CyaSSL - A library for setting up Secure Socket Layer (SSL…

MultiTech » Code » CyaSSL

A library for setting up Secure Socket Layer (SSL) connections and verifying remote hosts using certificates. Contains only the source files for mbed platform implementation of the library.

Dependents: HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL

src/keys.c@6:cf58d49e1a86, 2015-03-23 (annotated)

Committer:: Mike Fiore
Date:: Mon Mar 23 16:51:07 2015 -0500
Revision:: 6:cf58d49e1a86
Parent:: 0:b86d15c6ba29

fix whitespace in sha512.c

Who changed what in which revision?

User	Revision	Line number	New contents of line
Vanger	0:b86d15c6ba29	1	/* keys.c
Vanger	0:b86d15c6ba29	2	*
Vanger	0:b86d15c6ba29	3	* Copyright (C) 2006-2014 wolfSSL Inc.
Vanger	0:b86d15c6ba29	4	*
Vanger	0:b86d15c6ba29	5	* This file is part of CyaSSL.
Vanger	0:b86d15c6ba29	6	*
Vanger	0:b86d15c6ba29	7	* CyaSSL is free software; you can redistribute it and/or modify
Vanger	0:b86d15c6ba29	8	* it under the terms of the GNU General Public License as published by
Vanger	0:b86d15c6ba29	9	* the Free Software Foundation; either version 2 of the License, or
Vanger	0:b86d15c6ba29	10	* (at your option) any later version.
Vanger	0:b86d15c6ba29	11	*
Vanger	0:b86d15c6ba29	12	* CyaSSL is distributed in the hope that it will be useful,
Vanger	0:b86d15c6ba29	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
Vanger	0:b86d15c6ba29	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Vanger	0:b86d15c6ba29	15	* GNU General Public License for more details.
Vanger	0:b86d15c6ba29	16	*
Vanger	0:b86d15c6ba29	17	* You should have received a copy of the GNU General Public License
Vanger	0:b86d15c6ba29	18	* along with this program; if not, write to the Free Software
Vanger	0:b86d15c6ba29	19	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
Vanger	0:b86d15c6ba29	20	*/
Vanger	0:b86d15c6ba29	21
Vanger	0:b86d15c6ba29	22
Vanger	0:b86d15c6ba29	23	#ifdef HAVE_CONFIG_H
Vanger	0:b86d15c6ba29	24	#include <config.h>
Vanger	0:b86d15c6ba29	25	#endif
Vanger	0:b86d15c6ba29	26
Vanger	0:b86d15c6ba29	27	#include <cyassl/ctaocrypt/settings.h>
Vanger	0:b86d15c6ba29	28
Vanger	0:b86d15c6ba29	29	#include <cyassl/internal.h>
Vanger	0:b86d15c6ba29	30	#include <cyassl/error-ssl.h>
Vanger	0:b86d15c6ba29	31	#if defined(SHOW_SECRETS) \|\| defined(CHACHA_AEAD_TEST)
Vanger	0:b86d15c6ba29	32	#ifdef FREESCALE_MQX
Vanger	0:b86d15c6ba29	33	#include <fio.h>
Vanger	0:b86d15c6ba29	34	#else
Vanger	0:b86d15c6ba29	35	#include <stdio.h>
Vanger	0:b86d15c6ba29	36	#endif
Vanger	0:b86d15c6ba29	37	#endif
Vanger	0:b86d15c6ba29	38
Vanger	0:b86d15c6ba29	39
Vanger	0:b86d15c6ba29	40	int SetCipherSpecs(CYASSL* ssl)
Vanger	0:b86d15c6ba29	41	{
Vanger	0:b86d15c6ba29	42	#ifndef NO_CYASSL_CLIENT
Vanger	0:b86d15c6ba29	43	if (ssl->options.side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	44	/* server side verified before SetCipherSpecs call */
Vanger	0:b86d15c6ba29	45	if (VerifyClientSuite(ssl) != 1) {
Vanger	0:b86d15c6ba29	46	CYASSL_MSG("SetCipherSpecs() client has an unusuable suite");
Vanger	0:b86d15c6ba29	47	return UNSUPPORTED_SUITE;
Vanger	0:b86d15c6ba29	48	}
Vanger	0:b86d15c6ba29	49	}
Vanger	0:b86d15c6ba29	50	#endif /* NO_CYASSL_CLIENT */
Vanger	0:b86d15c6ba29	51
Vanger	0:b86d15c6ba29	52	/* Chacha extensions, 0xcc */
Vanger	0:b86d15c6ba29	53	if (ssl->options.cipherSuite0 == CHACHA_BYTE) {
Vanger	0:b86d15c6ba29	54
Vanger	0:b86d15c6ba29	55	switch (ssl->options.cipherSuite) {
Vanger	0:b86d15c6ba29	56	#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Vanger	0:b86d15c6ba29	57	case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
Vanger	0:b86d15c6ba29	58	ssl->specs.bulk_cipher_algorithm = cyassl_chacha;
Vanger	0:b86d15c6ba29	59	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	60	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	61	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	62	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	63	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	64	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	65	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	66	ssl->specs.key_size = CHACHA20_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	67	ssl->specs.block_size = CHACHA20_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	68	ssl->specs.iv_size = CHACHA20_IV_SIZE;
Vanger	0:b86d15c6ba29	69	ssl->specs.aead_mac_size = POLY1305_AUTH_SZ;
Vanger	0:b86d15c6ba29	70
Vanger	0:b86d15c6ba29	71	break;
Vanger	0:b86d15c6ba29	72	#endif
Vanger	0:b86d15c6ba29	73
Vanger	0:b86d15c6ba29	74	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
Vanger	0:b86d15c6ba29	75	case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
Vanger	0:b86d15c6ba29	76	ssl->specs.bulk_cipher_algorithm = cyassl_chacha;
Vanger	0:b86d15c6ba29	77	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	78	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	79	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	80	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	81	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	82	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	83	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	84	ssl->specs.key_size = CHACHA20_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	85	ssl->specs.block_size = CHACHA20_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	86	ssl->specs.iv_size = CHACHA20_IV_SIZE;
Vanger	0:b86d15c6ba29	87	ssl->specs.aead_mac_size = POLY1305_AUTH_SZ;
Vanger	0:b86d15c6ba29	88
Vanger	0:b86d15c6ba29	89	break;
Vanger	0:b86d15c6ba29	90	#endif
Vanger	0:b86d15c6ba29	91
Vanger	0:b86d15c6ba29	92	#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Vanger	0:b86d15c6ba29	93	case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
Vanger	0:b86d15c6ba29	94	ssl->specs.bulk_cipher_algorithm = cyassl_chacha;
Vanger	0:b86d15c6ba29	95	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	96	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	97	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	98	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	99	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	100	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	101	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	102	ssl->specs.key_size = CHACHA20_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	103	ssl->specs.block_size = CHACHA20_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	104	ssl->specs.iv_size = CHACHA20_IV_SIZE;
Vanger	0:b86d15c6ba29	105	ssl->specs.aead_mac_size = POLY1305_AUTH_SZ;
Vanger	0:b86d15c6ba29	106
Vanger	0:b86d15c6ba29	107	break;
Vanger	0:b86d15c6ba29	108	#endif
Vanger	0:b86d15c6ba29	109	default:
Vanger	0:b86d15c6ba29	110	CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ChaCha");
Vanger	0:b86d15c6ba29	111	return UNSUPPORTED_SUITE;
Vanger	0:b86d15c6ba29	112	}
Vanger	0:b86d15c6ba29	113	}
Vanger	0:b86d15c6ba29	114
Vanger	0:b86d15c6ba29	115	/* ECC extensions, or AES-CCM */
Vanger	0:b86d15c6ba29	116	if (ssl->options.cipherSuite0 == ECC_BYTE) {
Vanger	0:b86d15c6ba29	117
Vanger	0:b86d15c6ba29	118	switch (ssl->options.cipherSuite) {
Vanger	0:b86d15c6ba29	119
Vanger	0:b86d15c6ba29	120	#ifdef HAVE_ECC
Vanger	0:b86d15c6ba29	121
Vanger	0:b86d15c6ba29	122	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Vanger	0:b86d15c6ba29	123	case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	124	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	125	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	126	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	127	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	128	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	129	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	130	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	131	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	132	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	133	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	134	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	135	break;
Vanger	0:b86d15c6ba29	136	#endif
Vanger	0:b86d15c6ba29	137
Vanger	0:b86d15c6ba29	138	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Vanger	0:b86d15c6ba29	139	case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	140	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	141	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	142	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	143	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	144	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	145	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	146	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	147	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	148	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	149	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	150	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	151	break;
Vanger	0:b86d15c6ba29	152	#endif
Vanger	0:b86d15c6ba29	153
Vanger	0:b86d15c6ba29	154	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Vanger	0:b86d15c6ba29	155	case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	156	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	157	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	158	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	159	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	160	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	161	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	162	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	163	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	164	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	165	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	166	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	167	break;
Vanger	0:b86d15c6ba29	168	#endif
Vanger	0:b86d15c6ba29	169
Vanger	0:b86d15c6ba29	170	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Vanger	0:b86d15c6ba29	171	case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	172	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	173	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	174	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	175	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	176	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	177	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	178	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	179	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	180	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	181	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	182	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	183	break;
Vanger	0:b86d15c6ba29	184	#endif
Vanger	0:b86d15c6ba29	185
Vanger	0:b86d15c6ba29	186	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Vanger	0:b86d15c6ba29	187	case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
Vanger	0:b86d15c6ba29	188	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	189	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	190	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	191	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	192	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	193	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	194	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	195	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	196	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	197	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	198	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	199	break;
Vanger	0:b86d15c6ba29	200	#endif
Vanger	0:b86d15c6ba29	201
Vanger	0:b86d15c6ba29	202	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Vanger	0:b86d15c6ba29	203	case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
Vanger	0:b86d15c6ba29	204	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	205	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	206	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	207	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	208	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	209	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	210	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	211	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	212	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	213	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	214	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	215	break;
