Merge remote-tracking branch 'public/pr/1410' into development
This commit is contained in:
commit
246cb05a92
28 changed files with 3015 additions and 21 deletions
|
@ -2,6 +2,10 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
|||
|
||||
= mbed TLS x.x.x branch released xxxx-xx-xx
|
||||
|
||||
Features
|
||||
* Add support for ARIA cipher (RFC 5794) and associated TLS ciphersuites
|
||||
(RFC 6209). Disabled by default, see MBEDTLS_ARIA_C in config.h
|
||||
|
||||
API Changes
|
||||
* Extend the platform module with a util component that contains
|
||||
functionality shared by multiple Mbed TLS modules. At this stage
|
||||
|
|
|
@ -310,7 +310,49 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
|
|||
* must use the context initialized with mbedtls_aes_setkey_enc()
|
||||
* for both #MBEDTLS_AES_ENCRYPT and #MBEDTLS_AES_DECRYPT.
|
||||
*
|
||||
* \warning You must keep the maximum use of your counter in mind.
|
||||
* \warning You must never reuse a nonce value with the same key. Doing so
|
||||
* would void the encryption for the two messages encrypted with
|
||||
* the same nonce and key.
|
||||
*
|
||||
* There are two common strategies for managing nonces with CTR:
|
||||
*
|
||||
* 1. You can handle everything as a single message processed over
|
||||
* successive calls to this function. In that case, you want to
|
||||
* set \p nonce_counter and \p nc_off to 0 for the first call, and
|
||||
* then preserve the values of \p nonce_counter, \p nc_off and \p
|
||||
* stream_block across calls to this function as they will be
|
||||
* updated by this function.
|
||||
*
|
||||
* With this strategy, you must not encrypt more than 2**128
|
||||
* blocks of data with the same key.
|
||||
*
|
||||
* 2. You can encrypt separate messages by dividing the \p
|
||||
* nonce_counter buffer in two areas: the first one used for a
|
||||
* per-message nonce, handled by yourself, and the second one
|
||||
* updated by this function internally.
|
||||
*
|
||||
* For example, you might reserve the first 12 bytes for the
|
||||
* per-message nonce, and the last 4 bytes for internal use. In that
|
||||
* case, before calling this function on a new message you need to
|
||||
* set the first 12 bytes of \p nonce_counter to your chosen nonce
|
||||
* value, the last 4 to 0, and \p nc_off to 0 (which will cause \p
|
||||
* stream_block to be ignored). That way, you can encrypt at most
|
||||
* 2**96 messages of up to 2**32 blocks each with the same key.
|
||||
*
|
||||
* The per-message nonce (or information sufficient to reconstruct
|
||||
* it) needs to be communicated with the ciphertext and must be unique.
|
||||
* The recommended way to ensure uniqueness is to use a message
|
||||
* counter. An alternative is to generate random nonces, but this
|
||||
* limits the number of messages that can be securely encrypted:
|
||||
* for example, with 96-bit random nonces, you should not encrypt
|
||||
* more than 2**32 messages with the same key.
|
||||
*
|
||||
* Note that for both stategies, sizes are measured in blocks and
|
||||
* that an AES block is 16 bytes.
|
||||
*
|
||||
* \warning Upon return, \p stream_block contains sensitive data. Its
|
||||
* content must not be written to insecure storage and should be
|
||||
* securely discarded as soon as it's no longer needed.
|
||||
*
|
||||
* \param ctx The AES context to use for encryption or decryption.
|
||||
* \param length The length of the input data.
|
||||
|
|
331
include/mbedtls/aria.h
Normal file
331
include/mbedtls/aria.h
Normal file
|
@ -0,0 +1,331 @@
|
|||
/**
|
||||
* \file aria.h
|
||||
*
|
||||
* \brief ARIA block cipher
|
||||
*
|
||||
* The ARIA algorithm is a symmetric block cipher that can encrypt and
|
||||
* decrypt information. It is defined by the Korean Agency for
|
||||
* Technology and Standards (KATS) in <em>KS X 1213:2004</em> (in
|
||||
* Korean, but see http://210.104.33.10/ARIA/index-e.html in English)
|
||||
* and also described by the IETF in <em>RFC 5794</em>.
|
||||
*/
|
||||
/* Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
* not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_ARIA_H
|
||||
#define MBEDTLS_ARIA_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#define MBEDTLS_ARIA_ENCRYPT 1 /**< ARIA encryption. */
|
||||
#define MBEDTLS_ARIA_DECRYPT 0 /**< ARIA decryption. */
|
||||
|
||||
#define MBEDTLS_ARIA_BLOCKSIZE 16 /**< ARIA block size in bytes. */
|
||||
#define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maxiumum number of rounds in ARIA. */
|
||||
#define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */
|
||||
|
||||
#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH -0x005C /**< Invalid key length. */
|
||||
#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E /**< Invalid data input length. */
|
||||
#define MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE -0x005A /**< Feature not available. For example, an unsupported ARIA key size. */
|
||||
#define MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED -0x0058 /**< ARIA hardware accelerator failed. */
|
||||
|
||||
#if !defined(MBEDTLS_ARIA_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief The ARIA context-type definition.
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
unsigned char nr; /*!< The number of rounds (12, 14 or 16) */
|
||||
/*! The ARIA round keys. */
|
||||
uint32_t rk[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4];
|
||||
}
|
||||
mbedtls_aria_context;
|
||||
|
||||
#else /* MBEDTLS_ARIA_ALT */
|
||||
#include "aria_alt.h"
|
||||
#endif /* MBEDTLS_ARIA_ALT */
|
||||
|
||||
/**
|
||||
* \brief This function initializes the specified ARIA context.
|
||||
*
|
||||
* It must be the first API called before using
|
||||
* the context.
|
||||
*
|
||||
* \param ctx The ARIA context to initialize.
|
||||
*/
|
||||
void mbedtls_aria_init( mbedtls_aria_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief This function releases and clears the specified ARIA context.
|
||||
*
|
||||
* \param ctx The ARIA context to clear.
|
||||
*/
|
||||
void mbedtls_aria_free( mbedtls_aria_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief This function sets the encryption key.
|
||||
*
|
||||
* \param ctx The ARIA context to which the key should be bound.
|
||||
* \param key The encryption key.
|
||||
* \param keybits The size of data passed in bits. Valid options are:
|
||||
* <ul><li>128 bits</li>
|
||||
* <li>192 bits</li>
|
||||
* <li>256 bits</li></ul>
|
||||
*
|
||||
* \return \c 0 on success or #MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH
|
||||
* on failure.
|
||||
*/
|
||||
int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
|
||||
const unsigned char *key,
|
||||
unsigned int keybits );
|
||||
|
||||
/**
|
||||
* \brief This function sets the decryption key.
|
||||
*
|
||||
* \param ctx The ARIA context to which the key should be bound.
|
||||
* \param key The decryption key.
|
||||
* \param keybits The size of data passed. Valid options are:
|
||||
* <ul><li>128 bits</li>
|
||||
* <li>192 bits</li>
|
||||
* <li>256 bits</li></ul>
|
||||
*
|
||||
* \return \c 0 on success, or #MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH on failure.
|
||||
*/
|
||||
int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
|
||||
const unsigned char *key,
|
||||
unsigned int keybits );
|
||||
|
||||
/**
|
||||
* \brief This function performs an ARIA single-block encryption or
|
||||
* decryption operation.
|
||||
*
|
||||
* It performs encryption or decryption (depending on whether
|
||||
* the key was set for encryption on decryption) on the input
|
||||
* data buffer defined in the \p input parameter.
|
||||
*
|
||||
* mbedtls_aria_init(), and either mbedtls_aria_setkey_enc() or
|
||||
* mbedtls_aria_setkey_dec() must be called before the first
|
||||
* call to this API with the same context.
|
||||
*
|
||||
* \param ctx The ARIA context to use for encryption or decryption.
|
||||
* \param input The 16-Byte buffer holding the input data.
|
||||
* \param output The 16-Byte buffer holding the output data.
|
||||
|
||||
* \return \c 0 on success.
|
||||
*/
|
||||
int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
|
||||
const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
|
||||
unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] );
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
/**
|
||||
* \brief This function performs an ARIA-CBC encryption or decryption operation
|
||||
* on full blocks.
|
||||
*
|
||||
* It performs the operation defined in the \p mode
|
||||
* parameter (encrypt/decrypt), on the input data buffer defined in
|
||||
* the \p input parameter.
|
||||
*
|
||||
* It can be called as many times as needed, until all the input
|
||||
* data is processed. mbedtls_aria_init(), and either
|
||||
* mbedtls_aria_setkey_enc() or mbedtls_aria_setkey_dec() must be called
|
||||
* before the first call to this API with the same context.
|
||||
*
|
||||
* \note This function operates on aligned blocks, that is, the input size
|
||||
* must be a multiple of the ARIA block size of 16 Bytes.
|
||||
*
|
||||
* \note Upon exit, the content of the IV is updated so that you can
|
||||
* call the same function again on the next
|
||||
* block(s) of data and get the same result as if it was
|
||||
* encrypted in one call. This allows a "streaming" usage.
|
||||
* If you need to retain the contents of the IV, you should
|
||||
* either save it manually or use the cipher module instead.
|
||||
*
|
||||
*
|
||||
* \param ctx The ARIA context to use for encryption or decryption.
|
||||
* \param mode The ARIA operation: #MBEDTLS_ARIA_ENCRYPT or
|
||||
* #MBEDTLS_ARIA_DECRYPT.
|
||||
* \param length The length of the input data in Bytes. This must be a
|
||||
* multiple of the block size (16 Bytes).
|
||||
* \param iv Initialization vector (updated after use).
|
||||
* \param input The buffer holding the input data.
|
||||
* \param output The buffer holding the output data.
|
||||
*
|
||||
* \return \c 0 on success, or #MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH
|
||||
* on failure.
|
||||
*/
|
||||
int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
/**
|
||||
* \brief This function performs an ARIA-CFB128 encryption or decryption
|
||||
* operation.
|
||||
*
|
||||
* It performs the operation defined in the \p mode
|
||||
* parameter (encrypt or decrypt), on the input data buffer
|
||||
* defined in the \p input parameter.
|
||||
*
|
||||
* For CFB, you must set up the context with mbedtls_aria_setkey_enc(),
|
||||
* regardless of whether you are performing an encryption or decryption
|
||||
* operation, that is, regardless of the \p mode parameter. This is
|
||||
* because CFB mode uses the same key schedule for encryption and
|
||||
* decryption.
|
||||
*
|
||||
* \note Upon exit, the content of the IV is updated so that you can
|
||||
* call the same function again on the next
|
||||
* block(s) of data and get the same result as if it was
|
||||
* encrypted in one call. This allows a "streaming" usage.
|
||||
* If you need to retain the contents of the
|
||||
* IV, you must either save it manually or use the cipher
|
||||
* module instead.
|
||||
*
|
||||
*
|
||||
* \param ctx The ARIA context to use for encryption or decryption.
|
||||
* \param mode The ARIA operation: #MBEDTLS_ARIA_ENCRYPT or
|
||||
* #MBEDTLS_ARIA_DECRYPT.
|
||||
* \param length The length of the input data.
|
||||
* \param iv_off The offset in IV (updated after use).
|
||||
* \param iv The initialization vector (updated after use).
|
||||
* \param input The buffer holding the input data.
|
||||
* \param output The buffer holding the output data.
|
||||
*
|
||||
* \return \c 0 on success.
|
||||
*/
|
||||
int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
size_t *iv_off,
|
||||
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CFB */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||
/**
|
||||
* \brief This function performs an ARIA-CTR encryption or decryption
|
||||
* operation.
|
||||
*
|
||||
* This function performs the operation defined in the \p mode
|
||||
* parameter (encrypt/decrypt), on the input data buffer
|
||||
* defined in the \p input parameter.
