yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-09 13:55:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Added support for the SSL_EDH_RSA_AES_128_SHA and SSL_EDH_RSA_CAMELLIA_128_SHA ciphersuites

Browse source
This commit is contained in:
Paul Bakker 2010-06-15 21:32:46 +00:00
parent 699fbbcf29
commit 77a43580da
6 changed files with 37 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog
View file

@ -1,5 +1,10 @@
PolarSSL ChangeLog PolarSSL ChangeLog
= Version 0.14.0 released on 2010-XXXXX
Features
* Added support for SSL_EDH_RSA_AES_128_SHA and
SSL_EDH_RSA_CAMELLIA_128_SHA ciphersuites
= Version 0.13.1 released on 2010-03-24 = Version 0.13.1 released on 2010-03-24
Bug fixes Bug fixes
* Fixed Makefile in library that was mistakenly merged * Fixed Makefile in library that was mistakenly merged

2
include/polarssl/ssl.h
View file

@ -93,10 +93,12 @@
#define SSL_RSA_DES_168_SHA 10 #define SSL_RSA_DES_168_SHA 10
#define SSL_EDH_RSA_DES_168_SHA 22 #define SSL_EDH_RSA_DES_168_SHA 22
#define SSL_RSA_AES_128_SHA 47 #define SSL_RSA_AES_128_SHA 47
#define SSL_EDH_RSA_AES_128_SHA 51
#define SSL_RSA_AES_256_SHA 53 #define SSL_RSA_AES_256_SHA 53
#define SSL_EDH_RSA_AES_256_SHA 57 #define SSL_EDH_RSA_AES_256_SHA 57
#define SSL_RSA_CAMELLIA_128_SHA 0x41 #define SSL_RSA_CAMELLIA_128_SHA 0x41
#define SSL_EDH_RSA_CAMELLIA_128_SHA 0x45
#define SSL_RSA_CAMELLIA_256_SHA 0x84 #define SSL_RSA_CAMELLIA_256_SHA 0x84
#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88 #define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88

8
library/ssl_cli.c
View file

@ -323,8 +323,10 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
if( ssl->session->cipher != SSL_EDH_RSA_DES_168_SHA && if( ssl->session->cipher != SSL_EDH_RSA_DES_168_SHA &&
ssl->session->cipher != SSL_EDH_RSA_AES_128_SHA &&
ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA && ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA &&
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA) ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_128_SHA &&
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA)
{ {
SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
ssl->state++; ssl->state++;
@ -514,8 +516,10 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
if( ssl->session->cipher == SSL_EDH_RSA_DES_168_SHA || if( ssl->session->cipher == SSL_EDH_RSA_DES_168_SHA ||
ssl->session->cipher == SSL_EDH_RSA_AES_128_SHA ||
ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA || ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA ||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA) ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_128_SHA ||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
{ {
#if !defined(POLARSSL_DHM_C) #if !defined(POLARSSL_DHM_C)
SSL_DEBUG_MSG( 1, ( "support for dhm in not available" ) ); SSL_DEBUG_MSG( 1, ( "support for dhm in not available" ) );

8
library/ssl_srv.c
View file

@ -525,8 +525,10 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) );
if( ssl->session->cipher != SSL_EDH_RSA_DES_168_SHA && if( ssl->session->cipher != SSL_EDH_RSA_DES_168_SHA &&
ssl->session->cipher != SSL_EDH_RSA_AES_128_SHA &&
ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA && ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA &&
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA) ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_128_SHA &&
ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA)
{ {
SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
ssl->state++; ssl->state++;
@ -663,8 +665,10 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
} }
if( ssl->session->cipher == SSL_EDH_RSA_DES_168_SHA || if( ssl->session->cipher == SSL_EDH_RSA_DES_168_SHA ||
ssl->session->cipher == SSL_EDH_RSA_AES_128_SHA ||
ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA || ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA ||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA) ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_128_SHA ||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
{ {
#if !defined(POLARSSL_DHM_C) #if !defined(POLARSSL_DHM_C)
SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) ); SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) );

