mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added TLS support for Camellia

Browse Source
This commit is contained in:
John Safranek 2013-01-21 10:53:42 -08:00
parent 2e2de4cf4d
commit a453ccba57
9 changed files with 837 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
cyassl/internal.h
View File

@ -34,6 +34,7 @@
#include <cyassl/ctaocrypt/asn.h> #include <cyassl/ctaocrypt/asn.h>
#include <cyassl/ctaocrypt/md5.h> #include <cyassl/ctaocrypt/md5.h>
#include <cyassl/ctaocrypt/aes.h> #include <cyassl/ctaocrypt/aes.h>
#include <cyassl/ctaocrypt/camellia.h>
#include <cyassl/ctaocrypt/logging.h> #include <cyassl/ctaocrypt/logging.h>
#ifndef NO_RC4 #ifndef NO_RC4
#include <cyassl/ctaocrypt/arc4.h> #include <cyassl/ctaocrypt/arc4.h>
@ -168,6 +169,25 @@ void c32to24(word32 in, word24 out);
#endif #endif
#endif #endif
#if defined(HAVE_CAMELLIA) && !defined(NO_TLS)
#ifndef NO_RSA
#define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
#define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
#ifndef NO_SHA256
#define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
#define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
#endif
#if !defined(NO_DH) && defined(OPENSSL_EXTRA)
#define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
#define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
#ifndef NO_SHA256
#define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
#define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
#endif
#endif
#endif
#endif
#if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS) #if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS)
#define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
#define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
@ -368,7 +388,17 @@ enum {
* there will be second byte number conflicts * there will be second byte number conflicts
* with non-ECC AES-GCM */ * with non-ECC AES-GCM */
TLS_RSA_WITH_AES_128_CCM_8_SHA256 = 0xa0, TLS_RSA_WITH_AES_128_CCM_8_SHA256 = 0xa0,
TLS_RSA_WITH_AES_256_CCM_8_SHA384 = 0xa1 TLS_RSA_WITH_AES_256_CCM_8_SHA384 = 0xa1,
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x41,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x84,
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xba,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc0,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4
}; };
@ -487,6 +517,11 @@ enum Misc {
AEAD_EXP_IV_SZ = 8, /* Size of the explicit IV */ AEAD_EXP_IV_SZ = 8, /* Size of the explicit IV */
AEAD_NONCE_SZ = AEAD_EXP_IV_SZ + AEAD_IMP_IV_SZ, AEAD_NONCE_SZ = AEAD_EXP_IV_SZ + AEAD_IMP_IV_SZ,
CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */
CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */
CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */
CAMELLIA_IV_SIZE = 16, /* always block size */
HC_128_KEY_SIZE = 16, /* 128 bits */ HC_128_KEY_SIZE = 16, /* 128 bits */
HC_128_IV_SIZE = 16, /* also 128 bits */ HC_128_IV_SIZE = 16, /* also 128 bits */
@ -981,6 +1016,7 @@ enum BulkCipherAlgorithm {
aes, aes,
aes_gcm, aes_gcm,
aes_ccm, aes_ccm,
camellia,
hc128, /* CyaSSL extensions */ hc128, /* CyaSSL extensions */
rabbit rabbit
}; };
@ -1100,6 +1136,9 @@ typedef struct Ciphers {
#ifdef BUILD_AES #ifdef BUILD_AES
Aes* aes; Aes* aes;
#endif #endif
#ifdef HAVE_CAMELLIA
Camellia* cam;
#endif
#ifdef HAVE_HC128 #ifdef HAVE_HC128
HC128* hc128; HC128* hc128;
#endif #endif

6
examples/client/client.c
View File

@ -272,7 +272,7 @@ void client_test(void* args)
if (cipherList) if (cipherList)
if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
err_sys("can't set cipher list"); err_sys("client can't set cipher list 1");
#ifdef CYASSL_LEANPSK #ifdef CYASSL_LEANPSK
usePsk = 1; usePsk = 1;
@ -289,7 +289,7 @@ void client_test(void* args)
defaultCipherList = "PSK-AES256-CBC-SHA"; defaultCipherList = "PSK-AES256-CBC-SHA";
#endif #endif
if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS)
err_sys("can't set cipher list"); err_sys("client can't set cipher list 2");
} }
#endif #endif
} }
@ -302,7 +302,7 @@ void client_test(void* args)
if (cipherList == NULL) { if (cipherList == NULL) {
/* don't use EDH, can't sniff tmp keys */ /* don't use EDH, can't sniff tmp keys */
if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) { if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) {
err_sys("can't set cipher list"); err_sys("client can't set cipher list 3");
} }
} }
#endif #endif