|
||||
*
|
||||
* Due to the nature of CTR, you must use the same key schedule
|
||||
* for both encryption and decryption operations. Therefore, you
|
||||
* must use the context initialized with mbedtls_aria_setkey_enc()
|
||||
* for both #MBEDTLS_ARIA_ENCRYPT and #MBEDTLS_ARIA_DECRYPT.
|
||||
*
|
||||
* \warning You must never reuse a nonce value with the same key. Doing so
|
||||
* would void the encryption for the two messages encrypted with
|
||||
* the same nonce and key.
|
||||
*
|
||||
* There are two common strategies for managing nonces with CTR:
|
||||
*
|
||||
* 1. You can handle everything as a single message processed over
|
||||
* successive calls to this function. In that case, you want to
|
||||
* set \p nonce_counter and \p nc_off to 0 for the first call, and
|
||||
* then preserve the values of \p nonce_counter, \p nc_off and \p
|
||||
* stream_block across calls to this function as they will be
|
||||
* updated by this function.
|
||||
*
|
||||
* With this strategy, you must not encrypt more than 2**128
|
||||
* blocks of data with the same key.
|
||||
*
|
||||
* 2. You can encrypt separate messages by dividing the \p
|
||||
* nonce_counter buffer in two areas: the first one used for a
|
||||
* per-message nonce, handled by yourself, and the second one
|
||||
* updated by this function internally.
|
||||
*
|
||||
* For example, you might reserve the first 12 bytes for the
|
||||
* per-message nonce, and the last 4 bytes for internal use. In that
|
||||
* case, before calling this function on a new message you need to
|
||||
* set the first 12 bytes of \p nonce_counter to your chosen nonce
|
||||
* value, the last 4 to 0, and \p nc_off to 0 (which will cause \p
|
||||
* stream_block to be ignored). That way, you can encrypt at most
|
||||
* 2**96 messages of up to 2**32 blocks each with the same key.
|
||||
*
|
||||
* The per-message nonce (or information sufficient to reconstruct
|
||||
* it) needs to be communicated with the ciphertext and must be unique.
|
||||
* The recommended way to ensure uniqueness is to use a message
|
||||
* counter. An alternative is to generate random nonces, but this
|
||||
* limits the number of messages that can be securely encrypted:
|
||||
* for example, with 96-bit random nonces, you should not encrypt
|
||||
* more than 2**32 messages with the same key.
|
||||
*
|
||||
* Note that for both stategies, sizes are measured in blocks and
|
||||
* that an ARIA block is 16 bytes.
|
||||
*
|
||||
* \warning Upon return, \p stream_block contains sensitive data. Its
|
||||
* content must not be written to insecure storage and should be
|
||||
* securely discarded as soon as it's no longer needed.
|
||||
*
|
||||
* \param ctx The ARIA context to use for encryption or decryption.
|
||||
* \param length The length of the input data.
|
||||
* \param nc_off The offset in the current \p stream_block, for
|
||||
* resuming within the current cipher stream. The
|
||||
* offset pointer should be 0 at the start of a stream.
|
||||
* \param nonce_counter The 128-bit nonce and counter.
|
||||
* \param stream_block The saved stream block for resuming. This is
|
||||
* overwritten by the function.
|
||||
* \param input The buffer holding the input data.
|
||||
* \param output The buffer holding the output data.
|
||||
*
|
||||
* \return \c 0 on success.
|
||||
*/
|
||||
int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
|
||||
size_t length,
|
||||
size_t *nc_off,
|
||||
unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
|
||||
unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CTR */
|
||||
|
||||
#if defined(MBEDTLS_SELF_TEST)
|
||||
/**
|
||||
* \brief Checkup routine.
|
||||
*
|
||||
* \return \c 0 on success, or \c 1 on failure.
|
||||
*/
|
||||
int mbedtls_aria_self_test( int verbose );
|
||||
#endif /* MBEDTLS_SELF_TEST */
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* aria.h */
|
|
@ -174,7 +174,46 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
|
|||
/**
|
||||
* \brief Blowfish-CTR buffer encryption/decryption
|
||||
*
|
||||
* Warning: You have to keep the maximum use of your counter in mind!
|
||||
* \warning You must never reuse a nonce value with the same key. Doing so
|
||||
* would void the encryption for the two messages encrypted with
|
||||
* the same nonce and key.
|
||||
*
|
||||
* There are two common strategies for managing nonces with CTR:
|
||||
*
|
||||
* 1. You can handle everything as a single message processed over
|
||||
* successive calls to this function. In that case, you want to
|
||||
* set \p nonce_counter and \p nc_off to 0 for the first call, and
|
||||
* then preserve the values of \p nonce_counter, \p nc_off and \p
|
||||
* stream_block across calls to this function as they will be
|
||||
* updated by this function.
|
||||
*
|
||||
* With this strategy, you must not encrypt more than 2**64
|
||||
* blocks of data with the same key.
|
||||
*
|
||||
* 2. You can encrypt separate messages by dividing the \p
|
||||
* nonce_counter buffer in two areas: the first one used for a
|
||||
* per-message nonce, handled by yourself, and the second one
|
||||
* updated by this function internally.
|
||||
*
|
||||
* For example, you might reserve the first 4 bytes for the
|
||||
* per-message nonce, and the last 4 bytes for internal use. In that
|
||||
* case, before calling this function on a new message you need to
|
||||
* set the first 4 bytes of \p nonce_counter to your chosen nonce
|
||||
* value, the last 4 to 0, and \p nc_off to 0 (which will cause \p
|
||||
* stream_block to be ignored). That way, you can encrypt at most
|
||||
* 2**32 messages of up to 2**32 blocks each with the same key.
|
||||
*
|
||||
* The per-message nonce (or information sufficient to reconstruct
|
||||
* it) needs to be communicated with the ciphertext and must be unique.
|
||||
* The recommended way to ensure uniqueness is to use a message
|
||||
* counter.
|
||||
*
|
||||
* Note that for both stategies, sizes are measured in blocks and
|
||||
* that a Blowfish block is 8 bytes.
|
||||
*
|
||||
* \warning Upon return, \p stream_block contains sensitive data. Its
|
||||
* content must not be written to insecure storage and should be
|
||||
* securely discarded as soon as it's no longer needed.
|
||||
*
|
||||
* \param ctx Blowfish context
|
||||
* \param length The length of the data
|
||||
|
|
|
@ -187,12 +187,54 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
|
|||
/**
|
||||
* \brief CAMELLIA-CTR buffer encryption/decryption
|
||||
*
|
||||
* Warning: You have to keep the maximum use of your counter in mind!
|
||||
*
|
||||
* Note: Due to the nature of CTR you should use the same key schedule for
|
||||
* both encryption and decryption. So a context initialized with
|
||||
* mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and MBEDTLS_CAMELLIA_DECRYPT.
|
||||
*
|
||||
* \warning You must never reuse a nonce value with the same key. Doing so
|
||||
* would void the encryption for the two messages encrypted with
|
||||
* the same nonce and key.
|
||||
*
|
||||
* There are two common strategies for managing nonces with CTR:
|
||||
*
|
||||
* 1. You can handle everything as a single message processed over
|
||||
* successive calls to this function. In that case, you want to
|
||||
* set \p nonce_counter and \p nc_off to 0 for the first call, and
|
||||
* then preserve the values of \p nonce_counter, \p nc_off and \p
|
||||
* stream_block across calls to this function as they will be
|
||||
* updated by this function.
|
||||
*
|
||||
* With this strategy, you must not encrypt more than 2**128
|
||||
* blocks of data with the same key.
|
||||
*
|
||||
* 2. You can encrypt separate messages by dividing the \p
|
||||
* nonce_counter buffer in two areas: the first one used for a
|
||||
* per-message nonce, handled by yourself, and the second one
|
||||
* updated by this function internally.
|
||||
*
|
||||
* For example, you might reserve the first 12 bytes for the
|
||||
* per-message nonce, and the last 4 bytes for internal use. In that
|
||||
* case, before calling this function on a new message you need to
|
||||
* set the first 12 bytes of \p nonce_counter to your chosen nonce
|
||||
* value, the last 4 to 0, and \p nc_off to 0 (which will cause \p
|
||||
* stream_block to be ignored). That way, you can encrypt at most
|
||||
* 2**96 messages of up to 2**32 blocks each with the same key.
|
||||
*
|
||||
* The per-message nonce (or information sufficient to reconstruct
|
||||
* it) needs to be communicated with the ciphertext and must be unique.
|
||||
* The recommended way to ensure uniqueness is to use a message
|
||||
* counter. An alternative is to generate random nonces, but this
|
||||
* limits the number of messages that can be securely encrypted:
|
||||
* for example, with 96-bit random nonces, you should not encrypt
|
||||
* more than 2**32 messages with the same key.
|
||||
*
|
||||
* Note that for both stategies, sizes are measured in blocks and
|
||||
* that a CAMELLIA block is 16 bytes.
|
||||
*
|
||||
* \warning Upon return, \p stream_block contains sensitive data. Its
|
||||
* content must not be written to insecure storage and should be
|
||||
* securely discarded as soon as it's no longer needed.
|
||||
*
|
||||
* \param ctx CAMELLIA context
|
||||
* \param length The length of the data
|
||||
* \param nc_off The offset in the current stream_block (for resuming
|
||||
|
|
|
@ -86,6 +86,7 @@ typedef enum {
|
|||
MBEDTLS_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */
|
||||
MBEDTLS_CIPHER_ID_BLOWFISH, /**< The Blowfish cipher. */
|
||||
MBEDTLS_CIPHER_ID_ARC4, /**< The RC4 cipher. */
|
||||
MBEDTLS_CIPHER_ID_ARIA, /**< The Aria cipher. */
|
||||
} mbedtls_cipher_id_t;
|
||||
|
||||
/**
|
||||
|
@ -145,6 +146,24 @@ typedef enum {
|
|||
MBEDTLS_CIPHER_CAMELLIA_128_CCM, /**< Camellia cipher with 128-bit CCM mode. */
|
||||
MBEDTLS_CIPHER_CAMELLIA_192_CCM, /**< Camellia cipher with 192-bit CCM mode. */
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_CCM, /**< Camellia cipher with 256-bit CCM mode. */
|
||||
MBEDTLS_CIPHER_ARIA_128_ECB, /**< Aria cipher with 128-bit key and ECB mode. */
|
||||
MBEDTLS_CIPHER_ARIA_192_ECB, /**< Aria cipher with 192-bit key and ECB mode. */
|
||||
MBEDTLS_CIPHER_ARIA_256_ECB, /**< Aria cipher with 256-bit key and ECB mode. */
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, /**< Aria cipher with 128-bit key and CBC mode. */
|
||||
MBEDTLS_CIPHER_ARIA_192_CBC, /**< Aria cipher with 192-bit key and CBC mode. */
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, /**< Aria cipher with 256-bit key and CBC mode. */
|
||||
MBEDTLS_CIPHER_ARIA_128_CFB128, /**< Aria cipher with 128-bit key and CFB-128 mode. */
|
||||
MBEDTLS_CIPHER_ARIA_192_CFB128, /**< Aria cipher with 192-bit key and CFB-128 mode. */
|
||||
MBEDTLS_CIPHER_ARIA_256_CFB128, /**< Aria cipher with 256-bit key and CFB-128 mode. */
|
||||
MBEDTLS_CIPHER_ARIA_128_CTR, /**< Aria cipher with 128-bit key and CTR mode. */
|
||||
MBEDTLS_CIPHER_ARIA_192_CTR, /**< Aria cipher with 192-bit key and CTR mode. */
|
||||
MBEDTLS_CIPHER_ARIA_256_CTR, /**< Aria cipher with 256-bit key and CTR mode. */
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, /**< Aria cipher with 128-bit key and GCM mode. */
|
||||
MBEDTLS_CIPHER_ARIA_192_GCM, /**< Aria cipher with 192-bit key and GCM mode. */
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, /**< Aria cipher with 256-bit key and GCM mode. */
|
||||
MBEDTLS_CIPHER_ARIA_128_CCM, /**< Aria cipher with 128-bit key and CCM mode. */
|
||||
MBEDTLS_CIPHER_ARIA_192_CCM, /**< Aria cipher with 192-bit key and CCM mode. */
|
||||
MBEDTLS_CIPHER_ARIA_256_CCM, /**< Aria cipher with 256-bit key and CCM mode. */
|
||||
} mbedtls_cipher_type_t;
|
||||
|
||||
/** Supported cipher modes. */
|
||||
|
|
|
@ -48,10 +48,14 @@
|
|||
* Requires support for asm() in compiler.
