diff --git a/ctaocrypt/src/port.c b/ctaocrypt/src/port.c deleted file mode 100644 index c51062185..000000000 --- a/ctaocrypt/src/port.c +++ /dev/null @@ -1,436 +0,0 @@ -/* port.c - * - * Copyright (C) 2006-2014 wolfSSL Inc. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - */ - -#ifdef HAVE_CONFIG_H - #include -#endif - -#include -#include -#include - - -#ifdef _MSC_VER - /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ - #pragma warning(disable: 4996) -#endif - - - -#ifdef SINGLE_THREADED - -int InitMutex(CyaSSL_Mutex* m) -{ - (void)m; - return 0; -} - - -int FreeMutex(CyaSSL_Mutex *m) -{ - (void)m; - return 0; -} - - -int LockMutex(CyaSSL_Mutex *m) -{ - (void)m; - return 0; -} - - -int UnLockMutex(CyaSSL_Mutex *m) -{ - (void)m; - return 0; -} - -#else /* MULTI_THREAD */ - - #if defined(FREERTOS) - - int InitMutex(CyaSSL_Mutex* m) - { - int iReturn; - - *m = ( CyaSSL_Mutex ) xSemaphoreCreateMutex(); - if( *m != NULL ) - iReturn = 0; - else - iReturn = BAD_MUTEX_E; - - return iReturn; - } - - int FreeMutex(CyaSSL_Mutex* m) - { - vSemaphoreDelete( *m ); - return 0; - } - - int LockMutex(CyaSSL_Mutex* m) - { - /* Assume an infinite block, or should there be zero block? */ - xSemaphoreTake( *m, portMAX_DELAY ); - return 0; - } - - int UnLockMutex(CyaSSL_Mutex* m) - { - xSemaphoreGive( *m ); - return 0; - } - - #elif defined(CYASSL_SAFERTOS) - - int InitMutex(CyaSSL_Mutex* m) - { - vSemaphoreCreateBinary(m->mutexBuffer, m->mutex); - if (m->mutex == NULL) - return BAD_MUTEX_E; - - return 0; - } - - int FreeMutex(CyaSSL_Mutex* m) - { - (void)m; - return 0; - } - - int LockMutex(CyaSSL_Mutex* m) - { - /* Assume an infinite block */ - xSemaphoreTake(m->mutex, portMAX_DELAY); - return 0; - } - - int UnLockMutex(CyaSSL_Mutex* m) - { - xSemaphoreGive(m->mutex); - return 0; - } - - - #elif defined(USE_WINDOWS_API) - - int InitMutex(CyaSSL_Mutex* m) - { - InitializeCriticalSection(m); - return 0; - } - - - int FreeMutex(CyaSSL_Mutex* m) - { - DeleteCriticalSection(m); - return 0; - } - - - int LockMutex(CyaSSL_Mutex* m) - { - EnterCriticalSection(m); - return 0; - } - - - int UnLockMutex(CyaSSL_Mutex* m) - { - LeaveCriticalSection(m); - return 0; - } - - #elif defined(CYASSL_PTHREADS) - - int InitMutex(CyaSSL_Mutex* m) - { - if (pthread_mutex_init(m, 0) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - - int FreeMutex(CyaSSL_Mutex* m) - { - if (pthread_mutex_destroy(m) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - - int LockMutex(CyaSSL_Mutex* m) - { - if (pthread_mutex_lock(m) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - - int UnLockMutex(CyaSSL_Mutex* m) - { - if (pthread_mutex_unlock(m) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - #elif defined(THREADX) - - int InitMutex(CyaSSL_Mutex* m) - { - if (tx_mutex_create(m, "CyaSSL Mutex", TX_NO_INHERIT) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - - int FreeMutex(CyaSSL_Mutex* m) - { - if (tx_mutex_delete(m) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - - int LockMutex(CyaSSL_Mutex* m) - { - if (tx_mutex_get(m, TX_WAIT_FOREVER) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - - int UnLockMutex(CyaSSL_Mutex* m) - { - if (tx_mutex_put(m) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - #elif defined(MICRIUM) - - int InitMutex(CyaSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_MutexCreate(m) == 0) - return 0; - else - return BAD_MUTEX_E; - #else - return 0; - #endif - } - - - int FreeMutex(CyaSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_FreeMutex(m) == 0) - return 0; - else - return BAD_MUTEX_E; - #else - return 0; - #endif - } - - - int LockMutex(CyaSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_LockMutex(m) == 0) - return 0; - else - return BAD_MUTEX_E; - #else - return 0; - #endif - } - - - int UnLockMutex(CyaSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_UnLockMutex(m) == 0) - return 0; - else - return BAD_MUTEX_E; - #else - return 0; - #endif - - } - - #elif defined(EBSNET) - - int InitMutex(CyaSSL_Mutex* m) - { - if (rtp_sig_mutex_alloc(m, "CyaSSL Mutex") == -1) - return BAD_MUTEX_E; - else - return 0; - } - - int FreeMutex(CyaSSL_Mutex* m) - { - rtp_sig_mutex_free(*m); - return 0; - } - - int LockMutex(CyaSSL_Mutex* m) - { - if (rtp_sig_mutex_claim_timed(*m, RTIP_INF) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - int UnLockMutex(CyaSSL_Mutex* m) - { - rtp_sig_mutex_release(*m); - return 0; - } - - #elif defined(FREESCALE_MQX) - - int InitMutex(CyaSSL_Mutex* m) - { - if (_mutex_init(m, NULL) == MQX_EOK) - return 0; - else - return BAD_MUTEX_E; - } - - int FreeMutex(CyaSSL_Mutex* m) - { - if (_mutex_destroy(m) == MQX_EOK) - return 0; - else - return BAD_MUTEX_E; - } - - int LockMutex(CyaSSL_Mutex* m) - { - if (_mutex_lock(m) == MQX_EOK) - return 0; - else - return BAD_MUTEX_E; - } - - int UnLockMutex(CyaSSL_Mutex* m) - { - if (_mutex_unlock(m) == MQX_EOK) - return 0; - else - return BAD_MUTEX_E; - } - - #elif defined(CYASSL_MDK_ARM)|| defined(CYASSL_CMSIS_RTOS) - - #if defined(CYASSL_CMSIS_RTOS) - #include "cmsis_os.h" - #define CMSIS_NMUTEX 10 - osMutexDef(CyaSSL_mt0) ; osMutexDef(CyaSSL_mt1) ; osMutexDef(CyaSSL_mt2) ; - osMutexDef(CyaSSL_mt3) ; osMutexDef(CyaSSL_mt4) ; osMutexDef(CyaSSL_mt5) ; - osMutexDef(CyaSSL_mt6) ; osMutexDef(CyaSSL_mt7) ; osMutexDef(CyaSSL_mt8) ; - osMutexDef(CyaSSL_mt9) ; - - static const osMutexDef_t *CMSIS_mutex[] = { osMutex(CyaSSL_mt0), - osMutex(CyaSSL_mt1), osMutex(CyaSSL_mt2), osMutex(CyaSSL_mt3), - osMutex(CyaSSL_mt4), osMutex(CyaSSL_mt5), osMutex(CyaSSL_mt6), - osMutex(CyaSSL_mt7), osMutex(CyaSSL_mt8), osMutex(CyaSSL_mt9) } ; - - static osMutexId CMSIS_mutexID[CMSIS_NMUTEX] = {0} ; - - int InitMutex(CyaSSL_Mutex* m) - { - int i ; - for (i=0; i - #endif - #include - #endif -#elif defined(THREADX) - #ifndef SINGLE_THREADED - #include "tx_api.h" - #endif -#elif defined(MICRIUM) - /* do nothing, just don't pick Unix */ -#elif defined(FREERTOS) || defined(CYASSL_SAFERTOS) - /* do nothing */ -#elif defined(EBSNET) - /* do nothing */ -#elif defined(FREESCALE_MQX) - /* do nothing */ -#elif defined(CYASSL_MDK_ARM) - #if defined(CYASSL_MDK5) - #include "cmsis_os.h" - #else - #include - #endif -#elif defined(CYASSL_CMSIS_RTOS) - #include "cmsis_os.h" -#else - #ifndef SINGLE_THREADED - #define CYASSL_PTHREADS - #include - #endif - #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) - #include /* for close of BIO */ - #endif -#endif - - -#ifdef SINGLE_THREADED - typedef int CyaSSL_Mutex; -#else /* MULTI_THREADED */ - /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */ - #ifdef FREERTOS - typedef xSemaphoreHandle CyaSSL_Mutex; - #elif defined(CYASSL_SAFERTOS) - typedef struct CyaSSL_Mutex { - signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES]; - xSemaphoreHandle mutex; - } CyaSSL_Mutex; - #elif defined(USE_WINDOWS_API) - typedef CRITICAL_SECTION CyaSSL_Mutex; - #elif defined(CYASSL_PTHREADS) - typedef pthread_mutex_t CyaSSL_Mutex; - #elif defined(THREADX) - typedef TX_MUTEX CyaSSL_Mutex; - #elif defined(MICRIUM) - typedef OS_MUTEX CyaSSL_Mutex; - #elif defined(EBSNET) - typedef RTP_MUTEX CyaSSL_Mutex; - #elif defined(FREESCALE_MQX) - typedef MUTEX_STRUCT CyaSSL_Mutex; - #elif defined(CYASSL_MDK_ARM) - #if defined(CYASSL_CMSIS_RTOS) - typedef osMutexId CyaSSL_Mutex; - #else - typedef OS_MUT CyaSSL_Mutex; - #endif - #elif defined(CYASSL_CMSIS_RTOS) - typedef osMutexId CyaSSL_Mutex; - #else - #error Need a mutex type in multithreaded mode - #endif /* USE_WINDOWS_API */ -#endif /* SINGLE_THREADED */ - -CYASSL_LOCAL int InitMutex(CyaSSL_Mutex*); -CYASSL_LOCAL int FreeMutex(CyaSSL_Mutex*); -CYASSL_LOCAL int LockMutex(CyaSSL_Mutex*); -CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*); - - -/* filesystem abstraction layer, used by ssl.c */ -#ifndef NO_FILESYSTEM - -#if defined(EBSNET) - #define XFILE int - #define XFOPEN(NAME, MODE) vf_open((const char *)NAME, VO_RDONLY, 