mirror of https://github.com/wolfSSL/wolfssl
use internal enum for cipher requires, move external enums back to starting at zero
This commit is contained in:
toddouska
parent
638c095737
commit
1f0a32a7e3
|
|
@ -779,7 +779,7 @@ typedef struct CipherSpecs {
|
|||
|
||||
/* Supported Ciphers from page 43 */
|
||||
enum BulkCipherAlgorithm {
|
||||
cipher_null = 0,
|
||||
cipher_null,
|
||||
rc4,
|
||||
rc2,
|
||||
des,
|
||||
|
|
@ -794,7 +794,7 @@ enum BulkCipherAlgorithm {
|
|||
|
||||
/* Supported Message Authentication Codes from page 43 */
|
||||
enum MACAlgorithm {
|
||||
no_mac = 10,
|
||||
no_mac,
|
||||
md5_mac,
|
||||
sha_mac,
|
||||
sha224_mac,
|
||||
|
|
@ -807,7 +807,7 @@ enum MACAlgorithm {
|
|||
|
||||
/* Supported Key Exchange Protocols */
|
||||
enum KeyExchangeAlgorithm {
|
||||
no_kea = 20,
|
||||
no_kea,
|
||||
rsa_kea,
|
||||
diffie_hellman_kea,
|
||||
fortezza_kea,
|
||||
|
|
@ -820,7 +820,7 @@ enum KeyExchangeAlgorithm {
|
|||
|
||||
/* Supported Authentication Schemes */
|
||||
enum SignatureAlgorithm {
|
||||
anonymous_sa_algo = 30,
|
||||
anonymous_sa_algo,
|
||||
rsa_sa_algo,
|
||||
dsa_sa_algo,
|
||||
ecc_dsa_sa_algo
|
||||
|
|
|
|||
103
src/internal.c
103
src/internal.c
|
|
@ -5454,6 +5454,17 @@ int SetCipherList(Suites* s, const char* list)
|
|||
}
|
||||
|
||||
|
||||
/* cipher requirements */
|
||||
enum {
|
||||
REQUIRES_RSA,
|
||||
REQUIRES_DHE,
|
||||
REQUIRES_ECC_DSA,
|
||||
REQUIRES_ECC_STATIC,
|
||||
REQUIRES_PSK,
|
||||
REQUIRES_NTRU
|
||||
};
|
||||
|
||||
|
||||
|
||||
/* Does this cipher suite (first, second) have the requirement
|
||||
an ephemeral key exchange will still require the key for signing
|
||||
|
|
@ -5466,82 +5477,82 @@ int SetCipherList(Suites* s, const char* list)
|
|||
switch (second) {
|
||||
|
||||
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
|
||||
if (requirement == ecc_static_diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
|
||||
if (requirement == ecc_static_diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_RSA_WITH_RC4_128_SHA :
|
||||
if (requirement == ecc_static_diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
|
||||
if (requirement == ecc_dsa_sa_algo)
|
||||
if (requirement == REQUIRES_ECC_DSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
|
||||
if (requirement == ecc_static_diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
|
||||
if (requirement == ecc_dsa_sa_algo)
|
||||
if (requirement == REQUIRES_ECC_DSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
|
||||
if (requirement == ecc_static_diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
|
||||
if (requirement == ecc_static_diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
|
||||
if (requirement == ecc_dsa_sa_algo)
|
||||
if (requirement == REQUIRES_ECC_DSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
|
||||
if (requirement == ecc_static_diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
|
||||
if (requirement == ecc_dsa_sa_algo)
|
||||
if (requirement == REQUIRES_ECC_DSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
|
||||
if (requirement == ecc_static_diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
|
|
@ -5554,110 +5565,110 @@ int SetCipherList(Suites* s, const char* list)
|
|||
switch (second) {
|
||||
|
||||
case SSL_RSA_WITH_RC4_128_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_NTRU_RSA_WITH_RC4_128_SHA :
|
||||
if (requirement == ntru_kea)
|
||||
if (requirement == REQUIRES_NTRU)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case SSL_RSA_WITH_RC4_128_MD5 :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
|
||||
if (requirement == ntru_kea)
|
||||
if (requirement == REQUIRES_NTRU)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_RSA_WITH_AES_128_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_RSA_WITH_AES_128_CBC_SHA256 :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
