Merge branch 'master' of github.com:cyassl/cyassl
This commit is contained in:
commit
5b7a5fe0bb
28
README
28
README
@ -35,7 +35,33 @@ before calling SSL_new(); Though it's not recommended.
|
||||
*** end Notes ***
|
||||
|
||||
|
||||
CyaSSL Release 3.0.0 (04/29/2014)
|
||||
CyaSSL Release 3.0.2 (05/30/2014)
|
||||
|
||||
Release 3.0.2 CyaSSL has bug fixes and new features including:
|
||||
|
||||
- Added the following cipher suites:
|
||||
* TLS_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_PSK_WITH_AES_256_GCM_SHA384
|
||||
* TLS_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_PSK_WITH_NULL_SHA384
|
||||
* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_DHE_PSK_WITH_NULL_SHA256
|
||||
* TLS_DHE_PSK_WITH_NULL_SHA384
|
||||
* TLS_DHE_PSK_WITH_AES_128_CCM
|
||||
* TLS_DHE_PSK_WITH_AES_256_CCM
|
||||
- Added AES-NI support for Microsoft Visual Studio builds.
|
||||
- Changed small stack build to be disabled by default.
|
||||
- Updated the Hash DRBG and provided a configure option to enable.
|
||||
|
||||
The CyaSSL manual is available at:
|
||||
http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions
|
||||
and comments about the new features please check the manual.
|
||||
|
||||
|
||||
************ CyaSSL Release 3.0.0 (04/29/2014)
|
||||
|
||||
Release 3.0.0 CyaSSL has bug fixes and new features including:
|
||||
|
||||
|
@ -240,6 +240,8 @@ void c32to24(word32 in, word24 out);
|
||||
#ifdef HAVE_AESCCM
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_CCM_8
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_CCM_8
|
||||
#define BUILD_TLS_PSK_WITH_AES_128_CCM
|
||||
#define BUILD_TLS_PSK_WITH_AES_256_CCM
|
||||
#endif
|
||||
#endif
|
||||
#ifdef CYASSL_SHA384
|
||||
@ -306,6 +308,33 @@ void c32to24(word32 in, word24 out);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS) && \
|
||||
defined(OPENSSL_EXTRA)
|
||||
#ifndef NO_SHA256
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
#ifdef HAVE_NULL_CIPHER
|
||||
#define BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
|
||||
#endif
|
||||
#ifdef HAVE_AESGCM
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
#endif
|
||||
#ifdef HAVE_AESGCM
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
|
||||
#endif
|
||||
#endif
|
||||
#ifdef CYASSL_SHA384
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
#ifdef HAVE_NULL_CIPHER
|
||||
#define BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
|
||||
#endif
|
||||
#ifdef HAVE_AESGCM
|
||||
#define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC) && !defined(NO_TLS)
|
||||
#if !defined(NO_AES)
|
||||
#if !defined(NO_SHA)
|
||||
@ -511,6 +540,12 @@ enum {
|
||||
TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d,
|
||||
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c,
|
||||
TLS_RSA_WITH_NULL_SHA256 = 0x3b,
|
||||
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0xb2,
|
||||
TLS_DHE_PSK_WITH_NULL_SHA256 = 0xb4,
|
||||
|
||||
/* SHA384 */
|
||||
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0xb3,
|
||||
TLS_DHE_PSK_WITH_NULL_SHA384 = 0xb5,
|
||||
|
||||
/* AES-GCM */
|
||||
TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x9c,
|
||||
@ -519,6 +554,8 @@ enum {
|
||||
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f,
|
||||
TLS_PSK_WITH_AES_128_GCM_SHA256 = 0xa8,
|
||||
TLS_PSK_WITH_AES_256_GCM_SHA384 = 0xa9,
|
||||
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0xaa,
|
||||
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0xab,
|
||||
|
||||
/* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b,
|
||||
@ -542,6 +579,8 @@ enum {
|
||||
TLS_PSK_WITH_AES_256_CCM = 0xa5,
|
||||
TLS_PSK_WITH_AES_128_CCM_8 = 0xa8,
|
||||
TLS_PSK_WITH_AES_256_CCM_8 = 0xa9,
|
||||
TLS_DHE_PSK_WITH_AES_128_CCM = 0xa6,
|
||||
TLS_DHE_PSK_WITH_AES_256_CCM = 0xa7,
|
||||
|
||||
/* Camellia */
|
||||
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x41,
|
||||
@ -648,7 +687,7 @@ enum Misc {
|
||||
TLS_FINISHED_SZ = 12, /* TLS has a shorter size */
|
||||
MASTER_LABEL_SZ = 13, /* TLS master secret label sz */
|
||||
KEY_LABEL_SZ = 13, /* TLS key block expansion sz */
|
||||
MAX_PRF_HALF = 128, /* Maximum half secret len */
|
||||
MAX_PRF_HALF = 256, /* Maximum half secret len */
|
||||
MAX_PRF_LABSEED = 128, /* Maximum label + seed len */
|
||||
MAX_PRF_DIG = 224, /* Maximum digest len */
|
||||
MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */
|
||||
@ -1357,6 +1396,7 @@ enum KeyExchangeAlgorithm {
|
||||
diffie_hellman_kea,
|
||||
fortezza_kea,
|
||||
psk_kea,
|
||||
dhe_psk_kea,
|
||||
ntru_kea,
|
||||
ecc_diffie_hellman_kea,
|
||||
