forked from wolfSSL/wolfssl
added ECDSA and DHE_RSA support for chacha-poly
This commit is contained in:
JacobBarthelmeh
@ -1,436 +0,0 @@
|
||||
/* port.c
|
||||
*
|
||||
* Copyright (C) 2006-2014 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of CyaSSL.
|
||||
*
|
||||
* CyaSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* CyaSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#include <cyassl/ctaocrypt/settings.h>
|
||||
#include <cyassl/ctaocrypt/types.h>
|
||||
#include <cyassl/ctaocrypt/error-crypt.h>
|
||||
|
||||
|
||||
#ifdef _MSC_VER
|
||||
/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
|
||||
#pragma warning(disable: 4996)
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
#ifdef SINGLE_THREADED
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
(void)m;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex *m)
|
||||
{
|
||||
(void)m;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int LockMutex(CyaSSL_Mutex *m)
|
||||
{
|
||||
(void)m;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex *m)
|
||||
{
|
||||
(void)m;
|
||||
return 0;
|
||||
}
|
||||
|
||||
#else /* MULTI_THREAD */
|
||||
|
||||
#if defined(FREERTOS)
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
int iReturn;
|
||||
|
||||
*m = ( CyaSSL_Mutex ) xSemaphoreCreateMutex();
|
||||
if( *m != NULL )
|
||||
iReturn = 0;
|
||||
else
|
||||
iReturn = BAD_MUTEX_E;
|
||||
|
||||
return iReturn;
|
||||
}
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
vSemaphoreDelete( *m );
|
||||
return 0;
|
||||
}
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
/* Assume an infinite block, or should there be zero block? */
|
||||
xSemaphoreTake( *m, portMAX_DELAY );
|
||||
return 0;
|
||||
}
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
xSemaphoreGive( *m );
|
||||
return 0;
|
||||
}
|
||||
|
||||
#elif defined(CYASSL_SAFERTOS)
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
vSemaphoreCreateBinary(m->mutexBuffer, m->mutex);
|
||||
if (m->mutex == NULL)
|
||||
return BAD_MUTEX_E;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
(void)m;
|
||||
return 0;
|
||||
}
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
/* Assume an infinite block */
|
||||
xSemaphoreTake(m->mutex, portMAX_DELAY);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
xSemaphoreGive(m->mutex);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
#elif defined(USE_WINDOWS_API)
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
InitializeCriticalSection(m);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
DeleteCriticalSection(m);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
EnterCriticalSection(m);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
LeaveCriticalSection(m);
|
||||
return 0;
|
||||
}
|
||||
|
||||
#elif defined(CYASSL_PTHREADS)
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (pthread_mutex_init(m, 0) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (pthread_mutex_destroy(m) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (pthread_mutex_lock(m) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (pthread_mutex_unlock(m) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
#elif defined(THREADX)
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (tx_mutex_create(m, "CyaSSL Mutex", TX_NO_INHERIT) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (tx_mutex_delete(m) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (tx_mutex_get(m, TX_WAIT_FOREVER) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (tx_mutex_put(m) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
#elif defined(MICRIUM)
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
