mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 07:54:27 +01:00
- Improved information provided about current Hashing, Cipher and Suite capabilities
This commit is contained in:
parent
76fd75a3de
commit
72f6266f02
11
ChangeLog
11
ChangeLog
@ -4,16 +4,19 @@ PolarSSL ChangeLog
|
|||||||
Features
|
Features
|
||||||
Note: Most of these features have been donated by Fox-IT
|
Note: Most of these features have been donated by Fox-IT
|
||||||
* Added Doxygen source code documentation parts
|
* Added Doxygen source code documentation parts
|
||||||
* Added generic message digest and cipher wrapper
|
|
||||||
for integration with OpenVPN
|
|
||||||
* Added reading of DHM context from memory and file
|
* Added reading of DHM context from memory and file
|
||||||
* Added verification callback on certificate chain
|
|
||||||
verification to allow external blacklisting
|
|
||||||
* Improved X509 certificate parsing to include extended
|
* Improved X509 certificate parsing to include extended
|
||||||
certificate fields, including Key Usage
|
certificate fields, including Key Usage
|
||||||
* Improved certificate verification and verification
|
* Improved certificate verification and verification
|
||||||
against the available CRLs
|
against the available CRLs
|
||||||
* Detection for DES weak keys and parity bits added
|
* Detection for DES weak keys and parity bits added
|
||||||
|
* Improvements to support integration in other
|
||||||
|
applications:
|
||||||
|
+ Added generic message digest and cipher wrapper
|
||||||
|
+ Improved information about current capabilities,
|
||||||
|
status, objects and configuration
|
||||||
|
+ Added verification callback on certificate chain
|
||||||
|
verification to allow external blacklisting
|
||||||
|
|
||||||
= Version 0.14.0 released on 2010-08-16
|
= Version 0.14.0 released on 2010-08-16
|
||||||
Features
|
Features
|
||||||
|
@ -151,6 +151,14 @@ typedef struct {
|
|||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Returns the list of ciphers supported by the generic cipher module.
|
||||||
|
*
|
||||||
|
* \return a statically allocated array of ciphers, the last entry
|
||||||
|
* is 0.
|
||||||
|
*/
|
||||||
|
const int *cipher_list( void );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Returns the cipher information structure associated
|
* \brief Returns the cipher information structure associated
|
||||||
* with the given cipher name.
|
* with the given cipher name.
|
||||||
|
@ -118,6 +118,14 @@ typedef struct {
|
|||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Returns the list of digests supported by the generic digest module.
|
||||||
|
*
|
||||||
|
* \return a statically allocated array of digests, the last entry
|
||||||
|
* is 0.
|
||||||
|
*/
|
||||||
|
const int *md_list( void );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Returns the message digest information associated with the
|
* \brief Returns the message digest information associated with the
|
||||||
* given digest name.
|
* given digest name.
|
||||||
|
@ -319,6 +319,26 @@ extern "C" {
|
|||||||
|
|
||||||
extern int ssl_default_ciphers[];
|
extern int ssl_default_ciphers[];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Returns the list of ciphers supported by the SSL/TLS module.
|
||||||
|
*
|
||||||
|
* \return a statically allocated array of ciphers, the last entry
|
||||||
|
* is 0.
|
||||||
|
*/
|
||||||
|
static inline const int *ssl_list_ciphers( void )
|
||||||
|
{
|
||||||
|
return ssl_default_ciphers;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Return the name of the cipher associated with the given ID
|
||||||
|
*
|
||||||
|
* \param cipher_id SSL cipher ID
|
||||||
|
*
|
||||||
|
* \return a string containing the cipher name
|
||||||
|
*/
|
||||||
|