Vanger	0:b86d15c6ba29	216	#endif
Vanger	0:b86d15c6ba29	217
Vanger	0:b86d15c6ba29	218	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Vanger	0:b86d15c6ba29	219	case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
Vanger	0:b86d15c6ba29	220	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	221	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	222	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	223	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	224	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	225	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	226	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	227	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	228	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	229	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	230	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	231	break;
Vanger	0:b86d15c6ba29	232	#endif
Vanger	0:b86d15c6ba29	233
Vanger	0:b86d15c6ba29	234	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Vanger	0:b86d15c6ba29	235	case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
Vanger	0:b86d15c6ba29	236	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	237	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	238	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	239	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	240	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	241	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	242	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	243	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	244	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	245	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	246	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	247	break;
Vanger	0:b86d15c6ba29	248	#endif
Vanger	0:b86d15c6ba29	249
Vanger	0:b86d15c6ba29	250	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Vanger	0:b86d15c6ba29	251	case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
Vanger	0:b86d15c6ba29	252	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	253	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	254	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	255	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	256	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	257	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	258	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	259	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	260	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	261	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	262	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	263
Vanger	0:b86d15c6ba29	264	break;
Vanger	0:b86d15c6ba29	265	#endif
Vanger	0:b86d15c6ba29	266
Vanger	0:b86d15c6ba29	267	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
Vanger	0:b86d15c6ba29	268	case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
Vanger	0:b86d15c6ba29	269	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	270	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	271	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	272	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	273	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	274	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	275	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	276	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	277	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	278	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	279	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	280
Vanger	0:b86d15c6ba29	281	break;
Vanger	0:b86d15c6ba29	282	#endif
Vanger	0:b86d15c6ba29	283
Vanger	0:b86d15c6ba29	284	#ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Vanger	0:b86d15c6ba29	285	case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
Vanger	0:b86d15c6ba29	286	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger	0:b86d15c6ba29	287	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	288	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	289	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	290	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	291	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	292	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	293	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	294	ssl->specs.key_size = DES3_KEY_SIZE;
Vanger	0:b86d15c6ba29	295	ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	296	ssl->specs.iv_size = DES_IV_SIZE;
Vanger	0:b86d15c6ba29	297
Vanger	0:b86d15c6ba29	298	break;
Vanger	0:b86d15c6ba29	299	#endif
Vanger	0:b86d15c6ba29	300
Vanger	0:b86d15c6ba29	301	#ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Vanger	0:b86d15c6ba29	302	case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
Vanger	0:b86d15c6ba29	303	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger	0:b86d15c6ba29	304	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	305	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	306	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	307	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	308	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	309	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	310	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	311	ssl->specs.key_size = DES3_KEY_SIZE;
Vanger	0:b86d15c6ba29	312	ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	313	ssl->specs.iv_size = DES_IV_SIZE;
Vanger	0:b86d15c6ba29	314
Vanger	0:b86d15c6ba29	315	break;
Vanger	0:b86d15c6ba29	316	#endif
Vanger	0:b86d15c6ba29	317
Vanger	0:b86d15c6ba29	318	#ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
Vanger	0:b86d15c6ba29	319	case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
Vanger	0:b86d15c6ba29	320	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger	0:b86d15c6ba29	321	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	322	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	323	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	324	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	325	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	326	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	327	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	328	ssl->specs.key_size = RC4_KEY_SIZE;
Vanger	0:b86d15c6ba29	329	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	330	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	331
Vanger	0:b86d15c6ba29	332	break;
Vanger	0:b86d15c6ba29	333	#endif
Vanger	0:b86d15c6ba29	334
Vanger	0:b86d15c6ba29	335	#ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
Vanger	0:b86d15c6ba29	336	case TLS_ECDH_RSA_WITH_RC4_128_SHA :
Vanger	0:b86d15c6ba29	337	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger	0:b86d15c6ba29	338	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	339	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	340	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	341	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	342	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	343	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	344	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	345	ssl->specs.key_size = RC4_KEY_SIZE;
Vanger	0:b86d15c6ba29	346	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	347	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	348
Vanger	0:b86d15c6ba29	349	break;
Vanger	0:b86d15c6ba29	350	#endif
Vanger	0:b86d15c6ba29	351
Vanger	0:b86d15c6ba29	352	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Vanger	0:b86d15c6ba29	353	case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
Vanger	0:b86d15c6ba29	354	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger	0:b86d15c6ba29	355	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	356	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	357	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	358	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	359	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	360	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	361	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	362	ssl->specs.key_size = DES3_KEY_SIZE;
Vanger	0:b86d15c6ba29	363	ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	364	ssl->specs.iv_size = DES_IV_SIZE;
Vanger	0:b86d15c6ba29	365
Vanger	0:b86d15c6ba29	366	break;
Vanger	0:b86d15c6ba29	367	#endif
Vanger	0:b86d15c6ba29	368
Vanger	0:b86d15c6ba29	369	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Vanger	0:b86d15c6ba29	370	case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
Vanger	0:b86d15c6ba29	371	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger	0:b86d15c6ba29	372	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	373	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	374	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	375	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	376	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	377	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	378	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	379	ssl->specs.key_size = DES3_KEY_SIZE;
Vanger	0:b86d15c6ba29	380	ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	381	ssl->specs.iv_size = DES_IV_SIZE;
Vanger	0:b86d15c6ba29	382
Vanger	0:b86d15c6ba29	383	break;
Vanger	0:b86d15c6ba29	384	#endif
Vanger	0:b86d15c6ba29	385
Vanger	0:b86d15c6ba29	386	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Vanger	0:b86d15c6ba29	387	case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
Vanger	0:b86d15c6ba29	388	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger	0:b86d15c6ba29	389	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	390	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	391	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	392	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	393	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	394	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	395	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	396	ssl->specs.key_size = RC4_KEY_SIZE;
Vanger	0:b86d15c6ba29	397	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	398	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	399
Vanger	0:b86d15c6ba29	400	break;
Vanger	0:b86d15c6ba29	401	#endif
Vanger	0:b86d15c6ba29	402
Vanger	0:b86d15c6ba29	403	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
Vanger	0:b86d15c6ba29	404	case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
Vanger	0:b86d15c6ba29	405	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger	0:b86d15c6ba29	406	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	407	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	408	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	409	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	410	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	411	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	412	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	413	ssl->specs.key_size = RC4_KEY_SIZE;
Vanger	0:b86d15c6ba29	414	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	415	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	416
Vanger	0:b86d15c6ba29	417	break;
Vanger	0:b86d15c6ba29	418	#endif
Vanger	0:b86d15c6ba29	419
Vanger	0:b86d15c6ba29	420	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Vanger	0:b86d15c6ba29	421	case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
Vanger	0:b86d15c6ba29	422	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	423	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	424	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	425	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	426	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	427	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	428	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	429	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	430	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	431	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	432	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	433