|
||||
*
|
||||
* Used in:
|
||||
* library/aria.c
|
||||
* library/timing.c
|
||||
* library/padlock.c
|
||||
* include/mbedtls/bn_mul.h
|
||||
*
|
||||
* Required by:
|
||||
* MBEDTLS_AESNI_C
|
||||
* MBEDTLS_PADLOCK_C
|
||||
*
|
||||
* Comment to disable the use of assembly code.
|
||||
*/
|
||||
#define MBEDTLS_HAVE_ASM
|
||||
|
@ -271,6 +275,7 @@
|
|||
*/
|
||||
//#define MBEDTLS_AES_ALT
|
||||
//#define MBEDTLS_ARC4_ALT
|
||||
//#define MBEDTLS_ARIA_ALT
|
||||
//#define MBEDTLS_BLOWFISH_ALT
|
||||
//#define MBEDTLS_CAMELLIA_ALT
|
||||
//#define MBEDTLS_CCM_ALT
|
||||
|
@ -288,6 +293,7 @@
|
|||
//#define MBEDTLS_SHA256_ALT
|
||||
//#define MBEDTLS_SHA512_ALT
|
||||
//#define MBEDTLS_XTEA_ALT
|
||||
|
||||
/*
|
||||
* When replacing the elliptic curve module, pleace consider, that it is
|
||||
* implemented with two .c files:
|
||||
|
@ -1617,7 +1623,7 @@
|
|||
* Enable the AES block cipher.
|
||||
*
|
||||
* Module: library/aes.c
|
||||
* Caller: library/ssl_tls.c
|
||||
* Caller: library/cipher.c
|
||||
* library/pem.c
|
||||
* library/ctr_drbg.c
|
||||
*
|
||||
|
@ -1692,7 +1698,7 @@
|
|||
* Enable the ARCFOUR stream cipher.
|
||||
*
|
||||
* Module: library/arc4.c
|
||||
* Caller: library/ssl_tls.c
|
||||
* Caller: library/cipher.c
|
||||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
|
@ -1786,7 +1792,7 @@
|
|||
* Enable the Camellia block cipher.
|
||||
*
|
||||
* Module: library/camellia.c
|
||||
* Caller: library/ssl_tls.c
|
||||
* Caller: library/cipher.c
|
||||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
|
@ -1835,6 +1841,58 @@
|
|||
*/
|
||||
#define MBEDTLS_CAMELLIA_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_ARIA_C
|
||||
*
|
||||
* Enable the ARIA block cipher.
|
||||
*
|
||||
* Module: library/aria.c
|
||||
* Caller: library/cipher.c
|
||||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
*
|
||||
* MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
|
||||
* MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
|
||||
* MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
|
||||
* MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
|
||||
* MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
|
||||
* MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
|
||||
* MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
|
||||
* MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
|
||||
* MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
|
||||
* MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
|
||||
* MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
|
||||
* MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
|
||||
* MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
|
||||
* MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
|
||||
* MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
|
||||
* MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
|
||||
* MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
|
||||
* MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
|
||||
* MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
|
||||
* MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
|
||||
* MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
|
||||
* MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
|
||||
* MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
|
||||
* MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
|
||||
* MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
|
||||
* MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
|
||||
* MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
|
||||
* MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
|
||||
* MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
|
||||
*/
|
||||
//#define MBEDTLS_ARIA_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_CCM_C
|
||||
*
|
||||
|
@ -1921,7 +1979,7 @@
|
|||
*
|
||||
* Module: library/des.c
|
||||
* Caller: library/pem.c
|
||||
* library/ssl_tls.c
|
||||
* library/cipher.c
|
||||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
|
|
|
@ -63,6 +63,7 @@
|
|||
* CTR_DBRG 4 0x0034-0x003A
|
||||
* ENTROPY 3 0x003C-0x0040 0x003D-0x003F
|
||||
* NET 11 0x0042-0x0052 0x0043-0x0045
|
||||
* ARIA 4 0x0058-0x005E
|
||||
* ASN1 7 0x0060-0x006C
|
||||
* CMAC 1 0x007A-0x007A
|
||||
* PBKDF2 1 0x007C-0x007C
|
||||
|
|
|
@ -169,6 +169,45 @@ extern "C" {
|
|||
#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! No SSL3! */
|
||||
#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! No SSL3! */
|
||||
|
||||
#define MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC044 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC045 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC04B /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC04C /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05F /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0xC062 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070 /**< TLS 1.2 */
|
||||
#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071 /**< TLS 1.2 */
|
||||
|
||||
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */
|
||||
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */
|
||||
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 /**< Not in SSL3! */
|
||||
|
|
|
@ -6,6 +6,7 @@ set(src_crypto
|
|||
aes.c
|
||||
aesni.c
|
||||
arc4.c
|
||||
aria.c
|
||||
asn1parse.c
|
||||
asn1write.c
|
||||
base64.c
|
||||
|
|
|
@ -50,6 +50,7 @@ endif
|
|||
OBJS_CRYPTO= aes.o aesni.o arc4.o \
|
||||
asn1parse.o asn1write.o base64.o \
|
||||
bignum.o blowfish.o camellia.o \
|
||||
aria.o \
|
||||
ccm.o cipher.o cipher_wrap.o \
|
||||
cmac.o ctr_drbg.o des.o \
|
||||
dhm.o ecdh.o ecdsa.o \
|
||||
|
|
1028
library/aria.c
Normal file
1028
library/aria.c
Normal file
File diff suppressed because it is too large
Load diff
|
@ -45,6 +45,10 @@
|
|||
#include "mbedtls/camellia.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ARIA_C)
|
||||
#include "mbedtls/aria.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
#include "mbedtls/des.h"
|
||||
#endif
|
||||
|
@ -822,6 +826,364 @@ static const mbedtls_cipher_info_t camellia_256_ccm_info = {
|
|||
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
#if defined(MBEDTLS_ARIA_C)
|
||||
|
||||
static int aria_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
|
||||
const unsigned char *input, unsigned char *output )
|
||||
{
|
||||
(void) operation;
|
||||
return mbedtls_aria_crypt_ecb( (mbedtls_aria_context *) ctx, input,
|
||||
output );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
static int aria_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation,
|
||||
size_t length, unsigned char *iv,
|
||||
const unsigned char *input, unsigned char *output )
|
||||
{
|
||||
return mbedtls_aria_crypt_cbc( (mbedtls_aria_context *) ctx, operation, length, iv,
|
||||
input, output );
|
||||
}
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
static int aria_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation,
|
||||
size_t length, size_t *iv_off, unsigned char *iv,
|
||||
const unsigned char *input, unsigned char *output )
|
||||
{
|
||||
return mbedtls_aria_crypt_cfb128( (mbedtls_aria_context *) ctx, operation, length,
|
||||
iv_off, iv, input, output );
|
||||
}
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CFB */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||
static int aria_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
|
||||
unsigned char *nonce_counter, unsigned char *stream_block,
|
||||
const unsigned char *input, unsigned char *output )
|
||||
{
|
||||
return mbedtls_aria_crypt_ctr( (mbedtls_aria_context *) ctx, length, nc_off,
|
||||
nonce_counter, stream_block, input, output );
|
||||
}
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CTR */
|
||||
|
||||
static int aria_setkey_dec_wrap( void *ctx, const unsigned char *key,
|
||||
unsigned int key_bitlen )
|
||||
{
|
||||
return mbedtls_aria_setkey_dec( (mbedtls_aria_context *) ctx, key, key_bitlen );
|
||||
}
|
||||
|
||||
static int aria_setkey_enc_wrap( void *ctx, const unsigned char *key,
|
||||
unsigned int key_bitlen )
|
||||
{
|
||||
return mbedtls_aria_setkey_enc( (mbedtls_aria_context *) ctx, key, key_bitlen );
|
||||
}
|
||||
|
||||
static void * aria_ctx_alloc( void )
|
||||
{
|
||||
mbedtls_aria_context *ctx;
|
||||
ctx = mbedtls_calloc( 1, sizeof( mbedtls_aria_context ) );
|
||||
|
||||
if( ctx == NULL )
|
||||
return( NULL );
|
||||
|
||||
mbedtls_aria_init( ctx );
|
||||
|
||||
return( ctx );
|
||||
}
|
||||
|
||||
static void aria_ctx_free( void *ctx )
|
||||
{
|
||||
mbedtls_aria_free( (mbedtls_aria_context *) ctx );
|
||||
mbedtls_free( ctx );
|
||||
}
|
||||
|
||||
static const mbedtls_cipher_base_t aria_info = {
|
||||
MBEDTLS_CIPHER_ID_ARIA,
|
||||
aria_crypt_ecb_wrap,
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
aria_crypt_cbc_wrap,
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
aria_crypt_cfb128_wrap,
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||
aria_crypt_ctr_wrap,
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_STREAM)
|
||||
NULL,
|
||||
#endif
|
||||
aria_setkey_enc_wrap,
|
||||
aria_setkey_dec_wrap,
|
||||
aria_ctx_alloc,
|
||||
aria_ctx_free
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_128_ecb_info = {
|
||||
MBEDTLS_CIPHER_ARIA_128_ECB,
|
||||
MBEDTLS_MODE_ECB,
|
||||
128,
|
||||
"ARIA-128-ECB",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_192_ecb_info = {
|
||||
MBEDTLS_CIPHER_ARIA_192_ECB,
|
||||
MBEDTLS_MODE_ECB,
|
||||
192,
|
||||
"ARIA-192-ECB",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_256_ecb_info = {
|
||||
MBEDTLS_CIPHER_ARIA_256_ECB,
|
||||
MBEDTLS_MODE_ECB,
|
||||
256,
|
||||
"ARIA-256-ECB",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
static const mbedtls_cipher_info_t aria_128_cbc_info = {
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC,
|
||||
MBEDTLS_MODE_CBC,
|
||||
128,
|
||||
"ARIA-128-CBC",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_192_cbc_info = {
|
||||
MBEDTLS_CIPHER_ARIA_192_CBC,
|
||||
MBEDTLS_MODE_CBC,
|
||||
192,
|
||||
"ARIA-192-CBC",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_256_cbc_info = {
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC,
|
||||
MBEDTLS_MODE_CBC,
|
||||
256,
|
||||
"ARIA-256-CBC",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
static const mbedtls_cipher_info_t aria_128_cfb128_info = {
|
||||
MBEDTLS_CIPHER_ARIA_128_CFB128,
|
||||
MBEDTLS_MODE_CFB,
|
||||
128,
|
||||
"ARIA-128-CFB128",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_192_cfb128_info = {
|
||||
MBEDTLS_CIPHER_ARIA_192_CFB128,
|
||||
MBEDTLS_MODE_CFB,
|
||||
192,
|
||||
"ARIA-192-CFB128",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_256_cfb128_info = {
|
||||
MBEDTLS_CIPHER_ARIA_256_CFB128,
|
||||
MBEDTLS_MODE_CFB,
|
||||
256,
|
||||
"ARIA-256-CFB128",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CFB */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||