const char *ssl_get_cipher_name( const int cipher_id );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Initialize an SSL context
|
* \brief Initialize an SSL context
|
||||||
*
|
*
|
||||||
|
@ -37,6 +37,34 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
static const int supported_ciphers[] = {
|
||||||
|
|
||||||
|
#if defined(POLARSSL_AES_C)
|
||||||
|
POLARSSL_CIPHER_AES_128_CBC,
|
||||||
|
POLARSSL_CIPHER_AES_192_CBC,
|
||||||
|
POLARSSL_CIPHER_AES_256_CBC,
|
||||||
|
#endif /* defined(POLARSSL_AES_C) */
|
||||||
|
|
||||||
|
#if defined(POLARSSL_CAMELLIA_C)
|
||||||
|
POLARSSL_CIPHER_CAMELLIA_128_CBC,
|
||||||
|
POLARSSL_CIPHER_CAMELLIA_192_CBC,
|
||||||
|
POLARSSL_CIPHER_CAMELLIA_256_CBC,
|
||||||
|
#endif /* defined(POLARSSL_CAMELLIA_C) */
|
||||||
|
|
||||||
|
#if defined(POLARSSL_DES_C)
|
||||||
|
POLARSSL_CIPHER_DES_CBC,
|
||||||
|
POLARSSL_CIPHER_DES_EDE_CBC,
|
||||||
|
POLARSSL_CIPHER_DES_EDE3_CBC,
|
||||||
|
#endif /* defined(POLARSSL_DES_C) */
|
||||||
|
|
||||||
|
0
|
||||||
|
};
|
||||||
|
|
||||||
|
const int *cipher_list( void )
|
||||||
|
{
|
||||||
|
return supported_ciphers;
|
||||||
|
}
|
||||||
|
|
||||||
const cipher_info_t *cipher_info_from_type( cipher_type_t cipher_type )
|
const cipher_info_t *cipher_info_from_type( cipher_type_t cipher_type )
|
||||||
{
|
{
|
||||||
/* Find static cipher information */
|
/* Find static cipher information */
|
||||||
|
36
library/md.c
36
library/md.c
@ -37,6 +37,42 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
static const int supported_digests[] = {
|
||||||
|
|
||||||
|
#if defined(POLARSSL_MD2_C)
|
||||||
|
POLARSSL_MD_MD2,
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_MD4_C)
|
||||||
|
POLARSSL_MD_MD4,
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_MD5_C)
|
||||||
|
POLARSSL_MD_MD5,
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_SHA1_C)
|
||||||
|
POLARSSL_MD_SHA1,
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_SHA2_C)
|
||||||
|
POLARSSL_MD_SHA224,
|
||||||
|
POLARSSL_MD_SHA256,
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_SHA4_C)
|
||||||
|
POLARSSL_MD_SHA384,
|
||||||
|
POLARSSL_MD_SHA512,
|
||||||
|
#endif
|
||||||
|
|
||||||
|
0
|
||||||
|
};
|
||||||
|
|
||||||
|
const int *md_list( void )
|
||||||
|
{
|
||||||
|
return supported_digests;
|
||||||
|
}
|
||||||
|
|
||||||
const md_info_t *md_info_from_string( const char *md_name )
|
const md_info_t *md_info_from_string( const char *md_name )
|
||||||
{
|
{
|
||||||
if( NULL == md_name )
|
if( NULL == md_name )
|
||||||
|
@ -1863,52 +1863,52 @@ int ssl_get_verify_result( const ssl_context *ssl )
|
|||||||
return( ssl->verify_result );
|
return( ssl->verify_result );
|
||||||
}
|
}
|
||||||
|
|
||||||
const char *ssl_get_cipher( const ssl_context *ssl )
|
const char *ssl_get_cipher_name( const int cipher_id )
|
||||||
{
|
{
|
||||||
switch( ssl->session->cipher )
|
switch( cipher_id )
|
||||||
{
|
{
|
||||||
#if defined(POLARSSL_ARC4_C)
|
#if defined(POLARSSL_ARC4_C)
|
||||||
case SSL_RSA_RC4_128_MD5:
|
case SSL_RSA_RC4_128_MD5:
|
||||||
return( "SSL_RSA_RC4_128_MD5" );
|
return( "SSL-RSA-RC4-128-MD5" );
|
||||||
|
|
||||||
case SSL_RSA_RC4_128_SHA:
|
case SSL_RSA_RC4_128_SHA:
|
||||||
return( "SSL_RSA_RC4_128_SHA" );
|
return( "SSL-RSA-RC4-128-SHA" );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_DES_C)
|
#if defined(POLARSSL_DES_C)
|
||||||
case SSL_RSA_DES_168_SHA:
|
case SSL_RSA_DES_168_SHA:
|
||||||
return( "SSL_RSA_DES_168_SHA" );
|
return( "SSL-RSA-DES-168-SHA" );
|
||||||
|
|
||||||
case SSL_EDH_RSA_DES_168_SHA:
|
case SSL_EDH_RSA_DES_168_SHA:
|
||||||
return( "SSL_EDH_RSA_DES_168_SHA" );
|
return( "SSL-EDH-RSA-DES-168-SHA" );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_AES_C)
|
#if defined(POLARSSL_AES_C)
|
||||||
case SSL_RSA_AES_128_SHA:
|
case SSL_RSA_AES_128_SHA:
|
||||||