Vanger	0:b86d15c6ba29	434	break;
Vanger	0:b86d15c6ba29	435	#endif
Vanger	0:b86d15c6ba29	436
Vanger	0:b86d15c6ba29	437	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Vanger	0:b86d15c6ba29	438	case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
Vanger	0:b86d15c6ba29	439	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	440	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	441	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	442	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	443	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	444	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	445	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	446	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	447	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	448	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	449	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	450
Vanger	0:b86d15c6ba29	451	break;
Vanger	0:b86d15c6ba29	452	#endif
Vanger	0:b86d15c6ba29	453
Vanger	0:b86d15c6ba29	454	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Vanger	0:b86d15c6ba29	455	case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
Vanger	0:b86d15c6ba29	456	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	457	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	458	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	459	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	460	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	461	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	462	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	463	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	464	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	465	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	466	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	467
Vanger	0:b86d15c6ba29	468	break;
Vanger	0:b86d15c6ba29	469	#endif
Vanger	0:b86d15c6ba29	470
Vanger	0:b86d15c6ba29	471	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
Vanger	0:b86d15c6ba29	472	case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
Vanger	0:b86d15c6ba29	473	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	474	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	475	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	476	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	477	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	478	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	479	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	480	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	481	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	482	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	483	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	484
Vanger	0:b86d15c6ba29	485	break;
Vanger	0:b86d15c6ba29	486	#endif
Vanger	0:b86d15c6ba29	487
Vanger	0:b86d15c6ba29	488	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Vanger	0:b86d15c6ba29	489	case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
Vanger	0:b86d15c6ba29	490	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	491	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	492	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	493	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	494	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	495	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	496	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	497	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	498	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	499	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	500	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	501
Vanger	0:b86d15c6ba29	502	break;
Vanger	0:b86d15c6ba29	503	#endif
Vanger	0:b86d15c6ba29	504
Vanger	0:b86d15c6ba29	505	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Vanger	0:b86d15c6ba29	506	case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
Vanger	0:b86d15c6ba29	507	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	508	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	509	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	510	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	511	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	512	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	513	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	514	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	515	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	516	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	517	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	518
Vanger	0:b86d15c6ba29	519	break;
Vanger	0:b86d15c6ba29	520	#endif
Vanger	0:b86d15c6ba29	521
Vanger	0:b86d15c6ba29	522	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Vanger	0:b86d15c6ba29	523	case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
Vanger	0:b86d15c6ba29	524	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	525	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	526	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	527	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	528	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	529	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	530	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	531	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	532	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	533	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	534	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	535	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	536
Vanger	0:b86d15c6ba29	537	break;
Vanger	0:b86d15c6ba29	538	#endif
Vanger	0:b86d15c6ba29	539
Vanger	0:b86d15c6ba29	540	#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Vanger	0:b86d15c6ba29	541	case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
Vanger	0:b86d15c6ba29	542	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	543	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	544	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	545	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	546	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	547	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	548	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	549	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	550	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	551	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	552	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	553	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	554
Vanger	0:b86d15c6ba29	555	break;
Vanger	0:b86d15c6ba29	556	#endif
Vanger	0:b86d15c6ba29	557
Vanger	0:b86d15c6ba29	558	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Vanger	0:b86d15c6ba29	559	case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
Vanger	0:b86d15c6ba29	560	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	561	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	562	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	563	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	564	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	565	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	566	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	567	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	568	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	569	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	570	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	571	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	572
Vanger	0:b86d15c6ba29	573	break;
Vanger	0:b86d15c6ba29	574	#endif
Vanger	0:b86d15c6ba29	575
Vanger	0:b86d15c6ba29	576	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Vanger	0:b86d15c6ba29	577	case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
Vanger	0:b86d15c6ba29	578	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	579	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	580	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	581	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	582	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	583	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	584	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	585	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	586	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	587	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	588	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	589	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	590
Vanger	0:b86d15c6ba29	591	break;
Vanger	0:b86d15c6ba29	592	#endif
Vanger	0:b86d15c6ba29	593
Vanger	0:b86d15c6ba29	594	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
Vanger	0:b86d15c6ba29	595	case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
Vanger	0:b86d15c6ba29	596	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	597	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	598	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	599	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	600	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	601	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	602	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	603	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	604	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	605	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	606	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	607	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	608
Vanger	0:b86d15c6ba29	609	break;
Vanger	0:b86d15c6ba29	610	#endif
Vanger	0:b86d15c6ba29	611
Vanger	0:b86d15c6ba29	612	#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Vanger	0:b86d15c6ba29	613	case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
Vanger	0:b86d15c6ba29	614	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	615	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	616	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	617	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	618	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	619	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	620	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	621	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	622	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	623	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	624	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	625	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	626
Vanger	0:b86d15c6ba29	627	break;
Vanger	0:b86d15c6ba29	628	#endif
Vanger	0:b86d15c6ba29	629
Vanger	0:b86d15c6ba29	630	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
Vanger	0:b86d15c6ba29	631	case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
Vanger	0:b86d15c6ba29	632	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	633	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	634	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	635	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	636	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	637	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	638	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	639	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	640	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	641	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	642	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	643	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	644
Vanger	0:b86d15c6ba29	645	break;
Vanger	0:b86d15c6ba29	646	#endif
Vanger	0:b86d15c6ba29	647
Vanger	0:b86d15c6ba29	648	#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Vanger	0:b86d15c6ba29	649	case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
Vanger	0:b86d15c6ba29	650	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	651	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	652	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	653	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	654	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	655	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	656	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	657	ssl->specs.static_ecdh = 1;
