- Added support for the SSL_EDH_RSA_AES_128_SHA and SSL_EDH_RSA_CAMELLIA_128_SHA ciphersuites
This commit is contained in:
Paul Bakker
parent
699fbbcf29
commit
77a43580da
6 changed files with 37 additions and 4 deletions
|
|
@ -1,5 +1,10 @@
|
|||
PolarSSL ChangeLog
|
||||
|
||||
= Version 0.14.0 released on 2010-XXXXX
|
||||
Features
|
||||
* Added support for SSL_EDH_RSA_AES_128_SHA and
|
||||
SSL_EDH_RSA_CAMELLIA_128_SHA ciphersuites
|
||||
|
||||
= Version 0.13.1 released on 2010-03-24
|
||||
Bug fixes
|
||||
* Fixed Makefile in library that was mistakenly merged
|
||||
|
|
|
|||
|
|
@ -93,10 +93,12 @@
|
|||
#define SSL_RSA_DES_168_SHA 10
|
||||
#define SSL_EDH_RSA_DES_168_SHA 22
|
||||
#define SSL_RSA_AES_128_SHA 47
|
||||
#define SSL_EDH_RSA_AES_128_SHA 51
|
||||
#define SSL_RSA_AES_256_SHA 53
|
||||
#define SSL_EDH_RSA_AES_256_SHA 57
|
||||
|
||||
#define SSL_RSA_CAMELLIA_128_SHA 0x41
|
||||
#define SSL_EDH_RSA_CAMELLIA_128_SHA 0x45
|
||||
#define SSL_RSA_CAMELLIA_256_SHA 0x84
|
||||
#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88
|
||||
|
||||
|
|
|
|||
|
|
@ -323,8 +323,10 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
|
|||
SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
|
||||
|
||||
if( ssl->session->cipher != SSL_EDH_RSA_DES_168_SHA &&
|
||||
ssl->session->cipher != SSL_EDH_RSA_AES_128_SHA &&
|
||||
ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA &&
|
||||
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_128_SHA &&
|
||||
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
{
|
||||
SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
|
||||
ssl->state++;
|
||||
|
|
@ -514,8 +516,10 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
|||
SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
|
||||
|
||||
if( ssl->session->cipher == SSL_EDH_RSA_DES_168_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_AES_128_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_128_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
{
|
||||
#if !defined(POLARSSL_DHM_C)
|
||||
SSL_DEBUG_MSG( 1, ( "support for dhm in not available" ) );
|
||||
|
|
|
|||
|
|
@ -525,8 +525,10 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
|||
SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) );
|
||||
|
||||
if( ssl->session->cipher != SSL_EDH_RSA_DES_168_SHA &&
|
||||
ssl->session->cipher != SSL_EDH_RSA_AES_128_SHA &&
|
||||
ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA &&
|
||||
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_128_SHA &&
|
||||
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
{
|
||||
SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
|
||||
ssl->state++;
|
||||
|
|
@ -663,8 +665,10 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
|
|||
}
|
||||
|
||||
if( ssl->session->cipher == SSL_EDH_RSA_DES_168_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_AES_128_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_128_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
{
|
||||
#if !defined(POLARSSL_DHM_C)
|
||||
SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) );
|
||||
|
|
|
|||
|
|
@ -244,6 +244,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
|||
|
||||
#if defined(POLARSSL_AES_C)
|
||||
case SSL_RSA_AES_128_SHA:
|
||||
case SSL_EDH_RSA_AES_128_SHA:
|
||||
ssl->keylen = 16; ssl->minlen = 32;
|
||||
ssl->ivlen = 16; ssl->maclen = 20;
|
||||
break;
|
||||
|
|
@ -257,6 +258,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
|||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
case SSL_RSA_CAMELLIA_128_SHA:
|
||||
case SSL_EDH_RSA_CAMELLIA_128_SHA:
|
||||
ssl->keylen = 16; ssl->minlen = 32;