ecc_static_diffie_hellman_kea /* for verify suite only */
|
||||
|
@ -480,7 +480,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
CloseSocket(sockfd);
|
||||
|
||||
SSL_set_fd(ssl, clientfd);
|
||||
if (usePsk == 0) {
|
||||
if (usePsk == 0 || cipherList != NULL) {
|
||||
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
|
||||
CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
|
||||
#elif !defined(NO_CERTS)
|
||||
|
525
src/internal.c
525
src/internal.c
@ -1026,6 +1026,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -1040,6 +1047,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
if (tls && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_CBC_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
|
||||
if (tls && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -1047,6 +1061,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -1054,6 +1075,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
if (tls && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_CBC_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
|
||||
if (tls && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -1068,6 +1096,34 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
|
||||
if (tls && haveDH && havePSK) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_CCM;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
|
||||
if (tls && haveDH && havePSK) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_CCM;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
|
||||
if (tls && havePSK) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_PSK_WITH_AES_128_CCM;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
|
||||
if (tls && havePSK) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_PSK_WITH_AES_256_CCM;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
|
||||
if (tls && havePSK) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -1082,6 +1138,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
|
||||
if (tls && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
|
||||
if (tls && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -1089,6 +1152,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
|
||||
if (tls && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
|
||||
if (tls && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -6566,6 +6636,14 @@ static const char* const cipher_names[] =
|
||||
"DHE-RSA-AES256-SHA",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
"DHE-PSK-AES256-GCM-SHA384",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
"DHE-PSK-AES128-GCM-SHA256",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
|
||||
"PSK-AES256-GCM-SHA384",
|
||||
#endif
|
||||
@ -6574,6 +6652,14 @@ static const char* const cipher_names[] =
|
||||
"PSK-AES128-GCM-SHA256",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
"DHE-PSK-AES256-CBC-SHA384",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
"DHE-PSK-AES128-CBC-SHA256",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
|
||||
"PSK-AES256-CBC-SHA384",
|
||||
#endif
|
||||
@ -6590,6 +6676,22 @@ static const char* const cipher_names[] =
|
||||
"PSK-AES256-CBC-SHA",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
|
||||
"DHE-PSK-AES128-CCM",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
|
||||
"DHE-PSK-AES256-CCM",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
|
||||
"PSK-AES128-CCM",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
|
||||
"PSK-AES256-CCM",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
|
||||
"PSK-AES128-CCM-8",
|
||||
#endif
|
||||
@ -6598,6 +6700,14 @@ static const char* const cipher_names[] =
|
||||
"PSK-AES256-CCM-8",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
|
||||
"DHE-PSK-NULL-SHA384",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
|
||||
"DHE-PSK-NULL-SHA256",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
|
||||
"PSK-NULL-SHA384",
|
||||
#endif
|
||||
@ -6902,6 +7012,14 @@ static int cipher_name_idx[] =
|
||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
|
||||
TLS_PSK_WITH_AES_256_GCM_SHA384,
|
||||
#endif
|
||||
@ -6910,6 +7028,14 @@ static int cipher_name_idx[] =
|
||||
TLS_PSK_WITH_AES_128_GCM_SHA256,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
|
||||
TLS_PSK_WITH_AES_256_CBC_SHA384,
|
||||
#endif
|
||||
@ -6926,6 +7052,22 @@ static int cipher_name_idx[] =
|
||||
TLS_PSK_WITH_AES_256_CBC_SHA,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
|
||||
TLS_DHE_PSK_WITH_AES_128_CCM,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
|
||||
TLS_DHE_PSK_WITH_AES_256_CCM,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
|
||||