16
library/ssl_tls.c
View file

@ -244,6 +244,7 @@ int ssl_derive_keys( ssl_context *ssl )
#if defined(POLARSSL_AES_C) #if defined(POLARSSL_AES_C)
case SSL_RSA_AES_128_SHA: case SSL_RSA_AES_128_SHA:
case SSL_EDH_RSA_AES_128_SHA:
ssl->keylen = 16; ssl->minlen = 32; ssl->keylen = 16; ssl->minlen = 32;
ssl->ivlen = 16; ssl->maclen = 20; ssl->ivlen = 16; ssl->maclen = 20;
break; break;
@ -257,6 +258,7 @@ int ssl_derive_keys( ssl_context *ssl )
#if defined(POLARSSL_CAMELLIA_C) #if defined(POLARSSL_CAMELLIA_C)
case SSL_RSA_CAMELLIA_128_SHA: case SSL_RSA_CAMELLIA_128_SHA:
case SSL_EDH_RSA_CAMELLIA_128_SHA:
ssl->keylen = 16; ssl->minlen = 32; ssl->keylen = 16; ssl->minlen = 32;
ssl->ivlen = 16; ssl->maclen = 20; ssl->ivlen = 16; ssl->maclen = 20;
break; break;
@ -325,6 +327,7 @@ int ssl_derive_keys( ssl_context *ssl )
#if defined(POLARSSL_AES_C) #if defined(POLARSSL_AES_C)
case SSL_RSA_AES_128_SHA: case SSL_RSA_AES_128_SHA:
case SSL_EDH_RSA_AES_128_SHA:
aes_setkey_enc( (aes_context *) ssl->ctx_enc, key1, 128 ); aes_setkey_enc( (aes_context *) ssl->ctx_enc, key1, 128 );
aes_setkey_dec( (aes_context *) ssl->ctx_dec, key2, 128 ); aes_setkey_dec( (aes_context *) ssl->ctx_dec, key2, 128 );
break; break;
@ -338,6 +341,7 @@ int ssl_derive_keys( ssl_context *ssl )
#if defined(POLARSSL_CAMELLIA_C) #if defined(POLARSSL_CAMELLIA_C)
case SSL_RSA_CAMELLIA_128_SHA: case SSL_RSA_CAMELLIA_128_SHA:
case SSL_EDH_RSA_CAMELLIA_128_SHA:
camellia_setkey_enc( (camellia_context *) ssl->ctx_enc, key1, 128 ); camellia_setkey_enc( (camellia_context *) ssl->ctx_enc, key1, 128 );
camellia_setkey_dec( (camellia_context *) ssl->ctx_dec, key2, 128 ); camellia_setkey_dec( (camellia_context *) ssl->ctx_dec, key2, 128 );
break; break;
@ -566,6 +570,7 @@ static int ssl_encrypt_buf( ssl_context *ssl )
case 16: case 16:
#if defined(POLARSSL_AES_C) #if defined(POLARSSL_AES_C)
if ( ssl->session->cipher == SSL_RSA_AES_128_SHA || if ( ssl->session->cipher == SSL_RSA_AES_128_SHA ||
ssl->session->cipher == SSL_EDH_RSA_AES_128_SHA ||
ssl->session->cipher == SSL_RSA_AES_256_SHA || ssl->session->cipher == SSL_RSA_AES_256_SHA ||
ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA) ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA)
{ {
@ -578,6 +583,7 @@ static int ssl_encrypt_buf( ssl_context *ssl )
#if defined(POLARSSL_CAMELLIA_C) #if defined(POLARSSL_CAMELLIA_C)
if ( ssl->session->cipher == SSL_RSA_CAMELLIA_128_SHA || if ( ssl->session->cipher == SSL_RSA_CAMELLIA_128_SHA ||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_128_SHA ||
ssl->session->cipher == SSL_RSA_CAMELLIA_256_SHA || ssl->session->cipher == SSL_RSA_CAMELLIA_256_SHA ||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA) ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