|
||||
if (NetSecure_OS_MutexCreate(m) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
|
||||
if (NetSecure_OS_FreeMutex(m) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
|
||||
if (NetSecure_OS_LockMutex(m) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
|
||||
if (NetSecure_OS_UnLockMutex(m) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
|
||||
}
|
||||
|
||||
#elif defined(EBSNET)
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (rtp_sig_mutex_alloc(m, "CyaSSL Mutex") == -1)
|
||||
return BAD_MUTEX_E;
|
||||
else
|
||||
return 0;
|
||||
}
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
rtp_sig_mutex_free(*m);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (rtp_sig_mutex_claim_timed(*m, RTIP_INF) == 0)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
rtp_sig_mutex_release(*m);
|
||||
return 0;
|
||||
}
|
||||
|
||||
#elif defined(FREESCALE_MQX)
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (_mutex_init(m, NULL) == MQX_EOK)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (_mutex_destroy(m) == MQX_EOK)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (_mutex_lock(m) == MQX_EOK)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
if (_mutex_unlock(m) == MQX_EOK)
|
||||
return 0;
|
||||
else
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
#elif defined(CYASSL_MDK_ARM)|| defined(CYASSL_CMSIS_RTOS)
|
||||
|
||||
#if defined(CYASSL_CMSIS_RTOS)
|
||||
#include "cmsis_os.h"
|
||||
#define CMSIS_NMUTEX 10
|
||||
osMutexDef(CyaSSL_mt0) ; osMutexDef(CyaSSL_mt1) ; osMutexDef(CyaSSL_mt2) ;
|
||||
osMutexDef(CyaSSL_mt3) ; osMutexDef(CyaSSL_mt4) ; osMutexDef(CyaSSL_mt5) ;
|
||||
osMutexDef(CyaSSL_mt6) ; osMutexDef(CyaSSL_mt7) ; osMutexDef(CyaSSL_mt8) ;
|
||||
osMutexDef(CyaSSL_mt9) ;
|
||||
|
||||
static const osMutexDef_t *CMSIS_mutex[] = { osMutex(CyaSSL_mt0),
|
||||
osMutex(CyaSSL_mt1), osMutex(CyaSSL_mt2), osMutex(CyaSSL_mt3),
|
||||
osMutex(CyaSSL_mt4), osMutex(CyaSSL_mt5), osMutex(CyaSSL_mt6),
|
||||
osMutex(CyaSSL_mt7), osMutex(CyaSSL_mt8), osMutex(CyaSSL_mt9) } ;
|
||||
|
||||
static osMutexId CMSIS_mutexID[CMSIS_NMUTEX] = {0} ;
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
int i ;
|
||||
for (i=0; i<CMSIS_NMUTEX; i++) {
|
||||
if(CMSIS_mutexID[i] == 0) {
|
||||
CMSIS_mutexID[i] = osMutexCreate(CMSIS_mutex[i]) ;
|
||||
(*m) = CMSIS_mutexID[i] ;
|
||||
return 0 ;
|
||||
}
|
||||
}
|
||||
return -1 ;
|
||||
}
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
int i ;
|
||||
osMutexDelete (*m) ;
|
||||
for (i=0; i<CMSIS_NMUTEX; i++) {
|
||||
if(CMSIS_mutexID[i] == (*m)) {
|
||||
CMSIS_mutexID[i] = 0 ;
|
||||
return(0) ;
|
||||
}
|
||||
}
|
||||
return(-1) ;
|
||||
}
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
osMutexWait(*m, osWaitForever) ;
|
||||
return(0) ;
|
||||
}
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
osMutexRelease (*m);
|
||||
return 0;
|
||||
}
|
||||
#else
|
||||
|
||||
int InitMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
os_mut_init (m);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int FreeMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
return(0) ;
|
||||
}
|
||||
|
||||
int LockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
os_mut_wait (m, 0xffff);
|
||||
return(0) ;
|
||||
}
|
||||
|
||||
int UnLockMutex(CyaSSL_Mutex* m)
|
||||
{
|
||||
os_mut_release (m);
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
#endif /* USE_WINDOWS_API */
|
||||
#endif /* SINGLE_THREADED */
|
||||
|
||||
@ -1,195 +0,0 @@
|
||||
/* port.h
|
||||
*
|
||||
* Copyright (C) 2006-2014 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of CyaSSL.
