Merge branch 'master' of github.com:cyassl/cyassl

This commit is contained in:
toddouska 2014-05-30 16:56:28 -07:00
commit 5b7a5fe0bb
7 changed files with 1019 additions and 8 deletions

28
README
View File

@ -35,7 +35,33 @@ before calling SSL_new(); Though it's not recommended.
*** end Notes ***
CyaSSL Release 3.0.0 (04/29/2014)
CyaSSL Release 3.0.2 (05/30/2014)
Release 3.0.2 CyaSSL has bug fixes and new features including:
- Added the following cipher suites:
* TLS_PSK_WITH_AES_128_GCM_SHA256
* TLS_PSK_WITH_AES_256_GCM_SHA384
* TLS_PSK_WITH_AES_256_CBC_SHA384
* TLS_PSK_WITH_NULL_SHA384
* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
* TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
* TLS_DHE_PSK_WITH_NULL_SHA256
* TLS_DHE_PSK_WITH_NULL_SHA384
* TLS_DHE_PSK_WITH_AES_128_CCM
* TLS_DHE_PSK_WITH_AES_256_CCM
- Added AES-NI support for Microsoft Visual Studio builds.
- Changed small stack build to be disabled by default.
- Updated the Hash DRBG and provided a configure option to enable.
The CyaSSL manual is available at:
http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions
and comments about the new features please check the manual.
************ CyaSSL Release 3.0.0 (04/29/2014)
Release 3.0.0 CyaSSL has bug fixes and new features including:

View File

@ -240,6 +240,8 @@ void c32to24(word32 in, word24 out);
#ifdef HAVE_AESCCM
#define BUILD_TLS_PSK_WITH_AES_128_CCM_8
#define BUILD_TLS_PSK_WITH_AES_256_CCM_8
#define BUILD_TLS_PSK_WITH_AES_128_CCM
#define BUILD_TLS_PSK_WITH_AES_256_CCM
#endif
#endif
#ifdef CYASSL_SHA384
@ -306,6 +308,33 @@ void c32to24(word32 in, word24 out);
#endif
#endif
#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS) && \
defined(OPENSSL_EXTRA)
#ifndef NO_SHA256
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
#ifdef HAVE_NULL_CIPHER
#define BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
#endif
#ifdef HAVE_AESGCM
#define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
#endif
#ifdef HAVE_AESGCM
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
#endif
#endif
#ifdef CYASSL_SHA384
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
#ifdef HAVE_NULL_CIPHER
#define BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
#endif
#ifdef HAVE_AESGCM
#define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
#endif
#endif
#endif
#if defined(HAVE_ECC) && !defined(NO_TLS)
#if !defined(NO_AES)
#if !defined(NO_SHA)
@ -511,6 +540,12 @@ enum {
TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d,
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c,
TLS_RSA_WITH_NULL_SHA256 = 0x3b,
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0xb2,
TLS_DHE_PSK_WITH_NULL_SHA256 = 0xb4,
/* SHA384 */
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0xb3,
TLS_DHE_PSK_WITH_NULL_SHA384 = 0xb5,
/* AES-GCM */
TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x9c,
@ -519,6 +554,8 @@ enum {
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f,
TLS_PSK_WITH_AES_128_GCM_SHA256 = 0xa8,
TLS_PSK_WITH_AES_256_GCM_SHA384 = 0xa9,
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0xaa,
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0xab,
/* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b,
@ -542,6 +579,8 @@ enum {
TLS_PSK_WITH_AES_256_CCM = 0xa5,
TLS_PSK_WITH_AES_128_CCM_8 = 0xa8,
TLS_PSK_WITH_AES_256_CCM_8 = 0xa9,
TLS_DHE_PSK_WITH_AES_128_CCM = 0xa6,
TLS_DHE_PSK_WITH_AES_256_CCM = 0xa7,
/* Camellia */
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x41,
@ -648,7 +687,7 @@ enum Misc {
TLS_FINISHED_SZ = 12, /* TLS has a shorter size */
MASTER_LABEL_SZ = 13, /* TLS master secret label sz */
KEY_LABEL_SZ = 13, /* TLS key block expansion sz */
MAX_PRF_HALF = 128, /* Maximum half secret len */
MAX_PRF_HALF = 256, /* Maximum half secret len */
MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
MAX_PRF_DIG = 224, /* Maximum digest len */
MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */
@ -1357,6 +1396,7 @@ enum KeyExchangeAlgorithm {
diffie_hellman_kea,
fortezza_kea,
psk_kea,
dhe_psk_kea,
ntru_kea,
ecc_diffie_hellman_kea,
ecc_static_diffie_hellman_kea /* for verify suite only */