{ {
@ -648,6 +654,7 @@ static int ssl_decrypt_buf( ssl_context *ssl )
case 16: case 16:
#if defined(POLARSSL_AES_C) #if defined(POLARSSL_AES_C)
if ( ssl->session->cipher == SSL_RSA_AES_128_SHA || if ( ssl->session->cipher == SSL_RSA_AES_128_SHA ||
ssl->session->cipher == SSL_EDH_RSA_AES_128_SHA ||
ssl->session->cipher == SSL_RSA_AES_256_SHA || ssl->session->cipher == SSL_RSA_AES_256_SHA ||
ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA) ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA)
{ {
@ -660,6 +667,7 @@ static int ssl_decrypt_buf( ssl_context *ssl )
#if defined(POLARSSL_CAMELLIA_C) #if defined(POLARSSL_CAMELLIA_C)
if ( ssl->session->cipher == SSL_RSA_CAMELLIA_128_SHA || if ( ssl->session->cipher == SSL_RSA_CAMELLIA_128_SHA ||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_128_SHA ||
ssl->session->cipher == SSL_RSA_CAMELLIA_256_SHA || ssl->session->cipher == SSL_RSA_CAMELLIA_256_SHA ||
ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA) ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
{ {
@ -1789,6 +1797,9 @@ const char *ssl_get_cipher( const ssl_context *ssl )
case SSL_RSA_AES_128_SHA: case SSL_RSA_AES_128_SHA:
return( "SSL_RSA_AES_128_SHA" ); return( "SSL_RSA_AES_128_SHA" );
case SSL_EDH_RSA_AES_128_SHA:
return( "SSL_EDH_RSA_AES_128_SHA" );
case SSL_RSA_AES_256_SHA: case SSL_RSA_AES_256_SHA:
return( "SSL_RSA_AES_256_SHA" ); return( "SSL_RSA_AES_256_SHA" );
@ -1800,6 +1811,9 @@ const char *ssl_get_cipher( const ssl_context *ssl )
case SSL_RSA_CAMELLIA_128_SHA: case SSL_RSA_CAMELLIA_128_SHA:
return( "SSL_RSA_CAMELLIA_128_SHA" ); return( "SSL_RSA_CAMELLIA_128_SHA" );
case SSL_EDH_RSA_CAMELLIA_128_SHA:
return( "SSL_EDH_RSA_CAMELLIA_128_SHA" );
case SSL_RSA_CAMELLIA_256_SHA: case SSL_RSA_CAMELLIA_256_SHA:
return( "SSL_RSA_CAMELLIA_256_SHA" ); return( "SSL_RSA_CAMELLIA_256_SHA" );
@ -1818,9 +1832,11 @@ int ssl_default_ciphers[] =
{ {
#if defined(POLARSSL_DHM_C) #if defined(POLARSSL_DHM_C)
#if defined(POLARSSL_AES_C) #if defined(POLARSSL_AES_C)
SSL_EDH_RSA_AES_128_SHA,
SSL_EDH_RSA_AES_256_SHA, SSL_EDH_RSA_AES_256_SHA,
#endif #endif
#if defined(POLARSSL_CAMELLIA_C) #if defined(POLARSSL_CAMELLIA_C)
SSL_EDH_RSA_CAMELLIA_128_SHA,
SSL_EDH_RSA_CAMELLIA_256_SHA, SSL_EDH_RSA_CAMELLIA_256_SHA,
#endif #endif
#if defined(POLARSSL_DES_C) #if defined(POLARSSL_DES_C)

2
programs/ssl/ssl_server.c
View file

@ -65,6 +65,8 @@ int my_ciphers[] =
{ {
SSL_EDH_RSA_AES_256_SHA, SSL_EDH_RSA_AES_256_SHA,
SSL_EDH_RSA_CAMELLIA_256_SHA, SSL_EDH_RSA_CAMELLIA_256_SHA,
SSL_EDH_RSA_AES_128_SHA,
SSL_EDH_RSA_CAMELLIA_128_SHA,
SSL_EDH_RSA_DES_168_SHA, SSL_EDH_RSA_DES_168_SHA,
SSL_RSA_AES_256_SHA, SSL_RSA_AES_256_SHA,
SSL_RSA_CAMELLIA_256_SHA, SSL_RSA_CAMELLIA_256_SHA,