0); - #define XFSEEK vf_lseek - #define XFTELL vf_tell - #define XREWIND vf_rewind - #define XFREAD(BUF, SZ, AMT, FD) vf_read(FD, BUF, SZ*AMT) - #define XFWRITE(BUF, SZ, AMT, FD) vf_write(FD, BUF, SZ*AMT) - #define XFCLOSE vf_close - #define XSEEK_END VSEEK_END - #define XBADFILE -1 -#elif defined(LSR_FS) - #include - #define XFILE struct fs_file* - #define XFOPEN(NAME, MODE) fs_open((char*)NAME); - #define XFSEEK(F, O, W) (void)F - #define XFTELL(F) (F)->len - #define XREWIND(F) (void)F - #define XFREAD(BUF, SZ, AMT, F) fs_read(F, (char*)BUF, SZ*AMT) - #define XFWRITE(BUF, SZ, AMT, F) fs_write(F, (char*)BUF, SZ*AMT) - #define XFCLOSE fs_close - #define XSEEK_END 0 - #define XBADFILE NULL -#elif defined(FREESCALE_MQX) - #define XFILE MQX_FILE_PTR - #define XFOPEN fopen - #define XFSEEK fseek - #define XFTELL ftell - #define XREWIND(F) fseek(F, 0, IO_SEEK_SET) - #define XFREAD fread - #define XFWRITE fwrite - #define XFCLOSE fclose - #define XSEEK_END IO_SEEK_END - #define XBADFILE NULL -#elif defined(MICRIUM) - #include - #define XFILE FS_FILE* - #define XFOPEN fs_fopen - #define XFSEEK fs_fseek - #define XFTELL fs_ftell - #define XREWIND fs_rewind - #define XFREAD fs_fread - #define XFWRITE fs_fwrite - #define XFCLOSE fs_fclose - #define XSEEK_END FS_SEEK_END - #define XBADFILE NULL -#else - /* stdio, default case */ - #define XFILE FILE* - #if defined(CYASSL_MDK_ARM) - #include - extern FILE * CyaSSL_fopen(const char *name, const char *mode) ; - #define XFOPEN CyaSSL_fopen - #else - #define XFOPEN fopen - #endif - #define XFSEEK fseek - #define XFTELL ftell - #define XREWIND rewind - #define XFREAD fread - #define XFWRITE fwrite - #define XFCLOSE fclose - #define XSEEK_END SEEK_END - #define XBADFILE NULL -#endif - -#endif /* NO_FILESYSTEM */ - - -#ifdef __cplusplus - } /* extern "C" */ -#endif - -#endif /* CTAO_CRYPT_PORT_H */ - diff --git a/cyassl/internal.h b/cyassl/internal.h index 8a74fc749..7a1446408 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -468,7 +468,9 @@ void c32to24(word32 in, word24 out); #ifdef HAVE_CHACHA #define CHACHA20_BLOCK_SIZE 16 - #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 + #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + #define BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 #endif #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_CHACHA) @@ -596,7 +598,9 @@ enum { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe, TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4, - TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 = 0x13, + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x13, + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0x14, + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0x15, /* Renegotiation Indication Extension Special Suite */ TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff diff --git a/src/internal.c b/src/internal.c index 58cc15ee5..0500f64d2 100644 --- a/src/internal.c +++ b/src/internal.c @@ -905,13 +905,27 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, } #endif -#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 +#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 if (tls && haveRSA) { suites->suites[idx++] = CHACHA_BYTE; - suites->suites[idx++] = TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256; + suites->suites[idx++] = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256; } #endif +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + if (tls1_2 && haveECDSAsig) { + suites->suites[idx++] = CHACHA_BYTE; + suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256; + } +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + if (tls && haveRSA) { + suites->suites[idx++] = CHACHA_BYTE; + suites->suites[idx++] = TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256; + } +#endif + #ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA if (tls && haveRSAsig && haveStaticECC) { suites->suites[idx++] = ECC_BYTE; @@ -3171,12 +3185,25 @@ static int BuildFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) switch (second) { - case TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 : + case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 : if (requirement == REQUIRES_RSA) return 1; break; + + case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 : + if (requirement == REQUIRES_ECC_DSA) + return 1; + break; + + case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_DHE) + return 1; + break; } } + /* ECC extensions */ if (first == ECC_BYTE) { @@ -7671,10 +7698,18 @@ static const char* const cipher_names[] = "ECDH-ECDSA-AES256-SHA384", #endif -#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 +#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 "ECDHE-RSA-CHACHA20-256-POLY1305-SHA256", #endif +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + "ECDHE-ECDSA-CHACHA20-256-POLY1305-SHA256", +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + "DHE-RSA-CHACHA20-256-POLY1305-SHA256", +#endif + }; @@ -8051,8 +8086,16 @@ static int cipher_name_idx[] = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, #endif -#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 - TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256, +#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, #endif }; diff --git a/src/keys.c b/src/keys.c index 510f825c0..9905bd313 100644 --- a/src/keys.c +++ b/src/keys.c @@ -53,8 +53,8 @@ int SetCipherSpecs(CYASSL* ssl) if (ssl->options.cipherSuite0 == CHACHA_BYTE) { switch (ssl->options.cipherSuite) { -#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 - case TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256: +#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: ssl->specs.bulk_cipher_algorithm = cyassl_chacha; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha256_mac; @@ -71,6 +71,41 @@ int SetCipherSpecs(CYASSL* ssl) break; #endif +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + ssl->specs.bulk_cipher_algorithm = cyassl_chacha; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = ecc_dsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CHACHA20_256_KEY_SIZE; + ssl->specs.block_size = CHACHA20_BLOCK_SIZE; + ssl->specs.iv_size = CHACHA20_IV_SIZE; + ssl->specs.aead_mac_size = POLY1305_AUTH_SZ; + + break; +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + ssl->specs.bulk_cipher_algorithm = cyassl_chacha; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CHACHA20_256_KEY_SIZE; + ssl->specs.block_size = CHACHA20_BLOCK_SIZE; + ssl->specs.iv_size = CHACHA20_IV_SIZE; + ssl->specs.aead_mac_size = POLY1305_AUTH_SZ; + + break; +#endif default: CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ChaCha"); return UNSUPPORTED_SUITE; diff --git a/src/ssl.c b/src/ssl.c index 010116ad2..dd99d8f30 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -8371,9 +8371,14 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) switch (cipher->ssl->options.cipherSuite) { #ifdef HAVE_CHACHA #ifndef NO_RSA - case TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256 : - return "TLS_ECDHE_RSA_WITH_CHACHA20_256_POLY1305_SHA256"; + case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 : + return "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"; + + case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 : + return "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"; #endif + case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 : + return "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"; #endif } } @@ -8525,8 +8530,10 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) } } #endif /* ECC */ - if (cipher->ssl->options.cipherSuite0 != ECC_BYTE && cipher->ssl->options.cipherSuite0 != CHACHA_BYTE) { - /* normal suites */ + if (cipher->ssl->options.cipherSuite0 != ECC_BYTE && + cipher->ssl->options.cipherSuite0 != CHACHA_BYTE) { + + /* normal suites */ switch (cipher->ssl->options.cipherSuite) { #ifndef NO_RSA #ifndef NO_RC4