mirror of https://github.com/wolfSSL/wolfssl.git
Merge branch 'master' of github.com:cyassl/cyassl
commit
1224d3d907
|
@ -23,7 +23,7 @@ RESULT=$?
|
|||
|
||||
# make sure full config is ok
|
||||
echo -e "\n\nTesting full config as well...\n\n"
|
||||
./configure --enable-opensslextra --enable-ecc --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia;
|
||||
./configure --enable-opensslextra --enable-ecc --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia --enable-sha512;
|
||||
RESULT=$?
|
||||
[ $RESULT -ne 0 ] && echo -e "\n\nFull config ./configure failed" && exit 1
|
||||
|
||||
|
|
14
configure.ac
14
configure.ac
|
@ -289,7 +289,7 @@ fi
|
|||
|
||||
if test "$ENABLED_AESGCM" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM -DCYASSL_SHA384 -DCYASSL_SHA512"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
|
||||
fi
|
||||
|
||||
AM_CONDITIONAL([BUILD_AESGCM], [test "x$ENABLED_AESGCM" = "xyes"])
|
||||
|
@ -304,7 +304,7 @@ AC_ARG_ENABLE([aesccm],
|
|||
|
||||
if test "$ENABLED_AESCCM" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM -DCYASSL_SHA384 -DCYASSL_SHA512"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM"
|
||||
fi
|
||||
|
||||
AM_CONDITIONAL([BUILD_AESCCM], [test "x$ENABLED_AESCCM" = "xyes"])
|
||||
|
@ -424,16 +424,6 @@ then
|
|||
ENABLED_SHA512="yes"
|
||||
fi
|
||||
|
||||
if test "$ENABLED_AESGCM" = "yes"
|
||||
then
|
||||
ENABLED_SHA512="yes"
|
||||
fi
|
||||
|
||||
if test "$ENABLED_AESCCM" = "yes"
|
||||
then
|
||||
ENABLED_SHA512="yes"
|
||||
fi
|
||||
|
||||
|
||||
AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
|
||||
|
||||
|
|
|
@ -23,6 +23,8 @@
|
|||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifndef NO_RC4
|
||||
|
||||
#include <cyassl/ctaocrypt/arc4.h>
|
||||
|
||||
|
||||
|
@ -170,3 +172,6 @@ static void Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in,
|
|||
}
|
||||
|
||||
#endif /* HAVE_CAVIUM */
|
||||
|
||||
#endif /* NO_ARC4 */
|
||||
|
||||
|
|
|
@ -1436,9 +1436,7 @@ static int GetKey(DecodedCert* cert)
|
|||
/* process NAME, either issuer or subject */
|
||||
static int GetName(DecodedCert* cert, int nameType)
|
||||
{
|
||||
#ifndef NO_SHA
|
||||
Sha sha;
|
||||
#endif
|
||||
Sha sha; /* MUST have SHA-1 hash for cert names */
|
||||
int length; /* length of all distinguished names */
|
||||
int dummy;
|
||||
char* full = (nameType == ISSUER) ? cert->issuer : cert->subject;
|
||||
|
@ -1463,14 +1461,12 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
|
||||
return ASN_PARSE_E;
|
||||
|
||||
#ifndef NO_SHA
|
||||
InitSha(&sha);
|
||||
ShaUpdate(&sha, &cert->source[idx], length + cert->srcIdx - idx);
|
||||
if (nameType == ISSUER)
|
||||
ShaFinal(&sha, cert->issuerHash);
|
||||
else
|
||||
ShaFinal(&sha, cert->subjectHash);
|
||||
#endif
|
||||
|
||||
length += cert->srcIdx;
|
||||
idx = 0;
|
||||
|
|
|
@ -171,7 +171,9 @@ void c32to24(word32 in, word24 out);
|
|||
#endif
|
||||
#if defined (HAVE_AESGCM)
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
#if defined (CYASSL_SHA384)
|
||||
#define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
#if defined (HAVE_AESCCM)
|
||||
#define BUILD_TLS_RSA_WITH_AES_128_CCM_8
|
||||
|
@ -259,27 +261,29 @@ void c32to24(word32 in, word24 out);
|
|||
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
|
||||
#if defined (HAVE_AESGCM)
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
#if defined (CYASSL_SHA384)
|
||||
#define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC) && !defined(NO_TLS)
|
||||
#if !defined(NO_AES)
|
||||
#if !defined(NO_SHA)
|
||||
#if !defined(NO_RSA)
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
|
||||
|
||||
#if !defined(NO_SHA)
|
||||
#if !defined(NO_RSA)
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