Vanger	0:b86d15c6ba29	658	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	659	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	660	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	661	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	662
Vanger	0:b86d15c6ba29	663	break;
Vanger	0:b86d15c6ba29	664	#endif
Vanger	0:b86d15c6ba29	665
Vanger	0:b86d15c6ba29	666	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
Vanger	0:b86d15c6ba29	667	case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
Vanger	0:b86d15c6ba29	668	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	669	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	670	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	671	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	672	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	673	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	674	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	675	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	676	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	677	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	678	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	679	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger	0:b86d15c6ba29	680
Vanger	0:b86d15c6ba29	681	break;
Vanger	0:b86d15c6ba29	682	#endif
Vanger	0:b86d15c6ba29	683
Vanger	0:b86d15c6ba29	684	#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
Vanger	0:b86d15c6ba29	685	case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
Vanger	0:b86d15c6ba29	686	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	687	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	688	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	689	ssl->specs.kea = ecc_diffie_hellman_kea;
Vanger	0:b86d15c6ba29	690	ssl->specs.sig_algo = ecc_dsa_sa_algo;
Vanger	0:b86d15c6ba29	691	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	692	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	693	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	694	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	695	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	696	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	697	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger	0:b86d15c6ba29	698
Vanger	0:b86d15c6ba29	699	break;
Vanger	0:b86d15c6ba29	700	#endif
Vanger	0:b86d15c6ba29	701	#endif /* HAVE_ECC */
Vanger	0:b86d15c6ba29	702
Vanger	0:b86d15c6ba29	703	#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
Vanger	0:b86d15c6ba29	704	case TLS_RSA_WITH_AES_128_CCM_8 :
Vanger	0:b86d15c6ba29	705	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	706	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	707	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	708	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	709	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	710	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	711	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	712	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	713	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	714	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	715	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	716	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger	0:b86d15c6ba29	717
Vanger	0:b86d15c6ba29	718	break;
Vanger	0:b86d15c6ba29	719	#endif
Vanger	0:b86d15c6ba29	720
Vanger	0:b86d15c6ba29	721	#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8
Vanger	0:b86d15c6ba29	722	case TLS_RSA_WITH_AES_256_CCM_8 :
Vanger	0:b86d15c6ba29	723	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	724	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	725	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	726	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	727	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	728	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	729	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	730	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	731	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	732	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	733	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	734	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger	0:b86d15c6ba29	735
Vanger	0:b86d15c6ba29	736	break;
Vanger	0:b86d15c6ba29	737	#endif
Vanger	0:b86d15c6ba29	738
Vanger	0:b86d15c6ba29	739	#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
Vanger	0:b86d15c6ba29	740	case TLS_PSK_WITH_AES_128_CCM_8 :
Vanger	0:b86d15c6ba29	741	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	742	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	743	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	744	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	745	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	746	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	747	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	748	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	749	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	750	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	751	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	752	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger	0:b86d15c6ba29	753
Vanger	0:b86d15c6ba29	754	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	755	break;
Vanger	0:b86d15c6ba29	756	#endif
Vanger	0:b86d15c6ba29	757
Vanger	0:b86d15c6ba29	758	#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8
Vanger	0:b86d15c6ba29	759	case TLS_PSK_WITH_AES_256_CCM_8 :
Vanger	0:b86d15c6ba29	760	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	761	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	762	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	763	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	764	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	765	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	766	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	767	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	768	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	769	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	770	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	771	ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ;
Vanger	0:b86d15c6ba29	772
Vanger	0:b86d15c6ba29	773	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	774	break;
Vanger	0:b86d15c6ba29	775	#endif
Vanger	0:b86d15c6ba29	776
Vanger	0:b86d15c6ba29	777	#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
Vanger	0:b86d15c6ba29	778	case TLS_PSK_WITH_AES_128_CCM :
Vanger	0:b86d15c6ba29	779	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	780	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	781	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	782	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	783	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	784	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	785	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	786	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	787	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	788	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	789	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	790	ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
Vanger	0:b86d15c6ba29	791
Vanger	0:b86d15c6ba29	792	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	793	break;
Vanger	0:b86d15c6ba29	794	#endif
Vanger	0:b86d15c6ba29	795
Vanger	0:b86d15c6ba29	796	#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
Vanger	0:b86d15c6ba29	797	case TLS_PSK_WITH_AES_256_CCM :
Vanger	0:b86d15c6ba29	798	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	799	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	800	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	801	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	802	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	803	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	804	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	805	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	806	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	807	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	808	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	809	ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
Vanger	0:b86d15c6ba29	810
Vanger	0:b86d15c6ba29	811	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	812	break;
Vanger	0:b86d15c6ba29	813	#endif
Vanger	0:b86d15c6ba29	814
Vanger	0:b86d15c6ba29	815	#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
Vanger	0:b86d15c6ba29	816	case TLS_DHE_PSK_WITH_AES_128_CCM :
Vanger	0:b86d15c6ba29	817	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	818	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	819	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	820	ssl->specs.kea = dhe_psk_kea;
Vanger	0:b86d15c6ba29	821	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	822	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	823	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	824	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	825	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	826	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	827	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	828	ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
Vanger	0:b86d15c6ba29	829
Vanger	0:b86d15c6ba29	830	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	831	break;
Vanger	0:b86d15c6ba29	832	#endif
Vanger	0:b86d15c6ba29	833
Vanger	0:b86d15c6ba29	834	#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
Vanger	0:b86d15c6ba29	835	case TLS_DHE_PSK_WITH_AES_256_CCM :
Vanger	0:b86d15c6ba29	836	ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm;
Vanger	0:b86d15c6ba29	837	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	838	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	839	ssl->specs.kea = dhe_psk_kea;
Vanger	0:b86d15c6ba29	840	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	841	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	842	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	843	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	844	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	845	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	846	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	847	ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ;
Vanger	0:b86d15c6ba29	848
Vanger	0:b86d15c6ba29	849	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	850	break;
Vanger	0:b86d15c6ba29	851	#endif
Vanger	0:b86d15c6ba29	852
Vanger	0:b86d15c6ba29	853	default:
Vanger	0:b86d15c6ba29	854	CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC");
Vanger	0:b86d15c6ba29	855	return UNSUPPORTED_SUITE;
Vanger	0:b86d15c6ba29	856	} /* switch */
Vanger	0:b86d15c6ba29	857	} /* if */
Vanger	0:b86d15c6ba29	858	if (ssl->options.cipherSuite0 != ECC_BYTE &&
Vanger	0:b86d15c6ba29	859	ssl->options.cipherSuite0 != CHACHA_BYTE) { /* normal suites */
Vanger	0:b86d15c6ba29	860	switch (ssl->options.cipherSuite) {
Vanger	0:b86d15c6ba29	861
Vanger	0:b86d15c6ba29	862	#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
Vanger	0:b86d15c6ba29	863	case SSL_RSA_WITH_RC4_128_SHA :
Vanger	0:b86d15c6ba29	864	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger	0:b86d15c6ba29	865	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	866	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	867	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	868	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	869	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	870	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	871	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	872	ssl->specs.key_size = RC4_KEY_SIZE;
Vanger	0:b86d15c6ba29	873	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	874	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	875
Vanger	0:b86d15c6ba29	876	break;
Vanger	0:b86d15c6ba29	877	#endif
Vanger	0:b86d15c6ba29	878