View File

@ -480,7 +480,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
CloseSocket(sockfd);
SSL_set_fd(ssl, clientfd);
if (usePsk == 0) {
if (usePsk == 0 || cipherList != NULL) {
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
#elif !defined(NO_CERTS)

View File

@ -1026,6 +1026,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
}
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
if (tls1_2 && haveDH && havePSK) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_GCM_SHA384;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
if (tls1_2 && havePSK) {
suites->suites[idx++] = 0;
@ -1040,6 +1047,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
}
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
if (tls && haveDH && havePSK) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_CBC_SHA384;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
if (tls && havePSK) {
suites->suites[idx++] = 0;
@ -1047,6 +1061,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
}
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
if (tls1_2 && haveDH && havePSK) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_GCM_SHA256;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
if (tls1_2 && havePSK) {
suites->suites[idx++] = 0;
@ -1054,6 +1075,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
}
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
if (tls && haveDH && havePSK) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_CBC_SHA256;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
if (tls && havePSK) {
suites->suites[idx++] = 0;
@ -1068,6 +1096,34 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
}
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
if (tls && haveDH && havePSK) {
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_CCM;
}
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
if (tls && haveDH && havePSK) {
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_CCM;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
if (tls && havePSK) {
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_PSK_WITH_AES_128_CCM;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
if (tls && havePSK) {
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_PSK_WITH_AES_256_CCM;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
if (tls && havePSK) {
suites->suites[idx++] = ECC_BYTE;
@ -1082,6 +1138,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
}
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
if (tls && haveDH && havePSK) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA384;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
if (tls && havePSK) {
suites->suites[idx++] = 0;
@ -1089,6 +1152,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
}
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
if (tls && haveDH && havePSK) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA256;
}
#endif
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
if (tls && havePSK) {
suites->suites[idx++] = 0;
@ -6566,6 +6636,14 @@ static const char* const cipher_names[] =
"DHE-RSA-AES256-SHA",
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
"DHE-PSK-AES256-GCM-SHA384",
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
"DHE-PSK-AES128-GCM-SHA256",
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
"PSK-AES256-GCM-SHA384",
#endif
@ -6574,6 +6652,14 @@ static const char* const cipher_names[] =
"PSK-AES128-GCM-SHA256",
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
"DHE-PSK-AES256-CBC-SHA384",
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
"DHE-PSK-AES128-CBC-SHA256",
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
"PSK-AES256-CBC-SHA384",
#endif
@ -6590,6 +6676,22 @@ static const char* const cipher_names[] =
"PSK-AES256-CBC-SHA",
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
"DHE-PSK-AES128-CCM",
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
"DHE-PSK-AES256-CCM",
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
"PSK-AES128-CCM",
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
"PSK-AES256-CCM",
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
"PSK-AES128-CCM-8",
#endif
@ -6598,6 +6700,14 @@ static const char* const cipher_names[] =
"PSK-AES256-CCM-8",
