feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

use internal enum for cipher requires, move external enums back to starting at zero

Browse Source
This commit is contained in:
toddouska
2012-07-11 17:00:16 -07:00
parent 638c095737
commit 1f0a32a7e3
2 changed files with 61 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cyassl/internal.h
View File

@@ -779,7 +779,7 @@ typedef struct CipherSpecs {
/* Supported Ciphers from page 43 */ /* Supported Ciphers from page 43 */
enum BulkCipherAlgorithm { enum BulkCipherAlgorithm {
cipher_null = 0, cipher_null,
rc4, rc4,
rc2, rc2,
des, des,
@@ -794,7 +794,7 @@ enum BulkCipherAlgorithm {
/* Supported Message Authentication Codes from page 43 */ /* Supported Message Authentication Codes from page 43 */
enum MACAlgorithm { enum MACAlgorithm {
no_mac = 10, no_mac,
md5_mac, md5_mac,
sha_mac, sha_mac,
sha224_mac, sha224_mac,
@@ -807,7 +807,7 @@ enum MACAlgorithm {
/* Supported Key Exchange Protocols */ /* Supported Key Exchange Protocols */
enum KeyExchangeAlgorithm { enum KeyExchangeAlgorithm {
no_kea = 20, no_kea,
rsa_kea, rsa_kea,
diffie_hellman_kea, diffie_hellman_kea,
fortezza_kea, fortezza_kea,
@@ -820,7 +820,7 @@ enum KeyExchangeAlgorithm {
/* Supported Authentication Schemes */ /* Supported Authentication Schemes */
enum SignatureAlgorithm { enum SignatureAlgorithm {
anonymous_sa_algo = 30, anonymous_sa_algo,
rsa_sa_algo, rsa_sa_algo,
dsa_sa_algo, dsa_sa_algo,
ecc_dsa_sa_algo ecc_dsa_sa_algo