TLS_PSK_WITH_AES_128_CCM,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
|
||||
TLS_PSK_WITH_AES_256_CCM,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
|
||||
TLS_PSK_WITH_AES_128_CCM_8,
|
||||
#endif
|
||||
@ -6934,6 +7076,14 @@ static int cipher_name_idx[] =
|
||||
TLS_PSK_WITH_AES_256_CCM_8,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
|
||||
TLS_DHE_PSK_WITH_NULL_SHA384,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
|
||||
TLS_DHE_PSK_WITH_NULL_SHA256,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
|
||||
TLS_PSK_WITH_NULL_SHA384,
|
||||
#endif
|
||||
@ -8054,7 +8204,91 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
}
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || !defined(NO_PSK)
|
||||
if (ssl->specs.kea == dhe_psk_kea) {
|
||||
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ato16(input + *inOutIdx, &length);
|
||||
*inOutIdx += OPAQUE16_LEN;
|
||||
|
||||
if ((*inOutIdx - begin) + length > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
XMEMCPY(ssl->arrays->server_hint, input + *inOutIdx,
|
||||
min(length, MAX_PSK_ID_LEN));
|
||||
|
||||
ssl->arrays->server_hint[min(length, MAX_PSK_ID_LEN - 1)] = 0;
|
||||
*inOutIdx += length;
|
||||
|
||||
/* p */
|
||||
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ato16(input + *inOutIdx, &length);
|
||||
*inOutIdx += OPAQUE16_LEN;
|
||||
|
||||
if ((*inOutIdx - begin) + length > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ssl->buffers.serverDH_P.buffer = (byte*) XMALLOC(length, ssl->heap,
|
||||
DYNAMIC_TYPE_DH);
|
||||
|
||||
if (ssl->buffers.serverDH_P.buffer)
|
||||
ssl->buffers.serverDH_P.length = length;
|
||||
else
|
||||
return MEMORY_ERROR;
|
||||
|
||||
XMEMCPY(ssl->buffers.serverDH_P.buffer, input + *inOutIdx, length);
|
||||
*inOutIdx += length;
|
||||
|
||||
/* g */
|
||||
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ato16(input + *inOutIdx, &length);
|
||||
*inOutIdx += OPAQUE16_LEN;
|
||||
|
||||
if ((*inOutIdx - begin) + length > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ssl->buffers.serverDH_G.buffer = (byte*) XMALLOC(length, ssl->heap,
|
||||
DYNAMIC_TYPE_DH);
|
||||
|
||||
if (ssl->buffers.serverDH_G.buffer)
|
||||
ssl->buffers.serverDH_G.length = length;
|
||||
else
|
||||
return MEMORY_ERROR;
|
||||
|
||||
XMEMCPY(ssl->buffers.serverDH_G.buffer, input + *inOutIdx, length);
|
||||
*inOutIdx += length;
|
||||
|
||||
/* pub */
|
||||
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ato16(input + *inOutIdx, &length);
|
||||
*inOutIdx += OPAQUE16_LEN;
|
||||
|
||||
if ((*inOutIdx - begin) + length > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ssl->buffers.serverDH_Pub.buffer = (byte*) XMALLOC(length, ssl->heap,
|
||||
DYNAMIC_TYPE_DH);
|
||||
|
||||
if (ssl->buffers.serverDH_Pub.buffer)
|
||||
ssl->buffers.serverDH_Pub.length = length;
|
||||
else
|
||||
return MEMORY_ERROR;
|
||||
|
||||
XMEMCPY(ssl->buffers.serverDH_Pub.buffer, input + *inOutIdx, length);
|
||||
*inOutIdx += length;
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA || !NO_PSK */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(HAVE_ECC)
|
||||
if (ssl->specs.kea == ecc_diffie_hellman_kea ||
|
||||
ssl->specs.kea == diffie_hellman_kea)
|
||||
{
|
||||
#ifndef NO_OLD_TLS
|
||||
Md5 md5;
|
||||
@ -8297,9 +8531,8 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
*inOutIdx += length;
|
||||
|
||||
ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
|
||||
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
#else /* HAVE_OPENSSL or HAVE_ECC */
|
||||
return NOT_COMPILED_IN; /* not supported by build */
|
||||
#endif /* HAVE_OPENSSL or HAVE_ECC */
|
||||
@ -8422,6 +8655,73 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
}
|
||||
break;
|
||||
#endif /* NO_PSK */
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_PSK)
|
||||
case dhe_psk_kea:
|
||||
{
|
||||
byte* pms = ssl->arrays->preMasterSecret;
|
||||
byte* es = encSecret;
|
||||
buffer serverP = ssl->buffers.serverDH_P;
|
||||
buffer serverG = ssl->buffers.serverDH_G;
|
||||
buffer serverPub = ssl->buffers.serverDH_Pub;
|
||||
byte priv[ENCRYPT_LEN];
|
||||
word32 privSz = 0;
|
||||
word32 pubSz = 0;
|
||||
word32 esSz = 0;
|
||||
DhKey key;
|
||||
|
||||
if (serverP.buffer == 0 || serverG.buffer == 0 ||
|
||||
serverPub.buffer == 0)
|
||||
return NO_PEER_KEY;
|
||||
|
||||
ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl,
|
||||
ssl->arrays->server_hint, ssl->arrays->client_identity,
|
||||
MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN);
|
||||
if (ssl->arrays->psk_keySz == 0 ||
|
||||
ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN)
|
||||
return PSK_KEY_ERROR;
|
||||
esSz = (word32)XSTRLEN(ssl->arrays->client_identity);
|
||||
|
||||
if (esSz > MAX_PSK_ID_LEN)
|
||||
return CLIENT_ID_ERROR;
|
||||
c16toa(esSz, es);
|
||||
es += OPAQUE16_LEN;
|
||||
XMEMCPY(es, ssl->arrays->client_identity, esSz);
|
||||
es += esSz;
|
||||
encSz = esSz + OPAQUE16_LEN;
|
||||
|
||||
InitDhKey(&key);
|
||||
ret = DhSetKey(&key, serverP.buffer, serverP.length,
|
||||
serverG.buffer, serverG.length);
|
||||
if (ret == 0)
|
||||
/* for DH, encSecret is Yc, agree is pre-master */
|
||||
ret = DhGenerateKeyPair(&key, ssl->rng, priv, &privSz,
|
||||
es + OPAQUE16_LEN, &pubSz);
|
||||
if (ret == 0)
|
||||
ret = DhAgree(&key, pms + OPAQUE16_LEN,
|
||||
&ssl->arrays->preMasterSz, priv, privSz,
|
||||
serverPub.buffer, serverPub.length);
|
||||
FreeDhKey(&key);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
c16toa((word16)pubSz, es);
|
||||
encSz += pubSz + OPAQUE16_LEN;
|
||||
c16toa((word16)ssl->arrays->preMasterSz, pms);
|
||||
ssl->arrays->preMasterSz += OPAQUE16_LEN;
|
||||
pms += ssl->arrays->preMasterSz;
|
||||
|
||||
/* make psk pre master secret */
|
||||
/* length of key + length 0s + length of key + key */
|
||||
c16toa((word16)ssl->arrays->psk_keySz, pms);
|
||||
pms += OPAQUE16_LEN;
|
||||
XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
|
||||
ssl->arrays->preMasterSz +=
|
||||
ssl->arrays->psk_keySz + OPAQUE16_LEN;
|
||||
XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz);
|
||||
ssl->arrays->psk_keySz = 0; /* No further need */
|
||||
}
|
||||
break;
|
||||
#endif /* OPENSSL_EXTRA && !NO_PSK */
|
||||
#ifdef HAVE_NTRU
|
||||
case ntru_kea:
|
||||
{
|
||||
@ -8521,7 +8821,8 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
if (ssl->options.tls || ssl->specs.kea == diffie_hellman_kea)
|
||||
tlsSz = 2;
|
||||
|
||||
if (ssl->specs.kea == ecc_diffie_hellman_kea) /* always off */
|
||||
if (ssl->specs.kea == ecc_diffie_hellman_kea ||
|
||||
ssl->specs.kea == dhe_psk_kea) /* always off */
|
||||
tlsSz = 0;
|
||||
|
||||
sendSz = encSz + tlsSz + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
|
||||
@ -9067,6 +9368,126 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
}
|
||||
#endif /*NO_PSK */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_PSK)
|
||||
if (ssl->specs.kea == dhe_psk_kea) {
|
||||
byte *output;
|
||||
word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
|
||||
word32 hintLen;
|
||||
int sendSz;
|
||||
DhKey dhKey;
|
||||
|
||||
if (ssl->buffers.serverDH_P.buffer == NULL ||
|
||||
ssl->buffers.serverDH_G.buffer == NULL)
|
||||
return NO_DH_PARAMS;
|
||||
|
||||
if (ssl->buffers.serverDH_Pub.buffer == NULL) {
|
||||
ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC(
|
||||
ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap,
|
||||
DYNAMIC_TYPE_DH);
|
||||
if (ssl->buffers.serverDH_Pub.buffer == NULL)
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
if (ssl->buffers.serverDH_Priv.buffer == NULL) {
|
||||
ssl->buffers.serverDH_Priv.buffer = (byte*)XMALLOC(
|
||||
ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap,
|
||||
DYNAMIC_TYPE_DH);
|
||||
if (ssl->buffers.serverDH_Priv.buffer == NULL)
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
InitDhKey(&dhKey);
|
||||
ret = DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer,
|
||||
ssl->buffers.serverDH_P.length,
|
||||
ssl->buffers.serverDH_G.buffer,
|
||||
ssl->buffers.serverDH_G.length);
|
||||
if (ret == 0)
|
||||
ret = DhGenerateKeyPair(&dhKey, ssl->rng,
|
||||
ssl->buffers.serverDH_Priv.buffer,
|
||||
&ssl->buffers.serverDH_Priv.length,
|
||||
ssl->buffers.serverDH_Pub.buffer,
|
||||
&ssl->buffers.serverDH_Pub.length);
|
||||
FreeDhKey(&dhKey);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
length = LENGTH_SZ * 3 + /* p, g, pub */
|
||||
ssl->buffers.serverDH_P.length +
|
||||
ssl->buffers.serverDH_G.length +
|
||||
ssl->buffers.serverDH_Pub.length;
|
||||
|
||||
/* include size part */
|
||||
hintLen = (word32)XSTRLEN(ssl->arrays->server_hint);
|
||||
if (hintLen > MAX_PSK_ID_LEN)
|
||||
return SERVER_HINT_ERROR;
|
||||
length += hintLen + HINT_LEN_SZ;
|
||||
sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
|
||||
|
||||
#ifdef CYASSL_DTLS
|
||||
if (ssl->options.dtls) {
|
||||
sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
|
||||
idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
|
||||
}
|
||||
#endif
|
||||
/* check for available size */
|
||||
if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
|
||||
return ret;
|
||||
|
||||
/* get ouput buffer */
|