|
||||
*
|
||||
* CyaSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* CyaSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
||||
*/
|
||||
|
||||
|
||||
#ifndef CTAO_CRYPT_PORT_H
|
||||
#define CTAO_CRYPT_PORT_H
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
#ifdef CYASSL_GAME_BUILD
|
||||
#include "system/xtl.h"
|
||||
#else
|
||||
#ifndef WIN32_LEAN_AND_MEAN
|
||||
#define WIN32_LEAN_AND_MEAN
|
||||
#endif
|
||||
#if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN)
|
||||
/* On WinCE winsock2.h must be included before windows.h */
|
||||
#include <winsock2.h>
|
||||
#endif
|
||||
#include <windows.h>
|
||||
#endif
|
||||
#elif defined(THREADX)
|
||||
#ifndef SINGLE_THREADED
|
||||
#include "tx_api.h"
|
||||
#endif
|
||||
#elif defined(MICRIUM)
|
||||
/* do nothing, just don't pick Unix */
|
||||
#elif defined(FREERTOS) || defined(CYASSL_SAFERTOS)
|
||||
/* do nothing */
|
||||
#elif defined(EBSNET)
|
||||
/* do nothing */
|
||||
#elif defined(FREESCALE_MQX)
|
||||
/* do nothing */
|
||||
#elif defined(CYASSL_MDK_ARM)
|
||||
#if defined(CYASSL_MDK5)
|
||||
#include "cmsis_os.h"
|
||||
#else
|
||||
#include <rtl.h>
|
||||
#endif
|
||||
#elif defined(CYASSL_CMSIS_RTOS)
|
||||
#include "cmsis_os.h"
|
||||
#else
|
||||
#ifndef SINGLE_THREADED
|
||||
#define CYASSL_PTHREADS
|
||||
#include <pthread.h>
|
||||
#endif
|
||||
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
|
||||
#include <unistd.h> /* for close of BIO */
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef SINGLE_THREADED
|
||||
typedef int CyaSSL_Mutex;
|
||||
#else /* MULTI_THREADED */
|
||||
/* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */
|
||||
#ifdef FREERTOS
|
||||
typedef xSemaphoreHandle CyaSSL_Mutex;
|
||||
#elif defined(CYASSL_SAFERTOS)
|
||||
typedef struct CyaSSL_Mutex {
|
||||
signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES];
|
||||
xSemaphoreHandle mutex;
|
||||
} CyaSSL_Mutex;
|
||||
#elif defined(USE_WINDOWS_API)
|
||||
typedef CRITICAL_SECTION CyaSSL_Mutex;
|
||||
#elif defined(CYASSL_PTHREADS)
|
||||
typedef pthread_mutex_t CyaSSL_Mutex;
|
||||
#elif defined(THREADX)
|
||||
typedef TX_MUTEX CyaSSL_Mutex;
|
||||
#elif defined(MICRIUM)
|
||||
typedef OS_MUTEX CyaSSL_Mutex;
|
||||
#elif defined(EBSNET)
|
||||
typedef RTP_MUTEX CyaSSL_Mutex;
|
||||
#elif defined(FREESCALE_MQX)
|
||||
typedef MUTEX_STRUCT CyaSSL_Mutex;
|
||||
#elif defined(CYASSL_MDK_ARM)
|
||||
#if defined(CYASSL_CMSIS_RTOS)
|
||||
typedef osMutexId CyaSSL_Mutex;
|
||||
#else
|
||||
typedef OS_MUT CyaSSL_Mutex;
|
||||
#endif
|
||||
#elif defined(CYASSL_CMSIS_RTOS)
|
||||
typedef osMutexId CyaSSL_Mutex;
|
||||
#else
|
||||
#error Need a mutex type in multithreaded mode
|
||||
#endif /* USE_WINDOWS_API */
|
||||
#endif /* SINGLE_THREADED */
|
||||
|
||||
CYASSL_LOCAL int InitMutex(CyaSSL_Mutex*);
|
||||
CYASSL_LOCAL int FreeMutex(CyaSSL_Mutex*);
|
||||
CYASSL_LOCAL int LockMutex(CyaSSL_Mutex*);
|
||||
CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*);
|
||||
|
||||
|
||||
/* filesystem abstraction layer, used by ssl.c */
|
||||
#ifndef NO_FILESYSTEM
|
||||
|
||||
#if defined(EBSNET)
|
||||
#define XFILE int
|
||||
#define XFOPEN(NAME, MODE) vf_open((const char *)NAME, VO_RDONLY, 0);
|
||||
#define XFSEEK vf_lseek
|
||||
#define XFTELL vf_tell
|
||||
#define XREWIND vf_rewind
|
||||
#define XFREAD(BUF, SZ, AMT, FD) vf_read(FD, BUF, SZ*AMT)
|
||||
#define XFWRITE(BUF, SZ, AMT, FD) vf_write(FD, BUF, SZ*AMT)
|
||||
#define XFCLOSE vf_close
|
||||
#define XSEEK_END VSEEK_END
|
||||
#define XBADFILE -1
|
||||
#elif defined(LSR_FS)
|
||||
#include <fs.h>
|
||||
#define XFILE struct fs_file*
|
||||
#define XFOPEN(NAME, MODE) fs_open((char*)NAME);
|
||||
#define XFSEEK(F, O, W) (void)F
|
||||
#define XFTELL(F) (F)->len
|
||||
#define XREWIND(F) (void)F