return( "SSL_RSA_AES_128_SHA" );
|
return( "SSL-RSA-AES-128-SHA" );
|
||||||
|
|
||||||
case SSL_EDH_RSA_AES_128_SHA:
|
case SSL_EDH_RSA_AES_128_SHA:
|
||||||
return( "SSL_EDH_RSA_AES_128_SHA" );
|
return( "SSL-EDH-RSA-AES-128-SHA" );
|
||||||
|
|
||||||
case SSL_RSA_AES_256_SHA:
|
case SSL_RSA_AES_256_SHA:
|
||||||
return( "SSL_RSA_AES_256_SHA" );
|
return( "SSL-RSA-AES-256-SHA" );
|
||||||
|
|
||||||
case SSL_EDH_RSA_AES_256_SHA:
|
case SSL_EDH_RSA_AES_256_SHA:
|
||||||
return( "SSL_EDH_RSA_AES_256_SHA" );
|
return( "SSL-EDH-RSA-AES-256-SHA" );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_CAMELLIA_C)
|
#if defined(POLARSSL_CAMELLIA_C)
|
||||||
case SSL_RSA_CAMELLIA_128_SHA:
|
case SSL_RSA_CAMELLIA_128_SHA:
|
||||||
return( "SSL_RSA_CAMELLIA_128_SHA" );
|
return( "SSL-RSA-CAMELLIA-128-SHA" );
|
||||||
|
|
||||||
case SSL_EDH_RSA_CAMELLIA_128_SHA:
|
case SSL_EDH_RSA_CAMELLIA_128_SHA:
|
||||||
return( "SSL_EDH_RSA_CAMELLIA_128_SHA" );
|
return( "SSL-EDH-RSA-CAMELLIA-128-SHA" );
|
||||||
|
|
||||||
case SSL_RSA_CAMELLIA_256_SHA:
|
case SSL_RSA_CAMELLIA_256_SHA:
|
||||||
return( "SSL_RSA_CAMELLIA_256_SHA" );
|
return( "SSL-RSA-CAMELLIA-256-SHA" );
|
||||||
|
|
||||||
case SSL_EDH_RSA_CAMELLIA_256_SHA:
|
case SSL_EDH_RSA_CAMELLIA_256_SHA:
|
||||||
return( "SSL_EDH_RSA_CAMELLIA_256_SHA" );
|
return( "SSL-EDH-RSA-CAMELLIA-256-SHA" );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
default:
|
default:
|
||||||
@ -1918,6 +1918,52 @@ const char *ssl_get_cipher( const ssl_context *ssl )
|
|||||||
return( "unknown" );
|
return( "unknown" );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int ssl_get_cipher_id( const char *cipher_name )
|
||||||
|
{
|
||||||
|
#if defined(POLARSSL_ARC4_C)
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-RSA-RC4-128-MD5"))
|
||||||
|
return( SSL_RSA_RC4_128_MD5 );
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-RSA-RC4-128-SHA"))
|
||||||
|
return( SSL_RSA_RC4_128_SHA );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_DES_C)
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-RSA-DES-168-SHA"))
|
||||||
|
return( SSL_RSA_DES_168_SHA );
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-EDH-RSA-DES-168-SHA"))
|
||||||
|
return( SSL_EDH_RSA_DES_168_SHA );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_AES_C)
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-RSA-AES-128-SHA"))
|
||||||
|
return( SSL_RSA_AES_128_SHA );
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-EDH-RSA-AES-128-SHA"))
|
||||||
|
return( SSL_EDH_RSA_AES_128_SHA );
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-RSA-AES-256-SHA"))
|
||||||
|
return( SSL_RSA_AES_256_SHA );
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-EDH-RSA-AES-256-SHA"))
|
||||||
|
return( SSL_EDH_RSA_AES_256_SHA );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_CAMELLIA_C)
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-RSA-CAMELLIA-128-SHA"))
|
||||||
|
return( SSL_RSA_CAMELLIA_128_SHA );
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-EDH-RSA-CAMELLIA-128-SHA"))
|
||||||
|
return( SSL_EDH_RSA_CAMELLIA_128_SHA );
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-RSA-CAMELLIA-256-SHA"))
|
||||||
|
return( SSL_RSA_CAMELLIA_256_SHA );
|
||||||
|
if (0 == strcasecmp(cipher_name, "SSL-EDH-RSA-CAMELLIA-256-SHA"))
|
||||||
|
return( SSL_EDH_RSA_CAMELLIA_256_SHA );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
|
const char *ssl_get_cipher( const ssl_context *ssl )
|
||||||
|
{
|
||||||
|
return ssl_get_cipher_name( ssl->session->cipher );
|
||||||
|
}
|
||||||
|
|
||||||
const char *ssl_get_version( const ssl_context *ssl )
|
const char *ssl_get_version( const ssl_context *ssl )
|
||||||
{
|
{
|
||||||
switch( ssl->minor_ver )
|
switch( ssl->minor_ver )
|
||||||
|
Loading…
Reference in New Issue
Block a user