||||
output = ssl->buffers.outputBuffer.buffer +
|
||||
ssl->buffers.outputBuffer.length;
|
||||
|
||||
AddHeaders(output, length, server_key_exchange, ssl);
|
||||
|
||||
/* key data */
|
||||
c16toa((word16)hintLen, output + idx);
|
||||
idx += HINT_LEN_SZ;
|
||||
XMEMCPY(output + idx, ssl->arrays->server_hint, hintLen);
|
||||
idx += hintLen;
|
||||
|
||||
/* add p, g, pub */
|
||||
c16toa((word16)ssl->buffers.serverDH_P.length, output + idx);
|
||||
idx += LENGTH_SZ;
|
||||
XMEMCPY(output + idx, ssl->buffers.serverDH_P.buffer,
|
||||
ssl->buffers.serverDH_P.length);
|
||||
idx += ssl->buffers.serverDH_P.length;
|
||||
|
||||
/* g */
|
||||
c16toa((word16)ssl->buffers.serverDH_G.length, output + idx);
|
||||
idx += LENGTH_SZ;
|
||||
XMEMCPY(output + idx, ssl->buffers.serverDH_G.buffer,
|
||||
ssl->buffers.serverDH_G.length);
|
||||
idx += ssl->buffers.serverDH_G.length;
|
||||
|
||||
/* pub */
|
||||
c16toa((word16)ssl->buffers.serverDH_Pub.length, output + idx);
|
||||
idx += LENGTH_SZ;
|
||||
XMEMCPY(output + idx, ssl->buffers.serverDH_Pub.buffer,
|
||||
ssl->buffers.serverDH_Pub.length);
|
||||
idx += ssl->buffers.serverDH_Pub.length;
|
||||
|
||||
ret = HashOutput(ssl, output, sendSz, 0);
|
||||
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#ifdef CYASSL_CALLBACKS
|
||||
if (ssl->hsInfoOn)
|
||||
AddPacketName("ServerKeyExchange", &ssl->handShakeInfo);
|
||||
if (ssl->toInfoOn)
|
||||
AddPacketInfo("ServerKeyExchange", &ssl->timeoutInfo,
|
||||
output, sendSz, ssl->heap);
|
||||
#endif
|
||||
|
||||
ssl->buffers.outputBuffer.length += sendSz;
|
||||
if (ssl->options.groupMessages)
|
||||
ret = 0;
|
||||
else
|
||||
ret = SendBuffered(ssl);
|
||||
ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA && !NO_PSK */
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
if (ssl->specs.kea == ecc_diffie_hellman_kea)
|
||||
{
|
||||
@ -9915,6 +10336,14 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_DHE_PSK_WITH_AES_128_CCM:
|
||||
case TLS_DHE_PSK_WITH_AES_256_CCM:
|
||||
if (requirement == REQUIRES_PSK)
|
||||
return 1;
|
||||
if (requirement == REQUIRES_DHE)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
default:
|
||||
CYASSL_MSG("Unsupported cipher suite, CipherRequires ECC");
|
||||
return 0;
|
||||
@ -9999,6 +10428,18 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
|
||||
case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
|
||||
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
|
||||
case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
|
||||
case TLS_DHE_PSK_WITH_NULL_SHA384 :
|
||||
case TLS_DHE_PSK_WITH_NULL_SHA256 :
|
||||
if (requirement == REQUIRES_DHE)
|
||||
return 1;
|
||||
if (requirement == REQUIRES_PSK)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
#ifndef NO_RSA
|
||||
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
|
||||
if (requirement == REQUIRES_RSA)
|
||||
@ -11267,6 +11708,84 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
}
|
||||
break;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_PSK)
|
||||
case dhe_psk_kea:
|
||||
{
|
||||
byte* pms = ssl->arrays->preMasterSecret;
|
||||
word16 clientSz;
|
||||
DhKey dhKey;
|
||||
|
||||
/* Read in the PSK hint */
|
||||
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ato16(input + *inOutIdx, &clientSz);
|
||||
*inOutIdx += OPAQUE16_LEN;
|
||||
if (clientSz > MAX_PSK_ID_LEN)
|
||||
return CLIENT_ID_ERROR;
|
||||
|
||||
if ((*inOutIdx - begin) + clientSz > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
XMEMCPY(ssl->arrays->client_identity,
|
||||
input + *inOutIdx, clientSz);
|
||||
*inOutIdx += clientSz;
|
||||
ssl->arrays->client_identity[min(clientSz, MAX_PSK_ID_LEN-1)] =
|
||||
0;
|
||||
|
||||
/* Read in the DHE business */
|
||||
if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ato16(input + *inOutIdx, &clientSz);
|
||||
*inOutIdx += OPAQUE16_LEN;
|
||||
|
||||
if ((*inOutIdx - begin) + clientSz > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
InitDhKey(&dhKey);
|
||||
ret = DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer,
|
||||
ssl->buffers.serverDH_P.length,
|
||||
ssl->buffers.serverDH_G.buffer,
|
||||
ssl->buffers.serverDH_G.length);
|
||||
if (ret == 0)
|
||||
ret = DhAgree(&dhKey, pms + OPAQUE16_LEN,
|
||||
&ssl->arrays->preMasterSz,
|
||||
ssl->buffers.serverDH_Priv.buffer,
|
||||
ssl->buffers.serverDH_Priv.length,
|
||||
input + *inOutIdx, clientSz);
|
||||
FreeDhKey(&dhKey);
|
||||
|
||||
*inOutIdx += clientSz;
|
||||
c16toa(ssl->arrays->preMasterSz, pms);
|
||||
ssl->arrays->preMasterSz += OPAQUE16_LEN;
|
||||
pms += ssl->arrays->preMasterSz;