|
||||
ssl->ivlen = 16; ssl->maclen = 20;
|
||||
break;
|
||||
|
|
@ -325,6 +327,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
|||
|
||||
#if defined(POLARSSL_AES_C)
|
||||
case SSL_RSA_AES_128_SHA:
|
||||
case SSL_EDH_RSA_AES_128_SHA:
|
||||
aes_setkey_enc( (aes_context *) ssl->ctx_enc, key1, 128 );
|
||||
aes_setkey_dec( (aes_context *) ssl->ctx_dec, key2, 128 );
|
||||
break;
|
||||
|
|
@ -338,6 +341,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
|||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
case SSL_RSA_CAMELLIA_128_SHA:
|
||||
case SSL_EDH_RSA_CAMELLIA_128_SHA:
|
||||
camellia_setkey_enc( (camellia_context *) ssl->ctx_enc, key1, 128 );
|
||||
camellia_setkey_dec( (camellia_context *) ssl->ctx_dec, key2, 128 );
|
||||
break;
|
||||
|
|
@ -566,6 +570,7 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
|||
case 16:
|
||||
#if defined(POLARSSL_AES_C)
|
||||
if ( ssl->session->cipher == SSL_RSA_AES_128_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_AES_128_SHA ||
|
||||
ssl->session->cipher == SSL_RSA_AES_256_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA)
|
||||
{
|
||||
|
|
@ -578,6 +583,7 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
|||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
if ( ssl->session->cipher == SSL_RSA_CAMELLIA_128_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_128_SHA ||
|
||||
ssl->session->cipher == SSL_RSA_CAMELLIA_256_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
{
|
||||
|
|
@ -648,6 +654,7 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
|||
case 16:
|
||||
#if defined(POLARSSL_AES_C)
|
||||
if ( ssl->session->cipher == SSL_RSA_AES_128_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_AES_128_SHA ||
|
||||
ssl->session->cipher == SSL_RSA_AES_256_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA)
|
||||
{
|
||||
|
|
@ -660,6 +667,7 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
|||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
if ( ssl->session->cipher == SSL_RSA_CAMELLIA_128_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_128_SHA ||
|
||||
ssl->session->cipher == SSL_RSA_CAMELLIA_256_SHA ||
|
||||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
|
||||
{
|
||||
|
|
@ -1789,6 +1797,9 @@ const char *ssl_get_cipher( const ssl_context *ssl )
|
|||
case SSL_RSA_AES_128_SHA:
|
||||
return( "SSL_RSA_AES_128_SHA" );
|
||||
|
||||
case SSL_EDH_RSA_AES_128_SHA:
|
||||
return( "SSL_EDH_RSA_AES_128_SHA" );
|
||||
|
||||
case SSL_RSA_AES_256_SHA:
|
||||
return( "SSL_RSA_AES_256_SHA" );
|
||||
|
||||
|
|
@ -1800,6 +1811,9 @@ const char *ssl_get_cipher( const ssl_context *ssl )
|
|||
case SSL_RSA_CAMELLIA_128_SHA:
|
||||
return( "SSL_RSA_CAMELLIA_128_SHA" );
|
||||
|
||||
case SSL_EDH_RSA_CAMELLIA_128_SHA:
|
||||
return( "SSL_EDH_RSA_CAMELLIA_128_SHA" );
|
||||
|
||||
case SSL_RSA_CAMELLIA_256_SHA:
|
||||
return( "SSL_RSA_CAMELLIA_256_SHA" );
|
||||
|
||||
|
|
@ -1818,9 +1832,11 @@ int ssl_default_ciphers[] =
|
|||
{
|
||||
#if defined(POLARSSL_DHM_C)
|
||||
#if defined(POLARSSL_AES_C)
|
||||
SSL_EDH_RSA_AES_128_SHA,
|
||||
SSL_EDH_RSA_AES_256_SHA,
|
||||
#endif
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
SSL_EDH_RSA_CAMELLIA_128_SHA,
|
||||
SSL_EDH_RSA_CAMELLIA_256_SHA,
|
||||
#endif
|
||||
#if defined(POLARSSL_DES_C)
|
||||
|
|
|
|||
|
|
@ -65,6 +65,8 @@ int my_ciphers[] =
|
|||
{
|
||||
SSL_EDH_RSA_AES_256_SHA,
|
||||
SSL_EDH_RSA_CAMELLIA_256_SHA,
|
||||
SSL_EDH_RSA_AES_128_SHA,
|
||||
SSL_EDH_RSA_CAMELLIA_128_SHA,
|
||||
SSL_EDH_RSA_DES_168_SHA,
|
||||
SSL_RSA_AES_256_SHA,
|
||||
SSL_RSA_CAMELLIA_256_SHA,
|
||||
|
|
|
|||
Loading…
Reference in a new issue