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
"DHE-PSK-NULL-SHA384",
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
"DHE-PSK-NULL-SHA256",
#endif
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
"PSK-NULL-SHA384",
#endif
@ -6902,6 +7012,14 @@ static int cipher_name_idx[] =
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
TLS_PSK_WITH_AES_256_GCM_SHA384,
#endif
@ -6910,6 +7028,14 @@ static int cipher_name_idx[] =
TLS_PSK_WITH_AES_128_GCM_SHA256,
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
TLS_PSK_WITH_AES_256_CBC_SHA384,
#endif
@ -6926,6 +7052,22 @@ static int cipher_name_idx[] =
TLS_PSK_WITH_AES_256_CBC_SHA,
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
TLS_DHE_PSK_WITH_AES_128_CCM,
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
TLS_DHE_PSK_WITH_AES_256_CCM,
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
TLS_PSK_WITH_AES_128_CCM,
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
TLS_PSK_WITH_AES_256_CCM,
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
TLS_PSK_WITH_AES_128_CCM_8,
#endif
@ -6934,6 +7076,14 @@ static int cipher_name_idx[] =
TLS_PSK_WITH_AES_256_CCM_8,
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
TLS_DHE_PSK_WITH_NULL_SHA384,
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
TLS_DHE_PSK_WITH_NULL_SHA256,
#endif
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
TLS_PSK_WITH_NULL_SHA384,
#endif
@ -8054,7 +8204,91 @@ static void PickHashSigAlgo(CYASSL* ssl,
}
#endif /* HAVE_ECC */
#if defined(OPENSSL_EXTRA) || !defined(NO_PSK)
if (ssl->specs.kea == dhe_psk_kea) {
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
return BUFFER_ERROR;
ato16(input + *inOutIdx, &length);
*inOutIdx += OPAQUE16_LEN;
if ((*inOutIdx - begin) + length > size)
return BUFFER_ERROR;
XMEMCPY(ssl->arrays->server_hint, input + *inOutIdx,
min(length, MAX_PSK_ID_LEN));
ssl->arrays->server_hint[min(length, MAX_PSK_ID_LEN - 1)] = 0;
*inOutIdx += length;
/* p */
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
return BUFFER_ERROR;
ato16(input + *inOutIdx, &length);
*inOutIdx += OPAQUE16_LEN;
if ((*inOutIdx - begin) + length > size)
return BUFFER_ERROR;
ssl->buffers.serverDH_P.buffer = (byte*) XMALLOC(length, ssl->heap,
DYNAMIC_TYPE_DH);
if (ssl->buffers.serverDH_P.buffer)
ssl->buffers.serverDH_P.length = length;
else
return MEMORY_ERROR;
XMEMCPY(ssl->buffers.serverDH_P.buffer, input + *inOutIdx, length);
*inOutIdx += length;
/* g */
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
return BUFFER_ERROR;
ato16(input + *inOutIdx, &length);
*inOutIdx += OPAQUE16_LEN;
if ((*inOutIdx - begin) + length > size)
return BUFFER_ERROR;
ssl->buffers.serverDH_G.buffer = (byte*) XMALLOC(length, ssl->heap,
DYNAMIC_TYPE_DH);
if (ssl->buffers.serverDH_G.buffer)
ssl->buffers.serverDH_G.length = length;
else
return MEMORY_ERROR;
XMEMCPY(ssl->buffers.serverDH_G.buffer, input + *inOutIdx, length);
*inOutIdx += length;
/* pub */
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
return BUFFER_ERROR;
ato16(input + *inOutIdx, &length);
*inOutIdx += OPAQUE16_LEN;
if ((*inOutIdx - begin) + length > size)
return BUFFER_ERROR;
ssl->buffers.serverDH_Pub.buffer = (byte*) XMALLOC(length, ssl->heap,
DYNAMIC_TYPE_DH);
if (ssl->buffers.serverDH_Pub.buffer)
ssl->buffers.serverDH_Pub.length = length;
else
return MEMORY_ERROR;
XMEMCPY(ssl->buffers.serverDH_Pub.buffer, input + *inOutIdx, length);
*inOutIdx += length;
}
#endif /* OPENSSL_EXTRA || !NO_PSK */
#if defined(OPENSSL_EXTRA) || defined(HAVE_ECC)
if (ssl->specs.kea == ecc_diffie_hellman_kea ||
ssl->specs.kea == diffie_hellman_kea)
{
#ifndef NO_OLD_TLS
Md5 md5;
@ -8297,9 +8531,8 @@ static void PickHashSigAlgo(CYASSL* ssl,
*inOutIdx += length;
ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
return 0;
}
return 0;
#else /* HAVE_OPENSSL or HAVE_ECC */
return NOT_COMPILED_IN; /* not supported by build */
#endif /* HAVE_OPENSSL or HAVE_ECC */
@ -8422,6 +8655,73 @@ static void PickHashSigAlgo(CYASSL* ssl,
}
break;
#endif /* NO_PSK */
#if defined(OPENSSL_EXTRA) && !defined(NO_PSK)
case dhe_psk_kea:
{
byte* pms = ssl->arrays->preMasterSecret;
byte* es = encSecret;
buffer serverP = ssl->buffers.serverDH_P;
buffer serverG = ssl->buffers.serverDH_G;
buffer serverPub = ssl->buffers.serverDH_Pub;
