diff --git a/cyassl/internal.h b/cyassl/internal.h index 45eba0a69..ac3a9c9bc 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -34,6 +34,7 @@ #include #include #include +#include #include #ifndef NO_RC4 #include @@ -168,6 +169,25 @@ void c32to24(word32 in, word24 out); #endif #endif +#if defined(HAVE_CAMELLIA) && !defined(NO_TLS) + #ifndef NO_RSA + #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + #ifndef NO_SHA256 + #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + #endif + #if !defined(NO_DH) && defined(OPENSSL_EXTRA) + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + #ifndef NO_SHA256 + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + #endif + #endif + #endif +#endif + #if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS) #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA @@ -368,7 +388,17 @@ enum { * there will be second byte number conflicts * with non-ECC AES-GCM */ TLS_RSA_WITH_AES_128_CCM_8_SHA256 = 0xa0, - TLS_RSA_WITH_AES_256_CCM_8_SHA384 = 0xa1 + TLS_RSA_WITH_AES_256_CCM_8_SHA384 = 0xa1, + + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x41, + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x84, + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xba, + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc0, + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45, + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88, + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe, + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4 + }; @@ -487,6 +517,11 @@ enum Misc { AEAD_EXP_IV_SZ = 8, /* Size of the explicit IV */ AEAD_NONCE_SZ = AEAD_EXP_IV_SZ + AEAD_IMP_IV_SZ, + CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */ + CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */ + CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */ + CAMELLIA_IV_SIZE = 16, /* always block size */ + HC_128_KEY_SIZE = 16, /* 128 bits */ HC_128_IV_SIZE = 16, /* also 128 bits */ @@ -981,6 +1016,7 @@ enum BulkCipherAlgorithm { aes, aes_gcm, aes_ccm, + camellia, hc128, /* CyaSSL extensions */ rabbit }; @@ -1100,6 +1136,9 @@ typedef struct Ciphers { #ifdef BUILD_AES Aes* aes; #endif +#ifdef HAVE_CAMELLIA + Camellia* cam; +#endif #ifdef HAVE_HC128 HC128* hc128; #endif diff --git a/examples/client/client.c b/examples/client/client.c index a6cb574c6..541dfdf06 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -272,7 +272,7 @@ void client_test(void* args) if (cipherList) if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) - err_sys("can't set cipher list"); + err_sys("client can't set cipher list 1"); #ifdef CYASSL_LEANPSK usePsk = 1; @@ -289,7 +289,7 @@ void client_test(void* args) defaultCipherList = "PSK-AES256-CBC-SHA"; #endif if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) - err_sys("can't set cipher list"); + err_sys("client can't set cipher list 2"); } #endif } @@ -302,7 +302,7 @@ void client_test(void* args) if (cipherList == NULL) { /* don't use EDH, can't sniff tmp keys */ if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) { - err_sys("can't set cipher list"); + err_sys("client can't set cipher list 3"); } } #endif diff --git a/examples/server/server.c b/examples/server/server.c index a69a3175b..662e66f8c 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -240,7 +240,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) if (cipherList) if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) - err_sys("can't set cipher list"); + err_sys("server can't set cipher list 1"); #ifdef CYASSL_LEANPSK usePsk = 1; @@ -285,7 +285,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) defaultCipherList = "PSK-AES256-CBC-SHA"; #endif if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) - err_sys("can't set cipher list"); + err_sys("server can't set cipher list 2"); } #endif } @@ -308,7 +308,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) /* don't use EDH, can't sniff tmp keys */ if (cipherList == NULL) { if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) - err_sys("can't set cipher list"); + err_sys("server can't set cipher list 3"); } #endif diff --git a/src/internal.c b/src/internal.c index ac0f387bf..310d76077 100644 --- a/src/internal.c +++ b/src/internal.c @@ -471,6 +471,10 @@ void InitCiphers(CYASSL* ssl) ssl->encrypt.aes = NULL; ssl->decrypt.aes = NULL; #endif +#ifdef HAVE_CAMELLIA + ssl->encrypt.cam = NULL; + ssl->decrypt.cam = NULL; +#endif #ifdef HAVE_HC128 ssl->encrypt.hc128 = NULL; ssl->decrypt.hc128 = NULL; @@ -500,6 +504,10 @@ void FreeCiphers(CYASSL* ssl) XFREE(ssl->encrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER); XFREE(ssl->decrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER); #endif +#ifdef BUILD_CAMELLIA + XFREE(ssl->encrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER); + XFREE(ssl->decrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER); +#endif #ifdef HAVE_HC128 XFREE(ssl->encrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER); XFREE(ssl->decrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER); @@ -949,6 +957,62 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, } #endif +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA; + } +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + if (tls && haveDH && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA; + } +#endif + +#ifdef BUILD_TLS_DHE_WITH_RSA_CAMELLIA_256_CBC_SHA + if (tls && haveDH && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + if (tls && haveDH && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + if (tls && haveDH && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256; + } +#endif + suites->suiteSz = idx; } @@ -3080,6 +3144,12 @@ static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz) break; #endif + #ifdef HAVE_CAMELLIA + case camellia: + CamelliaCbcEncrypt(ssl->encrypt.cam, out, input, sz); + break; + #endif + #ifdef HAVE_HC128 case hc128: #ifdef XSTREAM_ALIGNMENT @@ -3234,6 +3304,12 @@ static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, } #endif + #ifdef HAVE_CAMELLIA + case camellia: + CamelliaCbcDecrypt(ssl->decrypt.cam, plain, input, sz); + break; + #endif + #ifdef HAVE_HC128 case hc128: Hc128_Process(ssl->decrypt.hc128, plain, input, sz); @@ -5316,7 +5392,39 @@ const char* const cipher_names[] = #endif #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - "ECDH-ECDSA-AES256-GCM-SHA384" + "ECDH-ECDSA-AES256-GCM-SHA384", +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + "RSA-CAMELLIA128-CBC-SHA", +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + "DHE-RSA-CAMELLIA128-CBC-SHA", +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + "RSA-CAMELLIA256-CBC-SHA", +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + "DHE-RSA-CAMELLIA256-CBC-SHA", +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + "RSA-CAMELLIA128-CBC-SHA256", +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + "DHE-RSA-CAMELLIA128-CBC-SHA256", +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + "RSA-CAMELLIA256-CBC-SHA256", +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + "DHE-RSA-CAMELLIA256-CBC-SHA256" #endif }; @@ -5544,7 +5652,39 @@ int cipher_name_idx[] = #endif #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 #endif }; @@ -7567,6 +7707,26 @@ int SetCipherList(Suites* s, const char* list) return 1; break; + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + break; + + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + if (requirement == REQUIRES_DHE) + return 1; + break; + default: CYASSL_MSG("Unsupported cipher suite, CipherRequires"); return 0; diff --git a/src/keys.c b/src/keys.c index 2ab48a93c..7d0d2d680 100644 --- a/src/keys.c +++ b/src/keys.c @@ -970,6 +970,138 @@ int SetCipherSpecs(CYASSL* ssl) break; #endif +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + default: CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs"); return UNSUPPORTED_SUITE; @@ -1227,6 +1359,33 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, } #endif +#ifdef HAVE_CAMELLIA + if (specs->bulk_cipher_algorithm == camellia) { + enc->cam = (Camellia*)XMALLOC(sizeof(Camellia), + heap, DYNAMIC_TYPE_CIPHER); + if (enc->cam == NULL) + return MEMORY_E; + dec->cam = (Camellia*)XMALLOC(sizeof(Camellia), + heap, DYNAMIC_TYPE_CIPHER); + if (dec->cam == NULL) + return MEMORY_E; + if (side == CLIENT_END) { + CamelliaSetKey(enc->cam, keys->client_write_key, + specs->key_size, keys->client_write_IV); + CamelliaSetKey(dec->cam, keys->server_write_key, + specs->key_size, keys->server_write_IV); + } + else { + CamelliaSetKey(enc->cam, keys->server_write_key, + specs->key_size, keys->server_write_IV); + CamelliaSetKey(dec->cam, keys->client_write_key, + specs->key_size, keys->client_write_IV); + } + enc->setup = 1; + dec->setup = 1; + } +#endif + #ifdef HAVE_NULL_CIPHER if (specs->bulk_cipher_algorithm == cipher_null) { enc->setup = 1; diff --git a/src/ssl.c b/src/ssl.c index 2017d3533..62d267928 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -5501,6 +5501,22 @@ int CyaSSL_set_compression(CYASSL* ssl) return "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"; case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 : return "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"; + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : + return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"; + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : + return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"; + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"; + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"; + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : + return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"; + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : + return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"; + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"; + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"; default: return "NONE"; } /* switch */ diff --git a/tests/suites.c b/tests/suites.c index bc22cc865..87ac369e8 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -381,6 +381,28 @@ int SuiteTest(void) } #endif +#ifdef HAVE_CAMELLIA + /* add camellia suites */ + strcpy(argv0[1], "tests/test-camellia.conf"); + printf("starting camellia suite tests\n"); + test_harness(&args); + if (args.return_code != 0) { + printf("error from script %d\n", args.return_code); + exit(EXIT_FAILURE); + } + #ifdef OPENSSL_EXTRA + /* add camellia openssl extra suites */ + strcpy(argv0[1], "tests/test-camellia-openssl.conf"); + printf("starting camellia openssl extra suite tests\n"); + test_harness(&args); + if (args.return_code != 0) { + printf("error from script %d\n", args.return_code); + exit(EXIT_FAILURE); + } + + #endif +#endif + #ifdef CYASSL_DTLS /* add dtls extra suites */ strcpy(argv0[1], "tests/test-dtls.conf"); diff --git a/tests/test-camellia-openssl.conf b/tests/test-camellia-openssl.conf new file mode 100644 index 000000000..6406bf158 --- /dev/null +++ b/tests/test-camellia-openssl.conf @@ -0,0 +1,216 @@ +# server TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA +-v 1 +-l DHE-RSA-CAMELLIA128-CBC-SHA + +# client TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA +-v 1 +-l DHE-RSA-CAMELLIA128-CBC-SHA + +# server TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA +-v 1 +-l DHE-RSA-CAMELLIA256-CBC-SHA + +# client TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA +-v 1 +-l DHE-RSA-CAMELLIA256-CBC-SHA + +# server TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA256 +-v 1 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 + +# client TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA256 +-v 1 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 + +# server TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA256 +-v 1 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 + +# client TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA256 +-v 1 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 + +# server TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA +-v 2 +-l DHE-RSA-CAMELLIA128-CBC-SHA + +# client TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA +-v 2 +-l DHE-RSA-CAMELLIA128-CBC-SHA + +# server TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA +-v 2 +-l DHE-RSA-CAMELLIA256-CBC-SHA + +# client TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA +-v 2 +-l DHE-RSA-CAMELLIA256-CBC-SHA + +# server TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA256 +-v 2 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 + +# client TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA256 +-v 2 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 + +# server TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA256 +-v 2 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 + +# client TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA256 +-v 2 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 + +# server TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA +-v 3 +-l DHE-RSA-CAMELLIA128-CBC-SHA + +# client TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA +-v 3 +-l DHE-RSA-CAMELLIA128-CBC-SHA + +# server TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA +-v 3 +-l DHE-RSA-CAMELLIA256-CBC-SHA + +# client TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA +-v 3 +-l DHE-RSA-CAMELLIA256-CBC-SHA + +# server TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA256 +-v 3 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 + +# client TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA256 +-v 3 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 + +# server TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA256 +-v 3 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 + +# client TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA256 +-v 3 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 + +# server TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 1 +-l DHE-RSA-CAMELLIA128-CBC-SHA +-N + +# client TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 1 +-l DHE-RSA-CAMELLIA128-CBC-SHA +-N + +# server TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 1 +-l DHE-RSA-CAMELLIA256-CBC-SHA +-N + +# client TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 1 +-l DHE-RSA-CAMELLIA256-CBC-SHA +-N + +# server TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 1 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 +-N + +# client TLSv1 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 1 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 +-N + +# server TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 1 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 +-N + +# client TLSv1 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 1 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 +-N + +# server TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 2 +-l DHE-RSA-CAMELLIA128-CBC-SHA +-N + +# client TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 2 +-l DHE-RSA-CAMELLIA128-CBC-SHA +-N + +# server TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 2 +-l DHE-RSA-CAMELLIA256-CBC-SHA +-N + +# client TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 2 +-l DHE-RSA-CAMELLIA256-CBC-SHA +-N + +# server TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 2 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 +-N + +# client TLSv1.1 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 2 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 +-N + +# server TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 2 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 +-N + +# client TLSv1.1 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 2 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 +-N + +# server TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 3 +-l DHE-RSA-CAMELLIA128-CBC-SHA +-N + +# client TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 3 +-l DHE-RSA-CAMELLIA128-CBC-SHA +-N + +# server TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 3 +-l DHE-RSA-CAMELLIA256-CBC-SHA +-N + +# client TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 3 +-l DHE-RSA-CAMELLIA256-CBC-SHA +-N + +# server TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 3 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 +-N + +# client TLSv1.2 DHE-RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 3 +-l DHE-RSA-CAMELLIA128-CBC-SHA256 +-N + +# server TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 3 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 +-N + +# client TLSv1.2 DHE-RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 3 +-l DHE-RSA-CAMELLIA256-CBC-SHA256 +-N + diff --git a/tests/test-camellia.conf b/tests/test-camellia.conf new file mode 100644 index 000000000..f046e4891 --- /dev/null +++ b/tests/test-camellia.conf @@ -0,0 +1,216 @@ +# server TLSv1 RSA-CAMELLIA128-CBC-SHA +-v 1 +-l RSA-CAMELLIA128-CBC-SHA + +# client TLSv1 RSA-CAMELLIA128-CBC-SHA +-v 1 +-l RSA-CAMELLIA128-CBC-SHA + +# server TLSv1 RSA-CAMELLIA256-CBC-SHA +-v 1 +-l RSA-CAMELLIA256-CBC-SHA + +# client TLSv1 RSA-CAMELLIA256-CBC-SHA +-v 1 +-l RSA-CAMELLIA256-CBC-SHA + +# server TLSv1 RSA-CAMELLIA128-CBC-SHA256 +-v 1 +-l RSA-CAMELLIA128-CBC-SHA256 + +# client TLSv1 RSA-CAMELLIA128-CBC-SHA256 +-v 1 +-l RSA-CAMELLIA128-CBC-SHA256 + +# server TLSv1 RSA-CAMELLIA256-CBC-SHA256 +-v 1 +-l RSA-CAMELLIA256-CBC-SHA256 + +# client TLSv1 RSA-CAMELLIA256-CBC-SHA256 +-v 1 +-l RSA-CAMELLIA256-CBC-SHA256 + +# server TLSv1.1 RSA-CAMELLIA128-CBC-SHA +-v 2 +-l RSA-CAMELLIA128-CBC-SHA + +# client TLSv1.1 RSA-CAMELLIA128-CBC-SHA +-v 2 +-l RSA-CAMELLIA128-CBC-SHA + +# server TLSv1.1 RSA-CAMELLIA256-CBC-SHA +-v 2 +-l RSA-CAMELLIA256-CBC-SHA + +# client TLSv1.1 RSA-CAMELLIA256-CBC-SHA +-v 2 +-l RSA-CAMELLIA256-CBC-SHA + +# server TLSv1.1 RSA-CAMELLIA128-CBC-SHA256 +-v 2 +-l RSA-CAMELLIA128-CBC-SHA256 + +# client TLSv1.1 RSA-CAMELLIA128-CBC-SHA256 +-v 2 +-l RSA-CAMELLIA128-CBC-SHA256 + +# server TLSv1.1 RSA-CAMELLIA256-CBC-SHA256 +-v 2 +-l RSA-CAMELLIA256-CBC-SHA256 + +# client TLSv1.1 RSA-CAMELLIA256-CBC-SHA256 +-v 2 +-l RSA-CAMELLIA256-CBC-SHA256 + +# server TLSv1.2 RSA-CAMELLIA128-CBC-SHA +-v 3 +-l RSA-CAMELLIA128-CBC-SHA + +# client TLSv1.2 RSA-CAMELLIA128-CBC-SHA +-v 3 +-l RSA-CAMELLIA128-CBC-SHA + +# server TLSv1.2 RSA-CAMELLIA256-CBC-SHA +-v 3 +-l RSA-CAMELLIA256-CBC-SHA + +# client TLSv1.2 RSA-CAMELLIA256-CBC-SHA +-v 3 +-l RSA-CAMELLIA256-CBC-SHA + +# server TLSv1.2 RSA-CAMELLIA128-CBC-SHA256 +-v 3 +-l RSA-CAMELLIA128-CBC-SHA256 + +# client TLSv1.2 RSA-CAMELLIA128-CBC-SHA256 +-v 3 +-l RSA-CAMELLIA128-CBC-SHA256 + +# server TLSv1.2 RSA-CAMELLIA256-CBC-SHA256 +-v 3 +-l RSA-CAMELLIA256-CBC-SHA256 + +# client TLSv1.2 RSA-CAMELLIA256-CBC-SHA256 +-v 3 +-l RSA-CAMELLIA256-CBC-SHA256 + +# server TLSv1 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 1 +-l RSA-CAMELLIA128-CBC-SHA +-N + +# client TLSv1 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 1 +-l RSA-CAMELLIA128-CBC-SHA +-N + +# server TLSv1 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 1 +-l RSA-CAMELLIA256-CBC-SHA +-N + +# client TLSv1 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 1 +-l RSA-CAMELLIA256-CBC-SHA +-N + +# server TLSv1 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 1 +-l RSA-CAMELLIA128-CBC-SHA256 +-N + +# client TLSv1 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 1 +-l RSA-CAMELLIA128-CBC-SHA256 +-N + +# server TLSv1 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 1 +-l RSA-CAMELLIA256-CBC-SHA256 +-N + +# client TLSv1 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 1 +-l RSA-CAMELLIA256-CBC-SHA256 +-N + +# server TLSv1.1 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 2 +-l RSA-CAMELLIA128-CBC-SHA +-N + +# client TLSv1.1 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 2 +-l RSA-CAMELLIA128-CBC-SHA +-N + +# server TLSv1.1 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 2 +-l RSA-CAMELLIA256-CBC-SHA +-N + +# client TLSv1.1 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 2 +-l RSA-CAMELLIA256-CBC-SHA +-N + +# server TLSv1.1 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 2 +-l RSA-CAMELLIA128-CBC-SHA256 +-N + +# client TLSv1.1 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 2 +-l RSA-CAMELLIA128-CBC-SHA256 +-N + +# server TLSv1.1 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 2 +-l RSA-CAMELLIA256-CBC-SHA256 +-N + +# client TLSv1.1 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 2 +-l RSA-CAMELLIA256-CBC-SHA256 +-N + +# server TLSv1.2 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 3 +-l RSA-CAMELLIA128-CBC-SHA +-N + +# client TLSv1.2 RSA-CAMELLIA128-CBC-SHA NON-BLOCKING +-v 3 +-l RSA-CAMELLIA128-CBC-SHA +-N + +# server TLSv1.2 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 3 +-l RSA-CAMELLIA256-CBC-SHA +-N + +# client TLSv1.2 RSA-CAMELLIA256-CBC-SHA NON-BLOCKING +-v 3 +-l RSA-CAMELLIA256-CBC-SHA +-N + +# server TLSv1.2 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 3 +-l RSA-CAMELLIA128-CBC-SHA256 +-N + +# client TLSv1.2 RSA-CAMELLIA128-CBC-SHA256 NON-BLOCKING +-v 3 +-l RSA-CAMELLIA128-CBC-SHA256 +-N + +# server TLSv1.2 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 3 +-l RSA-CAMELLIA256-CBC-SHA256 +-N + +# client TLSv1.2 RSA-CAMELLIA256-CBC-SHA256 NON-BLOCKING +-v 3 +-l RSA-CAMELLIA256-CBC-SHA256 +-N +