From 057e0cf2636c56a56c08cc3dc75d59795449e83b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 14 Oct 2013 14:19:31 +0200 Subject: [PATCH] Fix ciphersuites dependencies on MD5 and SHA1 --- include/polarssl/config.h | 18 +++++----- library/cipher_wrap.c | 2 +- library/ssl_ciphersuites.c | 74 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 84 insertions(+), 10 deletions(-) diff --git a/include/polarssl/config.h b/include/polarssl/config.h index f23f540f0..dc22c6df4 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -184,15 +184,15 @@ * TLS_RSA_WITH_NULL_SHA * TLS_RSA_WITH_NULL_SHA256 * TLS_ECDHE_RSA_WITH_NULL_SHA - * TLS_PSK_WITH_NULL - * TLS_PSK_WITH_NULL256 - * TLS_PSK_WITH_NULL384 - * TLS_DHE_PSK_WITH_NULL - * TLS_DHE_PSK_WITH_NULL256 - * TLS_DHE_PSK_WITH_NULL384 - * TLS_RSA_PSK_WITH_NULL - * TLS_RSA_PSK_WITH_NULL256 - * TLS_RSA_PSK_WITH_NULL384 + * TLS_PSK_WITH_NULL_SHA + * TLS_PSK_WITH_NULL_SHA256 + * TLS_PSK_WITH_NULL_SHA384 + * TLS_DHE_PSK_WITH_NULL_SHA + * TLS_DHE_PSK_WITH_NULL_SHA256 + * TLS_DHE_PSK_WITH_NULL_SHA384 + * TLS_RSA_PSK_WITH_NULL_SHA + * TLS_RSA_PSK_WITH_NULL_SHA256 + * TLS_RSA_PSK_WITH_NULL_SHA384 * TLS_ECDHE_PSK_WITH_NULL_SHA * TLS_ECDHE_PSK_WITH_NULL_SHA256 * TLS_ECDHE_PSK_WITH_NULL_SHA384 diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 342923dcc..7466b959b 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -1178,7 +1178,7 @@ const cipher_definition_t cipher_definitions[] = #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_CIPHER_NULL_CIPHER) - { POLARSSL_CIPHER_NULL, &null_info }, + { POLARSSL_CIPHER_NULL, &null_cipher_info }, #endif /* POLARSSL_CIPHER_NULL_CIPHER */ { 0, NULL } diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 1efd403eb..7de532238 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -181,6 +181,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = { #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) #if defined(POLARSSL_AES_C) +#if defined(POLARSSL_SHA1_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, @@ -193,6 +194,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, #endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* POLARSSL_SHA1_C */ #if defined(POLARSSL_SHA256_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", @@ -248,33 +250,40 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #if defined(POLARSSL_CIPHER_NULL_CIPHER) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_NULL_CIPHER */ #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) #if defined(POLARSSL_AES_C) +#if defined(POLARSSL_SHA1_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, @@ -287,6 +296,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, #endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* POLARSSL_SHA1_C */ #if defined(POLARSSL_SHA256_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", @@ -342,28 +352,34 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #if defined(POLARSSL_CIPHER_NULL_CIPHER) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_NULL_CIPHER */ #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ @@ -402,6 +418,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_SHA256_C */ #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -413,6 +430,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -432,6 +450,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA256_C */ +#if defined(POLARSSL_SHA1_C) { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -443,16 +462,19 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_CAMELLIA_C */ #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ @@ -491,6 +513,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_SHA256_C */ +#if defined(POLARSSL_SHA1_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, @@ -504,6 +527,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, #endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_AES_C */ #if defined(POLARSSL_CAMELLIA_C) @@ -522,6 +546,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA256_C */ +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -533,31 +558,38 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_CAMELLIA_C */ #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_MD5_C) { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ @@ -598,6 +630,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA512_C */ +#if defined(POLARSSL_SHA1_C) { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -609,6 +642,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -634,20 +668,24 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ @@ -688,6 +726,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA512_C */ +#if defined(POLARSSL_SHA1_C) { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -699,6 +738,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -724,20 +764,24 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -761,6 +805,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA512_C */ +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -772,6 +817,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -797,20 +843,24 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ @@ -851,6 +901,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA512_C */ +#if defined(POLARSSL_SHA1_C) { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -862,6 +913,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -887,67 +939,83 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) #if defined(POLARSSL_CIPHER_NULL_CIPHER) #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) +#if defined(POLARSSL_MD5_C) { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif +#if defined(POLARSSL_SHA256_C) { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #if defined(POLARSSL_SHA256_C) { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", @@ -967,30 +1035,36 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ #endif /* POLARSSL_CIPHER_NULL_CIPHER */ #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */