added external api for Elliptic Curves Extension.

2013-08-26 12:27:58 -03:00 · 2013-08-26 12:27:58 -03:00 · 75ae9dc973
commit 75ae9dc973
parent b2ebfe9004
3 changed files with 85 additions and 4 deletions
--- a/cyassl/internal.h
+++ b/cyassl/internal.h
@ -1109,11 +1109,13 @@ typedef struct CYASSL_DTLS_CTX {
 typedef enum {
    SERVER_NAME_INDICATION =  0,
    MAX_FRAGMENT_LENGTH    =  1,
-  /*CLIENT_CERTIFICATE_URL =  2,
-    TRUSTED_CA_KEYS        =  3,*/
+  /*CLIENT_CERTIFICATE_URL =  2,*/
+  /*TRUSTED_CA_KEYS        =  3,*/
    TRUNCATED_HMAC         =  4,
-  /*STATUS_REQUEST         =  5,
-    SIGNATURE_ALGORITHMS   = 13,*/
+  /*STATUS_REQUEST         =  5,*/
+    ELLIPTIC_CURVES        = 10,
+  /*EC_POINT_FORMATS       = 11,*/
+  /*SIGNATURE_ALGORITHMS   = 13,*/
 } TLSX_Type;

 typedef struct TLSX {
@ -1180,6 +1182,18 @@ CYASSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions);

 #endif /* HAVE_TRUNCATED_HMAC */

+#ifdef HAVE_ELLIPTIC_CURVES
+
+typedef struct EllipticCurve {
+    word16                name; /* CurveNames    */
+    struct EllipticCurve* next; /* List Behavior */
+
+} EllipticCurve;
+
+CYASSL_LOCAL int TLSX_UseEllipticCurve(TLSX** extensions, word16 name);
+
+#endif
+
 #endif /* HAVE_TLS_EXTENSIONS */

 /* CyaSSL context type */
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@ -1231,6 +1231,7 @@ CYASSL_API int CyaSSL_CTX_UseMaxFragment(CYASSL_CTX* ctx, unsigned char mfl);
 #endif /* NO_CYASSL_CLIENT */
 #endif /* HAVE_MAX_FRAGMENT */

+/* Truncated HMAC */
 #ifdef HAVE_TRUNCATED_HMAC
 #ifndef NO_CYASSL_CLIENT

@ -1240,6 +1241,48 @@ CYASSL_API int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx);
 #endif /* NO_CYASSL_CLIENT */
 #endif /* HAVE_TRUNCATED_HMAC */

+/* Elliptic Curves */
+#ifdef HAVE_ELLIPTIC_CURVES
+
+enum {
+  /*CYASSL_ECC_SECT163K1 =  1,*/
+  /*CYASSL_ECC_SECT163R1 =  2,*/
+  /*CYASSL_ECC_SECT163R2 =  3,*/
+  /*CYASSL_ECC_SECT193R1 =  4,*/
+  /*CYASSL_ECC_SECT193R2 =  5,*/
+  /*CYASSL_ECC_SECT233K1 =  6,*/
+  /*CYASSL_ECC_SECT233R1 =  7,*/
+  /*CYASSL_ECC_SECT239K1 =  8,*/
+  /*CYASSL_ECC_SECT283K1 =  9,*/
+  /*CYASSL_ECC_SECT283R1 = 10,*/
+  /*CYASSL_ECC_SECT409K1 = 11,*/
+  /*CYASSL_ECC_SECT409R1 = 12,*/
+  /*CYASSL_ECC_SECT571K1 = 13,*/
+  /*CYASSL_ECC_SECT571R1 = 14,*/
+  /*CYASSL_ECC_SECP160K1 = 15,*/
+    CYASSL_ECC_SECP160R1 = 16,
+  /*CYASSL_ECC_SECP160R2 = 17,*/
+  /*CYASSL_ECC_SECP192K1 = 18,*/
+    CYASSL_ECC_SECP192R1 = 19,
+  /*CYASSL_ECC_SECP224K1 = 20,*/
+    CYASSL_ECC_SECP224R1 = 21,
+  /*CYASSL_ECC_SECP256K1 = 22,*/
+    CYASSL_ECC_SECP256R1 = 23,
+    CYASSL_ECC_SECP384R1 = 24,
+    CYASSL_ECC_SECP521R1 = 25,
+  /*CYASSL_ECC_ARBITRARY_EXPLICIT_PRIME_CURVES = 0xFF01,*/
+  /*CYASSL_ECC_ARBITRARY_EXPLICIT_CHAR2_CURVES = 0xFF02*/
+};
+
+#ifndef NO_CYASSL_CLIENT
+
+CYASSL_API int CyaSSL_UseEllipticCurve(CYASSL* ssl, unsigned short name);
+CYASSL_API int CyaSSL_CTX_UseEllipticCurve(CYASSL_CTX* ctx,
+                                                          unsigned short name);
+
+#endif /* NO_CYASSL_CLIENT */
+#endif /* HAVE_ELLIPTIC_CURVES */
+

 #define CYASSL_CRL_MONITOR   0x01   /* monitor this dir flag */
 #define CYASSL_CRL_START_MON 0x02   /* start monitoring flag */
--- a/src/ssl.c
+++ b/src/ssl.c
@ -622,6 +622,30 @@ int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx)
 #endif /* NO_CYASSL_CLIENT */
 #endif /* HAVE_TRUNCATED_HMAC */

+/* Elliptic Curves */
+#ifdef HAVE_ELLIPTIC_CURVES
+#ifndef NO_CYASSL_CLIENT
+
+int CyaSSL_UseEllipticCurve(CYASSL* ssl, word16 name)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseEllipticCurve(&ssl->extensions, name);
+}
+
+int CyaSSL_CTX_UseEllipticCurve(CYASSL_CTX* ctx, word16 name)
+{
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseEllipticCurve(&ctx->extensions, name);
+}
+
+#endif /* NO_CYASSL_CLIENT */
+#endif /* HAVE_ELLIPTIC_CURVES */
+
+
 #ifndef CYASSL_LEANPSK
 int CyaSSL_send(CYASSL* ssl, const void* data, int sz, int flags)
 {