6
examples/server/server.c
View File

@ -240,7 +240,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
if (cipherList) if (cipherList)
if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
err_sys("can't set cipher list"); err_sys("server can't set cipher list 1");
#ifdef CYASSL_LEANPSK #ifdef CYASSL_LEANPSK
usePsk = 1; usePsk = 1;
@ -285,7 +285,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
defaultCipherList = "PSK-AES256-CBC-SHA"; defaultCipherList = "PSK-AES256-CBC-SHA";
#endif #endif
if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS)
err_sys("can't set cipher list"); err_sys("server can't set cipher list 2");
} }
#endif #endif
} }
@ -308,7 +308,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
/* don't use EDH, can't sniff tmp keys */ /* don't use EDH, can't sniff tmp keys */
if (cipherList == NULL) { if (cipherList == NULL) {
if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS)
err_sys("can't set cipher list"); err_sys("server can't set cipher list 3");
} }
#endif #endif

164
src/internal.c
View File

@ -471,6 +471,10 @@ void InitCiphers(CYASSL* ssl)
ssl->encrypt.aes = NULL; ssl->encrypt.aes = NULL;
ssl->decrypt.aes = NULL; ssl->decrypt.aes = NULL;
#endif #endif
#ifdef HAVE_CAMELLIA
ssl->encrypt.cam = NULL;
ssl->decrypt.cam = NULL;
#endif
#ifdef HAVE_HC128 #ifdef HAVE_HC128
ssl->encrypt.hc128 = NULL; ssl->encrypt.hc128 = NULL;
ssl->decrypt.hc128 = NULL; ssl->decrypt.hc128 = NULL;
@ -500,6 +504,10 @@ void FreeCiphers(CYASSL* ssl)
XFREE(ssl->encrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER); XFREE(ssl->encrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
XFREE(ssl->decrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER); XFREE(ssl->decrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
#endif #endif
#ifdef BUILD_CAMELLIA
XFREE(ssl->encrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER);
XFREE(ssl->decrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER);
#endif
#ifdef HAVE_HC128 #ifdef HAVE_HC128
XFREE(ssl->encrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER); XFREE(ssl->encrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER);
XFREE(ssl->decrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER); XFREE(ssl->decrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER);
@ -949,6 +957,62 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
} }
#endif #endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
if (tls && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA;
}
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
if (tls && haveDH && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA;
}
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
if (tls && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA;
}
#endif
#ifdef BUILD_TLS_DHE_WITH_RSA_CAMELLIA_256_CBC_SHA
if (tls && haveDH && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA;
}
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
if (tls && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256;
}
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
if (tls && haveDH && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256;
}
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
if (tls && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256;
}
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
if (tls && haveDH && haveRSA) {
suites->suites[idx++] = 0;
suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256;
}
#endif
suites->suiteSz = idx; suites->suiteSz = idx;
} }
@ -3080,6 +3144,12 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz)
break; break;
#endif #endif
#ifdef HAVE_CAMELLIA
case camellia:
CamelliaCbcEncrypt(ssl->encrypt.cam, out, input, sz);
break;
#endif
#ifdef HAVE_HC128 #ifdef HAVE_HC128
case hc128: case hc128:
#ifdef XSTREAM_ALIGNMENT #ifdef XSTREAM_ALIGNMENT
@ -3234,6 +3304,12 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input,
} }
#endif #endif
#ifdef HAVE_CAMELLIA
case camellia:
CamelliaCbcDecrypt(ssl->decrypt.cam, plain, input, sz);
break;
#endif
#ifdef HAVE_HC128 #ifdef HAVE_HC128
case hc128: case hc128:
Hc128_Process(ssl->decrypt.hc128, plain, input, sz); Hc128_Process(ssl->decrypt.hc128, plain, input, sz);
@ -5316,7 +5392,39 @@ const char* const cipher_names[] =
#endif #endif
#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
"ECDH-ECDSA-AES256-GCM-SHA384" "ECDH-ECDSA-AES256-GCM-SHA384",
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
"RSA-CAMELLIA128-CBC-SHA",
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
"DHE-RSA-CAMELLIA128-CBC-SHA",
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
"RSA-CAMELLIA256-CBC-SHA",
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
"DHE-RSA-CAMELLIA256-CBC-SHA",
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
"RSA-CAMELLIA128-CBC-SHA256",
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
"DHE-RSA-CAMELLIA128-CBC-SHA256",
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
"RSA-CAMELLIA256-CBC-SHA256",
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
"DHE-RSA-CAMELLIA256-CBC-SHA256"
#endif #endif
}; };
@ -5544,7 +5652,39 @@ int cipher_name_idx[] =
#endif #endif
#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
#endif #endif
}; };
@ -7567,6 +7707,26 @@ int SetCipherList(Suites* s, const char* list)
return 1; return 1;
break; break;
case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
if (requirement == REQUIRES_RSA)
return 1;
break;
case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
if (requirement == REQUIRES_RSA)
return 1;
if (requirement == REQUIRES_RSA_SIG)
return 1;
if (requirement == REQUIRES_DHE)
return 1;
break;
default: default:
CYASSL_MSG("Unsupported cipher suite, CipherRequires"); CYASSL_MSG("Unsupported cipher suite, CipherRequires");
return 0; return 0;