byte priv[ENCRYPT_LEN];
word32 privSz = 0;
word32 pubSz = 0;
word32 esSz = 0;
DhKey key;
if (serverP.buffer == 0 || serverG.buffer == 0 ||
serverPub.buffer == 0)
return NO_PEER_KEY;
ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl,
ssl->arrays->server_hint, ssl->arrays->client_identity,
MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN);
if (ssl->arrays->psk_keySz == 0 ||
ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN)
return PSK_KEY_ERROR;
esSz = (word32)XSTRLEN(ssl->arrays->client_identity);
if (esSz > MAX_PSK_ID_LEN)
return CLIENT_ID_ERROR;
c16toa(esSz, es);
es += OPAQUE16_LEN;
XMEMCPY(es, ssl->arrays->client_identity, esSz);
es += esSz;
encSz = esSz + OPAQUE16_LEN;
InitDhKey(&key);
ret = DhSetKey(&key, serverP.buffer, serverP.length,
serverG.buffer, serverG.length);
if (ret == 0)
/* for DH, encSecret is Yc, agree is pre-master */
ret = DhGenerateKeyPair(&key, ssl->rng, priv, &privSz,
es + OPAQUE16_LEN, &pubSz);
if (ret == 0)
ret = DhAgree(&key, pms + OPAQUE16_LEN,
&ssl->arrays->preMasterSz, priv, privSz,
serverPub.buffer, serverPub.length);
FreeDhKey(&key);
if (ret != 0)
return ret;
c16toa((word16)pubSz, es);
encSz += pubSz + OPAQUE16_LEN;
c16toa((word16)ssl->arrays->preMasterSz, pms);
ssl->arrays->preMasterSz += OPAQUE16_LEN;
pms += ssl->arrays->preMasterSz;
/* make psk pre master secret */
/* length of key + length 0s + length of key + key */
c16toa((word16)ssl->arrays->psk_keySz, pms);
pms += OPAQUE16_LEN;
XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
ssl->arrays->preMasterSz +=
ssl->arrays->psk_keySz + OPAQUE16_LEN;
XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz);
ssl->arrays->psk_keySz = 0; /* No further need */
}
break;
#endif /* OPENSSL_EXTRA && !NO_PSK */
#ifdef HAVE_NTRU
case ntru_kea:
{
@ -8521,7 +8821,8 @@ static void PickHashSigAlgo(CYASSL* ssl,
if (ssl->options.tls || ssl->specs.kea == diffie_hellman_kea)
tlsSz = 2;
if (ssl->specs.kea == ecc_diffie_hellman_kea) /* always off */
if (ssl->specs.kea == ecc_diffie_hellman_kea ||
ssl->specs.kea == dhe_psk_kea) /* always off */
tlsSz = 0;
sendSz = encSz + tlsSz + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
@ -9067,6 +9368,126 @@ static void PickHashSigAlgo(CYASSL* ssl,
}
#endif /*NO_PSK */
#if defined(OPENSSL_EXTRA) && !defined(NO_PSK)
if (ssl->specs.kea == dhe_psk_kea) {
byte *output;
word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
word32 hintLen;
int sendSz;
DhKey dhKey;
if (ssl->buffers.serverDH_P.buffer == NULL ||
ssl->buffers.serverDH_G.buffer == NULL)
return NO_DH_PARAMS;
if (ssl->buffers.serverDH_Pub.buffer == NULL) {
ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC(
ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap,
DYNAMIC_TYPE_DH);
if (ssl->buffers.serverDH_Pub.buffer == NULL)
return MEMORY_E;
}
if (ssl->buffers.serverDH_Priv.buffer == NULL) {
ssl->buffers.serverDH_Priv.buffer = (byte*)XMALLOC(
ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap,
DYNAMIC_TYPE_DH);
if (ssl->buffers.serverDH_Priv.buffer == NULL)
return MEMORY_E;
}
InitDhKey(&dhKey);
ret = DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer,
ssl->buffers.serverDH_P.length,
ssl->buffers.serverDH_G.buffer,
ssl->buffers.serverDH_G.length);
if (ret == 0)
ret = DhGenerateKeyPair(&dhKey, ssl->rng,
ssl->buffers.serverDH_Priv.buffer,
&ssl->buffers.serverDH_Priv.length,
ssl->buffers.serverDH_Pub.buffer,
&ssl->buffers.serverDH_Pub.length);
FreeDhKey(&dhKey);
if (ret != 0)
return ret;
length = LENGTH_SZ * 3 + /* p, g, pub */
ssl->buffers.serverDH_P.length +
ssl->buffers.serverDH_G.length +
ssl->buffers.serverDH_Pub.length;
/* include size part */
hintLen = (word32)XSTRLEN(ssl->arrays->server_hint);
if (hintLen > MAX_PSK_ID_LEN)
return SERVER_HINT_ERROR;
length += hintLen + HINT_LEN_SZ;
sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
#ifdef CYASSL_DTLS
if (ssl->options.dtls) {
sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
}
#endif
/* check for available size */
if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
return ret;
/* get ouput buffer */
output = ssl->buffers.outputBuffer.buffer +
ssl->buffers.outputBuffer.length;
AddHeaders(output, length, server_key_exchange, ssl);
/* key data */
c16toa((word16)hintLen, output + idx);