Vanger	0:b86d15c6ba29	879	#ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
Vanger	0:b86d15c6ba29	880	case TLS_NTRU_RSA_WITH_RC4_128_SHA :
Vanger	0:b86d15c6ba29	881	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger	0:b86d15c6ba29	882	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	883	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	884	ssl->specs.kea = ntru_kea;
Vanger	0:b86d15c6ba29	885	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	886	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	887	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	888	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	889	ssl->specs.key_size = RC4_KEY_SIZE;
Vanger	0:b86d15c6ba29	890	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	891	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	892
Vanger	0:b86d15c6ba29	893	break;
Vanger	0:b86d15c6ba29	894	#endif
Vanger	0:b86d15c6ba29	895
Vanger	0:b86d15c6ba29	896	#ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
Vanger	0:b86d15c6ba29	897	case SSL_RSA_WITH_RC4_128_MD5 :
Vanger	0:b86d15c6ba29	898	ssl->specs.bulk_cipher_algorithm = cyassl_rc4;
Vanger	0:b86d15c6ba29	899	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	900	ssl->specs.mac_algorithm = md5_mac;
Vanger	0:b86d15c6ba29	901	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	902	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	903	ssl->specs.hash_size = MD5_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	904	ssl->specs.pad_size = PAD_MD5;
Vanger	0:b86d15c6ba29	905	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	906	ssl->specs.key_size = RC4_KEY_SIZE;
Vanger	0:b86d15c6ba29	907	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	908	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	909
Vanger	0:b86d15c6ba29	910	break;
Vanger	0:b86d15c6ba29	911	#endif
Vanger	0:b86d15c6ba29	912
Vanger	0:b86d15c6ba29	913	#ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
Vanger	0:b86d15c6ba29	914	case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
Vanger	0:b86d15c6ba29	915	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger	0:b86d15c6ba29	916	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	917	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	918	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	919	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	920	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	921	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	922	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	923	ssl->specs.key_size = DES3_KEY_SIZE;
Vanger	0:b86d15c6ba29	924	ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	925	ssl->specs.iv_size = DES_IV_SIZE;
Vanger	0:b86d15c6ba29	926
Vanger	0:b86d15c6ba29	927	break;
Vanger	0:b86d15c6ba29	928	#endif
Vanger	0:b86d15c6ba29	929
Vanger	0:b86d15c6ba29	930	#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
Vanger	0:b86d15c6ba29	931	case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
Vanger	0:b86d15c6ba29	932	ssl->specs.bulk_cipher_algorithm = cyassl_triple_des;
Vanger	0:b86d15c6ba29	933	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	934	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	935	ssl->specs.kea = ntru_kea;
Vanger	0:b86d15c6ba29	936	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	937	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	938	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	939	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	940	ssl->specs.key_size = DES3_KEY_SIZE;
Vanger	0:b86d15c6ba29	941	ssl->specs.block_size = DES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	942	ssl->specs.iv_size = DES_IV_SIZE;
Vanger	0:b86d15c6ba29	943
Vanger	0:b86d15c6ba29	944	break;
Vanger	0:b86d15c6ba29	945	#endif
Vanger	0:b86d15c6ba29	946
Vanger	0:b86d15c6ba29	947	#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
Vanger	0:b86d15c6ba29	948	case TLS_RSA_WITH_AES_128_CBC_SHA :
Vanger	0:b86d15c6ba29	949	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	950	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	951	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	952	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	953	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	954	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	955	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	956	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	957	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	958	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	959	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	960
Vanger	0:b86d15c6ba29	961	break;
Vanger	0:b86d15c6ba29	962	#endif
Vanger	0:b86d15c6ba29	963
Vanger	0:b86d15c6ba29	964	#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
Vanger	0:b86d15c6ba29	965	case TLS_RSA_WITH_AES_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	966	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	967	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	968	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	969	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	970	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	971	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	972	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	973	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	974	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	975	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	976	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	977
Vanger	0:b86d15c6ba29	978	break;
Vanger	0:b86d15c6ba29	979	#endif
Vanger	0:b86d15c6ba29	980
Vanger	0:b86d15c6ba29	981	#ifdef BUILD_TLS_RSA_WITH_NULL_SHA
Vanger	0:b86d15c6ba29	982	case TLS_RSA_WITH_NULL_SHA :
Vanger	0:b86d15c6ba29	983	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger	0:b86d15c6ba29	984	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	985	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	986	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	987	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	988	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	989	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	990	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	991	ssl->specs.key_size = 0;
Vanger	0:b86d15c6ba29	992	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	993	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	994
Vanger	0:b86d15c6ba29	995	break;
Vanger	0:b86d15c6ba29	996	#endif
Vanger	0:b86d15c6ba29	997
Vanger	0:b86d15c6ba29	998	#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
Vanger	0:b86d15c6ba29	999	case TLS_RSA_WITH_NULL_SHA256 :
Vanger	0:b86d15c6ba29	1000	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger	0:b86d15c6ba29	1001	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1002	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1003	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1004	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1005	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1006	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1007	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1008	ssl->specs.key_size = 0;
Vanger	0:b86d15c6ba29	1009	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1010	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	1011
Vanger	0:b86d15c6ba29	1012	break;
Vanger	0:b86d15c6ba29	1013	#endif
Vanger	0:b86d15c6ba29	1014
Vanger	0:b86d15c6ba29	1015	#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
Vanger	0:b86d15c6ba29	1016	case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
Vanger	0:b86d15c6ba29	1017	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1018	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1019	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1020	ssl->specs.kea = ntru_kea;
Vanger	0:b86d15c6ba29	1021	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1022	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1023	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1024	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1025	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1026	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1027	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1028
Vanger	0:b86d15c6ba29	1029	break;
Vanger	0:b86d15c6ba29	1030	#endif
Vanger	0:b86d15c6ba29	1031
Vanger	0:b86d15c6ba29	1032	#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
Vanger	0:b86d15c6ba29	1033	case TLS_RSA_WITH_AES_256_CBC_SHA :
Vanger	0:b86d15c6ba29	1034	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1035	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1036	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1037	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1038	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1039	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1040	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1041	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1042	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1043	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1044	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1045
Vanger	0:b86d15c6ba29	1046	break;
Vanger	0:b86d15c6ba29	1047	#endif
Vanger	0:b86d15c6ba29	1048
Vanger	0:b86d15c6ba29	1049	#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
Vanger	0:b86d15c6ba29	1050	case TLS_RSA_WITH_AES_256_CBC_SHA256 :
Vanger	0:b86d15c6ba29	1051	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1052	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1053	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1054	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1055	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1056	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1057	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1058	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1059	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1060	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1061	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1062
Vanger	0:b86d15c6ba29	1063	break;
Vanger	0:b86d15c6ba29	1064	#endif
Vanger	0:b86d15c6ba29	1065
Vanger	0:b86d15c6ba29	1066	#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
Vanger	0:b86d15c6ba29	1067	case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
Vanger	0:b86d15c6ba29	1068	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1069	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1070	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1071	ssl->specs.kea = ntru_kea;
Vanger	0:b86d15c6ba29	1072	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1073	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1074	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1075	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1076	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1077	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1078	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1079
Vanger	0:b86d15c6ba29	1080	break;
Vanger	0:b86d15c6ba29	1081	#endif
Vanger	0:b86d15c6ba29	1082
Vanger	0:b86d15c6ba29	1083	#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
Vanger	0:b86d15c6ba29	1084	case TLS_PSK_WITH_AES_128_GCM_SHA256 :
Vanger	0:b86d15c6ba29	1085	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	1086	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	1087	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1088	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	1089	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1090	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1091	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1092	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1093	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1094	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1095	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	1096	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	1097
Vanger	0:b86d15c6ba29	1098	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1099	break;
Vanger	0:b86d15c6ba29	1100	#endif
Vanger	0:b86d15c6ba29	1101
Vanger	0:b86d15c6ba29	1102	#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