159
src/keys.c
View File

@ -970,6 +970,138 @@ int SetCipherSpecs(CYASSL* ssl)
break; break;
#endif #endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
ssl->specs.bulk_cipher_algorithm = camellia;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha_mac;
ssl->specs.kea = rsa_kea;
ssl->specs.hash_size = SHA_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ssl->specs.iv_size = CAMELLIA_IV_SIZE;
break;
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
ssl->specs.bulk_cipher_algorithm = camellia;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha_mac;
ssl->specs.kea = rsa_kea;
ssl->specs.hash_size = SHA_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ssl->specs.iv_size = CAMELLIA_IV_SIZE;
break;
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
ssl->specs.bulk_cipher_algorithm = camellia;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = rsa_kea;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ssl->specs.iv_size = CAMELLIA_IV_SIZE;
break;
#endif
#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
ssl->specs.bulk_cipher_algorithm = camellia;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = rsa_kea;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ssl->specs.iv_size = CAMELLIA_IV_SIZE;
break;
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
ssl->specs.bulk_cipher_algorithm = camellia;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha_mac;
ssl->specs.kea = diffie_hellman_kea;
ssl->specs.sig_algo = rsa_sa_algo;
ssl->specs.hash_size = SHA_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ssl->specs.iv_size = CAMELLIA_IV_SIZE;
break;
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
ssl->specs.bulk_cipher_algorithm = camellia;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha_mac;
ssl->specs.kea = diffie_hellman_kea;
ssl->specs.sig_algo = rsa_sa_algo;
ssl->specs.hash_size = SHA_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ssl->specs.iv_size = CAMELLIA_IV_SIZE;
break;
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
ssl->specs.bulk_cipher_algorithm = camellia;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = diffie_hellman_kea;
ssl->specs.sig_algo = rsa_sa_algo;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ssl->specs.iv_size = CAMELLIA_IV_SIZE;
break;
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
ssl->specs.bulk_cipher_algorithm = camellia;
ssl->specs.cipher_type = block;
ssl->specs.mac_algorithm = sha256_mac;
ssl->specs.kea = diffie_hellman_kea;
ssl->specs.sig_algo = rsa_sa_algo;
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
ssl->specs.pad_size = PAD_SHA;
ssl->specs.static_ecdh = 0;
ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
ssl->specs.iv_size = CAMELLIA_IV_SIZE;
break;
#endif
default: default:
CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs"); CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs");
return UNSUPPORTED_SUITE; return UNSUPPORTED_SUITE;
@ -1227,6 +1359,33 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
} }
#endif #endif
#ifdef HAVE_CAMELLIA
if (specs->bulk_cipher_algorithm == camellia) {
enc->cam = (Camellia*)XMALLOC(sizeof(Camellia),
heap, DYNAMIC_TYPE_CIPHER);
if (enc->cam == NULL)
return MEMORY_E;
dec->cam = (Camellia*)XMALLOC(sizeof(Camellia),
heap, DYNAMIC_TYPE_CIPHER);
if (dec->cam == NULL)
return MEMORY_E;
if (side == CLIENT_END) {
CamelliaSetKey(enc->cam, keys->client_write_key,
specs->key_size, keys->client_write_IV);
CamelliaSetKey(dec->cam, keys->server_write_key,
specs->key_size, keys->server_write_IV);
}
else {
CamelliaSetKey(enc->cam, keys->server_write_key,
specs->key_size, keys->server_write_IV);
CamelliaSetKey(dec->cam, keys->client_write_key,
specs->key_size, keys->client_write_IV);
}
enc->setup = 1;
dec->setup = 1;
}
#endif
#ifdef HAVE_NULL_CIPHER #ifdef HAVE_NULL_CIPHER
if (specs->bulk_cipher_algorithm == cipher_null) { if (specs->bulk_cipher_algorithm == cipher_null) {
enc->setup = 1; enc->setup = 1;