idx += HINT_LEN_SZ;
XMEMCPY(output + idx, ssl->arrays->server_hint, hintLen);
idx += hintLen;
/* add p, g, pub */
c16toa((word16)ssl->buffers.serverDH_P.length, output + idx);
idx += LENGTH_SZ;
XMEMCPY(output + idx, ssl->buffers.serverDH_P.buffer,
ssl->buffers.serverDH_P.length);
idx += ssl->buffers.serverDH_P.length;
/* g */
c16toa((word16)ssl->buffers.serverDH_G.length, output + idx);
idx += LENGTH_SZ;
XMEMCPY(output + idx, ssl->buffers.serverDH_G.buffer,
ssl->buffers.serverDH_G.length);
idx += ssl->buffers.serverDH_G.length;
/* pub */
c16toa((word16)ssl->buffers.serverDH_Pub.length, output + idx);
idx += LENGTH_SZ;
XMEMCPY(output + idx, ssl->buffers.serverDH_Pub.buffer,
ssl->buffers.serverDH_Pub.length);
idx += ssl->buffers.serverDH_Pub.length;
ret = HashOutput(ssl, output, sendSz, 0);
if (ret != 0)
return ret;
#ifdef CYASSL_CALLBACKS
if (ssl->hsInfoOn)
AddPacketName("ServerKeyExchange", &ssl->handShakeInfo);
if (ssl->toInfoOn)
AddPacketInfo("ServerKeyExchange", &ssl->timeoutInfo,
output, sendSz, ssl->heap);
#endif
ssl->buffers.outputBuffer.length += sendSz;
if (ssl->options.groupMessages)
ret = 0;
else
ret = SendBuffered(ssl);
ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
}
#endif /* OPENSSL_EXTRA && !NO_PSK */
#ifdef HAVE_ECC
if (ssl->specs.kea == ecc_diffie_hellman_kea)
{
@ -9915,6 +10336,14 @@ static void PickHashSigAlgo(CYASSL* ssl,
return 1;
break;
case TLS_DHE_PSK_WITH_AES_128_CCM:
case TLS_DHE_PSK_WITH_AES_256_CCM:
if (requirement == REQUIRES_PSK)
return 1;
if (requirement == REQUIRES_DHE)
return 1;
break;
default:
CYASSL_MSG("Unsupported cipher suite, CipherRequires ECC");
return 0;
@ -9999,6 +10428,18 @@ static void PickHashSigAlgo(CYASSL* ssl,
return 1;
break;
case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
case TLS_DHE_PSK_WITH_NULL_SHA384 :
case TLS_DHE_PSK_WITH_NULL_SHA256 :
if (requirement == REQUIRES_DHE)
return 1;
if (requirement == REQUIRES_PSK)
return 1;
break;
#ifndef NO_RSA
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
if (requirement == REQUIRES_RSA)
@ -11267,6 +11708,84 @@ static void PickHashSigAlgo(CYASSL* ssl,
}
break;
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) && !defined(NO_PSK)
case dhe_psk_kea:
{
byte* pms = ssl->arrays->preMasterSecret;
word16 clientSz;
DhKey dhKey;
/* Read in the PSK hint */
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
return BUFFER_ERROR;
ato16(input + *inOutIdx, &clientSz);
*inOutIdx += OPAQUE16_LEN;
if (clientSz > MAX_PSK_ID_LEN)
return CLIENT_ID_ERROR;
if ((*inOutIdx - begin) + clientSz > size)
return BUFFER_ERROR;
XMEMCPY(ssl->arrays->client_identity,
input + *inOutIdx, clientSz);
*inOutIdx += clientSz;
ssl->arrays->client_identity[min(clientSz, MAX_PSK_ID_LEN-1)] =
0;
/* Read in the DHE business */
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
return BUFFER_ERROR;
ato16(input + *inOutIdx, &clientSz);
*inOutIdx += OPAQUE16_LEN;
if ((*inOutIdx - begin) + clientSz > size)
return BUFFER_ERROR;
InitDhKey(&dhKey);
ret = DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer,
ssl->buffers.serverDH_P.length,
ssl->buffers.serverDH_G.buffer,
ssl->buffers.serverDH_G.length);
if (ret == 0)
ret = DhAgree(&dhKey, pms + OPAQUE16_LEN,
&ssl->arrays->preMasterSz,
ssl->buffers.serverDH_Priv.buffer,
ssl->buffers.serverDH_Priv.length,
input + *inOutIdx, clientSz);
FreeDhKey(&dhKey);
*inOutIdx += clientSz;
c16toa(ssl->arrays->preMasterSz, pms);
ssl->arrays->preMasterSz += OPAQUE16_LEN;
pms += ssl->arrays->preMasterSz;
/* Use the PSK hint to look up the PSK and add it to the
* preMasterSecret here. */
ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
ssl->arrays->client_identity, ssl->arrays->psk_key,
MAX_PSK_KEY_LEN);
if (ssl->arrays->psk_keySz == 0 ||
ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN)
return PSK_KEY_ERROR;
c16toa((word16) ssl->arrays->psk_keySz, pms);
pms += OPAQUE16_LEN;
XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
ssl->arrays->preMasterSz +=
ssl->arrays->psk_keySz + OPAQUE16_LEN;
if (ret == 0)
ret = MakeMasterSecret(ssl);
/* No further need for PSK */
XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz);
ssl->arrays->psk_keySz = 0;
}
break;
#endif /* OPENSSL_EXTRA && !NO_PSK */
default:
{
CYASSL_MSG("Bad kea type");

