mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-25 05:25:33 +00:00
Merge pull request #4503 from gilles-peskine-arm/ciphersuite-sha384-guard-2.x
Backport 2.x: fix SHA384 guards in TLS
This commit is contained in:
commit
05c11e3dd5
4
ChangeLog.d/ciphersuite-sha1-sha384-guard.txt
Normal file
4
ChangeLog.d/ciphersuite-sha1-sha384-guard.txt
Normal file
|
@ -0,0 +1,4 @@
|
|||
Bugfix
|
||||
* The cipher suite TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 was not available
|
||||
when SHA-1 was disabled and was offered when SHA-1 was enabled but SHA-384
|
||||
was disabled. Fix the dependency. Fixes #4472.
|
2
ChangeLog.d/ciphersuite-sha384-guard.txt
Normal file
2
ChangeLog.d/ciphersuite-sha384-guard.txt
Normal file
|
@ -0,0 +1,2 @@
|
|||
Bugfix
|
||||
* Do not offer SHA384 cipher suites when SHA-384 is disabled. Fixes #4499.
|
|
@ -34,6 +34,11 @@
|
|||
|
||||
#include <string.h>
|
||||
|
||||
#undef HAVE_SHA384
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
#define HAVE_SHA384
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Ordered from most preferred to least preferred in terms of security.
|
||||
*
|
||||
|
@ -411,7 +416,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
|
@ -426,7 +431,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#if defined(MBEDTLS_CCM_C)
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
|
||||
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
|
@ -460,13 +465,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
@ -477,13 +482,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -552,7 +557,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
||||
|
@ -567,7 +572,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
|
||||
#if defined(MBEDTLS_CAMELLIA_C)
|
||||
|
@ -579,13 +584,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
@ -596,13 +601,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -641,13 +646,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
|
||||
#if defined(HAVE_SHA384) && defined(MBEDTLS_GCM_C)
|
||||
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
|
||||
#endif /* HAVE_SHA384 && MBEDTLS_GCM_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
@ -751,13 +756,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -776,13 +781,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
|
||||
#if defined(HAVE_SHA384) && defined(MBEDTLS_GCM_C)
|
||||
{ MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
|
||||
#endif /* HAVE_SHA384 && MBEDTLS_GCM_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
@ -887,13 +892,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -960,7 +965,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
||||
|
@ -975,7 +980,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
|
||||
#if defined(MBEDTLS_CAMELLIA_C)
|
||||
|
@ -987,13 +992,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
@ -1004,13 +1009,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -1079,7 +1084,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
||||
|
@ -1094,7 +1099,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
|
||||
#if defined(MBEDTLS_CAMELLIA_C)
|
||||
|
@ -1106,13 +1111,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
@ -1123,13 +1128,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -1177,13 +1182,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
|
@ -1195,13 +1200,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
{ MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
|
||||
|
@ -1251,13 +1256,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
@ -1269,13 +1274,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -1313,13 +1318,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
|
@ -1331,13 +1336,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
|
||||
|
@ -1387,13 +1392,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
@ -1405,13 +1410,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -1450,13 +1455,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
|
||||
|
@ -1484,13 +1489,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -1528,13 +1533,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
||||
|
@ -1546,13 +1551,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
|
||||
|
@ -1580,13 +1585,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
@ -1598,13 +1603,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
0 },
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* HAVE_SHA384 */
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
#endif /* MBEDTLS_CAMELLIA_C */
|
||||
|
||||
|
@ -1688,7 +1693,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_CIPHERSUITE_WEAK },
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
|
||||
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
|
@ -1714,7 +1719,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_CIPHERSUITE_WEAK },
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
|
||||
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
|
@ -1740,7 +1745,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_CIPHERSUITE_WEAK },
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
|
||||
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
|
@ -1766,7 +1771,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_CIPHERSUITE_WEAK },
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(HAVE_SHA384)
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
|
||||
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
||||
|
@ -1805,7 +1810,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
|
||||
|
@ -1813,7 +1818,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-RSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
|
||||
|
@ -1842,7 +1847,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
|
@ -1850,7 +1855,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
||||
|
@ -1879,7 +1884,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-PSK-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
|
@ -1887,7 +1892,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-PSK-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
||||
|
@ -1916,7 +1921,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
||||
|
@ -1924,7 +1929,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
||||
|
@ -1953,7 +1958,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
||||
|
@ -1961,7 +1966,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
||||
|
@ -1990,7 +1995,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
||||
|
@ -2011,7 +2016,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
|
@ -2019,7 +2024,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
|
@ -2048,7 +2053,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
||||
|
@ -2056,7 +2061,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
||||
|
@ -2085,7 +2090,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