static const mbedtls_cipher_info_t aria_128_ctr_info = {
|
||||
MBEDTLS_CIPHER_ARIA_128_CTR,
|
||||
MBEDTLS_MODE_CTR,
|
||||
128,
|
||||
"ARIA-128-CTR",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_192_ctr_info = {
|
||||
MBEDTLS_CIPHER_ARIA_192_CTR,
|
||||
MBEDTLS_MODE_CTR,
|
||||
192,
|
||||
"ARIA-192-CTR",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_256_ctr_info = {
|
||||
MBEDTLS_CIPHER_ARIA_256_CTR,
|
||||
MBEDTLS_MODE_CTR,
|
||||
256,
|
||||
"ARIA-256-CTR",
|
||||
16,
|
||||
0,
|
||||
16,
|
||||
&aria_info
|
||||
};
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CTR */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
static int gcm_aria_setkey_wrap( void *ctx, const unsigned char *key,
|
||||
unsigned int key_bitlen )
|
||||
{
|
||||
return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA,
|
||||
key, key_bitlen );
|
||||
}
|
||||
|
||||
static const mbedtls_cipher_base_t gcm_aria_info = {
|
||||
MBEDTLS_CIPHER_ID_ARIA,
|
||||
NULL,
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
NULL,
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
NULL,
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||
NULL,
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_STREAM)
|
||||
NULL,
|
||||
#endif
|
||||
gcm_aria_setkey_wrap,
|
||||
gcm_aria_setkey_wrap,
|
||||
gcm_ctx_alloc,
|
||||
gcm_ctx_free,
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_128_gcm_info = {
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM,
|
||||
MBEDTLS_MODE_GCM,
|
||||
128,
|
||||
"ARIA-128-GCM",
|
||||
12,
|
||||
MBEDTLS_CIPHER_VARIABLE_IV_LEN,
|
||||
16,
|
||||
&gcm_aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_192_gcm_info = {
|
||||
MBEDTLS_CIPHER_ARIA_192_GCM,
|
||||
MBEDTLS_MODE_GCM,
|
||||
192,
|
||||
"ARIA-192-GCM",
|
||||
12,
|
||||
MBEDTLS_CIPHER_VARIABLE_IV_LEN,
|
||||
16,
|
||||
&gcm_aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_256_gcm_info = {
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM,
|
||||
MBEDTLS_MODE_GCM,
|
||||
256,
|
||||
"ARIA-256-GCM",
|
||||
12,
|
||||
MBEDTLS_CIPHER_VARIABLE_IV_LEN,
|
||||
16,
|
||||
&gcm_aria_info
|
||||
};
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
|
||||
#if defined(MBEDTLS_CCM_C)
|
||||
static int ccm_aria_setkey_wrap( void *ctx, const unsigned char *key,
|
||||
unsigned int key_bitlen )
|
||||
{
|
||||
return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA,
|
||||
key, key_bitlen );
|
||||
}
|
||||
|
||||
static const mbedtls_cipher_base_t ccm_aria_info = {
|
||||
MBEDTLS_CIPHER_ID_ARIA,
|
||||
NULL,
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
NULL,
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
NULL,
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||
NULL,
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_STREAM)
|
||||
NULL,
|
||||
#endif
|
||||
ccm_aria_setkey_wrap,
|
||||
ccm_aria_setkey_wrap,
|
||||
ccm_ctx_alloc,
|
||||
ccm_ctx_free,
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_128_ccm_info = {
|
||||
MBEDTLS_CIPHER_ARIA_128_CCM,
|
||||
MBEDTLS_MODE_CCM,
|
||||
128,
|
||||
"ARIA-128-CCM",
|
||||
12,
|
||||
MBEDTLS_CIPHER_VARIABLE_IV_LEN,
|
||||
16,
|
||||
&ccm_aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_192_ccm_info = {
|
||||
MBEDTLS_CIPHER_ARIA_192_CCM,
|
||||
MBEDTLS_MODE_CCM,
|
||||
192,
|
||||
"ARIA-192-CCM",
|
||||
12,
|
||||
MBEDTLS_CIPHER_VARIABLE_IV_LEN,
|
||||
16,
|
||||
&ccm_aria_info
|
||||
};
|
||||
|
||||
static const mbedtls_cipher_info_t aria_256_ccm_info = {
|
||||
MBEDTLS_CIPHER_ARIA_256_CCM,
|
||||
MBEDTLS_MODE_CCM,
|
||||
256,
|
||||
"ARIA-256-CCM",
|
||||
12,
|
||||
MBEDTLS_CIPHER_VARIABLE_IV_LEN,
|
||||
16,
|
||||
&ccm_aria_info
|
||||
};
|
||||
#endif /* MBEDTLS_CCM_C */
|
||||
|
||||
#endif /* MBEDTLS_ARIA_C */
|
||||
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
|
||||
static int des_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
|
||||
|
@ -1427,6 +1789,37 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] =
|
|||
#endif
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
#if defined(MBEDTLS_ARIA_C)
|
||||
{ MBEDTLS_CIPHER_ARIA_128_ECB, &aria_128_ecb_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_192_ECB, &aria_192_ecb_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_256_ECB, &aria_256_ecb_info },
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
{ MBEDTLS_CIPHER_ARIA_128_CBC, &aria_128_cbc_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_192_CBC, &aria_192_cbc_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_256_CBC, &aria_256_cbc_info },
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
{ MBEDTLS_CIPHER_ARIA_128_CFB128, &aria_128_cfb128_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_192_CFB128, &aria_192_cfb128_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_256_CFB128, &aria_256_cfb128_info },
|
||||
#endif
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
||||
{ MBEDTLS_CIPHER_ARIA_128_CTR, &aria_128_ctr_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_192_CTR, &aria_192_ctr_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_256_CTR, &aria_256_ctr_info },
|
||||
#endif
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
{ MBEDTLS_CIPHER_ARIA_128_GCM, &aria_128_gcm_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_192_GCM, &aria_192_gcm_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_256_GCM, &aria_256_gcm_info },
|
||||
#endif
|
||||
#if defined(MBEDTLS_CCM_C)
|
||||
{ MBEDTLS_CIPHER_ARIA_128_CCM, &aria_128_ccm_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_192_CCM, &aria_192_ccm_info },
|
||||
{ MBEDTLS_CIPHER_ARIA_256_CCM, &aria_256_ccm_info },
|
||||
#endif
|
||||
#endif /* MBEDTLS_ARIA_C */
|
||||
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
{ MBEDTLS_CIPHER_DES_ECB, &des_ecb_info },
|
||||
{ MBEDTLS_CIPHER_DES_EDE_ECB, &des_ede_ecb_info },
|
||||
|
|
|
@ -49,6 +49,10 @@
|
|||
#include "mbedtls/arc4.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ARIA_C)
|
||||
#include "mbedtls/aria.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_BASE64_C)
|
||||
#include "mbedtls/base64.h"
|
||||
#endif
|
||||
|
@ -585,6 +589,17 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||
mbedtls_snprintf( buf, buflen, "ARC4 - ARC4 hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_ARC4_C */
|
||||
|
||||
#if defined(MBEDTLS_ARIA_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH) )
|
||||
mbedtls_snprintf( buf, buflen, "ARIA - Invalid key length" );
|
||||
if( use_ret == -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH) )
|
||||
mbedtls_snprintf( buf, buflen, "ARIA - Invalid data input length" );
|
||||
if( use_ret == -(MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE) )
|
||||
mbedtls_snprintf( buf, buflen, "ARIA - Feature not available. For example, an unsupported ARIA key size" );
|
||||
if( use_ret == -(MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED) )
|
||||
mbedtls_snprintf( buf, buflen, "ARIA - ARIA hardware accelerator failed" );
|
||||
#endif /* MBEDTLS_ARIA_C */
|
||||
|
||||
#if defined(MBEDTLS_ASN1_PARSE_C)
|
||||
if( use_ret == -(MBEDTLS_ERR_ASN1_OUT_OF_DATA) )
|
||||
mbedtls_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
|
||||
|
|
|
@ -47,7 +47,7 @@
|
|||
* 1. By key exchange:
|
||||
* Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
|
||||
* 2. By key length and cipher:
|
||||
* AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
|
||||
* AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 > 3DES
|
||||
* 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
|
||||
* 4. By hash function used when relevant
|
||||
* 5. By key exchange/auth again: EC > non-EC
|
||||
|
@ -81,6 +81,14 @@ static const int ciphersuite_preference[] =
|
|||
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
|
||||
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||
|
||||
/* All ARIA-256 ephemeral suites */
|
||||
MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
|
||||
MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
|
||||
/* All AES-128 ephemeral suites */
|
||||
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
|
@ -105,6 +113,14 @@ static const int ciphersuite_preference[] =
|
|||
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||
|
||||
/* All ARIA-128 ephemeral suites */
|
||||
MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
/* All remaining >= 128-bit ephemeral suites */
|
||||
MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
|
@ -121,6 +137,9 @@ static const int ciphersuite_preference[] =
|
|||
MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
|
||||
|
@ -132,6 +151,9 @@ static const int ciphersuite_preference[] =
|
|||
MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
|
@ -161,6 +183,14 @@ static const int ciphersuite_preference[] =
|
|||
MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
|
||||
/* All ARIA-256 suites */
|
||||
MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
|
||||
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
|
||||
/* All AES-128 suites */
|
||||
MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
|
||||
|
@ -183,6 +213,14 @@ static const int ciphersuite_preference[] =
|
|||
MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
|
||||
/* All ARIA-128 suites */
|
||||
MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
/* All remaining >= 128-bit suites */
|
||||
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
|
@ -194,12 +232,16 @@ static const int ciphersuite_preference[] =
|
|||
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
|
||||
|
@ -211,6 +253,8 @@ static const int ciphersuite_preference[] =
|
|||
MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
|
||||
MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
|
||||
MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
|
||||
MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
|
||||
|
@ -219,6 +263,8 @@ static const int ciphersuite_preference[] =
|
|||
MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
|
||||
MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
|
||||
MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
|
||||
MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||
|
||||
|
@ -1688,6 +1734,365 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
#endif /* MBEDTLS_DES_C */
|
||||
#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
|
||||
|
||||
#if defined(MBEDTLS_ARIA_C)
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-RSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
|
||||
"TLS-RSA-WITH-ARIA-128-GCM-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-RSA-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
|
||||
"TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-PSK-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-PSK-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
|
||||
"TLS-PSK-WITH-ARIA-128-GCM-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-PSK-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
|
||||
"TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
|
||||
"TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
|
||||
"TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
|
||||
"TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
|
||||
"TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
|
||||
"TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
|
||||
"TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
|
||||
MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||
|
||||
#endif /* MBEDTLS_ARIA_C */
|
||||
|
||||
|
||||
{ 0, "",
|
||||
MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
|
||||
0, 0, 0, 0, 0 }
|
||||
|
|
|
@ -1272,7 +1272,7 @@ static void ssl_mac( mbedtls_md_context_t *md_ctx,
|
|||
|
||||
#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
|
||||
( defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) ) )
|
||||
( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C)) )
|
||||
#define SSL_SOME_MODES_USE_MAC
|
||||
#endif
|
||||
|
||||
|
@ -1473,7 +1473,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
|
|||
else
|
||||
#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) )
|
||||
( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C) )
|
||||
if( mode == MBEDTLS_MODE_CBC )
|
||||
{
|
||||
int ret;
|
||||
|
@ -1589,7 +1589,7 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
else
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C ) */
|
||||
( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C || MBEDTLS_ARIA_C ) */
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
|
@ -1733,7 +1733,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
|
|||
else
|
||||
#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) )
|
||||
( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) || defined(MBEDTLS_ARIA_C) )
|
||||
if( mode == MBEDTLS_MODE_CBC )
|
||||
{
|
||||
/*
|
||||
|
@ -1945,7 +1945,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
else
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C ) */
|
||||
( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C || MBEDTLS_ARIA_C ) */
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
|
|
|
@ -90,6 +90,9 @@ static const char *features[] = {
|
|||
#if defined(MBEDTLS_ARC4_ALT)
|
||||
"MBEDTLS_ARC4_ALT",
|
||||
#endif /* MBEDTLS_ARC4_ALT */
|
||||
#if defined(MBEDTLS_ARIA_ALT)
|
||||
"MBEDTLS_ARIA_ALT",
|
||||
#endif /* MBEDTLS_ARIA_ALT */
|
||||
#if defined(MBEDTLS_BLOWFISH_ALT)
|
||||
"MBEDTLS_BLOWFISH_ALT",
|
||||
#endif /* MBEDTLS_BLOWFISH_ALT */
|
||||
|
@ -531,6 +534,9 @@ static const char *features[] = {
|
|||
#if defined(MBEDTLS_CAMELLIA_C)
|
||||
"MBEDTLS_CAMELLIA_C",
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
#if defined(MBEDTLS_ARIA_C)
|
||||
"MBEDTLS_ARIA_C",
|
||||
#endif /* MBEDTLS_ARIA_C */
|
||||
#if defined(MBEDTLS_CCM_C)
|
||||
"MBEDTLS_CCM_C",
|
||||
#endif /* MBEDTLS_CCM_C */
|
||||
|
|
|
@ -54,21 +54,26 @@ int main( void )
|
|||
#include "mbedtls/sha1.h"
|
||||
#include "mbedtls/sha256.h"
|
||||
#include "mbedtls/sha512.h"
|
||||
|
||||
#include "mbedtls/arc4.h"
|
||||
#include "mbedtls/des.h"
|
||||
#include "mbedtls/aes.h"
|
||||
#include "mbedtls/aria.h"
|
||||
#include "mbedtls/blowfish.h"
|
||||
#include "mbedtls/camellia.h"
|
||||
#include "mbedtls/gcm.h"
|
||||
#include "mbedtls/ccm.h"
|
||||
#include "mbedtls/cmac.h"
|
||||
|
||||
#include "mbedtls/havege.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
#include "mbedtls/hmac_drbg.h"
|
||||
|
||||
#include "mbedtls/rsa.h"
|
||||
#include "mbedtls/dhm.h"
|
||||
#include "mbedtls/ecdsa.h"
|
||||
#include "mbedtls/ecdh.h"
|
||||
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
|
@ -229,7 +234,7 @@ typedef struct {
|
|||
char md4, md5, ripemd160, sha1, sha256, sha512,
|
||||
arc4, des3, des,
|
||||
aes_cbc, aes_gcm, aes_ccm, aes_cmac, des3_cmac,
|
||||
camellia, blowfish,
|
||||
aria, camellia, blowfish,
|
||||
havege, ctr_drbg, hmac_drbg,
|
||||
rsa, dhm, ecdsa, ecdh;
|
||||
} todo_list;
|
||||
|
@ -282,6 +287,8 @@ int main( int argc, char *argv[] )
|
|||
todo.aes_cmac = 1;
|
||||
else if( strcmp( argv[i], "des3_cmac" ) == 0 )
|
||||
todo.des3_cmac = 1;
|
||||
else if( strcmp( argv[i], "aria" ) == 0 )
|
||||
todo.aria = 1;
|
||||
else if( strcmp( argv[i], "camellia" ) == 0 )
|
||||
todo.camellia = 1;
|
||||
else if( strcmp( argv[i], "blowfish" ) == 0 )
|
||||
|
@ -498,6 +505,28 @@ int main( int argc, char *argv[] )
|
|||
#endif /* MBEDTLS_CMAC_C */
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
|
||||
#if defined(MBEDTLS_ARIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
if( todo.aria )
|
||||
{
|
||||
int keysize;
|
||||
mbedtls_aria_context aria;
|
||||
mbedtls_aria_init( &aria );
|
||||
for( keysize = 128; keysize <= 256; keysize += 64 )
|
||||
{
|
||||
mbedtls_snprintf( title, sizeof( title ), "ARIA-CBC-%d", keysize );
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
mbedtls_aria_setkey_enc( &aria, tmp, keysize );
|
||||
|
||||
TIME_AND_TSC( title,
|
||||
mbedtls_aria_crypt_cbc( &aria, MBEDTLS_ARIA_ENCRYPT,
|
||||
BUFSIZE, tmp, buf, buf ) );
|
||||
}
|
||||
mbedtls_aria_free( &aria );
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
if( todo.camellia )
|
||||
{
|
||||
|
|
|
@ -44,6 +44,7 @@
|
|||
#include "mbedtls/des.h"
|
||||
#include "mbedtls/aes.h"
|
||||
#include "mbedtls/camellia.h"
|
||||
#include "mbedtls/aria.h"
|
||||
#include "mbedtls/base64.h"
|
||||
#include "mbedtls/bignum.h"
|
||||
#include "mbedtls/rsa.h"
|
||||
|
@ -225,6 +226,9 @@ const selftest_t selftests[] =
|
|||
#if defined(MBEDTLS_CAMELLIA_C)
|
||||
{"camellia", mbedtls_camellia_self_test},
|
||||
#endif
|
||||
#if defined(MBEDTLS_ARIA_C)
|
||||
{"aria", mbedtls_aria_self_test},
|
||||
#endif
|
||||
#if defined(MBEDTLS_CTR_DRBG_C)
|
||||
{"ctr_drbg", mbedtls_ctr_drbg_self_test},
|
||||
#endif
|
||||
|
|
|
@ -29,7 +29,7 @@ if( @ARGV ) {
|
|||
|
||||
my $error_format_file = $data_dir.'/error.fmt';
|
||||
|
||||
my @low_level_modules = qw( AES ARC4 ASN1 BASE64 BIGNUM BLOWFISH
|
||||
my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH
|
||||
CAMELLIA CCM CMAC CTR_DRBG DES
|
||||
ENTROPY GCM HMAC_DRBG MD2 MD4 MD5
|
||||
NET OID PADLOCK PBKDF2 RIPEMD160
|
||||
|
|
|
@ -83,6 +83,11 @@ if [ -n "${OPENSSL_LEGACY+set}" ]; then
|
|||
echo
|
||||
fi
|
||||
|
||||
if [ -n "${OPENSSL_NEXT+set}" ]; then
|
||||
print_version "$OPENSSL_NEXT" "version" "openssl next version not found!"
|
||||
echo
|
||||
fi
|
||||
|
||||
: ${GNUTLS_CLI:=gnutls-cli}
|
||||
print_version "$GNUTLS_CLI" "--version" "gnuTLS client not found!" "head -n 1"
|
||||
echo
|
||||
|
|
|
@ -49,6 +49,7 @@ add_test_suite(aes aes.cbc)
|
|||
add_test_suite(aes aes.cfb)
|
||||
add_test_suite(aes aes.rest)
|
||||
add_test_suite(arc4)
|
||||
add_test_suite(aria)
|
||||
add_test_suite(asn1write)
|
||||
add_test_suite(base64)
|
||||
add_test_suite(blowfish)
|
||||
|
|
|
@ -50,6 +50,7 @@ APPS = test_suite_aes.ecb$(EXEXT) test_suite_aes.cbc$(EXEXT) \
|
|||
test_suite_arc4$(EXEXT) test_suite_asn1write$(EXEXT) \
|
||||
test_suite_base64$(EXEXT) test_suite_blowfish$(EXEXT) \
|
||||
test_suite_camellia$(EXEXT) test_suite_ccm$(EXEXT) \
|
||||
test_suite_aria$(EXEXT) \
|
||||
test_suite_cmac$(EXEXT) \
|
||||
test_suite_cipher.aes$(EXEXT) \
|
||||
test_suite_cipher.arc4$(EXEXT) test_suite_cipher.ccm$(EXEXT) \
|
||||
|
@ -437,6 +438,10 @@ test_suite_version$(EXEXT): test_suite_version.c $(DEP)
|
|||
echo " CC $<"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
|
||||
|
||||
test_suite_aria$(EXEXT): test_suite_aria.c $(DEP)
|
||||
echo " CC $<"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
|
||||
|
||||
clean:
|
||||
ifndef WINDOWS
|
||||
rm -f $(APPS) *.c
|
||||
|
|
|
@ -53,7 +53,12 @@ MODES="tls1 tls1_1 tls1_2 dtls1 dtls1_2"
|
|||
VERIFIES="NO YES"
|
||||
TYPES="ECDSA RSA PSK"
|
||||
FILTER=""
|
||||
EXCLUDE='NULL\|DES-CBC-\|RC4\|ARCFOUR' # avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL)
|
||||
# exclude:
|
||||
# - NULL: excluded from our default config
|
||||
# - RC4, single-DES: requires legacy OpenSSL/GnuTLS versions
|
||||
# avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL)
|
||||
# - ARIA: not in default config.h + requires OpenSSL >= 1.1.1
|
||||
EXCLUDE='NULL\|DES-CBC-\|RC4\|ARCFOUR\|ARIA'
|
||||
VERBOSE=""
|
||||
MEMCHECK=0
|
||||
PEERS="OpenSSL$PEER_GNUTLS mbedTLS"
|
||||
|
@ -226,6 +231,9 @@ reset_ciphersuites()
|
|||
G_CIPHERS=""
|
||||
}
|
||||
|
||||
# Ciphersuites that can be used with all peers.
|
||||
# Since we currently have three possible peers, each ciphersuite should appear
|
||||
# three times: in each peer's list (with the name that this peer uses).
|
||||
add_common_ciphersuites()
|
||||
{
|
||||
case $TYPE in
|
||||
|
@ -422,6 +430,13 @@ add_common_ciphersuites()
|
|||
esac
|
||||
}
|
||||
|
||||
# Ciphersuites usable only with Mbed TLS and OpenSSL
|
||||
# Each ciphersuite should appear two times, once with its OpenSSL name, once
|
||||
# with its Mbed TLS name.
|
||||
#
|
||||
# NOTE: for some reason RSA-PSK doesn't work with OpenSSL,
|
||||
# so RSA-PSK ciphersuites need to go in other sections, see
|
||||
# https://github.com/ARMmbed/mbedtls/issues/1419
|
||||
add_openssl_ciphersuites()
|
||||
{
|
||||
case $TYPE in
|
||||
|
@ -451,12 +466,16 @@ add_openssl_ciphersuites()
|
|||
TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \
|
||||
TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \
|
||||
TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \
|
||||
TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \
|
||||
TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \
|
||||
"
|
||||
O_CIPHERS="$O_CIPHERS \
|
||||
ECDH-ECDSA-AES128-SHA256 \
|
||||
ECDH-ECDSA-AES256-SHA384 \
|
||||
ECDH-ECDSA-AES128-GCM-SHA256 \
|
||||
ECDH-ECDSA-AES256-GCM-SHA384 \
|
||||
ECDHE-ECDSA-ARIA256-GCM-SHA384 \
|
||||
ECDHE-ECDSA-ARIA128-GCM-SHA256 \
|
||||
"
|
||||
fi
|
||||
;;
|
||||
|
@ -470,13 +489,50 @@ add_openssl_ciphersuites()
|
|||
DES-CBC-SHA \
|
||||
EDH-RSA-DES-CBC-SHA \
|
||||
"
|
||||
if [ `minor_ver "$MODE"` -ge 3 ]
|
||||
then
|
||||
M_CIPHERS="$M_CIPHERS \
|
||||
TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \
|
||||
TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \
|
||||
TLS-RSA-WITH-ARIA-256-GCM-SHA384 \
|
||||
TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \
|
||||
TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \
|
||||
TLS-RSA-WITH-ARIA-128-GCM-SHA256 \
|
||||
"
|
||||
O_CIPHERS="$O_CIPHERS \
|
||||
ECDHE-ARIA256-GCM-SHA384 \
|
||||
DHE-RSA-ARIA256-GCM-SHA384 \
|
||||
ARIA256-GCM-SHA384 \
|
||||
ECDHE-ARIA128-GCM-SHA256 \
|
||||
DHE-RSA-ARIA128-GCM-SHA256 \
|
||||
ARIA128-GCM-SHA256 \
|
||||
"
|
||||
fi
|
||||
;;
|
||||
|
||||
"PSK")
|
||||
if [ `minor_ver "$MODE"` -ge 3 ]
|
||||
then
|
||||
M_CIPHERS="$M_CIPHERS \
|
||||
TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \
|
||||
TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \
|
||||
TLS-PSK-WITH-ARIA-256-GCM-SHA384 \
|
||||
TLS-PSK-WITH-ARIA-128-GCM-SHA256 \
|
||||
"