|
||||
|
||||
/* Use the PSK hint to look up the PSK and add it to the
|
||||
* preMasterSecret here. */
|
||||
ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
|
||||
ssl->arrays->client_identity, ssl->arrays->psk_key,
|
||||
MAX_PSK_KEY_LEN);
|
||||
|
||||
if (ssl->arrays->psk_keySz == 0 ||
|
||||
ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN)
|
||||
return PSK_KEY_ERROR;
|
||||
|
||||
c16toa((word16) ssl->arrays->psk_keySz, pms);
|
||||
pms += OPAQUE16_LEN;
|
||||
|
||||
XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
|
||||
ssl->arrays->preMasterSz +=
|
||||
ssl->arrays->psk_keySz + OPAQUE16_LEN;
|
||||
if (ret == 0)
|
||||
ret = MakeMasterSecret(ssl);
|
||||
|
||||
/* No further need for PSK */
|
||||
XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz);
|
||||
ssl->arrays->psk_keySz = 0;
|
||||
}
|
||||
break;
|
||||
#endif /* OPENSSL_EXTRA && !NO_PSK */
|
||||
default:
|
||||
{
|
||||
CYASSL_MSG("Bad kea type");
|
||||
|
186
src/keys.c
186
src/keys.c
@ -708,6 +708,82 @@ int SetCipherSpecs(CYASSL* ssl)
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
|
||||
case TLS_PSK_WITH_AES_128_CCM :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
|
||||
ssl->specs.cipher_type = aead;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
ssl->specs.kea = psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = AES_128_KEY_SIZE;
|
||||
ssl->specs.block_size = AES_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
|
||||
ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
|
||||
case TLS_PSK_WITH_AES_256_CCM :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
|
||||
ssl->specs.cipher_type = aead;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
ssl->specs.kea = psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = AES_256_KEY_SIZE;
|
||||
ssl->specs.block_size = AES_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
|
||||
ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
|
||||
case TLS_DHE_PSK_WITH_AES_128_CCM :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
|
||||
ssl->specs.cipher_type = aead;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
ssl->specs.kea = dhe_psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = AES_128_KEY_SIZE;
|
||||
ssl->specs.block_size = AES_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
|
||||
ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
|
||||
case TLS_DHE_PSK_WITH_AES_256_CCM :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
|
||||
ssl->specs.cipher_type = aead;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
ssl->specs.kea = dhe_psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = AES_256_KEY_SIZE;
|
||||
ssl->specs.block_size = AES_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
|
||||
ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
default:
|
||||
CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC");
|
||||
return UNSUPPORTED_SUITE;
|
||||
@ -975,6 +1051,44 @@ int SetCipherSpecs(CYASSL* ssl)
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
|
||||
ssl->specs.cipher_type = aead;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
ssl->specs.kea = dhe_psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = AES_128_KEY_SIZE;
|
||||
ssl->specs.block_size = AES_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
|
||||
ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
|
||||
ssl->specs.cipher_type = aead;
|
||||
ssl->specs.mac_algorithm = sha384_mac;
|
||||
ssl->specs.kea = dhe_psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA384_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = AES_256_KEY_SIZE;
|
||||
ssl->specs.block_size = AES_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = AEAD_IMP_IV_SZ;
|
||||
ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
|
||||
case TLS_PSK_WITH_AES_128_CBC_SHA256 :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes;
|
||||
@ -1011,6 +1125,42 @@ int SetCipherSpecs(CYASSL* ssl)
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes;
|
||||
ssl->specs.cipher_type = block;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
ssl->specs.kea = dhe_psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = AES_128_KEY_SIZE;
|
||||
ssl->specs.block_size = AES_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = AES_IV_SIZE;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes;
|
||||
ssl->specs.cipher_type = block;
|
||||
ssl->specs.mac_algorithm = sha384_mac;
|
||||
ssl->specs.kea = dhe_psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA384_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = AES_256_KEY_SIZE;