Vanger	0:b86d15c6ba29	1103	case TLS_PSK_WITH_AES_256_GCM_SHA384 :
Vanger	0:b86d15c6ba29	1104	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	1105	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	1106	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	1107	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	1108	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1109	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1110	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1111	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1112	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1113	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1114	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	1115	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	1116
Vanger	0:b86d15c6ba29	1117	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1118	break;
Vanger	0:b86d15c6ba29	1119	#endif
Vanger	0:b86d15c6ba29	1120
Vanger	0:b86d15c6ba29	1121	#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
Vanger	0:b86d15c6ba29	1122	case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
Vanger	0:b86d15c6ba29	1123	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	1124	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	1125	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1126	ssl->specs.kea = dhe_psk_kea;
Vanger	0:b86d15c6ba29	1127	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1128	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1129	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1130	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1131	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1132	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1133	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	1134	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	1135
Vanger	0:b86d15c6ba29	1136	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1137	break;
Vanger	0:b86d15c6ba29	1138	#endif
Vanger	0:b86d15c6ba29	1139
Vanger	0:b86d15c6ba29	1140	#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
Vanger	0:b86d15c6ba29	1141	case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
Vanger	0:b86d15c6ba29	1142	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	1143	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	1144	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	1145	ssl->specs.kea = dhe_psk_kea;
Vanger	0:b86d15c6ba29	1146	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1147	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1148	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1149	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1150	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1151	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1152	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	1153	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	1154
Vanger	0:b86d15c6ba29	1155	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1156	break;
Vanger	0:b86d15c6ba29	1157	#endif
Vanger	0:b86d15c6ba29	1158
Vanger	0:b86d15c6ba29	1159	#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
Vanger	0:b86d15c6ba29	1160	case TLS_PSK_WITH_AES_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	1161	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1162	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1163	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1164	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	1165	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1166	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1167	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1168	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1169	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1170	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1171	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1172
Vanger	0:b86d15c6ba29	1173	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1174	break;
Vanger	0:b86d15c6ba29	1175	#endif
Vanger	0:b86d15c6ba29	1176
Vanger	0:b86d15c6ba29	1177	#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
Vanger	0:b86d15c6ba29	1178	case TLS_PSK_WITH_AES_256_CBC_SHA384 :
Vanger	0:b86d15c6ba29	1179	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1180	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1181	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	1182	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	1183	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1184	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1185	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1186	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1187	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1188	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1189	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1190
Vanger	0:b86d15c6ba29	1191	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1192	break;
Vanger	0:b86d15c6ba29	1193	#endif
Vanger	0:b86d15c6ba29	1194
Vanger	0:b86d15c6ba29	1195	#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
Vanger	0:b86d15c6ba29	1196	case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	1197	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1198	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1199	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1200	ssl->specs.kea = dhe_psk_kea;
Vanger	0:b86d15c6ba29	1201	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1202	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1203	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1204	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1205	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1206	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1207	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1208
Vanger	0:b86d15c6ba29	1209	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1210	break;
Vanger	0:b86d15c6ba29	1211	#endif
Vanger	0:b86d15c6ba29	1212
Vanger	0:b86d15c6ba29	1213	#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
Vanger	0:b86d15c6ba29	1214	case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
Vanger	0:b86d15c6ba29	1215	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1216	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1217	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	1218	ssl->specs.kea = dhe_psk_kea;
Vanger	0:b86d15c6ba29	1219	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1220	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1221	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1222	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1223	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1224	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1225	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1226
Vanger	0:b86d15c6ba29	1227	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1228	break;
Vanger	0:b86d15c6ba29	1229	#endif
Vanger	0:b86d15c6ba29	1230
Vanger	0:b86d15c6ba29	1231	#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
Vanger	0:b86d15c6ba29	1232	case TLS_PSK_WITH_AES_128_CBC_SHA :
Vanger	0:b86d15c6ba29	1233	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1234	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1235	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1236	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	1237	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1238	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1239	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1240	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1241	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1242	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1243	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1244
Vanger	0:b86d15c6ba29	1245	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1246	break;
Vanger	0:b86d15c6ba29	1247	#endif
Vanger	0:b86d15c6ba29	1248
Vanger	0:b86d15c6ba29	1249	#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
Vanger	0:b86d15c6ba29	1250	case TLS_PSK_WITH_AES_256_CBC_SHA :
Vanger	0:b86d15c6ba29	1251	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1252	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1253	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1254	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	1255	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1256	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1257	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1258	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1259	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1260	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1261	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1262
Vanger	0:b86d15c6ba29	1263	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1264	break;
Vanger	0:b86d15c6ba29	1265	#endif
Vanger	0:b86d15c6ba29	1266
Vanger	0:b86d15c6ba29	1267	#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
Vanger	0:b86d15c6ba29	1268	case TLS_PSK_WITH_NULL_SHA256 :
Vanger	0:b86d15c6ba29	1269	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger	0:b86d15c6ba29	1270	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1271	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1272	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	1273	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1274	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1275	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1276	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1277	ssl->specs.key_size = 0;
Vanger	0:b86d15c6ba29	1278	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1279	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	1280
Vanger	0:b86d15c6ba29	1281	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1282	break;
Vanger	0:b86d15c6ba29	1283	#endif
Vanger	0:b86d15c6ba29	1284
Vanger	0:b86d15c6ba29	1285	#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
Vanger	0:b86d15c6ba29	1286	case TLS_PSK_WITH_NULL_SHA384 :
Vanger	0:b86d15c6ba29	1287	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger	0:b86d15c6ba29	1288	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1289	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	1290	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	1291	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1292	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1293	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1294	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1295	ssl->specs.key_size = 0;
Vanger	0:b86d15c6ba29	1296	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1297	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	1298
Vanger	0:b86d15c6ba29	1299	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1300	break;
Vanger	0:b86d15c6ba29	1301	#endif
Vanger	0:b86d15c6ba29	1302
Vanger	0:b86d15c6ba29	1303	#ifdef BUILD_TLS_PSK_WITH_NULL_SHA
Vanger	0:b86d15c6ba29	1304	case TLS_PSK_WITH_NULL_SHA :
Vanger	0:b86d15c6ba29	1305	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger	0:b86d15c6ba29	1306	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1307	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1308	ssl->specs.kea = psk_kea;
Vanger	0:b86d15c6ba29	1309	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1310	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1311	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1312	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1313	ssl->specs.key_size = 0;
Vanger	0:b86d15c6ba29	1314	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1315	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	1316
Vanger	0:b86d15c6ba29	1317	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1318	break;
Vanger	0:b86d15c6ba29	1319	#endif
Vanger	0:b86d15c6ba29	1320
Vanger	0:b86d15c6ba29	1321	#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
Vanger	0:b86d15c6ba29	1322	case TLS_DHE_PSK_WITH_NULL_SHA256 :
Vanger	0:b86d15c6ba29	1323	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger	0:b86d15c6ba29	1324	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1325	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1326	ssl->specs.kea = dhe_psk_kea;
