mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SHA256 cipher suites for TLSv1.2

Browse Source
This commit is contained in:
Todd A Ouska 2011-03-04 11:13:28 -08:00
parent b74d0243c8
commit 1313ca7872
6 changed files with 86 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -30,3 +30,5 @@ sslSniffer/sslSnifferTest/tracefile.txt
*.bak
NTRU_algorithm/
build-test/
build/
cyassl.xcodeproj/

16
include/cyassl_int.h
View File

@ -123,6 +123,10 @@ typedef byte word24[3];
#define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
#endif
#if !defined (NO_SHA256)
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
#endif
#endif
#if !defined(NO_HC128) && !defined(NO_TLS)
@ -220,7 +224,11 @@ enum {
TLS_NTRU_RSA_WITH_RC4_128_SHA = 0x65,
TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0x66,
TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0x67,
TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0x68
TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0x68,
/* SHA256 */
TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d,
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c
};
@ -292,7 +300,7 @@ enum Misc {
KEY_LABEL_SZ = 13, /* TLS key block expansion sz */
MAX_PRF_HALF = 128, /* Maximum half secret len */
MAX_PRF_LABSEED = 80, /* Maximum label + seed len */
MAX_PRF_DIG = 148, /* Maximum digest len */
MAX_PRF_DIG = 224, /* Maximum digest len */
MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */
SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */
@ -707,8 +715,8 @@ enum CipherType { stream, block };
/* keys and secrets */
typedef struct Keys {
byte client_write_MAC_secret[SHA_DIGEST_SIZE]; /* max sizes */
byte server_write_MAC_secret[SHA_DIGEST_SIZE];
byte client_write_MAC_secret[SHA256_DIGEST_SIZE]; /* max sizes */
byte server_write_MAC_secret[SHA256_DIGEST_SIZE];
byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */
byte server_write_key[AES_256_KEY_SIZE];
byte client_write_IV[AES_IV_SIZE]; /* max sizes */

39
src/cyassl_int.c
View File

@ -394,7 +394,8 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
byte haveNTRU, byte haveECDSA, int side)
{
word32 idx = 0;
int tls = pv.major == 3 && pv.minor >= 1;
int tls = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_MINOR;
int tls1_2 = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_2_MINOR;
int haveRSA = 1;
(void)tls; /* shut up compiler */
@ -507,6 +508,20 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
}
#endif
#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
if (tls1_2 && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_SHA256;
}
#endif
#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
if (tls1_2 && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_SHA256;
}
#endif
#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
if (tls && haveRSA) {
suites->suites[idx++] = 0;
@ -1522,7 +1537,7 @@ static int DoCertificate(SSL* ssl, byte* input, word32* inOutIdx)
int DoFinished(SSL* ssl, const byte* input, word32* inOutIdx, int sniff)
{
byte verifyMAC[SHA_DIGEST_SIZE];
byte verifyMAC[SHA256_DIGEST_SIZE];
int finishedSz = ssl->options.tls ? TLS_FINISHED_SZ : FINISHED_SZ;
int headerSz = HANDSHAKE_HEADER_SZ;
word32 macSz = finishedSz + HANDSHAKE_HEADER_SZ,
@ -1795,7 +1810,7 @@ int DoApplicationData(SSL* ssl, byte* input, word32* inOutIdx)
byte decomp[MAX_RECORD_SIZE + MAX_COMP_EXTRA];
#endif
byte verify[SHA_DIGEST_SIZE];
byte verify[SHA256_DIGEST_SIZE];
const byte* mac;
if (ssl->specs.cipher_type == block) {
@ -1881,7 +1896,7 @@ static int DoAlert(SSL* ssl, byte* input, word32* inOutIdx, int* type)
if (ssl->keys.encryptionOn) {
int aSz = ALERT_SIZE;
const byte* mac;
byte verify[SHA_DIGEST_SIZE];
byte verify[SHA256_DIGEST_SIZE];
int padSz = ssl->keys.encryptSz - aSz - ssl->specs.hash_size;
ssl->hmac(ssl, verify, input + *inOutIdx - aSz, aSz, alert, 1);
@ -2246,7 +2261,7 @@ static INLINE const byte* GetMacSecret(SSL* ssl, int verify)
static void Hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz,
int content, int verify)
{
byte result[SHA_DIGEST_SIZE]; /* max possible sizes */
byte result[SHA256_DIGEST_SIZE]; /* max possible sizes */
word32 digestSz = ssl->specs.hash_size; /* actual sizes */
word32 padSz = ssl->specs.pad_size;
@ -3155,6 +3170,13 @@ const char* const cipher_names[] =
"ECDHE-ECDSA-DES-CBC3-SHA",
#endif
#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
"AES128-SHA256",
#endif
#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
"AES256-SHA256",
#endif
};
@ -3259,6 +3281,13 @@ int cipher_name_idx[] =
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
#endif
#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256,
#endif
#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256,
#endif
};

30
src/keys.c
View File

@ -267,6 +267,21 @@ int SetCipherSpecs(SSL* ssl)
break;
#endif
#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
case TLS_RSA_WITH_AES_128_CBC_SHA256 :
ssl->specs.bulk_cipher_algorithm = aes;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = rsa_kea;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.key_size = AES_128_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AES_IV_SIZE;
break;
#endif
#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
ssl->specs.bulk_cipher_algorithm = aes;
@ -297,6 +312,21 @@ int SetCipherSpecs(SSL* ssl)
break;
#endif
#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
case TLS_RSA_WITH_AES_256_CBC_SHA256 :
ssl->specs.bulk_cipher_algorithm = aes;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = rsa_kea;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.key_size = AES_256_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AES_IV_SIZE;
break;
#endif
#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
ssl->specs.bulk_cipher_algorithm = aes;

4
src/ssl.c
View File

@ -2776,6 +2776,10 @@ int CyaSSL_set_compression(SSL* ssl)
return "TLS_RSA_WITH_AES_128_CBC_SHA";
case TLS_RSA_WITH_AES_256_CBC_SHA :
return "TLS_RSA_WITH_AES_256_CBC_SHA";
case TLS_RSA_WITH_AES_128_CBC_SHA256 :
return "TLS_RSA_WITH_AES_128_CBC_SHA256";
case TLS_RSA_WITH_AES_256_CBC_SHA256 :
return "TLS_RSA_WITH_AES_256_CBC_SHA256";
case TLS_PSK_WITH_AES_128_CBC_SHA :
return "TLS_PSK_WITH_AES_128_CBC_SHA";
case TLS_PSK_WITH_AES_256_CBC_SHA :

6
src/tls.c
View File

@ -298,7 +298,7 @@ static INLINE const byte* GetMacSecret(SSL* ssl, int verify)
/*** end copy ***/
/* TLS type HAMC */
/* TLS type HMAC */
void TLS_hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz,
int content, int verify)
{
@ -317,8 +317,10 @@ void TLS_hmac(SSL* ssl, byte* digest, const byte* buffer, word32 sz,
if (ssl->specs.mac_algorithm == md5_mac)
type = MD5;
else
else if (ssl->specs.mac_algorithm == sha_mac)
type = SHA;
else
type = SHA256;
HmacSetKey(&hmac, type, GetMacSecret(ssl, verify), ssl->specs.hash_size);
HmacUpdate(&hmac, seq, SEQ_SZ); /* seq_num */