|
||||
O_CIPHERS="$O_CIPHERS \
|
||||
DHE-PSK-ARIA256-GCM-SHA384 \
|
||||
DHE-PSK-ARIA128-GCM-SHA256 \
|
||||
PSK-ARIA256-GCM-SHA384 \
|
||||
PSK-ARIA128-GCM-SHA256 \
|
||||
"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
# Ciphersuites usable only with Mbed TLS and GnuTLS
|
||||
# Each ciphersuite should appear two times, once with its GnuTLS name, once
|
||||
# with its Mbed TLS name.
|
||||
add_gnutls_ciphersuites()
|
||||
{
|
||||
case $TYPE in
|
||||
|
@ -661,6 +717,9 @@ add_gnutls_ciphersuites()
|
|||
esac
|
||||
}
|
||||
|
||||
# Ciphersuites usable only with Mbed TLS (not currently supported by another
|
||||
# peer usable in this script). This provide only very rudimentaty testing, as
|
||||
# this is not interop testing, but it's better than nothing.
|
||||
add_mbedtls_ciphersuites()
|
||||
{
|
||||
case $TYPE in
|
||||
|
@ -682,12 +741,18 @@ add_mbedtls_ciphersuites()
|
|||
TLS-ECDHE-ECDSA-WITH-AES-256-CCM \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \
|
||||
TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \
|
||||
TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \
|
||||
TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \
|
||||
TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256 \
|
||||
TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384 \
|
||||
TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256 \
|
||||
"
|
||||
fi
|
||||
;;
|
||||
|
||||
"RSA")
|
||||
if [ "$MODE" = "tls1_2" ];
|
||||
if [ `minor_ver "$MODE"` -ge 3 ]
|
||||
then
|
||||
M_CIPHERS="$M_CIPHERS \
|
||||
TLS-RSA-WITH-AES-128-CCM \
|
||||
|
@ -698,6 +763,12 @@ add_mbedtls_ciphersuites()
|
|||
TLS-RSA-WITH-AES-256-CCM-8 \
|
||||
TLS-DHE-RSA-WITH-AES-128-CCM-8 \
|
||||
TLS-DHE-RSA-WITH-AES-256-CCM-8 \
|
||||
TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \
|
||||
TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \
|
||||
TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \
|
||||
TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 \
|
||||
TLS-RSA-WITH-ARIA-256-CBC-SHA384 \
|
||||
TLS-RSA-WITH-ARIA-128-CBC-SHA256 \
|
||||
"
|
||||
fi
|
||||
;;
|
||||
|
@ -715,7 +786,7 @@ add_mbedtls_ciphersuites()
|
|||
TLS-RSA-PSK-WITH-NULL-SHA \
|
||||
"
|
||||
fi
|
||||
if [ "$MODE" = "tls1_2" ];
|
||||
if [ `minor_ver "$MODE"` -ge 3 ]
|
||||
then
|
||||
M_CIPHERS="$M_CIPHERS \
|
||||
TLS-PSK-WITH-AES-128-CCM \
|
||||
|
@ -726,6 +797,16 @@ add_mbedtls_ciphersuites()
|
|||
TLS-PSK-WITH-AES-256-CCM-8 \
|
||||
TLS-DHE-PSK-WITH-AES-128-CCM-8 \
|
||||
TLS-DHE-PSK-WITH-AES-256-CCM-8 \
|
||||
TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \
|
||||
TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \
|
||||
TLS-PSK-WITH-ARIA-256-CBC-SHA384 \
|
||||
TLS-PSK-WITH-ARIA-128-CBC-SHA256 \
|
||||
TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384 \
|
||||
TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256 \
|
||||
TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384 \
|
||||
TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \
|
||||
TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \
|
||||
TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \
|
||||
"
|
||||
fi
|
||||
;;
|
||||
|
|
|
@ -100,6 +100,7 @@ YOTTA=1
|
|||
# Default commands, can be overriden by the environment
|
||||
: ${OPENSSL:="openssl"}
|
||||
: ${OPENSSL_LEGACY:="$OPENSSL"}
|
||||
: ${OPENSSL_NEXT:="$OPENSSL"}
|
||||
: ${GNUTLS_CLI:="gnutls-cli"}
|
||||
: ${GNUTLS_SERV:="gnutls-serv"}
|
||||
: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
|
||||
|
@ -144,6 +145,7 @@ Tool path options:
|
|||
--gnutls-legacy-serv=<GnuTLS_serv_path> GnuTLS server executable to use for legacy tests.
|
||||
--openssl=<OpenSSL_path> OpenSSL executable to use for most tests.
|
||||
--openssl-legacy=<OpenSSL_path> OpenSSL executable to use for legacy tests e.g. SSLv3.
|
||||
--openssl-next=<OpenSSL_path> OpenSSL executable to use for recent things like ARIA
|
||||
EOF
|
||||
}
|
||||
|
||||
|
@ -245,6 +247,7 @@ while [ $# -gt 0 ]; do
|
|||
--no-yotta) YOTTA=0;;
|
||||
--openssl) shift; OPENSSL="$1";;
|
||||
--openssl-legacy) shift; OPENSSL_LEGACY="$1";;
|
||||
--openssl-next) shift; OPENSSL_NEXT="$1";;
|
||||
--out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";;
|
||||
--random-seed) unset SEED;;
|
||||
--release-test|-r) SEED=1;;
|
||||
|
@ -360,6 +363,7 @@ echo "FORCE: $FORCE"
|
|||
echo "SEED: ${SEED-"UNSET"}"
|
||||
echo "OPENSSL: $OPENSSL"
|
||||
echo "OPENSSL_LEGACY: $OPENSSL_LEGACY"
|
||||
echo "OPENSSL_NEXT: $OPENSSL_NEXT"
|
||||
echo "GNUTLS_CLI: $GNUTLS_CLI"
|
||||
echo "GNUTLS_SERV: $GNUTLS_SERV"
|
||||
echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI"
|
||||
|
@ -384,7 +388,8 @@ if [ -n "${SEED-}" ]; then
|
|||
fi
|
||||
|
||||
# Make sure the tools we need are available.
|
||||
check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$GNUTLS_CLI" "$GNUTLS_SERV" \
|
||||
check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \
|
||||
"$GNUTLS_CLI" "$GNUTLS_SERV" \
|
||||
"$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \
|
||||
"arm-none-eabi-gcc" "i686-w64-mingw32-gcc" "gdb"
|
||||
if [ $RUN_ARMCC -ne 0 ]; then
|
||||
|
@ -532,6 +537,9 @@ if_build_succeeded tests/ssl-opt.sh -f Default
|
|||
msg "test: compat.sh RC4, DES & NULL (full config)" # ~ 2 min
|
||||
if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
|
||||
|
||||
msg "test: compat.sh ARIA"
|
||||
if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA'
|
||||
|
||||
msg "test/build: curves.pl (gcc)" # ~ 4 min
|
||||
cleanup
|
||||
record_status tests/scripts/curves.pl
|
||||
|
|
95
tests/suites/test_suite_aria.data
Normal file
95
tests/suites/test_suite_aria.data
Normal file
|
@ -0,0 +1,95 @@
|
|||
ARIA-128-ECB Encrypt - RFC 5794
|
||||
aria_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"00112233445566778899aabbccddeeff":"d718fbd6ab644c739da95f3be6451778":0
|
||||
|
||||
ARIA-128-ECB Decrypt - RFC 5794
|
||||
aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"d718fbd6ab644c739da95f3be6451778":"00112233445566778899aabbccddeeff":0
|
||||
|
||||
ARIA-192-ECB Encrypt - RFC 5794
|
||||
aria_encrypt_ecb:"000102030405060708090a0b0c0d0e0f1011121314151617":"00112233445566778899aabbccddeeff":"26449c1805dbe7aa25a468ce263a9e79":0
|
||||
|
||||
ARIA-192-ECB Decrypt - RFC 5794
|
||||
aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f1011121314151617":"26449c1805dbe7aa25a468ce263a9e79":"00112233445566778899aabbccddeeff":0
|
||||
|
||||
ARIA-256-ECB_Encrypt - RFC 5794
|
||||
aria_encrypt_ecb:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"00112233445566778899aabbccddeeff":"f92bd7c79fb72e2f2b8f80c1972d24fc":0
|
||||
|
||||
ARIA-256-ECB_Decrypt - RFC 5794
|
||||
aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"f92bd7c79fb72e2f2b8f80c1972d24fc":"00112233445566778899aabbccddeeff":0
|
||||
|
||||
ARIA-128-ECB Decrypt - RFC 5794
|
||||
aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"d718fbd6ab644c739da95f3be6451778":"00112233445566778899aabbccddeeff":0
|
||||
|
||||
ARIA-192-ECB Decrypt - RFC 5794
|
||||
aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f1011121314151617":"26449c1805dbe7aa25a468ce263a9e79":"00112233445566778899aabbccddeeff":0
|
||||
|
||||
ARIA-256-ECB Decrypt - RFC 5794
|
||||
aria_decrypt_ecb:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"f92bd7c79fb72e2f2b8f80c1972d24fc":"00112233445566778899aabbccddeeff":0
|
||||
|
||||
ARIA-128-ECB Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_ecb:"00112233445566778899aabbccddeeff":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"c6ecd08e22c30abdb215cf74e2075e6e29ccaac63448708d331b2f816c51b17d9e133d1528dbf0af5787c7f3a3f5c2bf6b6f345907a3055612ce072ff54de7d788424da6e8ccfe8172b391be499354165665ba7864917000a6eeb2ecb4a698edfc7887e7f556377614ab0a282293e6d884dbb84206cdb16ed1754e77a1f243fd086953f752cc1e46c7c794ae85537dcaec8dd721f55c93b6edfe2adea43873e8":0
|
||||
|
||||
ARIA-128-ECB Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_ecb:"00112233445566778899aabbccddeeff":"c6ecd08e22c30abdb215cf74e2075e6e29ccaac63448708d331b2f816c51b17d9e133d1528dbf0af5787c7f3a3f5c2bf6b6f345907a3055612ce072ff54de7d788424da6e8ccfe8172b391be499354165665ba7864917000a6eeb2ecb4a698edfc7887e7f556377614ab0a282293e6d884dbb84206cdb16ed1754e77a1f243fd086953f752cc1e46c7c794ae85537dcaec8dd721f55c93b6edfe2adea43873e8":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-192-ECB Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_ecb:"00112233445566778899aabbccddeeff0011223344556677":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"8d1470625f59ebacb0e55b534b3e462b5f23d33bff78f46c3c15911f4a21809aaccad80b4bda915aa9dae6bcebe06a6c83f77fd5391acfe61de2f646b5d447edbfd5bb49b12fbb9145b227895a757b2af1f7188734863d7b8b6ede5a5b2f06a0a233c8523d2db778fb31b0e311f32700152f33861e9d040c83b5eb40cd88ea49975709dc629365a189f78a3ec40345fc6a5a307a8f9a4413091e007eca5645a0":0
|
||||
|
||||
ARIA-192-ECB Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_ecb:"00112233445566778899aabbccddeeff0011223344556677":"8d1470625f59ebacb0e55b534b3e462b5f23d33bff78f46c3c15911f4a21809aaccad80b4bda915aa9dae6bcebe06a6c83f77fd5391acfe61de2f646b5d447edbfd5bb49b12fbb9145b227895a757b2af1f7188734863d7b8b6ede5a5b2f06a0a233c8523d2db778fb31b0e311f32700152f33861e9d040c83b5eb40cd88ea49975709dc629365a189f78a3ec40345fc6a5a307a8f9a4413091e007eca5645a0":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-256-ECB Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_ecb:"00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"58a875e6044ad7fffa4f58420f7f442d8e191016f28e79aefc01e204773280d7018e5f7a938ec30711719953bae86542cd7ebc752474c1a5f6eaaace2a7e29462ee7dfa5afdb84177ead95ccd4b4bb6e1ed17b9534cff0a5fc2941429cfee2ee49c7adbeb7e9d1b0d2a8531d942079596a27ed79f5b1dd13ecd604b07a48885a3afa0627a0e4e60a3c703af292f1baa77b702f16c54aa74bc727ea95c7468b00":0
|
||||
|
||||
