add EDH-RSA-AES256-SHA, used in one mysql test

2016-04-29 09:17:12 -06:00 · 2016-04-29 09:17:12 -06:00 · 38bbd41f99
parent bd4e8ac714
commit 38bbd41f99
4 changed files with 61 additions and 0 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -1300,6 +1300,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA,
    }
 #endif
 #ifdef BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
    if (tls && haveDH && haveRSA) {
        suites->suites[idx++] = 0;
        suites->suites[idx++] = TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA;
    }
 #endif
 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
    if (tls1_2 && haveDH && haveRSA) {
        suites->suites[idx++] = 0;
@ -4731,6 +4738,15 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
            if (requirement == REQUIRES_DHE)
                return 1;
            break;
        case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
            if (requirement == REQUIRES_RSA)
                return 1;
            if (requirement == REQUIRES_RSA_SIG)
                return 1;
            if (requirement == REQUIRES_DHE)
                return 1;
            break;
 #endif
 #ifdef HAVE_ANON
        case TLS_DH_anon_WITH_AES_128_CBC_SHA :
@ -10667,6 +10683,10 @@ static const char* const cipher_names[] =
 #ifdef BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256
    "DHE-PSK-CHACHA20-POLY1305",
 #endif
 #ifdef BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
    "EDH-RSA-DES-CBC3-SHA",
 #endif
 };
@ -11105,6 +11125,10 @@ static int cipher_name_idx[] =
 #ifdef BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256
    TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
 #endif
 #ifdef BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
    TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
 #endif
 };
--- a/src/keys.c
+++ b/src/keys.c
@ -1551,6 +1551,23 @@ int SetCipherSpecs(WOLFSSL* ssl)
        break;
 #endif
 #ifdef BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
    case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA :
        ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des;
        ssl->specs.cipher_type           = block;
        ssl->specs.mac_algorithm         = sha_mac;
        ssl->specs.kea                   = diffie_hellman_kea;
        ssl->specs.sig_algo              = rsa_sa_algo;
        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
        ssl->specs.pad_size              = PAD_SHA;
        ssl->specs.static_ecdh           = 0;
        ssl->specs.key_size              = DES3_KEY_SIZE;
        ssl->specs.block_size            = DES_BLOCK_SIZE;
        ssl->specs.iv_size               = DES_IV_SIZE;
        break;
 #endif
 #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
    case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
--- a/tests/test.conf
+++ b/tests/test.conf
@ -1126,6 +1126,22 @@
 -v 2
 -l DHE-RSA-AES256-SHA256
 # server TLSv1.1 DHE 3DES
 -v 2
 -l EDH-RSA-DES-CBC3-SHA
 # client TLSv1.1 DHE 3DES
 -v 2
 -l EDH-RSA-DES-CBC3-SHA
 # server TLSv1.2 DHE 3DES
 -v 3
 -l EDH-RSA-DES-CBC3-SHA
 # client TLSv1.2 DHE 3DES
 -v 3
 -l EDH-RSA-DES-CBC3-SHA
 # server TLSv1.2 DHE AES128
 -v 3
 -l DHE-RSA-AES128-SHA
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@ -398,6 +398,9 @@ typedef byte word24[3];
        #if !defined(NO_SHA)
            #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
            #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
            #if !defined(NO_DES3)
                #define BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
            #endif
        #endif
        #if !defined(NO_SHA256)
            #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
@ -703,6 +706,7 @@ typedef byte word24[3];
 /* actual cipher values, 2nd byte */
 enum {
    TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x16,
    TLS_DHE_RSA_WITH_AES_256_CBC_SHA  = 0x39,
    TLS_DHE_RSA_WITH_AES_128_CBC_SHA  = 0x33,
    TLS_DH_anon_WITH_AES_128_CBC_SHA  = 0x34,