16
src/ssl.c
View File

@ -5501,6 +5501,22 @@ int CyaSSL_set_compression(CYASSL* ssl)
return "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"; return "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256";
case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 : case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
return "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"; return "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384";
case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA";
case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA";
case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256";
case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256";
case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA";
case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA";
case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256";
case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256";
default: default:
return "NONE"; return "NONE";
} /* switch */ } /* switch */

22
tests/suites.c
View File

@ -381,6 +381,28 @@ int SuiteTest(void)
} }
#endif #endif
#ifdef HAVE_CAMELLIA
/* add camellia suites */
strcpy(argv0[1], "tests/test-camellia.conf");
printf("starting camellia suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#ifdef OPENSSL_EXTRA
/* add camellia openssl extra suites */
strcpy(argv0[1], "tests/test-camellia-openssl.conf");
printf("starting camellia openssl extra suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#endif
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
/* add dtls extra suites */ /* add dtls extra suites */
strcpy(argv0[1], "tests/test-dtls.conf"); strcpy(argv0[1], "tests/test-dtls.conf");

216
tests/test-camellia-openssl.conf Normal file
View File

@ -0,0 +1,216 @@
# server TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA
-v 1
-l DHE-RSA-CAMELLIA128-CBC-SHA
# client TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA
-v 1
-l DHE-RSA-CAMELLIA128-CBC-SHA
# server TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA
-v 1
-l DHE-RSA-CAMELLIA256-CBC-SHA
# client TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA
-v 1
-l DHE-RSA-CAMELLIA256-CBC-SHA
# server TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA256
-v 1
-l DHE-RSA-CAMELLIA128-CBC-SHA256
# client TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA256
-v 1
-l DHE-RSA-CAMELLIA128-CBC-SHA256
# server TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA256
-v 1
-l DHE-RSA-CAMELLIA256-CBC-SHA256
# client TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA256
-v 1
-l DHE-RSA-CAMELLIA256-CBC-SHA256
# server TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA
-v 2
-l DHE-RSA-CAMELLIA128-CBC-SHA
# client TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA
-v 2
-l DHE-RSA-CAMELLIA128-CBC-SHA
# server TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA
-v 2
-l DHE-RSA-CAMELLIA256-CBC-SHA
# client TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA
-v 2
-l DHE-RSA-CAMELLIA256-CBC-SHA
# server TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA256
-v 2
-l DHE-RSA-CAMELLIA128-CBC-SHA256
# client TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA256
-v 2
-l DHE-RSA-CAMELLIA128-CBC-SHA256
# server TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA256
-v 2
-l DHE-RSA-CAMELLIA256-CBC-SHA256
# client TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA256
-v 2
-l DHE-RSA-CAMELLIA256-CBC-SHA256
# server TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA
-v 3
-l DHE-RSA-CAMELLIA128-CBC-SHA
# client TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA
-v 3
-l DHE-RSA-CAMELLIA128-CBC-SHA
# server TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA
-v 3
-l DHE-RSA-CAMELLIA256-CBC-SHA
# client TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA
-v 3
-l DHE-RSA-CAMELLIA256-CBC-SHA
# server TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA256
-v 3
-l DHE-RSA-CAMELLIA128-CBC-SHA256
# client TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA256
-v 3
-l DHE-RSA-CAMELLIA128-CBC-SHA256
# server TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA256
-v 3
-l DHE-RSA-CAMELLIA256-CBC-SHA256
# client TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA256
-v 3
-l DHE-RSA-CAMELLIA256-CBC-SHA256
# server TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 1
-l DHE-RSA-CAMELLIA128-CBC-SHA
-N
# client TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 1
-l DHE-RSA-CAMELLIA128-CBC-SHA
-N
# server TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 1
-l DHE-RSA-CAMELLIA256-CBC-SHA
-N
# client TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 1
-l DHE-RSA-CAMELLIA256-CBC-SHA
-N
# server TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 1
-l DHE-RSA-CAMELLIA128-CBC-SHA256
-N
# client TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 1
-l DHE-RSA-CAMELLIA128-CBC-SHA256
-N
# server TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 1
-l DHE-RSA-CAMELLIA256-CBC-SHA256
-N
# client TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 1
-l DHE-RSA-CAMELLIA256-CBC-SHA256
-N
# server TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 2
-l DHE-RSA-CAMELLIA128-CBC-SHA
-N
# client TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 2
-l DHE-RSA-CAMELLIA128-CBC-SHA
-N
# server TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 2
-l DHE-RSA-CAMELLIA256-CBC-SHA
-N
# client TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 2
-l DHE-RSA-CAMELLIA256-CBC-SHA
-N
# server TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 2
-l DHE-RSA-CAMELLIA128-CBC-SHA256
-N
# client TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 2
-l DHE-RSA-CAMELLIA128-CBC-SHA256
-N
# server TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 2
-l DHE-RSA-CAMELLIA256-CBC-SHA256
-N
# client TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 2
-l DHE-RSA-CAMELLIA256-CBC-SHA256
-N
# server TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 3
-l DHE-RSA-CAMELLIA128-CBC-SHA
-N
# client TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 3
-l DHE-RSA-CAMELLIA128-CBC-SHA
-N
# server TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 3
-l DHE-RSA-CAMELLIA256-CBC-SHA
-N
# client TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 3
-l DHE-RSA-CAMELLIA256-CBC-SHA
-N
# server TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 3
-l DHE-RSA-CAMELLIA128-CBC-SHA256
-N
# client TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 3
-l DHE-RSA-CAMELLIA128-CBC-SHA256
-N
# server TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 3
-l DHE-RSA-CAMELLIA256-CBC-SHA256
-N
# client TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 3
-l DHE-RSA-CAMELLIA256-CBC-SHA256
-N