|
||||
ssl->specs.block_size = AES_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = AES_IV_SIZE;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
|
||||
case TLS_PSK_WITH_AES_128_CBC_SHA :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes;
|
||||
@ -1101,6 +1251,42 @@ int SetCipherSpecs(CYASSL* ssl)
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
|
||||
case TLS_DHE_PSK_WITH_NULL_SHA256 :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
|
||||
ssl->specs.cipher_type = stream;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
ssl->specs.kea = dhe_psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = 0;
|
||||
ssl->specs.block_size = 0;
|
||||
ssl->specs.iv_size = 0;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
|
||||
case TLS_DHE_PSK_WITH_NULL_SHA384 :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
|
||||
ssl->specs.cipher_type = stream;
|
||||
ssl->specs.mac_algorithm = sha384_mac;
|
||||
ssl->specs.kea = dhe_psk_kea;
|
||||
ssl->specs.sig_algo = anonymous_sa_algo;
|
||||
ssl->specs.hash_size = SHA384_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = 0;
|
||||
ssl->specs.block_size = 0;
|
||||
ssl->specs.iv_size = 0;
|
||||
|
||||
ssl->options.usingPSK_cipher = 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_aes;
|
||||
|
20
src/ssl.c
20
src/ssl.c
@ -8425,6 +8425,14 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
|
||||
return "TLS_PSK_WITH_AES_128_CCM_8";
|
||||
case TLS_PSK_WITH_AES_256_CCM_8 :
|
||||
return "TLS_PSK_WITH_AES_256_CCM_8";
|
||||
case TLS_PSK_WITH_AES_128_CCM :
|
||||
return "TLS_PSK_WITH_AES_128_CCM";
|
||||
case TLS_PSK_WITH_AES_256_CCM :
|
||||
return "TLS_PSK_WITH_AES_256_CCM";
|
||||
case TLS_DHE_PSK_WITH_AES_128_CCM :
|
||||
return "TLS_DHE_PSK_WITH_AES_128_CCM";
|
||||
case TLS_DHE_PSK_WITH_AES_256_CCM :
|
||||
return "TLS_DHE_PSK_WITH_AES_256_CCM";
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
|
||||
@ -8492,9 +8500,15 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
|
||||
return "TLS_PSK_WITH_AES_128_CBC_SHA256";
|
||||
case TLS_PSK_WITH_NULL_SHA256 :
|
||||
return "TLS_PSK_WITH_NULL_SHA256";
|
||||
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
|
||||
return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256";
|
||||
case TLS_DHE_PSK_WITH_NULL_SHA256 :
|
||||
return "TLS_DHE_PSK_WITH_NULL_SHA256";
|
||||
#ifdef HAVE_AESGCM
|
||||
case TLS_PSK_WITH_AES_128_GCM_SHA256 :
|
||||
return "TLS_PSK_WITH_AES_128_GCM_SHA256";
|
||||
case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
|
||||
return "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256";
|
||||
#endif
|
||||
#endif
|
||||
#ifdef CYASSL_SHA384
|
||||
@ -8502,9 +8516,15 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
|
||||
return "TLS_PSK_WITH_AES_256_CBC_SHA384";
|
||||
case TLS_PSK_WITH_NULL_SHA384 :
|
||||
return "TLS_PSK_WITH_NULL_SHA384";
|
||||
case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
|
||||
return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384";
|
||||
case TLS_DHE_PSK_WITH_NULL_SHA384 :
|
||||
return "TLS_DHE_PSK_WITH_NULL_SHA384";
|
||||
#ifdef HAVE_AESGCM
|
||||
case TLS_PSK_WITH_AES_256_GCM_SHA384 :
|
||||
return "TLS_PSK_WITH_AES_256_GCM_SHA384";
|
||||
case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
|
||||
return "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384";
|
||||
#endif
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
|
224
tests/test.conf
224
tests/test.conf
@ -1182,6 +1182,26 @@
|
||||
-v 3
|
||||
-l PSK-AES256-CBC-SHA
|
||||
|
||||
# server TLSv1.0 PSK-AES128-SHA256
|
||||
-s
|
||||
-v 1
|
||||
-l PSK-AES128-CBC-SHA256
|
||||
|
||||
# client TLSv1.0 PSK-AES128-SHA256
|
||||
-s
|
||||
-v 1
|
||||
-l PSK-AES128-CBC-SHA256
|
||||
|
||||
# server TLSv1.1 PSK-AES128-SHA256
|
||||
-s
|
||||
-v 2
|
||||
-l PSK-AES128-CBC-SHA256
|
||||
|
||||
# client TLSv1.1 PSK-AES128-SHA256
|
||||
-s
|
||||
-v 2
|
||||
-l PSK-AES128-CBC-SHA256
|
||||
|
||||
# server TLSv1.2 PSK-AES128-SHA256
|
||||
-s
|
||||
-v 3
|
||||
@ -1192,6 +1212,26 @@
|
||||
-v 3
|
||||
-l PSK-AES128-CBC-SHA256
|
||||
|
||||
# server TLSv1.0 PSK-AES256-SHA384
|
||||
-s
|
||||
-v 1
|
||||
-l PSK-AES256-CBC-SHA384
|
||||
|
||||
# client TLSv1.0 PSK-AES256-SHA384
|
||||
-s
|
||||
-v 1
|
||||
-l PSK-AES256-CBC-SHA384
|
||||
|
||||
# server TLSv1.1 PSK-AES256-SHA384
|
||||
-s
|
||||
-v 2
|
||||
-l PSK-AES256-CBC-SHA384
|
||||
|
||||
# client TLSv1.1 PSK-AES256-SHA384
|
||||
-s
|
||||
-v 2
|
||||
-l PSK-AES256-CBC-SHA384
|
||||
|
||||
# server TLSv1.2 PSK-AES256-SHA384
|
||||
-s
|
||||
-v 3
|
||||
@ -1682,12 +1722,32 @@
