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- return MEMORY_E;
- }
- #endif
- InitMd5(md5);
- ret = InitSha(sha);
- if (ret == 0) {
- XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN);
- for (i = 0; i < rounds; ++i) {
- int j = i + 1;
- int idx = j;
- if (!SetPrefix(shaInput, i)) {
- ret = PREFIX_ERROR;
- break;
- }
- XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN);
- idx += SECRET_LEN;
- XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
- idx += RAN_LEN;
- XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
- ShaUpdate(sha, shaInput, (KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN)
- - KEY_PREFIX + j);
- ShaFinal(sha, shaOutput);
- XMEMCPY(md5Input + SECRET_LEN, shaOutput, SHA_DIGEST_SIZE);
- Md5Update(md5, md5Input, SECRET_LEN + SHA_DIGEST_SIZE);
- Md5Final(md5, keyData + i * MD5_DIGEST_SIZE);
- }
- if (ret == 0)
- ret = StoreKeys(ssl, keyData);
- }
- #ifdef CYASSL_SMALL_STACK
- XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(keyData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- static int CleanPreMaster(CYASSL* ssl)
- {
- int i, ret, sz = ssl->arrays->preMasterSz;
- for (i = 0; i < sz; i++)
- ssl->arrays->preMasterSecret[i] = 0;
- ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz);
- if (ret != 0)
- return ret;
- for (i = 0; i < sz; i++)
- ssl->arrays->preMasterSecret[i] = 0;
- return 0;
- }
- /* Create and store the master secret see page 32, 6.1 */
- static int MakeSslMasterSecret(CYASSL* ssl)
- {
- int i, ret;
- word32 idx;
- word32 pmsSz = ssl->arrays->preMasterSz;
- #ifdef CYASSL_SMALL_STACK
- byte* shaOutput;
- byte* md5Input;
- byte* shaInput;
- Md5* md5;
- Sha* sha;
- #else
- byte shaOutput[SHA_DIGEST_SIZE];
- byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE];
- byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN];
- Md5 md5[1];
- Sha sha[1];
- #endif
- #ifdef SHOW_SECRETS
- {
- word32 j;
- printf("pre master secret: ");
- for (j = 0; j < pmsSz; j++)
- printf("%02x", ssl->arrays->preMasterSecret[j]);
- printf("\n");
- }
- #endif
-
- #ifdef CYASSL_SMALL_STACK
- shaOutput = (byte*)XMALLOC(SHA_DIGEST_SIZE,
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
- md5Input = (byte*)XMALLOC(ENCRYPT_LEN + SHA_DIGEST_SIZE,
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
- shaInput = (byte*)XMALLOC(PREFIX + ENCRYPT_LEN + 2 * RAN_LEN,
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
- md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
- sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- if (shaOutput == NULL || md5Input == NULL || shaInput == NULL ||
- md5 == NULL || sha == NULL) {
- if (shaOutput) XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (md5Input) XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (shaInput) XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (md5) XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (sha) XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- return MEMORY_E;
- }
- #endif
- InitMd5(md5);
-
- ret = InitSha(sha);
-
- if (ret == 0) {
- XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz);
- for (i = 0; i < MASTER_ROUNDS; ++i) {
- byte prefix[KEY_PREFIX]; /* only need PREFIX bytes but static */
- if (!SetPrefix(prefix, i)) { /* analysis thinks will overrun */
- ret = PREFIX_ERROR;
- break;
- }
- idx = 0;
- XMEMCPY(shaInput, prefix, i + 1);
- idx += i + 1;
- XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz);
- idx += pmsSz;
- XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
- idx += RAN_LEN;
- XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
- idx += RAN_LEN;
- ShaUpdate(sha, shaInput, idx);
- ShaFinal(sha, shaOutput);
- idx = pmsSz; /* preSz */
- XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
- idx += SHA_DIGEST_SIZE;
- Md5Update(md5, md5Input, idx);
- Md5Final(md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]);
- }
- #ifdef SHOW_SECRETS
- {
- word32 j;
- printf("master secret: ");
- for (j = 0; j < SECRET_LEN; j++)
- printf("%02x", ssl->arrays->masterSecret[j]);
- printf("\n");
- }
- #endif
- if (ret == 0)
- ret = DeriveKeys(ssl);
- }
- #ifdef CYASSL_SMALL_STACK
- XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
-
- if (ret == 0)
- ret = CleanPreMaster(ssl);
- else
- CleanPreMaster(ssl);
- return ret;
- }
- #endif
- /* Master wrapper, doesn't use SSL stack space in TLS mode */
- int MakeMasterSecret(CYASSL* ssl)
- {
- #ifdef NO_OLD_TLS
- return MakeTlsMasterSecret(ssl);
- #elif !defined(NO_TLS)
- if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
- #endif
- #ifndef NO_OLD_TLS
- return MakeSslMasterSecret(ssl);
- #endif
- }
|