feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add some macro guards for CipherRequires function

Browse Source
This commit is contained in:
Jacob Barthelmeh
2018-07-17 09:04:06 -06:00
parent f0422bec41
commit 7e5bf9b8a9
1 changed files with 52 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
src/internal.c
View File

@@ -7130,10 +7130,10 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
#ifndef WOLFSSL_NO_TLS12 #ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_CHACHA
if (first == CHACHA_BYTE) { if (first == CHACHA_BYTE) {
switch (second) { switch (second) {
case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 : case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
@@ -7187,12 +7187,13 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
break; break;
} }
} }
#endif /* HAVE_CHACHA */
/* ECC extensions */ /* ECC extensions */
if (first == ECC_BYTE) { if (first == ECC_BYTE) {
switch (second) { switch (second) {
#ifdef HAVE_ECC
#ifndef NO_RSA #ifndef NO_RSA
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
@@ -7218,7 +7219,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_RSA_SIG) if (requirement == REQUIRES_RSA_SIG)
return 1; return 1;
break; break;
#endif #endif /* !NO_DES3 */
#ifndef NO_RC4 #ifndef NO_RC4
case TLS_ECDHE_RSA_WITH_RC4_128_SHA : case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
@@ -7232,7 +7233,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_RSA_SIG) if (requirement == REQUIRES_RSA_SIG)
return 1; return 1;
break; break;
#endif #endif /* !NO_RC4 */
#endif /* NO_RSA */ #endif /* NO_RSA */
#ifndef NO_DES3 #ifndef NO_DES3
@@ -7245,7 +7246,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_ECC_STATIC) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
#endif #endif /* !NO_DES3 */
#ifndef NO_RC4 #ifndef NO_RC4
case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
if (requirement == REQUIRES_ECC) if (requirement == REQUIRES_ECC)
@@ -7256,7 +7257,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_ECC_STATIC) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
#endif #endif /* !NO_RC4 */
#ifndef NO_RSA #ifndef NO_RSA
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
@@ -7269,7 +7270,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_RSA_SIG) if (requirement == REQUIRES_RSA_SIG)
return 1; return 1;
break; break;
#endif #endif /* !NO_RSA */
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
if (requirement == REQUIRES_ECC) if (requirement == REQUIRES_ECC)
@@ -7310,8 +7311,10 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_ECC_STATIC) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
#endif /* HAVE_ECC */
#ifndef NO_RSA #ifndef NO_RSA
#ifdef HAVE_ECC
case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
@@ -7335,7 +7338,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_RSA_SIG) if (requirement == REQUIRES_RSA_SIG)
return 1; return 1;
break; break;
#endif /* HAVE_ECC */
#ifdef HAVE_AESCCM
case TLS_RSA_WITH_AES_128_CCM_8 : case TLS_RSA_WITH_AES_128_CCM_8 :
case TLS_RSA_WITH_AES_256_CCM_8 : case TLS_RSA_WITH_AES_256_CCM_8 :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
@@ -7343,6 +7347,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_RSA_SIG) if (requirement == REQUIRES_RSA_SIG)
return 1; return 1;
break; break;
#endif /* HAVE_AESCCM */
#ifdef HAVE_ECC
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
@@ -7357,8 +7363,10 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_ECC_STATIC) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
#endif #endif /* HAVE_ECC */
#endif /* !NO_RSA */
#ifdef HAVE_ECC
case TLS_ECDHE_ECDSA_WITH_AES_128_CCM : case TLS_ECDHE_ECDSA_WITH_AES_128_CCM :
case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
@@ -7379,7 +7387,9 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_ECC_STATIC) if (requirement == REQUIRES_ECC_STATIC)
return 1; return 1;
break; break;
#endif /* HAVE_ECC */
#ifndef NO_PSK
case TLS_PSK_WITH_AES_128_CCM: case TLS_PSK_WITH_AES_128_CCM:
case TLS_PSK_WITH_AES_256_CCM: case TLS_PSK_WITH_AES_256_CCM:
case TLS_PSK_WITH_AES_128_CCM_8: case TLS_PSK_WITH_AES_128_CCM_8:
@@ -7395,7 +7405,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_DHE) if (requirement == REQUIRES_DHE)
return 1; return 1;
break; break;
#endif /* !NO_PSK */
#ifdef HAVE_ECC
case TLS_ECDHE_ECDSA_WITH_NULL_SHA : case TLS_ECDHE_ECDSA_WITH_NULL_SHA :