|
||||
-l ECDHE-ECDSA-AES256-CCM-8
|
||||
-A ./certs/server-ecc.pem
|
||||
|
||||
# server TLSv1.2 PSK-AES128-CCM
|
||||
-s
|
||||
-v 3
|
||||
-l PSK-AES128-CCM
|
||||
|
||||
# client TLSv1.2 PSK-AES128-CCM
|
||||
-s
|
||||
-v 3
|
||||
-l PSK-AES128-CCM
|
||||
|
||||
# server TLSv1.2 PSK-AES256-CCM
|
||||
-s
|
||||
-v 3
|
||||
-l PSK-AES256-CCM
|
||||
|
||||
# client TLSv1.2 PSK-AES256-CCM
|
||||
-s
|
||||
-v 3
|
||||
-l PSK-AES256-CCM
|
||||
|
||||
# server TLSv1.2 PSK-AES128-CCM-8
|
||||
-s
|
||||
-v 3
|
||||
-l PSK-AES128-CCM-8
|
||||
|
||||
# client TLSv1.2 AES128-CCM-8
|
||||
# client TLSv1.2 PSK-AES128-CCM-8
|
||||
-s
|
||||
-v 3
|
||||
-l PSK-AES128-CCM-8
|
||||
@ -1697,8 +1757,168 @@
|
||||
-v 3
|
||||
-l PSK-AES256-CCM-8
|
||||
|
||||
# client TLSv1.2 AES256-CCM-8
|
||||
# client TLSv1.2 PSK-AES256-CCM-8
|
||||
-s
|
||||
-v 3
|
||||
-l PSK-AES256-CCM-8
|
||||
|
||||
# server TLSv1.0 DHE-PSK-AES128-CBC-SHA256
|
||||
-s
|
||||
-v 1
|
||||
-l DHE-PSK-AES128-CBC-SHA256
|
||||
|
||||
# client TLSv1.0 DHE-PSK-AES128-CBC-SHA256
|
||||
-s
|
||||
-v 1
|
||||
-l DHE-PSK-AES128-CBC-SHA256
|
||||
|
||||
# server TLSv1.1 DHE-PSK-AES128-CBC-SHA256
|
||||
-s
|
||||
-v 2
|
||||
-l DHE-PSK-AES128-CBC-SHA256
|
||||
|
||||
# client TLSv1.1 DHE-PSK-AES128-CBC-SHA256
|
||||
-s
|
||||
-v 2
|
||||
-l DHE-PSK-AES128-CBC-SHA256
|
||||
|
||||
# server TLSv1.2 DHE-PSK-AES128-CBC-SHA256
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES128-CBC-SHA256
|
||||
|
||||
# client TLSv1.2 DHE-PSK-AES128-CBC-SHA256
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES128-CBC-SHA256
|
||||
|
||||
# server TLSv1.0 DHE-PSK-AES256-CBC-SHA384
|
||||
-s
|
||||
-v 1
|
||||
-l DHE-PSK-AES256-CBC-SHA384
|
||||
|
||||
# client TLSv1.0 DHE-PSK-AES256-CBC-SHA384
|
||||
-s
|
||||
-v 1
|
||||
-l DHE-PSK-AES256-CBC-SHA384
|
||||
|
||||
# server TLSv1.1 DHE-PSK-AES256-CBC-SHA384
|
||||
-s
|
||||
-v 2
|
||||
-l DHE-PSK-AES256-CBC-SHA384
|
||||
|
||||
# client TLSv1.1 DHE-PSK-AES256-CBC-SHA384
|
||||
-s
|
||||
-v 2
|
||||
-l DHE-PSK-AES256-CBC-SHA384
|
||||
|
||||
# server TLSv1.2 DHE-PSK-AES256-CBC-SHA384
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES256-CBC-SHA384
|
||||
|
||||
# client TLSv1.2 DHE-PSK-AES256-CBC-SHA384
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES256-CBC-SHA384
|
||||
|
||||
# server TLSv1.0 DHE-PSK-NULL-SHA256
|
||||
-s
|
||||
-v 1
|
||||
-l DHE-PSK-NULL-SHA256
|
||||
|
||||
# client TLSv1.0 DHE-PSK-NULL-SHA256
|
||||
-s
|
||||
-v 1
|
||||
-l DHE-PSK-NULL-SHA256
|
||||
|
||||
# server TLSv1.1 DHE-PSK-NULL-SHA256
|
||||
-s
|
||||
-v 2
|
||||
-l DHE-PSK-NULL-SHA256
|
||||
|
||||
# client TLSv1.1 DHE-PSK-NULL-SHA256
|
||||
-s
|
||||
-v 2
|
||||
-l DHE-PSK-NULL-SHA256
|
||||
|
||||
# server TLSv1.2 DHE-PSK-NULL-SHA256
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-NULL-SHA256
|
||||
|
||||
# client TLSv1.2 DHE-PSK-NULL-SHA256
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-NULL-SHA256
|
||||
|
||||
# server TLSv1.0 DHE-PSK-NULL-SHA384
|
||||
-s
|
||||
-v 1
|
||||
-l DHE-PSK-NULL-SHA384
|
||||
|
||||
# client TLSv1.0 DHE-PSK-NULL-SHA384
|
||||
-s
|
||||
-v 1
|
||||
-l DHE-PSK-NULL-SHA384
|
||||
|
||||
# server TLSv1.1 DHE-PSK-NULL-SHA384
|
||||
-s
|
||||
-v 2
|
||||
-l DHE-PSK-NULL-SHA384
|
||||
|
||||
# client TLSv1.1 DHE-PSK-NULL-SHA384
|
||||
-s
|
||||
-v 2
|
||||
-l DHE-PSK-NULL-SHA384
|
||||
|
||||
# server TLSv1.2 DHE-PSK-NULL-SHA384
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-NULL-SHA384
|
||||
|
||||
# client TLSv1.2 DHE-PSK-NULL-SHA384
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-NULL-SHA384
|
||||
|
||||
# server TLSv1.2 DHE-PSK-AES128-GCM-SHA256
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES128-GCM-SHA256
|
||||
|
||||
# client TLSv1.2 DHE-PSK-AES128-GCM-SHA256
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES128-GCM-SHA256
|
||||
|
||||
# server TLSv1.2 DHE-PSK-AES256-GCM-SHA384
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES256-GCM-SHA384
|
||||
|
||||
# client TLSv1.2 DHE-PSK-AES256-GCM-SHA384
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES256-GCM-SHA384
|
||||
|
||||
# server TLSv1.2 DHE-PSK-AES128-CCM
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES128-CCM
|
||||
|
||||
# client TLSv1.2 DHE-PSK-AES128-CCM
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES128-CCM
|
||||
|
||||
# server TLSv1.2 DHE-PSK-AES256-CCM
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES256-CCM
|
||||
|
||||
# client TLSv1.2 DHE-PSK-AES256-CCM
|
||||
-s
|
||||
-v 3
|
||||
-l DHE-PSK-AES256-CCM
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user