216
tests/test-camellia.conf Normal file
View File

@ -0,0 +1,216 @@
# server TLSv1 RSA-CAMELLIA128-CBC-SHA
-v 1
-l RSA-CAMELLIA128-CBC-SHA
# client TLSv1 RSA-CAMELLIA128-CBC-SHA
-v 1
-l RSA-CAMELLIA128-CBC-SHA
# server TLSv1 RSA-CAMELLIA256-CBC-SHA
-v 1
-l RSA-CAMELLIA256-CBC-SHA
# client TLSv1 RSA-CAMELLIA256-CBC-SHA
-v 1
-l RSA-CAMELLIA256-CBC-SHA
# server TLSv1 RSA-CAMELLIA128-CBC-SHA256
-v 1
-l RSA-CAMELLIA128-CBC-SHA256
# client TLSv1 RSA-CAMELLIA128-CBC-SHA256
-v 1
-l RSA-CAMELLIA128-CBC-SHA256
# server TLSv1 RSA-CAMELLIA256-CBC-SHA256
-v 1
-l RSA-CAMELLIA256-CBC-SHA256
# client TLSv1 RSA-CAMELLIA256-CBC-SHA256
-v 1
-l RSA-CAMELLIA256-CBC-SHA256
# server TLSv1.1 RSA-CAMELLIA128-CBC-SHA
-v 2
-l RSA-CAMELLIA128-CBC-SHA
# client TLSv1.1 RSA-CAMELLIA128-CBC-SHA
-v 2
-l RSA-CAMELLIA128-CBC-SHA
# server TLSv1.1 RSA-CAMELLIA256-CBC-SHA
-v 2
-l RSA-CAMELLIA256-CBC-SHA
# client TLSv1.1 RSA-CAMELLIA256-CBC-SHA
-v 2
-l RSA-CAMELLIA256-CBC-SHA
# server TLSv1.1 RSA-CAMELLIA128-CBC-SHA256
-v 2
-l RSA-CAMELLIA128-CBC-SHA256
# client TLSv1.1 RSA-CAMELLIA128-CBC-SHA256
-v 2
-l RSA-CAMELLIA128-CBC-SHA256
# server TLSv1.1 RSA-CAMELLIA256-CBC-SHA256
-v 2
-l RSA-CAMELLIA256-CBC-SHA256
# client TLSv1.1 RSA-CAMELLIA256-CBC-SHA256
-v 2
-l RSA-CAMELLIA256-CBC-SHA256
# server TLSv1.2 RSA-CAMELLIA128-CBC-SHA
-v 3
-l RSA-CAMELLIA128-CBC-SHA
# client TLSv1.2 RSA-CAMELLIA128-CBC-SHA
-v 3
-l RSA-CAMELLIA128-CBC-SHA
# server TLSv1.2 RSA-CAMELLIA256-CBC-SHA
-v 3
-l RSA-CAMELLIA256-CBC-SHA
# client TLSv1.2 RSA-CAMELLIA256-CBC-SHA
-v 3
-l RSA-CAMELLIA256-CBC-SHA
# server TLSv1.2 RSA-CAMELLIA128-CBC-SHA256
-v 3
-l RSA-CAMELLIA128-CBC-SHA256
# client TLSv1.2 RSA-CAMELLIA128-CBC-SHA256
-v 3
-l RSA-CAMELLIA128-CBC-SHA256
# server TLSv1.2 RSA-CAMELLIA256-CBC-SHA256
-v 3
-l RSA-CAMELLIA256-CBC-SHA256
# client TLSv1.2 RSA-CAMELLIA256-CBC-SHA256
-v 3
-l RSA-CAMELLIA256-CBC-SHA256
# server TLSv1 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 1
-l RSA-CAMELLIA128-CBC-SHA
-N
# client TLSv1 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 1
-l RSA-CAMELLIA128-CBC-SHA
-N
# server TLSv1 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 1
-l RSA-CAMELLIA256-CBC-SHA
-N