ARIA-256-ECB Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_ecb:"00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff":"58a875e6044ad7fffa4f58420f7f442d8e191016f28e79aefc01e204773280d7018e5f7a938ec30711719953bae86542cd7ebc752474c1a5f6eaaace2a7e29462ee7dfa5afdb84177ead95ccd4b4bb6e1ed17b9534cff0a5fc2941429cfee2ee49c7adbeb7e9d1b0d2a8531d942079596a27ed79f5b1dd13ecd604b07a48885a3afa0627a0e4e60a3c703af292f1baa77b702f16c54aa74bc727ea95c7468b00":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-128-CBC Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_cbc:"00112233445566778899aabbccddeeff":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"49d61860b14909109cef0d22a9268134fadf9fb23151e9645fba75018bdb1538b53334634bbf7d4cd4b5377033060c155fe3948ca75de1031e1d85619e0ad61eb419a866b3c2dbfd10a4ed18b22149f75897f0b8668b0c1c542c687778835fb7cd46e45f85eaa7072437dd9fa6793d6f8d4ccefc4eb1ac641ac1bd30b18c6d64c49bca137eb21c2e04da62712ca2b4f540c57112c38791852cfac7a5d19ed83a":0
|
||||
|
||||
ARIA-128-CBC Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_cbc:"00112233445566778899aabbccddeeff":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"49d61860b14909109cef0d22a9268134fadf9fb23151e9645fba75018bdb1538b53334634bbf7d4cd4b5377033060c155fe3948ca75de1031e1d85619e0ad61eb419a866b3c2dbfd10a4ed18b22149f75897f0b8668b0c1c542c687778835fb7cd46e45f85eaa7072437dd9fa6793d6f8d4ccefc4eb1ac641ac1bd30b18c6d64c49bca137eb21c2e04da62712ca2b4f540c57112c38791852cfac7a5d19ed83a":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-192-CBC Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_cbc:"00112233445566778899aabbccddeeff0011223344556677":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"afe6cf23974b533c672a826264ea785f4e4f7f780dc7f3f1e0962b80902386d514e9c3e77259de92dd1102ffab086c1ea52a71260db5920a83295c25320e421147ca45d532f327b856ea947cd2196ae2e040826548b4c891b0ed0ca6e714dbc4631998d548110d666b3d54c2a091955c6f05beb4f62309368696c9791fc4c551564a2637f194346ec45fbca6c72a5b4612e208d531d6c34cc5c64eac6bd0cf8c":0
|
||||
|
||||
ARIA-192-CBC Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_cbc:"00112233445566778899aabbccddeeff0011223344556677":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"afe6cf23974b533c672a826264ea785f4e4f7f780dc7f3f1e0962b80902386d514e9c3e77259de92dd1102ffab086c1ea52a71260db5920a83295c25320e421147ca45d532f327b856ea947cd2196ae2e040826548b4c891b0ed0ca6e714dbc4631998d548110d666b3d54c2a091955c6f05beb4f62309368696c9791fc4c551564a2637f194346ec45fbca6c72a5b4612e208d531d6c34cc5c64eac6bd0cf8c":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-256-CBC Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_cbc:"00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"523a8a806ae621f155fdd28dbc34e1ab7b9b42432ad8b2efb96e23b13f0a6e52f36185d50ad002c5f601bee5493f118b243ee2e313642bffc3902e7b2efd9a12fa682edd2d23c8b9c5f043c18b17c1ec4b5867918270fbec1027c19ed6af833da5d620994668ca22f599791d292dd6273b2959082aafb7a996167cce1eec5f0cfd15f610d87e2dda9ba68ce1260ca54b222491418374294e7909b1e8551cd8de":0
|
||||
|
||||
ARIA-256-CBC Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_cbc:"00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"523a8a806ae621f155fdd28dbc34e1ab7b9b42432ad8b2efb96e23b13f0a6e52f36185d50ad002c5f601bee5493f118b243ee2e313642bffc3902e7b2efd9a12fa682edd2d23c8b9c5f043c18b17c1ec4b5867918270fbec1027c19ed6af833da5d620994668ca22f599791d292dd6273b2959082aafb7a996167cce1eec5f0cfd15f610d87e2dda9ba68ce1260ca54b222491418374294e7909b1e8551cd8de":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-128-CTR Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_ctr:"00112233445566778899aabbccddeeff":"00000000000000000000000000000000":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"ac5d7de805a0bf1c57c854501af60fa11497e2a34519dea1569e91e5b5ccae2ff3bfa1bf975f4571f48be191613546c3911163c085f871f0e7ae5f2a085b81851c2a3ddf20ecb8fa51901aec8ee4ba32a35dab67bb72cd9140ad188a967ac0fbbdfa94ea6cce47dcf8525ab5a814cfeb2bb60ee2b126e2d9d847c1a9e96f9019e3e6a7fe40d3829afb73db1cc245646addb62d9b907baaafbe46a73dbc131d3d":0
|
||||
|
||||
ARIA-192-CTR Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_ctr:"00112233445566778899aabbccddeeff0011223344556677":"00000000000000000000000000000000":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"08625ca8fe569c19ba7af3760a6ed1cef4d199263e999dde14082dbba7560b79a4c6b456b8707dce751f9854f18893dfdb3f4e5afa539733e6f1e70b98ba37891f8f81e95df8efc26c7ce043504cb18958b865e4e316cd2aa1c97f31bf23dc046ef326b95a692a191ba0f2a41c5fe9ae070f236ff7078e703b42666caafbdd20bad74ac4c20c0f46c7ca24c151716575c947da16c90cfe1bf217a41cfebe7531":0
|
||||
|
||||
ARIA-192-CTR Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_ctr:"00112233445566778899aabbccddeeff0011223344556677":"00000000000000000000000000000000":"08625ca8fe569c19ba7af3760a6ed1cef4d199263e999dde14082dbba7560b79a4c6b456b8707dce751f9854f18893dfdb3f4e5afa539733e6f1e70b98ba37891f8f81e95df8efc26c7ce043504cb18958b865e4e316cd2aa1c97f31bf23dc046ef326b95a692a191ba0f2a41c5fe9ae070f236ff7078e703b42666caafbdd20bad74ac4c20c0f46c7ca24c151716575c947da16c90cfe1bf217a41cfebe7531":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-256-CTR Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_ctr:"00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff":"00000000000000000000000000000000":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"30026c329666141721178b99c0a1f1b2f06940253f7b3089e2a30ea86aa3c88f5940f05ad7ee41d71347bb7261e348f18360473fdf7d4e7723bffb4411cc13f6cdd89f3bc7b9c768145022c7a74f14d7c305cd012a10f16050c23f1ae5c23f45998d13fbaa041e51619577e0772764896a5d4516d8ffceb3bf7e05f613edd9a60cdcedaff9cfcaf4e00d445a54334f73ab2cad944e51d266548e61c6eb0aa1cd":0
|
||||
|
||||
ARIA-256-CTR Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_ctr:"00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff":"00000000000000000000000000000000":"30026c329666141721178b99c0a1f1b2f06940253f7b3089e2a30ea86aa3c88f5940f05ad7ee41d71347bb7261e348f18360473fdf7d4e7723bffb4411cc13f6cdd89f3bc7b9c768145022c7a74f14d7c305cd012a10f16050c23f1ae5c23f45998d13fbaa041e51619577e0772764896a5d4516d8ffceb3bf7e05f613edd9a60cdcedaff9cfcaf4e00d445a54334f73ab2cad944e51d266548e61c6eb0aa1cd":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-128-CFB128 Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_cfb128:"00112233445566778899aabbccddeeff":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"3720e53ba7d615383406b09f0a05a200c07c21e6370f413a5d132500a68285017c61b434c7b7ca9685a51071861e4d4bb873b599b479e2d573dddeafba89f812ac6a9e44d554078eb3be94839db4b33da3f59c063123a7ef6f20e10579fa4fd239100ca73b52d4fcafeadee73f139f78f9b7614c2b3b9dbe010f87db06a89a9435f79ce8121431371f4e87b984e0230c22a6dacb32fc42dcc6accef33285bf11":0
|
||||
|
||||
ARIA-128-CFB128 Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_cfb128:"00112233445566778899aabbccddeeff":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"3720e53ba7d615383406b09f0a05a200c07c21e6370f413a5d132500a68285017c61b434c7b7ca9685a51071861e4d4bb873b599b479e2d573dddeafba89f812ac6a9e44d554078eb3be94839db4b33da3f59c063123a7ef6f20e10579fa4fd239100ca73b52d4fcafeadee73f139f78f9b7614c2b3b9dbe010f87db06a89a9435f79ce8121431371f4e87b984e0230c22a6dacb32fc42dcc6accef33285bf11":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-192-CFB128 Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_cfb128:"00112233445566778899aabbccddeeff0011223344556677":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"4171f7192bf4495494d2736129640f5c4d87a9a213664c9448477c6ecc2013598d9766952dd8c3868f17e36ef66fd84bfa45d1593d2d6ee3ea2115047d710d4fb66187caa3a315b3c8ea2d313962edcfe5a3e2028d5ba9a09fd5c65c19d3440e477f0cab0628ec6902c73ee02f1afee9f80115be7b9df82d1e28228e28581a20560e195cbb9e2b327bf56fd2d0ae5502e42c13e9b4015d4da42dc859252e7da4":0
|
||||
|
||||
ARIA-192-CFB128 Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_cfb128:"00112233445566778899aabbccddeeff0011223344556677":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"4171f7192bf4495494d2736129640f5c4d87a9a213664c9448477c6ecc2013598d9766952dd8c3868f17e36ef66fd84bfa45d1593d2d6ee3ea2115047d710d4fb66187caa3a315b3c8ea2d313962edcfe5a3e2028d5ba9a09fd5c65c19d3440e477f0cab0628ec6902c73ee02f1afee9f80115be7b9df82d1e28228e28581a20560e195cbb9e2b327bf56fd2d0ae5502e42c13e9b4015d4da42dc859252e7da4":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
||||
|
||||
ARIA-256-CFB128 Encrypt - Official Test Vectors 1.0
|
||||
aria_encrypt_cfb128:"00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":"26834705b0f2c0e2588d4a7f09009635f28bb93d8c31f870ec1e0bdb082b66fa402dd9c202be300c4517d196b14d4ce11dce97f7aaba54341b0d872cc9b63753a3e8556a14be6f7b3e27e3cfc39caf80f2a355aa50dc83c09c7b11828694f8e4aa726c528976b53f2c877f4991a3a8d28adb63bd751846ffb2350265e179d4990753ae8485ff9b4133ddad5875b84a90cbcfa62a045d726df71b6bda0eeca0be":0
|
||||
|
||||
ARIA-256-CFB128 Decrypt - Official Test Vectors 1.0
|
||||
aria_decrypt_cfb128:"00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff":"0f1e2d3c4b5a69788796a5b4c3d2e1f0":"26834705b0f2c0e2588d4a7f09009635f28bb93d8c31f870ec1e0bdb082b66fa402dd9c202be300c4517d196b14d4ce11dce97f7aaba54341b0d872cc9b63753a3e8556a14be6f7b3e27e3cfc39caf80f2a355aa50dc83c09c7b11828694f8e4aa726c528976b53f2c877f4991a3a8d28adb63bd751846ffb2350265e179d4990753ae8485ff9b4133ddad5875b84a90cbcfa62a045d726df71b6bda0eeca0be":"11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd":0
|
340
tests/suites/test_suite_aria.function
Normal file
340
tests/suites/test_suite_aria.function
Normal file
|
@ -0,0 +1,340 @@
|
|||
/* BEGIN_HEADER */
|
||||
#include "mbedtls/aria.h"
|
||||
|
||||
/* Maxium size of data used by test vectors
|
||||
* WARNING: to be adapted if and when adding larger test cases */
|
||||
#define ARIA_MAX_DATASIZE 160
|
||||
|
||||
/* Maximum sizes of hexified things */
|
||||
#define ARIA_MAX_KEY_STR ( 2 * MBEDTLS_ARIA_MAX_KEYSIZE + 1 )
|
||||
#define ARIA_BLOCK_STR ( 2 * MBEDTLS_ARIA_BLOCKSIZE + 1 )
|
||||
#define ARIA_MAX_DATA_STR ( 2 * ARIA_MAX_DATASIZE + 1 )
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
* depends_on:MBEDTLS_ARIA_C
|
||||
* END_DEPENDENCIES
|
||||
*/
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void aria_encrypt_ecb( char *hex_key_string, char *hex_src_string,
|
||||
char *hex_dst_string, int setkey_result )
|
||||
{
|
||||
unsigned char key_str[ARIA_MAX_KEY_STR];
|
||||
unsigned char src_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char dst_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char output[ARIA_MAX_DATASIZE];
|
||||
mbedtls_aria_context ctx;
|
||||
int key_len, data_len, i;
|
||||
|
||||
memset( key_str, 0x00, sizeof( key_str ) );
|
||||
memset( src_str, 0x00, sizeof( src_str ) );
|
||||
memset( dst_str, 0x00, sizeof( dst_str ) );
|
||||
memset( output, 0x00, sizeof( output ) );
|
||||
mbedtls_aria_init( &ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
TEST_ASSERT( mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 )
|
||||
== setkey_result );
|
||||
if( setkey_result == 0 )
|
||||
{
|
||||
for( i = 0; i < data_len; i += MBEDTLS_ARIA_BLOCKSIZE )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, MBEDTLS_ARIA_ENCRYPT,
|
||||
src_str + i, output + i )
|
||||
== 0 );
|
||||
}
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_aria_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void aria_decrypt_ecb( char *hex_key_string, char *hex_src_string,
|
||||
char *hex_dst_string, int setkey_result )
|
||||
{
|
||||
unsigned char key_str[ARIA_MAX_KEY_STR];
|
||||
unsigned char src_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char dst_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char output[ARIA_MAX_DATASIZE];
|
||||
mbedtls_aria_context ctx;
|
||||
int key_len, data_len, i;
|
||||
|
||||
memset( key_str, 0x00, sizeof( key_str ) );
|
||||
memset( src_str, 0x00, sizeof( src_str ) );
|
||||
memset( dst_str, 0x00, sizeof( dst_str ) );
|
||||
memset( output, 0x00, sizeof( output ) );
|
||||
mbedtls_aria_init( &ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
TEST_ASSERT( mbedtls_aria_setkey_dec( &ctx, key_str, key_len * 8 )
|
||||
== setkey_result );
|
||||
if( setkey_result == 0 )
|
||||
{
|
||||
for( i = 0; i < data_len; i += MBEDTLS_ARIA_BLOCKSIZE )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, MBEDTLS_ARIA_DECRYPT,
|
||||
src_str + i, output + i )
|
||||
== 0 );
|
||||
}
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_aria_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
|
||||
void aria_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
|
||||
char *hex_src_string, char *hex_dst_string,
|
||||
int cbc_result )
|
||||
{
|
||||
unsigned char key_str[ARIA_MAX_KEY_STR];
|
||||
unsigned char iv_str[ARIA_BLOCK_STR];
|
||||
unsigned char src_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char dst_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char output[ARIA_MAX_DATASIZE];
|
||||
mbedtls_aria_context ctx;
|
||||
int key_len, data_len;
|
||||
|
||||
memset( key_str, 0x00, sizeof( key_str ) );
|
||||
memset( iv_str, 0x00, sizeof( iv_str ) );
|
||||
memset( src_str, 0x00, sizeof( src_str ) );
|
||||
memset( dst_str, 0x00, sizeof( dst_str ) );
|
||||
memset( output, 0x00, sizeof( output ) );
|
||||
mbedtls_aria_init( &ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
unhexify( iv_str, hex_iv_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
|
||||
TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, data_len,
|
||||
iv_str, src_str, output )
|
||||
== cbc_result );
|
||||
if( cbc_result == 0 )
|
||||
{
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_aria_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
|
||||
void aria_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
|
||||
char *hex_src_string, char *hex_dst_string,
|
||||
int cbc_result )
|
||||
{
|
||||
unsigned char key_str[ARIA_MAX_KEY_STR];
|
||||
unsigned char iv_str[ARIA_BLOCK_STR];
|
||||
unsigned char src_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char dst_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char output[ARIA_MAX_DATASIZE];
|
||||
mbedtls_aria_context ctx;
|
||||
int key_len, data_len;
|
||||
|
||||
memset( key_str, 0x00, sizeof( key_str ) );
|
||||
memset( iv_str, 0x00, sizeof( iv_str ) );
|
||||
memset( src_str, 0x00, sizeof( src_str ) );
|
||||
memset( dst_str, 0x00, sizeof( dst_str ) );
|
||||
memset( output, 0x00, sizeof( output ) );
|
||||
mbedtls_aria_init( &ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
unhexify( iv_str, hex_iv_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
mbedtls_aria_setkey_dec( &ctx, key_str, key_len * 8 );
|
||||
TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, data_len,
|
||||
iv_str, src_str, output )
|
||||
== cbc_result );
|
||||
if( cbc_result == 0 )
|
||||
{
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_aria_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
|
||||
void aria_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
|
||||
char *hex_src_string, char *hex_dst_string,
|
||||
int result )
|
||||
{
|
||||
unsigned char key_str[ARIA_MAX_KEY_STR];
|
||||
unsigned char iv_str[ARIA_BLOCK_STR];
|
||||
unsigned char src_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char dst_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char output[ARIA_MAX_DATASIZE];
|
||||
mbedtls_aria_context ctx;
|
||||
size_t iv_offset = 0;
|
||||
int key_len, data_len;
|
||||
|
||||
memset( key_str, 0x00, sizeof( key_str ) );
|
||||
memset( iv_str, 0x00, sizeof( iv_str ) );
|
||||
memset( src_str, 0x00, sizeof( src_str ) );
|
||||
memset( dst_str, 0x00, sizeof( dst_str ) );
|
||||
memset( output, 0x00, sizeof( output ) );
|
||||
mbedtls_aria_init( &ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
unhexify( iv_str, hex_iv_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
|
||||
TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT,
|
||||
data_len, &iv_offset, iv_str,
|
||||
src_str, output )
|
||||
== result );
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
|
||||
exit:
|
||||
mbedtls_aria_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
|
||||
void aria_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
|
||||
char *hex_src_string, char *hex_dst_string,
|
||||
int result )
|
||||
{
|
||||
unsigned char key_str[ARIA_MAX_KEY_STR];
|
||||
unsigned char iv_str[ARIA_BLOCK_STR];
|
||||
unsigned char src_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char dst_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char output[ARIA_MAX_DATASIZE];
|
||||
mbedtls_aria_context ctx;
|
||||
size_t iv_offset = 0;
|
||||
int key_len, data_len;
|
||||
|
||||
memset( key_str, 0x00, sizeof( key_str ) );
|
||||
memset( iv_str, 0x00, sizeof( iv_str ) );
|
||||
memset( src_str, 0x00, sizeof( src_str ) );
|
||||
memset( dst_str, 0x00, sizeof( dst_str ) );
|
||||
memset( output, 0x00, sizeof( output ) );
|
||||
mbedtls_aria_init( &ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
unhexify( iv_str, hex_iv_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
|
||||
TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT,
|
||||
data_len, &iv_offset, iv_str,
|
||||
src_str, output )
|
||||
== result );
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
|
||||
exit:
|
||||
mbedtls_aria_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
|
||||
void aria_encrypt_ctr( char *hex_key_string, char *hex_iv_string,
|
||||
char *hex_src_string, char *hex_dst_string,
|
||||
int result )
|
||||
{
|
||||
unsigned char key_str[ARIA_MAX_KEY_STR];
|
||||
unsigned char iv_str[ARIA_BLOCK_STR];
|
||||
unsigned char src_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char dst_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char output[ARIA_MAX_DATASIZE];
|
||||
unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
|
||||
mbedtls_aria_context ctx;
|
||||
size_t iv_offset = 0;
|
||||
int key_len, data_len;
|
||||
|
||||
memset( key_str, 0x00, sizeof( key_str ) );
|
||||
memset( iv_str, 0x00, sizeof( iv_str ) );
|
||||
memset( src_str, 0x00, sizeof( src_str ) );
|
||||
memset( dst_str, 0x00, sizeof( dst_str ) );
|
||||
memset( output, 0x00, sizeof( output ) );
|
||||
mbedtls_aria_init( &ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
unhexify( iv_str, hex_iv_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
|
||||
TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, data_len, &iv_offset, iv_str,
|
||||
blk, src_str, output )
|
||||
== result );
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
|
||||
exit:
|
||||
mbedtls_aria_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
|
||||
void aria_decrypt_ctr( char *hex_key_string, char *hex_iv_string,
|
||||
char *hex_src_string, char *hex_dst_string,
|
||||
int result )
|
||||
{
|
||||
unsigned char key_str[ARIA_MAX_KEY_STR];
|
||||
unsigned char iv_str[ARIA_BLOCK_STR];
|
||||
unsigned char src_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char dst_str[ARIA_MAX_DATA_STR];
|
||||
unsigned char output[ARIA_MAX_DATASIZE];
|
||||
unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
|
||||
mbedtls_aria_context ctx;
|
||||
size_t iv_offset = 0;
|
||||
int key_len, data_len;
|
||||
|
||||
memset( key_str, 0x00, sizeof( key_str ) );
|
||||
memset( iv_str, 0x00, sizeof( iv_str ) );
|
||||
memset( src_str, 0x00, sizeof( src_str ) );
|
||||
memset( dst_str, 0x00, sizeof( dst_str ) );
|
||||
memset( output, 0x00, sizeof( output ) );
|
||||
mbedtls_aria_init( &ctx );
|
||||
|
||||
key_len = unhexify( key_str, hex_key_string );
|
||||
unhexify( iv_str, hex_iv_string );
|
||||
data_len = unhexify( src_str, hex_src_string );
|
||||
|
||||
mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
|
||||
TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, data_len, &iv_offset, iv_str,
|
||||
blk, src_str, output )
|
||||
== result );
|
||||
hexify( dst_str, output, data_len );
|
||||
|
||||
TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
|
||||
|
||||
exit:
|
||||
mbedtls_aria_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
|
||||
void aria_selftest()
|
||||
{
|
||||
TEST_ASSERT( mbedtls_aria_self_test( 1 ) == 0 );
|
||||
}
|
||||
/* END_CASE */
|
|
@ -149,6 +149,7 @@
|
|||
<ClInclude Include="..\..\include\mbedtls\aes.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\aesni.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\arc4.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\aria.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\asn1.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\asn1write.h" />
|
||||
<ClInclude Include="..\..\include\mbedtls\base64.h" />
|
||||
|
@ -223,6 +224,7 @@
|
|||
<ClCompile Include="..\..\library\aes.c" />
|
||||
<ClCompile Include="..\..\library\aesni.c" />
|
||||
<ClCompile Include="..\..\library\arc4.c" />
|
||||
<ClCompile Include="..\..\library\aria.c" />
|
||||
<ClCompile Include="..\..\library\asn1parse.c" />
|
||||
<ClCompile Include="..\..\library\asn1write.c" />
|
||||
<ClCompile Include="..\..\library\base64.c" />
|
||||
|
|
Loading…
Reference in a new issue