||||
|
@ -2093,7 +2098,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
||||
|
@ -2122,7 +2127,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
|
||||
"TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
|
@ -2130,7 +2135,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
|
||||
#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384))
|
||||
{ MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
|
||||
"TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
|
||||
MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
||||
|
|
|
@ -721,7 +721,7 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen,
|
|||
}
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
static int tls_prf_sha384( const unsigned char *secret, size_t slen,
|
||||
const char *label,
|
||||
const unsigned char *random, size_t rlen,
|
||||
|
@ -730,7 +730,7 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen,
|
|||
return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen,
|
||||
label, random, rlen, dstbuf, dlen ) );
|
||||
}
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||
|
||||
static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t );
|
||||
|
@ -757,7 +757,7 @@ static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned cha
|
|||
static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t );
|
||||
static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char*, size_t * );
|
||||
static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int );
|
||||
|
@ -804,7 +804,7 @@ static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf )
|
|||
else
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
if( tls_prf == tls_prf_sha384 )
|
||||
{
|
||||
return( MBEDTLS_SSL_TLS_PRF_SHA384 );
|
||||
|
@ -845,11 +845,11 @@ int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf,
|
|||
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
case MBEDTLS_SSL_TLS_PRF_SHA384:
|
||||
tls_prf = tls_prf_sha384;
|
||||
break;
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
case MBEDTLS_SSL_TLS_PRF_SHA256:
|
||||
tls_prf = tls_prf_sha256;
|
||||
|
@ -1450,7 +1450,8 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
|
|||
int minor_ver,
|
||||
mbedtls_md_type_t hash )
|
||||
{
|
||||
#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || !defined(MBEDTLS_SHA512_C)
|
||||
#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || \
|
||||
!( defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) )
|
||||
(void) hash;
|
||||
#endif
|
||||
|
||||
|
@ -1473,7 +1474,7 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake,
|
|||
else
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
|
||||
hash == MBEDTLS_MD_SHA384 )
|
||||
{
|
||||
|
@ -1865,7 +1866,7 @@ void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl,
|
||||
unsigned char *hash,
|
||||
size_t *hlen )
|
||||
|
@ -1912,7 +1913,7 @@ void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
return;
|
||||
}
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
|
@ -2936,7 +2937,7 @@ void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
|
|||
else
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
|
||||
ssl->handshake->update_checksum = ssl_update_checksum_sha384;
|
||||
else
|
||||
|
@ -2969,7 +2970,7 @@ void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl )
|
|||
mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 );
|
||||
#endif
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_hash_abort( &ssl->handshake->fin_sha384_psa );
|
||||
psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
|
||||
|
@ -2996,7 +2997,7 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl,
|
|||
mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
|
||||
#endif
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len );
|
||||
#else
|
||||
|
@ -3029,7 +3030,7 @@ static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf, size_t len )
|
||||
{
|
||||
|
@ -3263,7 +3264,7 @@ static void ssl_calc_finished_tls_sha256(
|
|||
}
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
|
||||
typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char*);
|
||||
|
||||
|
@ -3345,7 +3346,7 @@ static void ssl_calc_finished_tls_sha384(
|
|||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
|
||||
}
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||
|
||||
void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl )
|
||||
|
@ -3659,7 +3660,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
|
|||
mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 );
|
||||
#endif
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
handshake->fin_sha384_psa = psa_hash_operation_init();
|
||||
psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
|
||||
|
@ -5990,7 +5991,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
|
|||
mbedtls_sha256_free( &handshake->fin_sha256 );
|
||||
#endif
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
psa_hash_abort( &handshake->fin_sha384_psa );
|
||||
#else
|
||||
|
@ -6432,7 +6433,7 @@ typedef int (*tls_prf_fn)( const unsigned char *secret, size_t slen,
|
|||
unsigned char *dstbuf, size_t dlen );
|
||||
static tls_prf_fn ssl_tls12prf_from_cs( int ciphersuite_id )
|
||||
{
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
|
||||
mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
|
||||
|
||||
|
@ -6847,6 +6848,8 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
|
|||
static int ssl_preset_default_hashes[] = {
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
MBEDTLS_MD_SHA512,
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
MBEDTLS_MD_SHA384,
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
|
@ -7206,9 +7209,11 @@ mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash )
|
|||
case MBEDTLS_SSL_HASH_SHA256:
|
||||
return( MBEDTLS_MD_SHA256 );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
case MBEDTLS_SSL_HASH_SHA384:
|
||||
return( MBEDTLS_MD_SHA384 );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
case MBEDTLS_SSL_HASH_SHA512:
|
||||
return( MBEDTLS_MD_SHA512 );
|
||||
#endif
|
||||
|
@ -7238,9 +7243,11 @@ unsigned char mbedtls_ssl_hash_from_md_alg( int md )
|
|||
case MBEDTLS_MD_SHA256:
|
||||
return( MBEDTLS_SSL_HASH_SHA256 );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
case MBEDTLS_MD_SHA384:
|
||||
return( MBEDTLS_SSL_HASH_SHA384 );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
case MBEDTLS_MD_SHA512:
|
||||
return( MBEDTLS_SSL_HASH_SHA512 );
|
||||
#endif
|
||||
|
@ -7400,7 +7407,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md )
|
|||
break;
|
||||
#endif
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
||||
case MBEDTLS_SSL_HASH_SHA384:
|
||||
ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;
|
||||
break;
|
||||
|
|
Loading…
Reference in a new issue