View File

@ -708,6 +708,82 @@ int SetCipherSpecs(CYASSL* ssl)
break;
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
case TLS_PSK_WITH_AES_128_CCM :
ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
ssl->specs.cipher_type = aead;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = AES_128_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
ssl->options.usingPSK_cipher = 1;
break;
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
case TLS_PSK_WITH_AES_256_CCM :
ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
ssl->specs.cipher_type = aead;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = AES_256_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
ssl->options.usingPSK_cipher = 1;
break;
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
case TLS_DHE_PSK_WITH_AES_128_CCM :
ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
ssl->specs.cipher_type = aead;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = dhe_psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = AES_128_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
ssl->options.usingPSK_cipher = 1;
break;
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
case TLS_DHE_PSK_WITH_AES_256_CCM :
ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
ssl->specs.cipher_type = aead;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = dhe_psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = AES_256_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
ssl->options.usingPSK_cipher = 1;
break;
#endif
default:
CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC");
return UNSUPPORTED_SUITE;
@ -975,6 +1051,44 @@ int SetCipherSpecs(CYASSL* ssl)
break;
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
ssl->specs.cipher_type = aead;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = dhe_psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = AES_128_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ssl->options.usingPSK_cipher = 1;
break;
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
ssl->specs.cipher_type = aead;
ssl->specs.mac_algorithm = sha384_mac;
ssl->specs.kea = dhe_psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = AES_256_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
ssl->options.usingPSK_cipher = 1;
break;
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
case TLS_PSK_WITH_AES_128_CBC_SHA256 :
ssl->specs.bulk_cipher_algorithm = cyassl_aes;
@ -1011,6 +1125,42 @@ int SetCipherSpecs(CYASSL* ssl)
break;
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
ssl->specs.bulk_cipher_algorithm = cyassl_aes;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = dhe_psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = AES_128_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AES_IV_SIZE;
ssl->options.usingPSK_cipher = 1;
break;
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
ssl->specs.bulk_cipher_algorithm = cyassl_aes;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha384_mac;
ssl->specs.kea = dhe_psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = AES_256_KEY_SIZE;
ssl->specs.block_size = AES_BLOCK_SIZE;
ssl->specs.iv_size = AES_IV_SIZE;
ssl->options.usingPSK_cipher = 1;
break;
#endif
#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
case TLS_PSK_WITH_AES_128_CBC_SHA :
ssl->specs.bulk_cipher_algorithm = cyassl_aes;
@ -1101,6 +1251,42 @@ int SetCipherSpecs(CYASSL* ssl)
break;
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
case TLS_DHE_PSK_WITH_NULL_SHA256 :
ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
ssl->specs.cipher_type = stream;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = dhe_psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = 0;
ssl->specs.block_size = 0;
ssl->specs.iv_size = 0;
ssl->options.usingPSK_cipher = 1;
break;
#endif
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
case TLS_DHE_PSK_WITH_NULL_SHA384 :
ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
ssl->specs.cipher_type = stream;
ssl->specs.mac_algorithm = sha384_mac;
ssl->specs.kea = dhe_psk_kea;
ssl->specs.sig_algo = anonymous_sa_algo;
ssl->specs.hash_size = SHA384_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = 0;
ssl->specs.block_size = 0;
ssl->specs.iv_size = 0;
ssl->options.usingPSK_cipher = 1;
break;
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
ssl->specs.bulk_cipher_algorithm = cyassl_aes;