if (requirement == REQUIRES_ECC) if (requirement == REQUIRES_ECC)
return 1; return 1;
@@ -7410,7 +7421,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_PSK) if (requirement == REQUIRES_PSK)
return 1; return 1;
break; break;
#endif /* HAVE_ECC */
default: default:
WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC"); WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC");
return 0; return 0;
@@ -7446,6 +7457,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
switch (second) { switch (second) {
#ifndef NO_RSA #ifndef NO_RSA
#ifndef NO_RC4
case SSL_RSA_WITH_RC4_128_SHA : case SSL_RSA_WITH_RC4_128_SHA :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
@@ -7455,16 +7467,19 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
#endif /* NO_RC4 */
case SSL_RSA_WITH_3DES_EDE_CBC_SHA : case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
#ifdef HAVE_NTRU
case TLS_NTRU_RSA_WITH_RC4_128_SHA : case TLS_NTRU_RSA_WITH_RC4_128_SHA :
if (requirement == REQUIRES_NTRU) if (requirement == REQUIRES_NTRU)
return 1; return 1;
break; break;
#endif /* HAVE_NTRU */
case TLS_RSA_WITH_AES_128_CBC_SHA : case TLS_RSA_WITH_AES_128_CBC_SHA :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
@@ -7476,20 +7491,24 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
return 1; return 1;
break; break;
#ifdef HAVE_NTRU
case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
if (requirement == REQUIRES_NTRU) if (requirement == REQUIRES_NTRU)
return 1; return 1;
break; break;
#endif /* HAVE_NTRU */
case TLS_RSA_WITH_AES_256_CBC_SHA : case TLS_RSA_WITH_AES_256_CBC_SHA :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
#ifdef HAVE_NTRU
case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
if (requirement == REQUIRES_NTRU) if (requirement == REQUIRES_NTRU)
return 1; return 1;
break; break;
#endif /* HAVE_NTRU */
case TLS_RSA_WITH_AES_256_CBC_SHA256 : case TLS_RSA_WITH_AES_256_CBC_SHA256 :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
@@ -7502,17 +7521,22 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
return 1; return 1;
break; break;
#ifdef HAVE_NTRU
case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
if (requirement == REQUIRES_NTRU) if (requirement == REQUIRES_NTRU)
return 1; return 1;
break; break;
#endif /* HAVE_NTRU */
#ifdef HAVE_IDEA
case SSL_RSA_WITH_IDEA_CBC_SHA : case SSL_RSA_WITH_IDEA_CBC_SHA :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
#endif #endif /* HAVE_IDEA */
#endif /* !NO_RSA */
#ifndef NO_PSK
case TLS_PSK_WITH_AES_128_GCM_SHA256 : case TLS_PSK_WITH_AES_128_GCM_SHA256 :
case TLS_PSK_WITH_AES_256_GCM_SHA384 : case TLS_PSK_WITH_AES_256_GCM_SHA384 :
case TLS_PSK_WITH_AES_128_CBC_SHA256 : case TLS_PSK_WITH_AES_128_CBC_SHA256 :
@@ -7537,6 +7561,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_PSK) if (requirement == REQUIRES_PSK)
return 1; return 1;
break; break;
#endif /* NO_PSK */
#ifndef NO_RSA #ifndef NO_RSA
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
@@ -7567,6 +7592,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
return 1; return 1;
break; break;
#ifndef NO_HC128
case TLS_RSA_WITH_HC_128_MD5 : case TLS_RSA_WITH_HC_128_MD5 :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
@@ -7581,17 +7607,22 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
#endif /* NO_HC128 */
#ifdef HAVE_BLAKE2
case TLS_RSA_WITH_AES_128_CBC_B2B256: case TLS_RSA_WITH_AES_128_CBC_B2B256:
case TLS_RSA_WITH_AES_256_CBC_B2B256: case TLS_RSA_WITH_AES_256_CBC_B2B256:
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
#endif /* HAVE_BLAKE2 */
#ifndef NO_RABBIT
case TLS_RSA_WITH_RABBIT_SHA : case TLS_RSA_WITH_RABBIT_SHA :
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)
return 1; return 1;
break; break;
#endif /* !NO_RABBIT */
case TLS_RSA_WITH_AES_128_GCM_SHA256 : case TLS_RSA_WITH_AES_128_GCM_SHA256 :
case TLS_RSA_WITH_AES_256_GCM_SHA384 : case TLS_RSA_WITH_AES_256_GCM_SHA384 :
@@ -7607,6 +7638,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
return 1; return 1;
break; break;
#ifdef HAVE_CAMELLIA
case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
@@ -7626,6 +7658,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_DHE) if (requirement == REQUIRES_DHE)
return 1; return 1;
break; break;
#endif /* HAVE_CAMELLIA */
case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
if (requirement == REQUIRES_RSA) if (requirement == REQUIRES_RSA)