|
||||
#define XFREAD(BUF, SZ, AMT, F) fs_read(F, (char*)BUF, SZ*AMT)
|
||||
#define XFWRITE(BUF, SZ, AMT, F) fs_write(F, (char*)BUF, SZ*AMT)
|
||||
#define XFCLOSE fs_close
|
||||
#define XSEEK_END 0
|
||||
#define XBADFILE NULL
|
||||
#elif defined(FREESCALE_MQX)
|
||||
#define XFILE MQX_FILE_PTR
|
||||
#define XFOPEN fopen
|
||||
#define XFSEEK fseek
|
||||
#define XFTELL ftell
|
||||
#define XREWIND(F) fseek(F, 0, IO_SEEK_SET)
|
||||
#define XFREAD fread
|
||||
#define XFWRITE fwrite
|
||||
#define XFCLOSE fclose
|
||||
#define XSEEK_END IO_SEEK_END
|
||||
#define XBADFILE NULL
|
||||
#elif defined(MICRIUM)
|
||||
#include <fs.h>
|
||||
#define XFILE FS_FILE*
|
||||
#define XFOPEN fs_fopen
|
||||
#define XFSEEK fs_fseek
|
||||
#define XFTELL fs_ftell
|
||||
#define XREWIND fs_rewind
|
||||
#define XFREAD fs_fread
|
||||
#define XFWRITE fs_fwrite
|
||||
#define XFCLOSE fs_fclose
|
||||
#define XSEEK_END FS_SEEK_END
|
||||
#define XBADFILE NULL
|
||||
#else
|
||||
/* stdio, default case */
|
||||
#define XFILE FILE*
|
||||
#if defined(CYASSL_MDK_ARM)
|
||||
#include <stdio.h>
|
||||
extern FILE * CyaSSL_fopen(const char *name, const char *mode) ;
|
||||
#define XFOPEN CyaSSL_fopen
|
||||
#else
|
||||
#define XFOPEN fopen
|
||||
#endif
|
||||
#define XFSEEK fseek
|
||||
#define XFTELL ftell
|
||||
#define XREWIND rewind
|
||||
#define XFREAD fread
|
||||
#define XFWRITE fwrite
|
||||
#define XFCLOSE fclose
|
||||
#define XSEEK_END SEEK_END
|
||||
#define XBADFILE NULL
|
||||
#endif
|
||||
|
||||
#endif /* NO_FILESYSTEM */
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
#endif /* CTAO_CRYPT_PORT_H */
|
||||
|
||||
@ -468,7 +468,9 @@ void c32to24(word32 in, word24 out);
|
||||
|
||||
#ifdef HAVE_CHACHA
|
||||
#define CHACHA20_BLOCK_SIZE 16
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
#define BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
#endif
|
||||
|
||||
#if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_CHACHA)
|
||||
@ -596,7 +598,9 @@ enum {
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4,
|
||||
|
||||
TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 = 0x13,
|
||||
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x13,
|
||||
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0x14,
|
||||
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x15,
|
||||
|
||||
/* Renegotiation Indication Extension Special Suite */
|
||||
TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff
|
||||
|
||||
@ -905,13 +905,27 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
if (tls && haveRSA) {
|
||||
suites->suites[idx++] = CHACHA_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256;
|
||||
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
if (tls1_2 && haveECDSAsig) {
|
||||
suites->suites[idx++] = CHACHA_BYTE;
|
||||
suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
if (tls && haveRSA) {
|
||||
suites->suites[idx++] = CHACHA_BYTE;
|
||||
suites->suites[idx++] = TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
if (tls && haveRSAsig && haveStaticECC) {
|
||||
suites->suites[idx++] = ECC_BYTE;
|
||||
@ -3171,12 +3185,25 @@ static int BuildFinished(CYASSL* ssl, Hashes* hashes, const byte* sender)
|
||||
|
||||
switch (second) {
|
||||
|
||||
case TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 :
|
||||
case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 :
|
||||
if (requirement == REQUIRES_ECC_DSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
|
||||
if (requirement == REQUIRES_RSA)
|
||||
return 1;
|
||||
if (requirement == REQUIRES_DHE)
|
||||
return 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/* ECC extensions */
|
||||
if (first == ECC_BYTE) {
|
||||
|
||||
@ -7671,10 +7698,18 @@ static const char* const cipher_names[] =
|
||||