# client TLSv1 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 1
-l RSA-CAMELLIA256-CBC-SHA
-N
# server TLSv1 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 1
-l RSA-CAMELLIA128-CBC-SHA256
-N
# client TLSv1 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 1
-l RSA-CAMELLIA128-CBC-SHA256
-N
# server TLSv1 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 1
-l RSA-CAMELLIA256-CBC-SHA256
-N
# client TLSv1 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 1
-l RSA-CAMELLIA256-CBC-SHA256
-N
# server TLSv1.1 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 2
-l RSA-CAMELLIA128-CBC-SHA
-N
# client TLSv1.1 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 2
-l RSA-CAMELLIA128-CBC-SHA
-N
# server TLSv1.1 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 2
-l RSA-CAMELLIA256-CBC-SHA
-N
# client TLSv1.1 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 2
-l RSA-CAMELLIA256-CBC-SHA
-N
# server TLSv1.1 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 2
-l RSA-CAMELLIA128-CBC-SHA256
-N
# client TLSv1.1 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 2
-l RSA-CAMELLIA128-CBC-SHA256
-N
# server TLSv1.1 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 2
-l RSA-CAMELLIA256-CBC-SHA256
-N
# client TLSv1.1 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 2
-l RSA-CAMELLIA256-CBC-SHA256
-N
# server TLSv1.2 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 3
-l RSA-CAMELLIA128-CBC-SHA
-N
# client TLSv1.2 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING
-v 3
-l RSA-CAMELLIA128-CBC-SHA
-N
# server TLSv1.2 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 3
-l RSA-CAMELLIA256-CBC-SHA
-N
# client TLSv1.2 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING
-v 3
-l RSA-CAMELLIA256-CBC-SHA
-N
# server TLSv1.2 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 3
-l RSA-CAMELLIA128-CBC-SHA256
-N
# client TLSv1.2 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING
-v 3
-l RSA-CAMELLIA128-CBC-SHA256
-N
# server TLSv1.2 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 3
-l RSA-CAMELLIA256-CBC-SHA256
-N
# client TLSv1.2 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING
-v 3
-l RSA-CAMELLIA256-CBC-SHA256
-N