forked from wolfSSL/wolfssl
enable gcm by default
This commit is contained in:
toddouska
@ -337,7 +337,7 @@ AM_CONDITIONAL([BUILD_SNIFFTEST], [ test "x$ENABLED_SNIFFTEST" = "xyes" ])
|
||||
AC_ARG_ENABLE([aesgcm],
|
||||
[ --enable-aesgcm Enable wolfSSL AES-GCM support (default: disabled)],
|
||||
[ ENABLED_AESGCM=$enableval ],
|
||||
[ ENABLED_AESGCM=no ]
|
||||
[ ENABLED_AESGCM=yes ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_AESGCM" = "word32"
|
||||
|
||||
224
src/internal.c
224
src/internal.c
@ -700,6 +700,118 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveECDSAsig) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveECDSAsig) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveDH && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveDH && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_RSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_RSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveECDSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveECDSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveRSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveRSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_PSK_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_PSK_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
if (tls1_2 && haveRSAsig) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -756,13 +868,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveECDSAsig) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||
if (tls && haveECDSAsig) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -770,13 +875,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveECDSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
|
||||
if (tls && haveECDSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -784,13 +882,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveECDSAsig) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
||||
if (tls && haveECDSAsig) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -798,13 +889,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveECDSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
|
||||
if (tls && haveECDSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -840,13 +924,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
if (tls && haveRSA) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -854,13 +931,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveRSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
|
||||
if (tls && haveRSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -868,13 +938,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
if (tls && haveRSA) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -882,13 +945,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveRSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
|
||||
if (tls && haveRSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -945,13 +1001,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveDH && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
|
||||
if (tls1_2 && haveECDSAsig) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -987,13 +1036,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveDH && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
if (tls1_2 && haveDH && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -1015,13 +1057,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_RSA_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -1029,13 +1064,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_RSA_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
|
||||
if (tls1_2 && haveRSA) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -1071,20 +1099,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
|
||||
if (tls1_2 && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_PSK_WITH_AES_256_GCM_SHA384;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
|
||||
if (tls && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
@ -1106,20 +1120,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
|
||||
if (tls1_2 && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
suites->suites[idx++] = TLS_PSK_WITH_AES_128_GCM_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
if (tls && haveDH && havePSK) {
|
||||
suites->suites[idx++] = 0;
|
||||
|
||||
Reference in New Issue
Block a user