103
src/internal.c
View File

@@ -5454,6 +5454,17 @@ int SetCipherList(Suites* s, const char* list)
} }
/* cipher requirements */
enum {
REQUIRES_RSA,
REQUIRES_DHE,
REQUIRES_ECC_DSA,
REQUIRES_ECC_STATIC,
REQUIRES_PSK,
REQUIRES_NTRU
};
/* Does this cipher suite (first, second) have the requirement /* Does this cipher suite (first, second) have the requirement
an ephemeral key exchange will still require the key for signing an ephemeral key exchange will still require the key for signing
@@ -5466,82 +5477,82 @@ int SetCipherList(Suites* s, const char* list)
switch (second) { switch (second) {
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA : case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
if (requirement == ecc_static_diffie_hellman_kea) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA : case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == ecc_static_diffie_hellman_kea) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
case TLS_ECDHE_RSA_WITH_RC4_128_SHA : case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_ECDH_RSA_WITH_RC4_128_SHA : case TLS_ECDH_RSA_WITH_RC4_128_SHA :
if (requirement == ecc_static_diffie_hellman_kea) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == ecc_dsa_sa_algo) if (requirement == REQUIRES_ECC_DSA)
return 1; return 1;
break; break;
case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == ecc_static_diffie_hellman_kea) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
if (requirement == ecc_dsa_sa_algo) if (requirement == REQUIRES_ECC_DSA)
return 1; return 1;
break; break;
case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
if (requirement == ecc_static_diffie_hellman_kea) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
if (requirement == ecc_static_diffie_hellman_kea) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
if (requirement == ecc_dsa_sa_algo) if (requirement == REQUIRES_ECC_DSA)
return 1; return 1;
break; break;
case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
if (requirement == ecc_static_diffie_hellman_kea) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
if (requirement == ecc_dsa_sa_algo) if (requirement == REQUIRES_ECC_DSA)
return 1; return 1;
break; break;
case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
if (requirement == ecc_static_diffie_hellman_kea) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
@@ -5554,110 +5565,110 @@ int SetCipherList(Suites* s, const char* list)
switch (second) { switch (second) {
case SSL_RSA_WITH_RC4_128_SHA : case SSL_RSA_WITH_RC4_128_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_NTRU_RSA_WITH_RC4_128_SHA : case TLS_NTRU_RSA_WITH_RC4_128_SHA :
if (requirement == ntru_kea) if (requirement == REQUIRES_NTRU)
return 1; return 1;
break; break;
case SSL_RSA_WITH_RC4_128_MD5 : case SSL_RSA_WITH_RC4_128_MD5 :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case SSL_RSA_WITH_3DES_EDE_CBC_SHA : case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == ntru_kea) if (requirement == REQUIRES_NTRU)
return 1; return 1;
break; break;
case TLS_RSA_WITH_AES_128_CBC_SHA : case TLS_RSA_WITH_AES_128_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_RSA_WITH_AES_128_CBC_SHA256 : case TLS_RSA_WITH_AES_128_CBC_SHA256 :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
if (requirement == ntru_kea) if (requirement == REQUIRES_NTRU)
return 1; return 1;
break; break;
case TLS_RSA_WITH_AES_256_CBC_SHA : case TLS_RSA_WITH_AES_256_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_RSA_WITH_AES_256_CBC_SHA256 : case TLS_RSA_WITH_AES_256_CBC_SHA256 :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
if (requirement == ntru_kea) if (requirement == REQUIRES_NTRU)
return 1; return 1;
break; break;
case TLS_PSK_WITH_AES_128_CBC_SHA : case TLS_PSK_WITH_AES_128_CBC_SHA :
if (requirement == psk_kea) if (requirement == REQUIRES_PSK)
return 1; return 1;
break; break;
case TLS_PSK_WITH_AES_256_CBC_SHA : case TLS_PSK_WITH_AES_256_CBC_SHA :
if (requirement == psk_kea) if (requirement == REQUIRES_PSK)
return 1; return 1;
break; break;
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
if (requirement == diffie_hellman_kea) if (requirement == REQUIRES_DHE)
return 1; return 1;
break; break;
case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 : case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
if (requirement == diffie_hellman_kea) if (requirement == REQUIRES_DHE)
return 1; return 1;
break; break;
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA : case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
if (requirement == diffie_hellman_kea) if (requirement == REQUIRES_DHE)
return 1; return 1;
break; break;
case TLS_DHE_RSA_WITH_AES_256_CBC_SHA : case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
if (requirement == diffie_hellman_kea) if (requirement == REQUIRES_DHE)
return 1; return 1;
break; break;
case TLS_RSA_WITH_HC_128_CBC_MD5 : case TLS_RSA_WITH_HC_128_CBC_MD5 :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_RSA_WITH_HC_128_CBC_SHA : case TLS_RSA_WITH_HC_128_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
case TLS_RSA_WITH_RABBIT_CBC_SHA : case TLS_RSA_WITH_RABBIT_CBC_SHA :
if (requirement == rsa_kea) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
@@ -5691,7 +5702,7 @@ int SetCipherList(Suites* s, const char* list)
if (ssl->options.haveNTRU) if (ssl->options.haveNTRU)
haveRSA = 0; haveRSA = 0;
if (CipherRequires(first, second, rsa_kea)) { if (CipherRequires(first, second, REQUIRES_RSA)) {
CYASSL_MSG("Requires RSA"); CYASSL_MSG("Requires RSA");
if (haveRSA == 0) { if (haveRSA == 0) {
CYASSL_MSG("Don't have RSA"); CYASSL_MSG("Don't have RSA");
@@ -5700,7 +5711,7 @@ int SetCipherList(Suites* s, const char* list)
return 1; return 1;
} }
if (CipherRequires(first, second, diffie_hellman_kea)) { if (CipherRequires(first, second, REQUIRES_DHE)) {
CYASSL_MSG("Requires DHE"); CYASSL_MSG("Requires DHE");
if (ssl->options.haveDH == 0) { if (ssl->options.haveDH == 0) {
CYASSL_MSG("Don't have DHE"); CYASSL_MSG("Don't have DHE");
@@ -5709,7 +5720,7 @@ int SetCipherList(Suites* s, const char* list)
return 1; return 1;
} }
if (CipherRequires(first, second, ecc_dsa_sa_algo)) { if (CipherRequires(first, second, REQUIRES_ECC_DSA)) {
CYASSL_MSG("Requires ECCDSA"); CYASSL_MSG("Requires ECCDSA");
if (ssl->options.haveECDSA == 0) { if (ssl->options.haveECDSA == 0) {
CYASSL_MSG("Don't have ECCDSA"); CYASSL_MSG("Don't have ECCDSA");
@@ -5718,7 +5729,7 @@ int SetCipherList(Suites* s, const char* list)
return 1; return 1;
} }
if (CipherRequires(first, second, ecc_static_diffie_hellman_kea)) { if (CipherRequires(first, second, REQUIRES_ECC_STATIC)) {
CYASSL_MSG("Requires static ECC"); CYASSL_MSG("Requires static ECC");
if (ssl->options.haveStaticECC == 0) { if (ssl->options.haveStaticECC == 0) {
CYASSL_MSG("Don't have static ECC"); CYASSL_MSG("Don't have static ECC");
@@ -5727,7 +5738,7 @@ int SetCipherList(Suites* s, const char* list)
return 1; return 1;
} }
if (CipherRequires(first, second, psk_kea)) { if (CipherRequires(first, second, REQUIRES_PSK)) {
CYASSL_MSG("Requires PSK"); CYASSL_MSG("Requires PSK");
if (havePSK == 0) { if (havePSK == 0) {
CYASSL_MSG("Don't have PSK"); CYASSL_MSG("Don't have PSK");
@@ -5736,7 +5747,7 @@ int SetCipherList(Suites* s, const char* list)
return 1; return 1;
} }
if (CipherRequires(first, second, ntru_kea)) { if (CipherRequires(first, second, REQUIRES_NTRU)) {
CYASSL_MSG("Requires NTRU"); CYASSL_MSG("Requires NTRU");
if (ssl->options.haveNTRU == 0) { if (ssl->options.haveNTRU == 0) {
CYASSL_MSG("Don't have NTRU"); CYASSL_MSG("Don't have NTRU");