View File

@ -8425,6 +8425,14 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
return "TLS_PSK_WITH_AES_128_CCM_8";
case TLS_PSK_WITH_AES_256_CCM_8 :
return "TLS_PSK_WITH_AES_256_CCM_8";
case TLS_PSK_WITH_AES_128_CCM :
return "TLS_PSK_WITH_AES_128_CCM";
case TLS_PSK_WITH_AES_256_CCM :
return "TLS_PSK_WITH_AES_256_CCM";
case TLS_DHE_PSK_WITH_AES_128_CCM :
return "TLS_DHE_PSK_WITH_AES_128_CCM";
case TLS_DHE_PSK_WITH_AES_256_CCM :
return "TLS_DHE_PSK_WITH_AES_256_CCM";
#endif
#ifdef HAVE_ECC
case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
@ -8492,9 +8500,15 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
return "TLS_PSK_WITH_AES_128_CBC_SHA256";
case TLS_PSK_WITH_NULL_SHA256 :
return "TLS_PSK_WITH_NULL_SHA256";
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256";
case TLS_DHE_PSK_WITH_NULL_SHA256 :
return "TLS_DHE_PSK_WITH_NULL_SHA256";
#ifdef HAVE_AESGCM
case TLS_PSK_WITH_AES_128_GCM_SHA256 :
return "TLS_PSK_WITH_AES_128_GCM_SHA256";
case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
return "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256";
#endif
#endif
#ifdef CYASSL_SHA384
@ -8502,9 +8516,15 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
return "TLS_PSK_WITH_AES_256_CBC_SHA384";
case TLS_PSK_WITH_NULL_SHA384 :
return "TLS_PSK_WITH_NULL_SHA384";
case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384";
case TLS_DHE_PSK_WITH_NULL_SHA384 :
return "TLS_DHE_PSK_WITH_NULL_SHA384";
#ifdef HAVE_AESGCM
case TLS_PSK_WITH_AES_256_GCM_SHA384 :
return "TLS_PSK_WITH_AES_256_GCM_SHA384";
case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
return "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384";
#endif
#endif
#ifndef NO_SHA

