From 1f0a32a7e30dc3e8f28d1649298bcb2931f84ec7 Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 11 Jul 2012 17:00:16 -0700 Subject: [PATCH] use internal enum for cipher requires, move external enums back to starting at zero --- cyassl/internal.h | 8 ++-- src/internal.c | 103 +++++++++++++++++++++++++--------------------- 2 files changed, 61 insertions(+), 50 deletions(-) diff --git a/cyassl/internal.h b/cyassl/internal.h index cc109738f..11db05301 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -779,7 +779,7 @@ typedef struct CipherSpecs { /* Supported Ciphers from page 43 */ enum BulkCipherAlgorithm { - cipher_null = 0, + cipher_null, rc4, rc2, des, @@ -794,7 +794,7 @@ enum BulkCipherAlgorithm { /* Supported Message Authentication Codes from page 43 */ enum MACAlgorithm { - no_mac = 10, + no_mac, md5_mac, sha_mac, sha224_mac, @@ -807,7 +807,7 @@ enum MACAlgorithm { /* Supported Key Exchange Protocols */ enum KeyExchangeAlgorithm { - no_kea = 20, + no_kea, rsa_kea, diffie_hellman_kea, fortezza_kea, @@ -820,7 +820,7 @@ enum KeyExchangeAlgorithm { /* Supported Authentication Schemes */ enum SignatureAlgorithm { - anonymous_sa_algo = 30, + anonymous_sa_algo, rsa_sa_algo, dsa_sa_algo, ecc_dsa_sa_algo diff --git a/src/internal.c b/src/internal.c index 27157dae7..d3d5ee355 100644 --- a/src/internal.c +++ b/src/internal.c @@ -5454,6 +5454,17 @@ int SetCipherList(Suites* s, const char* list) } + /* cipher requirements */ + enum { + REQUIRES_RSA, + REQUIRES_DHE, + REQUIRES_ECC_DSA, + REQUIRES_ECC_STATIC, + REQUIRES_PSK, + REQUIRES_NTRU + }; + + /* Does this cipher suite (first, second) have the requirement an ephemeral key exchange will still require the key for signing @@ -5466,82 +5477,82 @@ int SetCipherList(Suites* s, const char* list) switch (second) { case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA : - if (requirement == ecc_static_diffie_hellman_kea) + if (requirement == REQUIRES_ECC_STATIC) return 1; break; case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == ecc_static_diffie_hellman_kea) + if (requirement == REQUIRES_ECC_STATIC) return 1; break; case TLS_ECDHE_RSA_WITH_RC4_128_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_ECDH_RSA_WITH_RC4_128_SHA : - if (requirement == ecc_static_diffie_hellman_kea) + if (requirement == REQUIRES_ECC_STATIC) return 1; break; case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == ecc_dsa_sa_algo) + if (requirement == REQUIRES_ECC_DSA) return 1; break; case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == ecc_static_diffie_hellman_kea) + if (requirement == REQUIRES_ECC_STATIC) return 1; break; case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : - if (requirement == ecc_dsa_sa_algo) + if (requirement == REQUIRES_ECC_DSA) return 1; break; case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : - if (requirement == ecc_static_diffie_hellman_kea) + if (requirement == REQUIRES_ECC_STATIC) return 1; break; case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : - if (requirement == ecc_static_diffie_hellman_kea) + if (requirement == REQUIRES_ECC_STATIC) return 1; break; case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : - if (requirement == ecc_dsa_sa_algo) + if (requirement == REQUIRES_ECC_DSA) return 1; break; case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : - if (requirement == ecc_static_diffie_hellman_kea) + if (requirement == REQUIRES_ECC_STATIC) return 1; break; case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : - if (requirement == ecc_dsa_sa_algo) + if (requirement == REQUIRES_ECC_DSA) return 1; break; case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : - if (requirement == ecc_static_diffie_hellman_kea) + if (requirement == REQUIRES_ECC_STATIC) return 1; break; @@ -5554,110 +5565,110 @@ int SetCipherList(Suites* s, const