Added support for an anonymous cipher suite (#1267)

* Added support for cipher suite TLS_DH_anon_WITH_AES256_GCM_SHA384
* Added test cases for verification of anonymous cipher suite

examples/client/client.c

@@ -1605,8 +1605,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     if (useAnon) {
 #ifdef HAVE_ANON
         if (cipherList == NULL || (cipherList && useDefCipherList)) {
+            const char* defaultCipherList;
             wolfSSL_CTX_allow_anon_cipher(ctx);
-            if (wolfSSL_CTX_set_cipher_list(ctx,"ADH-AES128-SHA")
+            defaultCipherList = "ADH-AES256-GCM-SHA384:"
+                                "ADH-AES128-SHA";
+            if (wolfSSL_CTX_set_cipher_list(ctx,defaultCipherList)
                                                            != WOLFSSL_SUCCESS) {
                 wolfSSL_CTX_free(ctx);
                 err_sys("client can't set cipher list 4");

examples/server/server.c

@@ -1149,7 +1149,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
 #ifdef HAVE_ANON
         CyaSSL_CTX_allow_anon_cipher(ctx);
         if (cipherList == NULL || (cipherList && useDefCipherList)) {
-            if (SSL_CTX_set_cipher_list(ctx, "ADH-AES128-SHA") != WOLFSSL_SUCCESS)
+            const char* defaultCipherList;
+            defaultCipherList = "ADH-AES256-GCM-SHA384:"
+                                "ADH-AES128-SHA";
+            if (SSL_CTX_set_cipher_list(ctx, defaultCipherList)
+                                                            != WOLFSSL_SUCCESS)
                 err_sys_ex(runWithErrors, "server can't set cipher list 4");
         }
 #endif

src/internal.c

@@ -2022,6 +2022,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
     }
 #endif
 
+#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384
+    if (tls1_2 && haveDH) {
+      suites->suites[idx++] = 0;
+      suites->suites[idx++] = TLS_DH_anon_WITH_AES_256_GCM_SHA384;
+    }
+#endif
+
 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
     if (tls1_2 && haveDH && havePSK) {
         suites->suites[idx++] = 0;
@@ -7451,6 +7458,10 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
             if (requirement == REQUIRES_DHE)
                 return 1;
             break;
+        case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
 #endif
 #ifdef WOLFSSL_MULTICAST
         case WDM_WITH_NULL_SHA256 :
@@ -15613,6 +15624,10 @@ static const char* const cipher_names[] =
     "ADH-AES128-SHA",
 #endif
 
+#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384
+    "ADH-AES256-GCM-SHA384",
+#endif
+
 #ifdef BUILD_TLS_QSH
     "QSH",
 #endif
@@ -16082,6 +16097,10 @@ static const int cipher_name_idx[] =
     TLS_DH_anon_WITH_AES_128_CBC_SHA,
 #endif
 
+#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384
+    TLS_DH_anon_WITH_AES_256_GCM_SHA384,
+#endif
+
 #ifdef BUILD_TLS_QSH
     TLS_QSH,
 #endif
@@ -16644,6 +16663,12 @@ const char* wolfSSL_get_cipher_name_from_suite(const unsigned char cipherSuite,
             case TLS_DH_anon_WITH_AES_128_CBC_SHA :
                 return "TLS_DH_anon_WITH_AES_128_CBC_SHA";
 #endif
+
+#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384
+            case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+                return "TLS_DH_anon_WITH_AES_256_GCM_SHA384";
+#endif
+
 #ifdef BUILD_WDM_WITH_NULL_SHA256
             case WDM_WITH_NULL_SHA256 :
                 return "WDM_WITH_NULL_SHA256";

src/keys.c

@@ -1417,6 +1417,25 @@ int SetCipherSpecs(WOLFSSL* ssl)
         break;
 #endif
         
+#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384
+    case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = WC_SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AESGCM_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+         ssl->options.usingAnon_cipher    = 1;
+        break;
+#endif
+
 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
     case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
         ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;

tests/test.conf

@@ -2048,6 +2048,36 @@
 -v 1
 -l ADH-AES128-SHA
 
+# server TLSv1.2 ADH-AES256-GCM-SHA384
+-a
+-v 3
+-l ADH-AES256-GCM-SHA384
+
+# client TLSv1.2 ADH-AES256-GCM-SHA384
+-a
+-v 3
+-l ADH-AES256-GCM-SHA384
+
+# server TLSv1.1 ADH-AES256-GCM-SHA384
+-a
+-v 2
+-l ADH-AES256-GCM-SHA384
+
+# client TLSv1.1 ADH-AES256-GCM-SHA384
+-a
+-v 2
+-l ADH-AES256-GCM-SHA384
+
+# server TLSv1.0 ADH-AES256-GCM-SHA384
+-a
+-v 1
+-l ADH-AES256-GCM-SHA384
+
+# client TLSv1.0 ADH-AES256-GCM-SHA384
+-a
+-v 1
+-l ADH-AES256-GCM-SHA384
+
 # server TLSv1 NTRU_RC4
 -v 1
 -l NTRU-RC4-SHA

wolfssl/internal.h

@@ -463,6 +463,10 @@
     #if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \
         !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128)
         #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
+
+        #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM)
+            #define BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384
+        #endif
     #endif
 
     #if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
@@ -913,6 +917,7 @@ enum {
     TLS_RSA_WITH_AES_256_GCM_SHA384          = 0x9d,
     TLS_DHE_RSA_WITH_AES_128_GCM_SHA256      = 0x9e,
     TLS_DHE_RSA_WITH_AES_256_GCM_SHA384      = 0x9f,
+    TLS_DH_anon_WITH_AES_256_GCM_SHA384      = 0xa7,
     TLS_PSK_WITH_AES_128_GCM_SHA256          = 0xa8,
     TLS_PSK_WITH_AES_256_GCM_SHA384          = 0xa9,
     TLS_DHE_PSK_WITH_AES_128_GCM_SHA256      = 0xaa,