Vanger	0:b86d15c6ba29	1327	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1328	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1329	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1330	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1331	ssl->specs.key_size = 0;
Vanger	0:b86d15c6ba29	1332	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1333	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	1334
Vanger	0:b86d15c6ba29	1335	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1336	break;
Vanger	0:b86d15c6ba29	1337	#endif
Vanger	0:b86d15c6ba29	1338
Vanger	0:b86d15c6ba29	1339	#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
Vanger	0:b86d15c6ba29	1340	case TLS_DHE_PSK_WITH_NULL_SHA384 :
Vanger	0:b86d15c6ba29	1341	ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null;
Vanger	0:b86d15c6ba29	1342	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1343	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	1344	ssl->specs.kea = dhe_psk_kea;
Vanger	0:b86d15c6ba29	1345	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1346	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1347	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1348	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1349	ssl->specs.key_size = 0;
Vanger	0:b86d15c6ba29	1350	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1351	ssl->specs.iv_size = 0;
Vanger	0:b86d15c6ba29	1352
Vanger	0:b86d15c6ba29	1353	ssl->options.usingPSK_cipher = 1;
Vanger	0:b86d15c6ba29	1354	break;
Vanger	0:b86d15c6ba29	1355	#endif
Vanger	0:b86d15c6ba29	1356
Vanger	0:b86d15c6ba29	1357	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Vanger	0:b86d15c6ba29	1358	case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	1359	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1360	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1361	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1362	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1363	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1364	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1365	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1366	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1367	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1368	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1369	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1370
Vanger	0:b86d15c6ba29	1371	break;
Vanger	0:b86d15c6ba29	1372	#endif
Vanger	0:b86d15c6ba29	1373
Vanger	0:b86d15c6ba29	1374	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Vanger	0:b86d15c6ba29	1375	case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
Vanger	0:b86d15c6ba29	1376	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1377	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1378	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1379	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1380	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1381	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1382	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1383	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1384	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1385	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1386	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1387
Vanger	0:b86d15c6ba29	1388	break;
Vanger	0:b86d15c6ba29	1389	#endif
Vanger	0:b86d15c6ba29	1390
Vanger	0:b86d15c6ba29	1391	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Vanger	0:b86d15c6ba29	1392	case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
Vanger	0:b86d15c6ba29	1393	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1394	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1395	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1396	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1397	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1398	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1399	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1400	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1401	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1402	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1403	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1404
Vanger	0:b86d15c6ba29	1405	break;
Vanger	0:b86d15c6ba29	1406	#endif
Vanger	0:b86d15c6ba29	1407
Vanger	0:b86d15c6ba29	1408	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Vanger	0:b86d15c6ba29	1409	case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
Vanger	0:b86d15c6ba29	1410	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1411	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1412	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1413	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1414	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1415	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1416	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1417	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1418	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1419	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1420	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1421
Vanger	0:b86d15c6ba29	1422	break;
Vanger	0:b86d15c6ba29	1423	#endif
Vanger	0:b86d15c6ba29	1424
Vanger	0:b86d15c6ba29	1425	#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5
Vanger	0:b86d15c6ba29	1426	case TLS_RSA_WITH_HC_128_MD5 :
Vanger	0:b86d15c6ba29	1427	ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
Vanger	0:b86d15c6ba29	1428	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1429	ssl->specs.mac_algorithm = md5_mac;
Vanger	0:b86d15c6ba29	1430	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1431	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1432	ssl->specs.hash_size = MD5_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1433	ssl->specs.pad_size = PAD_MD5;
Vanger	0:b86d15c6ba29	1434	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1435	ssl->specs.key_size = HC_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1436	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1437	ssl->specs.iv_size = HC_128_IV_SIZE;
Vanger	0:b86d15c6ba29	1438
Vanger	0:b86d15c6ba29	1439	break;
Vanger	0:b86d15c6ba29	1440	#endif
Vanger	0:b86d15c6ba29	1441
Vanger	0:b86d15c6ba29	1442	#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA
Vanger	0:b86d15c6ba29	1443	case TLS_RSA_WITH_HC_128_SHA :
Vanger	0:b86d15c6ba29	1444	ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
Vanger	0:b86d15c6ba29	1445	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1446	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1447	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1448	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1449	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1450	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1451	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1452	ssl->specs.key_size = HC_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1453	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1454	ssl->specs.iv_size = HC_128_IV_SIZE;
Vanger	0:b86d15c6ba29	1455
Vanger	0:b86d15c6ba29	1456	break;
Vanger	0:b86d15c6ba29	1457	#endif
Vanger	0:b86d15c6ba29	1458
Vanger	0:b86d15c6ba29	1459	#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256
Vanger	0:b86d15c6ba29	1460	case TLS_RSA_WITH_HC_128_B2B256:
Vanger	0:b86d15c6ba29	1461	ssl->specs.bulk_cipher_algorithm = cyassl_hc128;
Vanger	0:b86d15c6ba29	1462	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1463	ssl->specs.mac_algorithm = blake2b_mac;
Vanger	0:b86d15c6ba29	1464	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1465	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1466	ssl->specs.hash_size = BLAKE2B_256;
Vanger	0:b86d15c6ba29	1467	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1468	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1469	ssl->specs.key_size = HC_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1470	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1471	ssl->specs.iv_size = HC_128_IV_SIZE;
Vanger	0:b86d15c6ba29	1472
Vanger	0:b86d15c6ba29	1473	break;
Vanger	0:b86d15c6ba29	1474	#endif
Vanger	0:b86d15c6ba29	1475
Vanger	0:b86d15c6ba29	1476	#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
Vanger	0:b86d15c6ba29	1477	case TLS_RSA_WITH_AES_128_CBC_B2B256:
Vanger	0:b86d15c6ba29	1478	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1479	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1480	ssl->specs.mac_algorithm = blake2b_mac;
Vanger	0:b86d15c6ba29	1481	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1482	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1483	ssl->specs.hash_size = BLAKE2B_256;
Vanger	0:b86d15c6ba29	1484	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1485	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1486	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1487	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1488	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1489
Vanger	0:b86d15c6ba29	1490	break;
Vanger	0:b86d15c6ba29	1491	#endif
Vanger	0:b86d15c6ba29	1492
Vanger	0:b86d15c6ba29	1493	#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
Vanger	0:b86d15c6ba29	1494	case TLS_RSA_WITH_AES_256_CBC_B2B256:
Vanger	0:b86d15c6ba29	1495	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1496	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1497	ssl->specs.mac_algorithm = blake2b_mac;
Vanger	0:b86d15c6ba29	1498	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1499	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1500	ssl->specs.hash_size = BLAKE2B_256;
Vanger	0:b86d15c6ba29	1501	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1502	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1503	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1504	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1505	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1506
Vanger	0:b86d15c6ba29	1507	break;
Vanger	0:b86d15c6ba29	1508	#endif
Vanger	0:b86d15c6ba29	1509
Vanger	0:b86d15c6ba29	1510	#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA
Vanger	0:b86d15c6ba29	1511	case TLS_RSA_WITH_RABBIT_SHA :
Vanger	0:b86d15c6ba29	1512	ssl->specs.bulk_cipher_algorithm = cyassl_rabbit;
Vanger	0:b86d15c6ba29	1513	ssl->specs.cipher_type = stream;
Vanger	0:b86d15c6ba29	1514	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1515	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1516	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1517	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1518	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1519	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1520	ssl->specs.key_size = RABBIT_KEY_SIZE;
Vanger	0:b86d15c6ba29	1521	ssl->specs.block_size = 0;
Vanger	0:b86d15c6ba29	1522	ssl->specs.iv_size = RABBIT_IV_SIZE;
Vanger	0:b86d15c6ba29	1523
Vanger	0:b86d15c6ba29	1524	break;
Vanger	0:b86d15c6ba29	1525	#endif
Vanger	0:b86d15c6ba29	1526
Vanger	0:b86d15c6ba29	1527	#ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
Vanger	0:b86d15c6ba29	1528	case TLS_RSA_WITH_AES_128_GCM_SHA256 :
Vanger	0:b86d15c6ba29	1529	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	1530	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	1531	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1532	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1533	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1534	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1535	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1536	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1537	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1538	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1539	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	1540	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	1541
Vanger	0:b86d15c6ba29	1542	break;
Vanger	0:b86d15c6ba29	1543	#endif
Vanger	0:b86d15c6ba29	1544
Vanger	0:b86d15c6ba29	1545	#ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
Vanger	0:b86d15c6ba29	1546	case TLS_RSA_WITH_AES_256_GCM_SHA384 :
