WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' of github.com:cyassl/cyassl

pull/1/head
John Safranek 2012-10-03 15:33:23 -07:00
parent 95a30e3f0a e970cdfbc0
commit 397fbb743f
3 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cyassl/error.h
View File

@ -105,6 +105,8 @@ enum CyaSSL_ErrorCodes {
SEQUENCE_ERROR = -270, /* dtls sequence error */ SEQUENCE_ERROR = -270, /* dtls sequence error */
SUITES_ERROR = -271, /* suites pointer error */ SUITES_ERROR = -271, /* suites pointer error */
SSL_NO_PEM_HEADER = -272, /* no PEM header found */ SSL_NO_PEM_HEADER = -272, /* no PEM header found */
OUT_OF_ORDER_E = -273, /* out of order message */
BAD_KEA_TYPE_E = -274, /* bad KEA type found */
/* add strings to SetErrorString !!!!! */ /* add strings to SetErrorString !!!!! */
/* begin negotiation parameter errors */ /* begin negotiation parameter errors */

2
cyassl/internal.h
View File

@ -888,6 +888,8 @@ typedef struct CipherSpecs {
} CipherSpecs; } CipherSpecs;
void InitCipherSpecs(CipherSpecs* cs);
/* Supported Ciphers from page 43 */ /* Supported Ciphers from page 43 */
enum BulkCipherAlgorithm { enum BulkCipherAlgorithm {

33
src/internal.c
View File

@ -496,6 +496,22 @@ void FreeCiphers(CYASSL* ssl)
} }
void InitCipherSpecs(CipherSpecs* cs)
{
cs->bulk_cipher_algorithm = -1;
cs->cipher_type = -1;
cs->mac_algorithm = -1;
cs->kea = -1;
cs->sig_algo = -1;
cs->hash_size = 0;
cs->static_ecdh = 0;
cs->key_size = 0;
cs->iv_size = 0;
cs->block_size = 0;
}
void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
byte haveNTRU, byte haveECDSAsig, byte haveStaticECC, int side) byte haveNTRU, byte haveECDSAsig, byte haveStaticECC, int side)
{ {
@ -4332,6 +4348,14 @@ void SetErrorString(int error, char* str)
XSTRNCPY(str, "No PEM Header Error", max); XSTRNCPY(str, "No PEM Header Error", max);
break; break;
case OUT_OF_ORDER_E:
XSTRNCPY(str, "Out of order message, fatal", max);
break;
case BAD_KEA_TYPE_E:
XSTRNCPY(str, "Bad KEA type found", max);
break;
default : default :
XSTRNCPY(str, "unknown error number", max); XSTRNCPY(str, "unknown error number", max);
} }
@ -7316,6 +7340,11 @@ int SetCipherList(Suites* s, const char* list)
word32 length = 0; word32 length = 0;
byte* out; byte* out;
if (ssl->options.clientState < CLIENT_HELLO_COMPLETE) {
CYASSL_MSG("Client sending keyexchange at wrong time");
return OUT_OF_ORDER_E;
}
if (ssl->options.verifyPeer && ssl->options.failNoCert) if (ssl->options.verifyPeer && ssl->options.failNoCert)
if (!ssl->options.havePeerCert) { if (!ssl->options.havePeerCert) {
CYASSL_MSG("client didn't present peer cert"); CYASSL_MSG("client didn't present peer cert");
@ -7486,6 +7515,10 @@ int SetCipherList(Suites* s, const char* list)
ret = MakeMasterSecret(ssl); ret = MakeMasterSecret(ssl);
#endif /* OPENSSL_EXTRA */ #endif /* OPENSSL_EXTRA */
} }
else {
CYASSL_MSG("Bad kea type");
return BAD_KEA_TYPE_E;
}
if (ret == 0) { if (ret == 0) {
ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;