mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 03:55:39 +01:00
Make CBC an option, step 1: ssl ciphersuites
This commit is contained in:
Manuel Pégourié-Gonnard
parent
b72b4edec1
commit
f7dc378ead
@ -152,6 +152,13 @@
|
||||
#define POLARSSL_AES_ROM_TABLES
|
||||
*/
|
||||
|
||||
/**
|
||||
* \def POLARSSL_CIPHER_MODE_CBC
|
||||
*
|
||||
* Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
|
||||
*/
|
||||
#define POLARSSL_CIPHER_MODE_CBC
|
||||
|
||||
/**
|
||||
* \def POLARSSL_CIPHER_MODE_CFB
|
||||
*
|
||||
|
||||
@ -168,6 +168,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
{
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
#if defined(POLARSSL_AES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
@ -178,12 +179,15 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#if defined(POLARSSL_GCM_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
@ -193,11 +197,13 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
#endif /* POLARSSL_SHA256_C */
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
|
||||
POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#if defined(POLARSSL_GCM_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
|
||||
POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
@ -209,6 +215,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
@ -223,14 +230,17 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_CAMELLIA_C */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
@ -252,6 +262,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
#if defined(POLARSSL_AES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
@ -262,12 +273,15 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#if defined(POLARSSL_GCM_C)
|
||||
{ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
|
||||
@ -277,11 +291,13 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
#endif /* POLARSSL_SHA256_C */
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
|
||||
POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#if defined(POLARSSL_GCM_C)
|
||||
{ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
|
||||
POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
|
||||
@ -293,6 +309,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
|
||||
@ -307,14 +324,17 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_CAMELLIA_C */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
@ -353,6 +373,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
0 },
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
@ -364,8 +385,10 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_SHA256_C */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
@ -377,9 +400,11 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
|
||||
@ -405,14 +430,17 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_CAMELLIA_C */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_DES_C */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
|
||||
@ -435,6 +463,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
0 },
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
@ -446,8 +475,10 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_SHA256_C */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
@ -459,9 +490,11 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
|
||||
@ -487,14 +520,17 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_CAMELLIA_C */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
@ -532,6 +568,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
|
||||
@ -559,9 +596,11 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
|
||||
@ -577,14 +616,17 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_CAMELLIA_C */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
@ -616,6 +658,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
|
||||
@ -643,9 +686,11 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
|
||||
@ -661,14 +706,17 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_CAMELLIA_C */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
@ -700,6 +748,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
|
||||
@ -727,9 +776,11 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
|
||||
@ -745,14 +796,17 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_CAMELLIA_C */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
{ TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
@ -812,6 +866,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
#endif /* POLARSSL_CIPHER_NULL_CIPHER */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
||||
{ TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
|
||||
@ -820,11 +875,14 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
POLARSSL_CIPHERSUITE_WEAK },
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
|
||||
{ TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_WEAK },
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
#endif /* POLARSSL_DES_C */
|
||||
#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
|
||||
|
||||
|
||||
@ -672,6 +672,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
if( cipher_info->mode == POLARSSL_MODE_CBC )
|
||||
{
|
||||
if( ( ret = cipher_set_padding_mode( &transform->cipher_ctx_enc,
|
||||
@ -688,6 +689,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
break;
|
||||
|
||||
case POLARSSL_CIPHER_NULL:
|
||||
@ -871,7 +873,7 @@ static void ssl_mac( md_context_t *md_ctx, unsigned char *secret,
|
||||
*/
|
||||
static int ssl_encrypt_buf( ssl_context *ssl )
|
||||
{
|
||||
size_t i, padlen;
|
||||
size_t i;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
|
||||
|
||||
@ -914,17 +916,16 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
||||
#if defined(POLARSSL_CIPHER_NULL_CIPHER)
|
||||
if( ssl->transform_out->ciphersuite_info->cipher == POLARSSL_CIPHER_NULL )
|
||||
{
|
||||
padlen = 0;
|
||||
; /* Nothing to do */
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_CIPHER_NULL_CIPHER */
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
if( ssl->transform_out->ciphersuite_info->cipher == POLARSSL_CIPHER_ARC4_128 )
|
||||
{
|
||||
int ret;
|
||||
size_t olen = 0;
|
||||
|
||||
padlen = 0;
|
||||
|
||||
SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
|
||||
"including %d bytes of padding",
|
||||
ssl->out_msglen, 0 ) );
|
||||
@ -978,6 +979,7 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_ARC4_C */
|
||||
#if defined(POLARSSL_GCM_C)
|
||||
if( ssl->transform_out->ciphersuite_info->cipher == POLARSSL_CIPHER_AES_128_GCM ||
|
||||
ssl->transform_out->ciphersuite_info->cipher == POLARSSL_CIPHER_AES_256_GCM )
|
||||
@ -987,7 +989,6 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
||||
unsigned char add_data[13];
|
||||
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
|
||||
padlen = 0;
|
||||
enc_msglen = ssl->out_msglen;
|
||||
|
||||
memcpy( add_data, ssl->out_ctr, 8 );
|
||||
@ -1084,11 +1085,13 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
if( ssl->transform_out->cipher_ctx_enc.cipher_info->mode ==
|
||||
POLARSSL_MODE_CBC )
|
||||
{
|
||||
int ret;
|
||||
unsigned char *enc_msg;
|
||||
size_t enc_msglen;
|
||||
size_t olen = 0;
|
||||
size_t enc_msglen, padlen, olen = 0;
|
||||
|
||||
padlen = ssl->transform_out->ivlen - ( ssl->out_msglen + 1 ) %
|
||||
ssl->transform_out->ivlen;
|
||||
@ -1188,6 +1191,12 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
for( i = 8; i > 0; i-- )
|
||||
if( ++ssl->out_ctr[i - 1] != 0 )
|
||||
@ -1362,6 +1371,9 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
#if defined(POLARSSL_CIPHER_MODE_CBC)
|
||||
if( ssl->transform_in->cipher_ctx_dec.cipher_info->mode ==
|
||||
POLARSSL_MODE_CBC )
|
||||
{
|
||||
/*
|
||||
* Decrypt and check the padding
|
||||
@ -1524,6 +1536,12 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
SSL_DEBUG_BUF( 4, "raw buffer after decryption",
|
||||
ssl->in_msg, ssl->in_msglen );
|
||||
|
||||
Loading…
Reference in New Issue
Block a user