|
||||
#endif
|
||||
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
|
||||
#endif /* NO_SHA */
|
||||
#ifndef NO_SHA256
|
||||
#if !defined(NO_RSA)
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
|
@ -302,21 +306,25 @@ void c32to24(word32 in, word24 out);
|
|||
#if !defined(NO_RSA)
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
|
||||
#if defined(CYASSL_SHA384)
|
||||
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
|
||||
#if defined(CYASS_SHA384)
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
#endif
|
||||
#endif
|
||||
#if defined (HAVE_AESCCM)
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
|
||||
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
|
||||
#endif
|
||||
#endif
|
||||
#endif /* NO_AES */
|
||||
#if !defined(NO_RC4)
|
||||
#if !defined(NO_SHA)
|
||||
#if !defined(NO_RSA)
|
||||
|
@ -337,7 +345,6 @@ void c32to24(word32 in, word24 out);
|
|||
#define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
|
||||
#define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
|
|
|
@ -4154,6 +4154,9 @@ static int DoAlert(CYASSL* ssl, byte* input, word32* inOutIdx, int* type)
|
|||
ssl->alert_history.last_rx.code = code;
|
||||
ssl->alert_history.last_rx.level = level;
|
||||
*type = code;
|
||||
if (level == alert_fatal) {
|
||||
ssl->options.isClosed = 1; /* Don't send close_notify */
|
||||
}
|
||||
|
||||
CYASSL_MSG("Got alert");
|
||||
if (*type == close_notify) {
|
||||
|
@ -5180,7 +5183,6 @@ int ReceiveData(CYASSL* ssl, byte* output, int sz, int peek)
|
|||
CYASSL_ERROR(ssl->error);
|
||||
if (ssl->error == ZERO_RETURN) {
|
||||
CYASSL_MSG("Zero return, no more data coming");
|
||||
ssl->options.isClosed = 1; /* Don't send close_notify */
|
||||
return 0; /* no more data coming */
|
||||
}
|
||||
if (ssl->error == SOCKET_ERROR_E) {
|
||||
|
@ -5248,6 +5250,9 @@ int SendAlert(CYASSL* ssl, int severity, int type)
|
|||
input[1] = (byte)type;
|
||||
ssl->alert_history.last_tx.code = type;
|
||||
ssl->alert_history.last_tx.level = severity;
|
||||
if (severity == alert_fatal) {
|
||||
ssl->options.isClosed = 1; /* Don't send close_notify */
|
||||
}
|
||||
|
||||
/* only send encrypted alert if handshake actually complete, otherwise
|
||||
other side may not be able to handle it */
|
||||
|
@ -8459,12 +8464,6 @@ int SetCipherList(Suites* s, const char* list)
|
|||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
|
||||
if (requirement == REQUIRES_ECC_DSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
|
||||
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
|
||||
if (requirement == REQUIRES_RSA)
|
||||
|
@ -8473,12 +8472,6 @@ int SetCipherList(Suites* s, const char* list)
|
|||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
|
||||
if (requirement == REQUIRES_ECC_DSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
|
||||
case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
|
||||
if (requirement == REQUIRES_RSA_SIG)
|
||||
|
@ -8486,6 +8479,19 @@ int SetCipherList(Suites* s, const char* list)
|
|||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
|
||||
if (requirement == REQUIRES_ECC_DSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
|
||||
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
|
||||
if (requirement == REQUIRES_ECC_DSA)
|
||||
return 1;
|
||||
break;
|
||||
|
||||
case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
|
||||
case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
|
||||
|
@ -8494,7 +8500,6 @@ int SetCipherList(Suites* s, const char* list)
|
|||
if (requirement == REQUIRES_ECC_STATIC)
|
||||
return 1;
|
||||
break;
|
||||
#endif
|
||||
|
||||
default:
|
||||
CYASSL_MSG("Unsupported cipher suite, CipherRequires ECC");
|
||||
|
|
Loading…
Reference in New Issue