View File

@ -1182,6 +1182,26 @@
-v 3
-l PSK-AES256-CBC-SHA
# server TLSv1.0 PSK-AES128-SHA256
-s
-v 1
-l PSK-AES128-CBC-SHA256
# client TLSv1.0 PSK-AES128-SHA256
-s
-v 1
-l PSK-AES128-CBC-SHA256
# server TLSv1.1 PSK-AES128-SHA256
-s
-v 2
-l PSK-AES128-CBC-SHA256
# client TLSv1.1 PSK-AES128-SHA256
-s
-v 2
-l PSK-AES128-CBC-SHA256
# server TLSv1.2 PSK-AES128-SHA256
-s
-v 3
@ -1192,6 +1212,26 @@
-v 3
-l PSK-AES128-CBC-SHA256
# server TLSv1.0 PSK-AES256-SHA384
-s
-v 1
-l PSK-AES256-CBC-SHA384
# client TLSv1.0 PSK-AES256-SHA384
-s
-v 1
-l PSK-AES256-CBC-SHA384
# server TLSv1.1 PSK-AES256-SHA384
-s
-v 2
-l PSK-AES256-CBC-SHA384
# client TLSv1.1 PSK-AES256-SHA384
-s
-v 2
-l PSK-AES256-CBC-SHA384
# server TLSv1.2 PSK-AES256-SHA384
-s
-v 3
@ -1682,12 +1722,32 @@
-l ECDHE-ECDSA-AES256-CCM-8
-A ./certs/server-ecc.pem
# server TLSv1.2 PSK-AES128-CCM
-s
-v 3
-l PSK-AES128-CCM
# client TLSv1.2 PSK-AES128-CCM
-s
-v 3
-l PSK-AES128-CCM
# server TLSv1.2 PSK-AES256-CCM
-s
-v 3
-l PSK-AES256-CCM
# client TLSv1.2 PSK-AES256-CCM
-s
-v 3
-l PSK-AES256-CCM
# server TLSv1.2 PSK-AES128-CCM-8
-s
-v 3
-l PSK-AES128-CCM-8
# client TLSv1.2 AES128-CCM-8
# client TLSv1.2 PSK-AES128-CCM-8
-s
-v 3
-l PSK-AES128-CCM-8
@ -1697,8 +1757,168 @@
-v 3
-l PSK-AES256-CCM-8
# client TLSv1.2 AES256-CCM-8
# client TLSv1.2 PSK-AES256-CCM-8
-s
-v 3
-l PSK-AES256-CCM-8
# server TLSv1.0 DHE-PSK-AES128-CBC-SHA256
-s
-v 1
-l DHE-PSK-AES128-CBC-SHA256
# client TLSv1.0 DHE-PSK-AES128-CBC-SHA256
-s
-v 1
-l DHE-PSK-AES128-CBC-SHA256
# server TLSv1.1 DHE-PSK-AES128-CBC-SHA256
-s
-v 2
-l DHE-PSK-AES128-CBC-SHA256
# client TLSv1.1 DHE-PSK-AES128-CBC-SHA256
-s
-v 2
-l DHE-PSK-AES128-CBC-SHA256
# server TLSv1.2 DHE-PSK-AES128-CBC-SHA256
-s
-v 3
-l DHE-PSK-AES128-CBC-SHA256
# client TLSv1.2 DHE-PSK-AES128-CBC-SHA256
-s
-v 3
-l DHE-PSK-AES128-CBC-SHA256
# server TLSv1.0 DHE-PSK-AES256-CBC-SHA384
-s
-v 1
-l DHE-PSK-AES256-CBC-SHA384
# client TLSv1.0 DHE-PSK-AES256-CBC-SHA384
-s
-v 1
-l DHE-PSK-AES256-CBC-SHA384
# server TLSv1.1 DHE-PSK-AES256-CBC-SHA384
-s
-v 2
-l DHE-PSK-AES256-CBC-SHA384
# client TLSv1.1 DHE-PSK-AES256-CBC-SHA384
-s
-v 2
-l DHE-PSK-AES256-CBC-SHA384
# server TLSv1.2 DHE-PSK-AES256-CBC-SHA384
-s
-v 3
-l DHE-PSK-AES256-CBC-SHA384
# client TLSv1.2 DHE-PSK-AES256-CBC-SHA384
-s
-v 3
-l DHE-PSK-AES256-CBC-SHA384
# server TLSv1.0 DHE-PSK-NULL-SHA256
-s
-v 1
-l DHE-PSK-NULL-SHA256
# client TLSv1.0 DHE-PSK-NULL-SHA256
-s
-v 1
-l DHE-PSK-NULL-SHA256
# server TLSv1.1 DHE-PSK-NULL-SHA256
-s
-v 2
-l DHE-PSK-NULL-SHA256
# client TLSv1.1 DHE-PSK-NULL-SHA256
-s
-v 2
-l DHE-PSK-NULL-SHA256
# server TLSv1.2 DHE-PSK-NULL-SHA256
-s
-v 3
-l DHE-PSK-NULL-SHA256
# client TLSv1.2 DHE-PSK-NULL-SHA256
-s
-v 3
-l DHE-PSK-NULL-SHA256
# server TLSv1.0 DHE-PSK-NULL-SHA384
-s
-v 1
-l DHE-PSK-NULL-SHA384
# client TLSv1.0 DHE-PSK-NULL-SHA384
-s
-v 1
-l DHE-PSK-NULL-SHA384
# server TLSv1.1 DHE-PSK-NULL-SHA384
-s
-v 2
-l DHE-PSK-NULL-SHA384
# client TLSv1.1 DHE-PSK-NULL-SHA384
-s
-v 2
-l DHE-PSK-NULL-SHA384
# server TLSv1.2 DHE-PSK-NULL-SHA384
-s
-v 3
-l DHE-PSK-NULL-SHA384
# client TLSv1.2 DHE-PSK-NULL-SHA384
-s
-v 3
-l DHE-PSK-NULL-SHA384
# server TLSv1.2 DHE-PSK-AES128-GCM-SHA256
-s
-v 3
-l DHE-PSK-AES128-GCM-SHA256
# client TLSv1.2 DHE-PSK-AES128-GCM-SHA256
-s
-v 3
-l DHE-PSK-AES128-GCM-SHA256
# server TLSv1.2 DHE-PSK-AES256-GCM-SHA384
-s
-v 3
-l DHE-PSK-AES256-GCM-SHA384
# client TLSv1.2 DHE-PSK-AES256-GCM-SHA384
-s
-v 3
-l DHE-PSK-AES256-GCM-SHA384
# server TLSv1.2 DHE-PSK-AES128-CCM
-s
-v 3
-l DHE-PSK-AES128-CCM
# client TLSv1.2 DHE-PSK-AES128-CCM
-s
-v 3
-l DHE-PSK-AES128-CCM
# server TLSv1.2 DHE-PSK-AES256-CCM
-s
-v 3
-l DHE-PSK-AES256-CCM
# client TLSv1.2 DHE-PSK-AES256-CCM
-s
-v 3
-l DHE-PSK-AES256-CCM