char* list) switch (second) { case SSL_RSA_WITH_RC4_128_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_NTRU_RSA_WITH_RC4_128_SHA : - if (requirement == ntru_kea) + if (requirement == REQUIRES_NTRU) return 1; break; case SSL_RSA_WITH_RC4_128_MD5 : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case SSL_RSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == ntru_kea) + if (requirement == REQUIRES_NTRU) return 1; break; case TLS_RSA_WITH_AES_128_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_RSA_WITH_AES_128_CBC_SHA256 : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : - if (requirement == ntru_kea) + if (requirement == REQUIRES_NTRU) return 1; break; case TLS_RSA_WITH_AES_256_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_RSA_WITH_AES_256_CBC_SHA256 : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : - if (requirement == ntru_kea) + if (requirement == REQUIRES_NTRU) return 1; break; case TLS_PSK_WITH_AES_128_CBC_SHA : - if (requirement == psk_kea) + if (requirement == REQUIRES_PSK) return 1; break; case TLS_PSK_WITH_AES_256_CBC_SHA : - if (requirement == psk_kea) + if (requirement == REQUIRES_PSK) return 1; break; case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; - if (requirement == diffie_hellman_kea) + if (requirement == REQUIRES_DHE) return 1; break; case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; - if (requirement == diffie_hellman_kea) + if (requirement == REQUIRES_DHE) return 1; break; case TLS_DHE_RSA_WITH_AES_128_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; - if (requirement == diffie_hellman_kea) + if (requirement == REQUIRES_DHE) return 1; break; case TLS_DHE_RSA_WITH_AES_256_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; - if (requirement == diffie_hellman_kea) + if (requirement == REQUIRES_DHE) return 1; break; case TLS_RSA_WITH_HC_128_CBC_MD5 : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_RSA_WITH_HC_128_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; case TLS_RSA_WITH_RABBIT_CBC_SHA : - if (requirement == rsa_kea) + if (requirement == REQUIRES_RSA) return 1; break; @@ -5691,7 +5702,7 @@ int SetCipherList(Suites* s, const char* list) if (ssl->options.haveNTRU) haveRSA = 0; - if (CipherRequires(first, second, rsa_kea)) { + if (CipherRequires(first, second, REQUIRES_RSA)) { CYASSL_MSG("Requires RSA"); if (haveRSA == 0) { CYASSL_MSG("Don't have RSA"); @@ -5700,7 +5711,7 @@ int SetCipherList(Suites* s, const char* list) return 1; } - if (CipherRequires(first, second, diffie_hellman_kea)) { + if (CipherRequires(first, second, REQUIRES_DHE)) { CYASSL_MSG("Requires DHE"); if (ssl->options.haveDH == 0) { CYASSL_MSG("Don't have DHE"); @@ -5709,7 +5720,7 @@ int SetCipherList(Suites* s, const char* list) return 1; } - if (CipherRequires(first, second, ecc_dsa_sa_algo)) { + if (CipherRequires(first, second, REQUIRES_ECC_DSA)) { CYASSL_MSG("Requires ECCDSA"); if (ssl->options.haveECDSA == 0) { CYASSL_MSG("Don't have ECCDSA"); @@ -5718,7 +5729,7 @@ int SetCipherList(Suites* s, const char* list) return 1; } - if (CipherRequires(first, second, ecc_static_diffie_hellman_kea)) { + if (CipherRequires(first, second, REQUIRES_ECC_STATIC)) { CYASSL_MSG("Requires static ECC"); if (ssl->options.haveStaticECC == 0) { CYASSL_MSG("Don't have static ECC"); @@ -5727,7 +5738,7 @@ int SetCipherList(Suites* s, const char* list) return 1; } - if (CipherRequires(first, second, psk_kea)) { + if (CipherRequires(first, second, REQUIRES_PSK)) { CYASSL_MSG("Requires PSK"); if (havePSK == 0) { CYASSL_MSG("Don't have PSK"); @@ -5736,7 +5747,7 @@ int SetCipherList(Suites* s, const char* list) return 1; } - if (CipherRequires(first, second, ntru_kea)) { + if (CipherRequires(first, second, REQUIRES_NTRU)) { CYASSL_MSG("Requires NTRU"); if (ssl->options.haveNTRU == 0) { CYASSL_MSG("Don't have NTRU");