diff --git a/src/keys.c b/src/keys.c index 10aad6f14..a3da542fa 100644 --- a/src/keys.c +++ b/src/keys.c @@ -1218,8 +1218,8 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite, specs->bulk_cipher_algorithm = wolfssl_cipher_null; specs->cipher_type = aead; specs->mac_algorithm = sha256_mac; - specs->kea = 0; - specs->sig_algo = 0; + specs->kea = any_kea; + specs->sig_algo = any_sa_algo; specs->hash_size = WC_SHA256_DIGEST_SIZE; specs->pad_size = PAD_SHA; specs->static_ecdh = 0; @@ -1236,8 +1236,8 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite, specs->bulk_cipher_algorithm = wolfssl_cipher_null; specs->cipher_type = aead; specs->mac_algorithm = sha384_mac; - specs->kea = 0; - specs->sig_algo = 0; + specs->kea = any_kea; + specs->sig_algo = any_sa_algo; specs->hash_size = WC_SHA384_DIGEST_SIZE; specs->pad_size = PAD_SHA; specs->static_ecdh = 0; @@ -1266,8 +1266,8 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite, specs->bulk_cipher_algorithm = wolfssl_aes_gcm; specs->cipher_type = aead; specs->mac_algorithm = sha256_mac; - specs->kea = 0; - specs->sig_algo = 0; + specs->kea = any_kea; + specs->sig_algo = any_sa_algo; specs->hash_size = WC_SHA256_DIGEST_SIZE; specs->pad_size = PAD_SHA; specs->static_ecdh = 0; @@ -1284,8 +1284,8 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite, specs->bulk_cipher_algorithm = wolfssl_aes_gcm; specs->cipher_type = aead; specs->mac_algorithm = sha384_mac; - specs->kea = 0; - specs->sig_algo = 0; + specs->kea = any_kea; + specs->sig_algo = any_sa_algo; specs->hash_size = WC_SHA384_DIGEST_SIZE; specs->pad_size = PAD_SHA; specs->static_ecdh = 0; @@ -1302,8 +1302,8 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite, specs->bulk_cipher_algorithm = wolfssl_chacha; specs->cipher_type = aead; specs->mac_algorithm = sha256_mac; - specs->kea = 0; - specs->sig_algo = 0; + specs->kea = any_kea; + specs->sig_algo = any_sa_algo; specs->hash_size = WC_SHA256_DIGEST_SIZE; specs->pad_size = PAD_SHA; specs->static_ecdh = 0; @@ -1322,8 +1322,8 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite, specs->bulk_cipher_algorithm = wolfssl_aes_ccm; specs->cipher_type = aead; specs->mac_algorithm = sha256_mac; - specs->kea = 0; - specs->sig_algo = 0; + specs->kea = any_kea; + specs->sig_algo = any_sa_algo; specs->hash_size = WC_SHA256_DIGEST_SIZE; specs->pad_size = PAD_SHA; specs->static_ecdh = 0; @@ -1340,8 +1340,8 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite, specs->bulk_cipher_algorithm = wolfssl_aes_ccm; specs->cipher_type = aead; specs->mac_algorithm = sha256_mac; - specs->kea = 0; - specs->sig_algo = 0; + specs->kea = any_kea; + specs->sig_algo = any_sa_algo; specs->hash_size = WC_SHA256_DIGEST_SIZE; specs->pad_size = PAD_SHA; specs->static_ecdh = 0; @@ -1466,8 +1466,8 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite, specs->bulk_cipher_algorithm = wolfssl_sm4_gcm; specs->cipher_type = aead; specs->mac_algorithm = sm3_mac; - specs->kea = 0; - specs->sig_algo = 0; + specs->kea = any_kea; + specs->sig_algo = any_sa_algo; specs->hash_size = WC_SM3_DIGEST_SIZE; specs->pad_size = PAD_SHA; specs->static_ecdh = 0; @@ -1484,8 +1484,8 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite, specs->bulk_cipher_algorithm = wolfssl_sm4_ccm; specs->cipher_type = aead; specs->mac_algorithm = sm3_mac; - specs->kea = 0; - specs->sig_algo = 0; + specs->kea = any_kea; + specs->sig_algo = any_sa_algo; specs->hash_size = WC_SM3_DIGEST_SIZE; specs->pad_size = PAD_SHA; specs->static_ecdh = 0; diff --git a/src/ssl.c b/src/ssl.c index 766ad47cd..ac4433d1c 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -12371,6 +12371,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) *sigAlgo = SM2k; break; case invalid_sa_algo: + case any_sa_algo: default: *hashAlgo = WC_HASH_TYPE_NONE; *sigAlgo = 0; @@ -16166,6 +16167,9 @@ static WC_INLINE const char* wolfssl_kea_to_string(int kea) keaStr = "ECDH"; break; #endif + case any_kea: + keaStr = "any"; + break; default: keaStr = "unknown"; break; @@ -16217,6 +16221,9 @@ static WC_INLINE const char* wolfssl_sigalg_to_string(int sig_algo) authStr = "Ed448"; break; #endif + case any_sa_algo: + authStr = "any"; + break; default: authStr = "unknown"; break; @@ -16247,18 +16254,18 @@ static WC_INLINE const char* wolfssl_cipher_to_string(int cipher, int key_size) #endif #ifndef NO_AES case wolfssl_aes: - if (key_size == 128) + if (key_size == AES_128_KEY_SIZE) encStr = "AES(128)"; - else if (key_size == 256) + else if (key_size == AES_256_KEY_SIZE) encStr = "AES(256)"; else encStr = "AES(?)"; break; #ifdef HAVE_AESGCM case wolfssl_aes_gcm: - if (key_size == 128) + if (key_size == AES_128_KEY_SIZE) encStr = "AESGCM(128)"; - else if (key_size == 256) + else if (key_size == AES_256_KEY_SIZE) encStr = "AESGCM(256)"; else encStr = "AESGCM(?)"; @@ -16266,9 +16273,9 @@ static WC_INLINE const char* wolfssl_cipher_to_string(int cipher, int key_size) #endif #ifdef HAVE_AESCCM case wolfssl_aes_ccm: - if (key_size == 128) + if (key_size == AES_128_KEY_SIZE) encStr = "AESCCM(128)"; - else if (key_size == 256) + else if (key_size == AES_256_KEY_SIZE) encStr = "AESCCM(256)"; else encStr = "AESCCM(?)"; @@ -16282,11 +16289,11 @@ static WC_INLINE const char* wolfssl_cipher_to_string(int cipher, int key_size) #endif #ifdef HAVE_ARIA case wolfssl_aria_gcm: - if (key_size == 128) + if (key_size == ARIA_128_KEY_SIZE) encStr = "Aria(128)"; - else if (key_size == 192) + else if (key_size == ARIA_192_KEY_SIZE) encStr = "Aria(192)"; - else if (key_size == 256) + else if (key_size == ARIA_256_KEY_SIZE) encStr = "Aria(256)"; else encStr = "Aria(?)"; @@ -16294,9 +16301,9 @@ static WC_INLINE const char* wolfssl_cipher_to_string(int cipher, int key_size) #endif #ifdef HAVE_CAMELLIA case wolfssl_camellia: - if (key_size == 128) + if (key_size == CAMELLIA_128_KEY_SIZE) encStr = "Camellia(128)"; - else if (key_size == 256) + else if (key_size == CAMELLIA_256_KEY_SIZE) encStr = "Camellia(256)"; else encStr = "Camellia(?)"; @@ -16383,7 +16390,10 @@ char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER* cipher, char* in, authStr = wolfssl_sigalg_to_string(cipher->ssl->specs.sig_algo); encStr = wolfssl_cipher_to_string(cipher->ssl->specs.bulk_cipher_algorithm, cipher->ssl->specs.key_size); - macStr = wolfssl_mac_to_string(cipher->ssl->specs.mac_algorithm); + if (cipher->ssl->specs.cipher_type == aead) + macStr = "AEAD"; + else + macStr = wolfssl_mac_to_string(cipher->ssl->specs.mac_algorithm); /* Build up the string by copying onto the end. */ XSTRNCPY(in, wolfSSL_CIPHER_get_name(cipher), (size_t)len); @@ -19263,6 +19273,7 @@ static int SaToNid(byte sa, int* nid) *nid = WC_NID_sm2; break; case invalid_sa_algo: + case any_sa_algo: default: ret = WOLFSSL_FAILURE; break; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index c5beafa60..77865ed89 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -4324,7 +4324,8 @@ enum KeyExchangeAlgorithm { dhe_psk_kea, ecdhe_psk_kea, ecc_diffie_hellman_kea, - ecc_static_diffie_hellman_kea /* for verify suite only */ + ecc_static_diffie_hellman_kea, /* for verify suite only */ + any_kea }; /* Used with InitSuitesHashSigAlgo */ @@ -4354,6 +4355,7 @@ enum SignatureAlgorithm { dilithium_level3_sa_algo = 15, dilithium_level5_sa_algo = 16, sm2_sa_algo = 17, + any_sa_algo = 18, invalid_sa_algo = 255 };