From a54f51d88693cbcf08b09de1ff4f775ed03583e3 Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 3 May 2012 08:18:59 -0700 Subject: [PATCH] first static ECDH suite --- ctaocrypt/src/asn.c | 2 +- cyassl/ctaocrypt/asn.h | 1 + cyassl/internal.h | 13 +++++-- src/internal.c | 80 +++++++++++++++++++++++++++++++++++------- src/keys.c | 48 ++++++++++++++++++++++++- src/ssl.c | 32 ++++++++++++++++- 6 files changed, 159 insertions(+), 17 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index f38a4472a..4d99584d1 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -1599,7 +1599,7 @@ static int GetValidity(DecodedCert* cert, int verify) } -static int DecodeToKey(DecodedCert* cert, int verify) +int DecodeToKey(DecodedCert* cert, int verify) { int badDate = 0; int ret; diff --git a/cyassl/ctaocrypt/asn.h b/cyassl/ctaocrypt/asn.h index b26f48457..148e71ce3 100644 --- a/cyassl/ctaocrypt/asn.h +++ b/cyassl/ctaocrypt/asn.h @@ -267,6 +267,7 @@ CYASSL_TEST_API int ParseCert(DecodedCert*, int type, int verify, CYASSL_LOCAL int ParseCertRelative(DecodedCert*, int type, int verify, Signer* signer); +CYASSL_LOCAL int DecodeToKey(DecodedCert*, int verify); CYASSL_LOCAL word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID); diff --git a/cyassl/internal.h b/cyassl/internal.h index d72fee138..2bfe15346 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -169,6 +169,8 @@ void c32to24(word32 in, word24 out); #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA #endif #if !defined(NO_RC4) #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA @@ -235,6 +237,10 @@ enum { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x12, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x08, + /* static ECDH, first byte is 0xC0 (ECC_BYTE) */ + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0x05, + + /* CyaSSL extension - eSTREAM */ TLS_RSA_WITH_HC_128_CBC_MD5 = 0xFB, TLS_RSA_WITH_HC_128_CBC_SHA = 0xFC, @@ -620,7 +626,8 @@ struct CYASSL_CTX { byte sendVerify; /* for client side */ byte haveDH; /* server DH parms set by user */ byte haveNTRU; /* server private NTRU key loaded */ - byte haveECDSA; /* server private ECDSA key loaded */ + byte haveECDSA; /* server cert signed w/ ECDSA loaded */ + byte haveStaticECC; /* static server ECC private key */ byte partialWrite; /* only one msg per write call */ byte quietShutdown; /* don't send close notify */ byte groupMessages; /* group handshake messages before sending */ @@ -671,6 +678,7 @@ typedef struct CipherSpecs { byte sig_algo; byte hash_size; byte pad_size; + byte static_ecdh; word16 key_size; word16 iv_size; word16 block_size; @@ -933,7 +941,8 @@ typedef struct Options { byte usingCompression; /* are we using compression */ byte haveDH; /* server DH parms set by user */ byte haveNTRU; /* server NTRU private key loaded */ - byte haveECDSA; /* server ECDSA private key loaded */ + byte haveECDSA; /* server ECDSA signed cert */ + byte haveStaticECC; /* static server ECC private key */ byte havePeerCert; /* do we have peer's cert */ byte usingPSK_cipher; /* whether we're using psk as cipher */ byte sendAlertState; /* nonblocking resume */ diff --git a/src/internal.c b/src/internal.c index 929b3687f..fe349cc04 100644 --- a/src/internal.c +++ b/src/internal.c @@ -335,6 +335,7 @@ int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method) ctx->haveDH = 0; ctx->haveNTRU = 0; /* start off */ ctx->haveECDSA = 0; /* start off */ + ctx->haveStaticECC = 0; /* start off */ ctx->heap = ctx; /* defaults to self */ #ifndef NO_PSK ctx->havePSK = 0; @@ -444,6 +445,9 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, int tls1_2 = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_2_MINOR; int haveRSA = 1; + /* TAO temp fix */ + int haveStaticECC = 1; + (void)tls; /* shut up compiler */ (void)haveDH; (void)havePSK; @@ -495,6 +499,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, } #endif +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + if (tls && haveECDSA && haveStaticECC) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA; + } +#endif + #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA if (tls && haveECDSA) { suites->suites[idx++] = ECC_BYTE; @@ -755,7 +766,8 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ssl->options.haveDH = 0; ssl->options.haveNTRU = ctx->haveNTRU; ssl->options.haveECDSA = ctx->haveECDSA; - ssl->options.havePeerCert = 0; + ssl->options.haveStaticECC = ctx->haveStaticECC; + ssl->options.havePeerCert = 0; ssl->options.usingPSK_cipher = 0; ssl->options.sendAlertState = 0; #ifndef NO_PSK @@ -3544,8 +3556,13 @@ const char* const cipher_names[] = #endif #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - "DHE-RSA-AES256-SHA256" + "DHE-RSA-AES256-SHA256", #endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + "ECDH-ECDSA-AES256-SHA" +#endif + }; @@ -3663,8 +3680,13 @@ int cipher_name_idx[] = #endif #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, #endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA +#endif + }; @@ -4068,6 +4090,7 @@ int SetCipherList(Suites* s, const char* list) return ret; } else + CYASSL_MSG("Unsupported cipher suite, DoServerHello"); return UNSUPPORTED_SUITE; } else { @@ -4449,14 +4472,24 @@ int SetCipherList(Suites* s, const char* list) #endif /* HAVE_NTRU */ #ifdef HAVE_ECC } else if (ssl->specs.kea == ecc_diffie_hellman_kea) { - ecc_key myKey; - word32 size = sizeof(encSecret); + ecc_key myKey; + ecc_key* peerKey = &myKey; + word32 size = sizeof(encSecret); - if (!ssl->peerEccKeyPresent || !ssl->peerEccKey.dp) - return NO_PEER_KEY; + if (ssl->specs.static_ecdh) { + /* TODO: EccDsa is really fixed Ecc change naming */ + if (!ssl->peerEccDsaKeyPresent || !ssl->peerEccDsaKey.dp) + return NO_PEER_KEY; + peerKey = &ssl->peerEccDsaKey; + } + else { + if (!ssl->peerEccKeyPresent || !ssl->peerEccKey.dp) + return NO_PEER_KEY; + peerKey = &ssl->peerEccKey; + } ecc_init(&myKey); - ret = ecc_make_key(&ssl->rng, ssl->peerEccKey.dp->size, &myKey); + ret = ecc_make_key(&ssl->rng, peerKey->dp->size, &myKey); if (ret != 0) return ECC_MAKEKEY_ERROR; @@ -4469,7 +4502,7 @@ int SetCipherList(Suites* s, const char* list) ret = ECC_EXPORT_ERROR; else { size = sizeof(ssl->arrays.preMasterSecret); - ret = ecc_shared_secret(&myKey, &ssl->peerEccKey, + ret = ecc_shared_secret(&myKey, peerKey, ssl->arrays.preMasterSecret, &size); if (ret != 0) ret = ECC_SHARED_ERROR; @@ -4880,9 +4913,15 @@ int SetCipherList(Suites* s, const char* list) RsaKey rsaKey; ecc_key dsaKey; + if (ssl->specs.static_ecdh) { + CYASSL_MSG("Using Static ECDH, not sending ServerKeyExchagne"); + return 0; + } + /* curve type, named curve, length(1) */ length = ENUM_LEN + CURVE_LEN + ENUM_LEN; /* pub key size */ + CYASSL_MSG("Using ephemeral ECDH"); if (ecc_export_x963(&ssl->eccTempKey, exportBuf, &expSz) != 0) return ECC_EXPORT_ERROR; length += expSz; @@ -5386,8 +5425,10 @@ int SetCipherList(Suites* s, const char* list) ssl->options.resuming = 0; break; /* session lookup failed */ } - if (MatchSuite(ssl, &clSuites) < 0) + if (MatchSuite(ssl, &clSuites) < 0) { + CYASSL_MSG("Unsupported cipher suite, OldClientHello"); return UNSUPPORTED_SUITE; + } RNG_GenerateBlock(&ssl->rng, ssl->arrays.serverRandom, RAN_LEN); if (ssl->options.tls) @@ -5540,8 +5581,10 @@ int SetCipherList(Suites* s, const char* list) CYASSL_MSG("Session lookup for resume failed"); break; /* session lookup failed */ } - if (MatchSuite(ssl, &clSuites) < 0) + if (MatchSuite(ssl, &clSuites) < 0) { + CYASSL_MSG("Unsupported cipher suite, ClientHello"); return UNSUPPORTED_SUITE; + } RNG_GenerateBlock(&ssl->rng, ssl->arrays.serverRandom, RAN_LEN); if (ssl->options.tls) @@ -5839,7 +5882,20 @@ int SetCipherList(Suites* s, const char* list) ssl->peerEccKeyPresent = 1; size = sizeof(ssl->arrays.preMasterSecret); - ret = ecc_shared_secret(&ssl->eccTempKey, &ssl->peerEccKey, + if (ssl->specs.static_ecdh) { + ecc_key staticKey; + word32 i = 0; + + ecc_init(&staticKey); + ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &i, + &staticKey, ssl->buffers.key.length); + if (ret == 0) + ret = ecc_shared_secret(&staticKey, &ssl->peerEccKey, + ssl->arrays.preMasterSecret, &size); + ecc_free(&staticKey); + } + else + ret = ecc_shared_secret(&ssl->eccTempKey, &ssl->peerEccKey, ssl->arrays.preMasterSecret, &size); if (ret != 0) return ECC_SHARED_ERROR; diff --git a/src/keys.c b/src/keys.c index 31f3a7309..917524956 100644 --- a/src/keys.c +++ b/src/keys.c @@ -48,6 +48,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -64,6 +65,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = DES3_KEY_SIZE; ssl->specs.block_size = DES_BLOCK_SIZE; ssl->specs.iv_size = DES_IV_SIZE; @@ -80,6 +82,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = RC4_KEY_SIZE; ssl->specs.iv_size = 0; ssl->specs.block_size = 0; @@ -96,6 +99,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = ecc_dsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = DES3_KEY_SIZE; ssl->specs.block_size = DES_BLOCK_SIZE; ssl->specs.iv_size = DES_IV_SIZE; @@ -112,6 +116,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = ecc_dsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = RC4_KEY_SIZE; ssl->specs.iv_size = 0; ssl->specs.block_size = 0; @@ -128,6 +133,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -144,6 +150,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = ecc_dsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -160,6 +167,24 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = ecc_dsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = ecc_dsa_sa_algo; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 1; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -168,6 +193,7 @@ int SetCipherSpecs(CYASSL* ssl) #endif default: + CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC"); return UNSUPPORTED_SUITE; } /* switch */ } /* if */ @@ -183,6 +209,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = RC4_KEY_SIZE; ssl->specs.iv_size = 0; ssl->specs.block_size = 0; @@ -198,6 +225,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = ntru_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = RC4_KEY_SIZE; ssl->specs.iv_size = 0; ssl->specs.block_size = 0; @@ -213,6 +241,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = MD5_DIGEST_SIZE; ssl->specs.pad_size = PAD_MD5; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = RC4_KEY_SIZE; ssl->specs.iv_size = 0; ssl->specs.block_size = 0; @@ -228,6 +257,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = DES3_KEY_SIZE; ssl->specs.block_size = DES_BLOCK_SIZE; ssl->specs.iv_size = DES_IV_SIZE; @@ -243,6 +273,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = ntru_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = DES3_KEY_SIZE; ssl->specs.block_size = DES_BLOCK_SIZE; ssl->specs.iv_size = DES_IV_SIZE; @@ -258,6 +289,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -273,6 +305,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = SHA256_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -288,6 +321,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = ntru_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -303,6 +337,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -318,6 +353,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = SHA256_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -333,6 +369,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = ntru_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -348,6 +385,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = psk_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -364,6 +402,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = psk_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -381,6 +420,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA256_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -397,6 +437,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA256_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -413,6 +454,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -429,6 +471,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; ssl->specs.iv_size = AES_IV_SIZE; @@ -444,6 +487,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = MD5_DIGEST_SIZE; ssl->specs.pad_size = PAD_MD5; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = HC_128_KEY_SIZE; ssl->specs.block_size = 0; ssl->specs.iv_size = HC_128_IV_SIZE; @@ -459,6 +503,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = HC_128_KEY_SIZE; ssl->specs.block_size = 0; ssl->specs.iv_size = HC_128_IV_SIZE; @@ -474,6 +519,7 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.kea = rsa_kea; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; ssl->specs.key_size = RABBIT_KEY_SIZE; ssl->specs.block_size = 0; ssl->specs.iv_size = RABBIT_IV_SIZE; @@ -482,7 +528,7 @@ int SetCipherSpecs(CYASSL* ssl) #endif default: - CYASSL_MSG("Unsupported cipher suite"); + CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs"); return UNSUPPORTED_SUITE; } /* switch */ } /* if ECC / Normal suites else */ diff --git a/src/ssl.c b/src/ssl.c index b66db6d95..1ff49f4c3 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -996,10 +996,37 @@ int AddCA(CYASSL_CTX* ctx, buffer der, int type) return SSL_BAD_FILE; } ecc_free(&key); - ctx->haveECDSA = 1; + ctx->haveStaticECC = 1; + if (ssl) + ssl->options.haveStaticECC = 1; } #endif /* HAVE_ECC */ } + else if (type == CERT_TYPE) { + int ret; + DecodedCert cert; + + CYASSL_MSG("Checking cert signature type"); + InitDecodedCert(&cert, der.buffer, der.length, ctx->heap); + + if ((ret = DecodeToKey(&cert, 0)) < 0) { + CYASSL_MSG("Decode to key failed"); + return SSL_BAD_FILE; + } + switch (cert.signatureOID) { + case CTC_SHAwECDSA: + case CTC_SHA256wECDSA: + case CTC_SHA384wECDSA: + case CTC_SHA512wECDSA: + CYASSL_MSG("ECDSA cert signature"); + ctx->haveECDSA = 1; + if (ssl) + ssl->options.haveECDSA = 1; + break; + } + + FreeDecodedCert(&cert); + } return SSL_SUCCESS; } @@ -4365,6 +4392,9 @@ int CyaSSL_set_compression(CYASSL* ssl) return "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"; case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : return "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"; + + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : + return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"; default: return "NONE"; }