|
||||
if (requirement == ntru_kea)
|
||||
if (requirement == REQUIRES_NTRU)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_RSA_WITH_AES_256_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_RSA_WITH_AES_256_CBC_SHA256 :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
|
||||
if (requirement == ntru_kea)
|
||||
if (requirement == REQUIRES_NTRU)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_PSK_WITH_AES_128_CBC_SHA :
|
||||
if (requirement == psk_kea)
|
||||
if (requirement == REQUIRES_PSK)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_PSK_WITH_AES_256_CBC_SHA :
|
||||
if (requirement == psk_kea)
|
||||
if (requirement == REQUIRES_PSK)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
if (requirement == diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_DHE)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
if (requirement == diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_DHE)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
if (requirement == diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_DHE)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
if (requirement == diffie_hellman_kea)
|
||||
if (requirement == REQUIRES_DHE)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_RSA_WITH_HC_128_CBC_MD5 :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_RSA_WITH_HC_128_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_RSA_WITH_RABBIT_CBC_SHA :
|
||||
if (requirement == rsa_kea)
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
|
|
@ -5691,7 +5702,7 @@ int SetCipherList(Suites* s, const char* list)
|
|||
if (ssl->options.haveNTRU)
|
||||
haveRSA = 0;
|
||||
|
||||
if (CipherRequires(first, second, rsa_kea)) {
|
||||
if (CipherRequires(first, second, REQUIRES_RSA)) {
|
||||
CYASSL_MSG("Requires RSA");
|
||||
if (haveRSA == 0) {
|
||||
CYASSL_MSG("Don't have RSA");
|
||||
|
|
@ -5700,7 +5711,7 @@ int SetCipherList(Suites* s, const char* list)
|
|||
return 1;
|
||||
}
|
||||
|
||||
if (CipherRequires(first, second, diffie_hellman_kea)) {
|
||||
if (CipherRequires(first, second, REQUIRES_DHE)) {
|
||||
CYASSL_MSG("Requires DHE");
|
||||
if (ssl->options.haveDH == 0) {
|
||||
CYASSL_MSG("Don't have DHE");
|
||||
|
|
@ -5709,7 +5720,7 @@ int SetCipherList(Suites* s, const char* list)
|
|||
return 1;
|
||||
}
|
||||
|
||||
if (CipherRequires(first, second, ecc_dsa_sa_algo)) {
|
||||
if (CipherRequires(first, second, REQUIRES_ECC_DSA)) {
|
||||
CYASSL_MSG("Requires ECCDSA");
|
||||
if (ssl->options.haveECDSA == 0) {
|
||||
CYASSL_MSG("Don't have ECCDSA");
|
||||
|
|
@ -5718,7 +5729,7 @@ int SetCipherList(Suites* s, const char* list)
|
|||
return 1;
|
||||
}
|
||||
|
||||
if (CipherRequires(first, second, ecc_static_diffie_hellman_kea)) {
|
||||
if (CipherRequires(first, second, REQUIRES_ECC_STATIC)) {
|
||||
CYASSL_MSG("Requires static ECC");
|
||||
if (ssl->options.haveStaticECC == 0) {
|
||||
CYASSL_MSG("Don't have static ECC");
|
||||
|
|
@ -5727,7 +5738,7 @@ int SetCipherList(Suites* s, const char* list)
|
|||
return 1;
|
||||
}
|
||||
|
||||
if (CipherRequires(first, second, psk_kea)) {
|
||||
if (CipherRequires(first, second, REQUIRES_PSK)) {
|
||||
CYASSL_MSG("Requires PSK");
|
||||
if (havePSK == 0) {
|
||||
CYASSL_MSG("Don't have PSK");
|
||||
|
|
@ -5736,7 +5747,7 @@ int SetCipherList(Suites* s, const char* list)
|
|||
return 1;
|
||||
}
|
||||
|
||||
if (CipherRequires(first, second, ntru_kea)) {
|
||||
if (CipherRequires(first, second, REQUIRES_NTRU)) {
|
||||
CYASSL_MSG("Requires NTRU");
|
||||
if (ssl->options.haveNTRU == 0) {
|
||||
CYASSL_MSG("Don't have NTRU");
|
||||
|
|
|
|||
Loading…
Reference in New Issue