lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

- Added GCM ciphersuites to TLS implementation

Browse Source
This commit is contained in:
Paul Bakker
2012-04-18 14:23:57 +00:00
parent 0b22e3e989
commit ca4ab49158
8 changed files with 433 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
library/ssl_srv.c
View File

@ -109,6 +109,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
md5_update( &ssl->fin_md5 , buf + 2, n );
sha1_update( &ssl->fin_sha1, buf + 2, n );
sha2_update( &ssl->fin_sha2, buf + 2, n );
sha4_update( &ssl->fin_sha4, buf + 2, n );
buf = ssl->in_msg;
n = ssl->in_left - 5;
@ -230,6 +231,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
md5_update( &ssl->fin_md5 , buf, n );
sha1_update( &ssl->fin_sha1, buf, n );
sha2_update( &ssl->fin_sha2, buf, n );
sha4_update( &ssl->fin_sha4, buf, n );
/*
* SSL layer:
@ -539,7 +541,7 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
#if defined(POLARSSL_DHM_C)
int ret;
size_t n, rsa_key_len = 0;
unsigned char hash[36];
unsigned char hash[48];
md5_context md5;
sha1_context sha1;
int hash_id;
@ -557,7 +559,9 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA &&
ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_128_SHA256 &&
ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA256 )
ssl->session->ciphersuite != SSL_EDH_RSA_CAMELLIA_256_SHA256 &&
ssl->session->ciphersuite != SSL_EDH_RSA_AES_128_GCM_SHA256 &&
ssl->session->ciphersuite != SSL_EDH_RSA_AES_256_GCM_SHA384 )
{
SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
ssl->state++;
@ -770,7 +774,9 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA ||
ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA256 ||
ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA256 )
ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA256 ||
ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_GCM_SHA256 ||
ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_GCM_SHA384 )
{
#if !defined(POLARSSL_DHM_C)
SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) );