"ECDH-ECDSA-AES256-SHA384",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
"ECDHE-RSA-CHACHA20-256-POLY1305-SHA256",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
"ECDHE-ECDSA-CHACHA20-256-POLY1305-SHA256",
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
"DHE-RSA-CHACHA20-256-POLY1305-SHA256",
|
||||
#endif
|
||||
|
||||
};
|
||||
|
||||
|
||||
@ -8051,8 +8086,16 @@ static int cipher_name_idx[] =
|
||||
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256
|
||||
TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256,
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
||||
#endif
|
||||
};
|
||||
|
||||
|
||||
39
src/keys.c
39
src/keys.c
@ -53,8 +53,8 @@ int SetCipherSpecs(CYASSL* ssl)
|
||||
if (ssl->options.cipherSuite0 == CHACHA_BYTE) {
|
||||
|
||||
switch (ssl->options.cipherSuite) {
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256
|
||||
case TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256:
|
||||
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_chacha;
|
||||
ssl->specs.cipher_type = aead;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
@ -71,6 +71,41 @@ int SetCipherSpecs(CYASSL* ssl)
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_chacha;
|
||||
ssl->specs.cipher_type = aead;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
ssl->specs.kea = ecc_diffie_hellman_kea;
|
||||
ssl->specs.sig_algo = ecc_dsa_sa_algo;
|
||||
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = CHACHA20_256_KEY_SIZE;
|
||||
ssl->specs.block_size = CHACHA20_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = CHACHA20_IV_SIZE;
|
||||
ssl->specs.aead_mac_size = POLY1305_AUTH_SZ;
|
||||
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||
case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
|
||||
ssl->specs.bulk_cipher_algorithm = cyassl_chacha;
|
||||
ssl->specs.cipher_type = aead;
|
||||
ssl->specs.mac_algorithm = sha256_mac;
|
||||
ssl->specs.kea = diffie_hellman_kea;
|
||||
ssl->specs.sig_algo = rsa_sa_algo;
|
||||
ssl->specs.hash_size = SHA256_DIGEST_SIZE;
|
||||
ssl->specs.pad_size = PAD_SHA;
|
||||
ssl->specs.static_ecdh = 0;
|
||||
ssl->specs.key_size = CHACHA20_256_KEY_SIZE;
|
||||
ssl->specs.block_size = CHACHA20_BLOCK_SIZE;
|
||||
ssl->specs.iv_size = CHACHA20_IV_SIZE;
|
||||
ssl->specs.aead_mac_size = POLY1305_AUTH_SZ;
|
||||
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ChaCha");
|
||||
return UNSUPPORTED_SUITE;
|
||||
|
||||
15
src/ssl.c
15
src/ssl.c
@ -8371,9 +8371,14 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
|
||||
switch (cipher->ssl->options.cipherSuite) {
|
||||
#ifdef HAVE_CHACHA
|
||||
#ifndef NO_RSA
|
||||
case TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 :
|
||||
return "TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256";
|
||||
case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
|
||||
return "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
|
||||
|
||||
case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
|
||||
return "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
|
||||
#endif
|
||||
case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 :
|
||||
return "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256";
|
||||
#endif
|
||||
}
|
||||
}
|
||||
@ -8525,8 +8530,10 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
|
||||
}
|
||||
}
|
||||
#endif /* ECC */
|
||||
if (cipher->ssl->options.cipherSuite0 != ECC_BYTE && cipher->ssl->options.cipherSuite0 != CHACHA_BYTE) {
|
||||
/* normal suites */
|
||||
if (cipher->ssl->options.cipherSuite0 != ECC_BYTE &&
|
||||
cipher->ssl->options.cipherSuite0 != CHACHA_BYTE) {
|
||||
|
||||
/* normal suites */
|
||||
switch (cipher->ssl->options.cipherSuite) {
|
||||
#ifndef NO_RSA
|
||||
#ifndef NO_RC4
|
||||
|
||||
Reference in New Issue
Block a user