arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-06-09 03:41:41 +03:00
Code

Disable RC4

Browse Source
This commit is contained in:
Ivan Grokhotkov 2015-12-09 23:39:26 +03:00
parent f98cae7b2f
commit 514b6685c5
2 changed files with 8 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
ssl/tls1.c
View File

@ -65,11 +65,11 @@ static void session_free(SSL_SESSION *ssl_sessions[], int sess_index);
const uint8_t ssl_prot_prefs[NUM_PROTOCOLS] = const uint8_t ssl_prot_prefs[NUM_PROTOCOLS] =
#ifdef CONFIG_SSL_PROT_LOW /* low security, fast speed */ #ifdef CONFIG_SSL_PROT_LOW /* low security, fast speed */
{ SSL_RC4_128_SHA, SSL_AES128_SHA, SSL_AES256_SHA, SSL_RC4_128_MD5 }; { SSL_AES128_SHA, SSL_AES256_SHA};
#elif CONFIG_SSL_PROT_MEDIUM /* medium security, medium speed */ #elif CONFIG_SSL_PROT_MEDIUM /* medium security, medium speed */
{ SSL_AES128_SHA, SSL_AES256_SHA, SSL_RC4_128_SHA, SSL_RC4_128_MD5 }; { SSL_AES128_SHA, SSL_AES256_SHA};
#else /* CONFIG_SSL_PROT_HIGH */ /* high security, low speed */ #else /* CONFIG_SSL_PROT_HIGH */ /* high security, low speed */
{ SSL_AES256_SHA, SSL_AES128_SHA, SSL_RC4_128_SHA, SSL_RC4_128_MD5 }; { SSL_AES256_SHA, SSL_AES128_SHA};
#endif #endif
#endif /* CONFIG_SSL_SKELETON_MODE */ #endif /* CONFIG_SSL_SKELETON_MODE */
@ -115,33 +115,7 @@ static const cipher_info_t cipher_info[NUM_PROTOCOLS] =
hmac_sha1, /* hmac algorithm */ hmac_sha1, /* hmac algorithm */
(crypt_func)AES_cbc_encrypt, /* encrypt */ (crypt_func)AES_cbc_encrypt, /* encrypt */
(crypt_func)AES_cbc_decrypt /* decrypt */ (crypt_func)AES_cbc_decrypt /* decrypt */
}, }
{ /* RC4-SHA */
SSL_RC4_128_SHA, /* RC4-SHA */
16, /* key size */
0, /* iv size */
2*(SHA1_SIZE+16), /* key block size */
0, /* no padding */
SHA1_SIZE, /* digest size */
hmac_sha1, /* hmac algorithm */
(crypt_func)RC4_crypt, /* encrypt */
(crypt_func)RC4_crypt /* decrypt */
},
/*
* This protocol is from SSLv2 days and is unlikely to be used - but was
* useful for testing different possible digest algorithms.
*/
{ /* RC4-MD5 */
SSL_RC4_128_MD5, /* RC4-MD5 */
16, /* key size */
0, /* iv size */
2*(MD5_SIZE+16), /* key block size */
0, /* no padding */
MD5_SIZE, /* digest size */
hmac_md5, /* hmac algorithm */
(crypt_func)RC4_crypt, /* encrypt */
(crypt_func)RC4_crypt /* decrypt */
},
}; };
#endif #endif

2
ssl/tls1.h
View File

@ -82,7 +82,7 @@ extern "C" {
#ifdef CONFIG_SSL_SKELETON_MODE #ifdef CONFIG_SSL_SKELETON_MODE
#define NUM_PROTOCOLS 1 #define NUM_PROTOCOLS 1
#else #else
#define NUM_PROTOCOLS 4 #define NUM_PROTOCOLS 2
#endif #endif
#define PARANOIA_CHECK(A, B) if (A < B) { \ #define PARANOIA_CHECK(A, B) if (A < B) { \