Vanger	0:b86d15c6ba29	1547	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	1548	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	1549	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	1550	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1551	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1552	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1553	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1554	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1555	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1556	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1557	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	1558	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	1559
Vanger	0:b86d15c6ba29	1560	break;
Vanger	0:b86d15c6ba29	1561	#endif
Vanger	0:b86d15c6ba29	1562
Vanger	0:b86d15c6ba29	1563	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Vanger	0:b86d15c6ba29	1564	case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
Vanger	0:b86d15c6ba29	1565	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	1566	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	1567	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1568	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1569	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1570	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1571	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1572	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1573	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1574	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1575	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	1576	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	1577
Vanger	0:b86d15c6ba29	1578	break;
Vanger	0:b86d15c6ba29	1579	#endif
Vanger	0:b86d15c6ba29	1580
Vanger	0:b86d15c6ba29	1581	#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Vanger	0:b86d15c6ba29	1582	case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
Vanger	0:b86d15c6ba29	1583	ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm;
Vanger	0:b86d15c6ba29	1584	ssl->specs.cipher_type = aead;
Vanger	0:b86d15c6ba29	1585	ssl->specs.mac_algorithm = sha384_mac;
Vanger	0:b86d15c6ba29	1586	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1587	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1588	ssl->specs.hash_size = SHA384_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1589	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1590	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1591	ssl->specs.key_size = AES_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1592	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1593	ssl->specs.iv_size = AEAD_IMP_IV_SZ;
Vanger	0:b86d15c6ba29	1594	ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ;
Vanger	0:b86d15c6ba29	1595
Vanger	0:b86d15c6ba29	1596	break;
Vanger	0:b86d15c6ba29	1597	#endif
Vanger	0:b86d15c6ba29	1598
Vanger	0:b86d15c6ba29	1599	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
Vanger	0:b86d15c6ba29	1600	case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
Vanger	0:b86d15c6ba29	1601	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger	0:b86d15c6ba29	1602	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1603	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1604	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1605	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1606	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1607	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1608	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1609	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1610	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1611	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger	0:b86d15c6ba29	1612
Vanger	0:b86d15c6ba29	1613	break;
Vanger	0:b86d15c6ba29	1614	#endif
Vanger	0:b86d15c6ba29	1615
Vanger	0:b86d15c6ba29	1616	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
Vanger	0:b86d15c6ba29	1617	case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
Vanger	0:b86d15c6ba29	1618	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger	0:b86d15c6ba29	1619	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1620	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1621	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1622	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1623	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1624	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1625	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1626	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1627	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1628	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger	0:b86d15c6ba29	1629
Vanger	0:b86d15c6ba29	1630	break;
Vanger	0:b86d15c6ba29	1631	#endif
Vanger	0:b86d15c6ba29	1632
Vanger	0:b86d15c6ba29	1633	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
Vanger	0:b86d15c6ba29	1634	case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	1635	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger	0:b86d15c6ba29	1636	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1637	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1638	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1639	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1640	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1641	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1642	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1643	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1644	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1645	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger	0:b86d15c6ba29	1646
Vanger	0:b86d15c6ba29	1647	break;
Vanger	0:b86d15c6ba29	1648	#endif
Vanger	0:b86d15c6ba29	1649
Vanger	0:b86d15c6ba29	1650	#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
Vanger	0:b86d15c6ba29	1651	case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
Vanger	0:b86d15c6ba29	1652	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger	0:b86d15c6ba29	1653	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1654	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1655	ssl->specs.kea = rsa_kea;
Vanger	0:b86d15c6ba29	1656	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1657	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1658	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1659	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1660	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1661	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1662	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger	0:b86d15c6ba29	1663
Vanger	0:b86d15c6ba29	1664	break;
Vanger	0:b86d15c6ba29	1665	#endif
Vanger	0:b86d15c6ba29	1666
Vanger	0:b86d15c6ba29	1667	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
Vanger	0:b86d15c6ba29	1668	case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
Vanger	0:b86d15c6ba29	1669	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger	0:b86d15c6ba29	1670	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1671	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1672	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1673	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1674	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1675	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1676	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1677	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1678	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1679	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger	0:b86d15c6ba29	1680
Vanger	0:b86d15c6ba29	1681	break;
Vanger	0:b86d15c6ba29	1682	#endif
Vanger	0:b86d15c6ba29	1683
Vanger	0:b86d15c6ba29	1684	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
Vanger	0:b86d15c6ba29	1685	case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
Vanger	0:b86d15c6ba29	1686	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger	0:b86d15c6ba29	1687	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1688	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1689	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1690	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1691	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1692	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1693	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1694	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1695	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1696	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger	0:b86d15c6ba29	1697
Vanger	0:b86d15c6ba29	1698	break;
Vanger	0:b86d15c6ba29	1699	#endif
Vanger	0:b86d15c6ba29	1700
Vanger	0:b86d15c6ba29	1701	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
Vanger	0:b86d15c6ba29	1702	case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
Vanger	0:b86d15c6ba29	1703	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger	0:b86d15c6ba29	1704	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1705	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1706	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1707	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1708	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1709	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1710	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1711	ssl->specs.key_size = CAMELLIA_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1712	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1713	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger	0:b86d15c6ba29	1714
Vanger	0:b86d15c6ba29	1715	break;
Vanger	0:b86d15c6ba29	1716	#endif
Vanger	0:b86d15c6ba29	1717
Vanger	0:b86d15c6ba29	1718	#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
Vanger	0:b86d15c6ba29	1719	case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
Vanger	0:b86d15c6ba29	1720	ssl->specs.bulk_cipher_algorithm = cyassl_camellia;
Vanger	0:b86d15c6ba29	1721	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1722	ssl->specs.mac_algorithm = sha256_mac;
Vanger	0:b86d15c6ba29	1723	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1724	ssl->specs.sig_algo = rsa_sa_algo;
Vanger	0:b86d15c6ba29	1725	ssl->specs.hash_size = SHA256_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1726	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1727	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1728	ssl->specs.key_size = CAMELLIA_256_KEY_SIZE;
Vanger	0:b86d15c6ba29	1729	ssl->specs.block_size = CAMELLIA_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1730	ssl->specs.iv_size = CAMELLIA_IV_SIZE;
Vanger	0:b86d15c6ba29	1731
Vanger	0:b86d15c6ba29	1732	break;
Vanger	0:b86d15c6ba29	1733	#endif
Vanger	0:b86d15c6ba29	1734
Vanger	0:b86d15c6ba29	1735	#ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
Vanger	0:b86d15c6ba29	1736	case TLS_DH_anon_WITH_AES_128_CBC_SHA :
Vanger	0:b86d15c6ba29	1737	ssl->specs.bulk_cipher_algorithm = cyassl_aes;
Vanger	0:b86d15c6ba29	1738	ssl->specs.cipher_type = block;
Vanger	0:b86d15c6ba29	1739	ssl->specs.mac_algorithm = sha_mac;
Vanger	0:b86d15c6ba29	1740	ssl->specs.kea = diffie_hellman_kea;
Vanger	0:b86d15c6ba29	1741	ssl->specs.sig_algo = anonymous_sa_algo;
Vanger	0:b86d15c6ba29	1742	ssl->specs.hash_size = SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	1743	ssl->specs.pad_size = PAD_SHA;
Vanger	0:b86d15c6ba29	1744	ssl->specs.static_ecdh = 0;
Vanger	0:b86d15c6ba29	1745	ssl->specs.key_size = AES_128_KEY_SIZE;
Vanger	0:b86d15c6ba29	1746	ssl->specs.block_size = AES_BLOCK_SIZE;
Vanger	0:b86d15c6ba29	1747	ssl->specs.iv_size = AES_IV_SIZE;
Vanger	0:b86d15c6ba29	1748
Vanger	0:b86d15c6ba29	1749	ssl->options.usingAnon_cipher = 1;
Vanger	0:b86d15c6ba29	1750	break;
Vanger	0:b86d15c6ba29	1751	#endif
Vanger	0:b86d15c6ba29	1752
Vanger	0:b86d15c6ba29	1753	default:
Vanger	0:b86d15c6ba29	1754	CYASSL_MSG("Unsupported cipher suite, SetCipherSpecs");
Vanger	0:b86d15c6ba29	1755	return UNSUPPORTED_SUITE;
Vanger	0:b86d15c6ba29	1756	} /* switch */
Vanger	0:b86d15c6ba29	1757	} /* if ECC / Normal suites else */
Vanger	0:b86d15c6ba29	1758
Vanger	0:b86d15c6ba29	1759	/* set TLS if it hasn't been turned off */
Vanger	0:b86d15c6ba29	1760	if (ssl->version.major == 3 && ssl->version.minor >= 1) {
Vanger	0:b86d15c6ba29	1761	#ifndef NO_TLS
Vanger	0:b86d15c6ba29	1762	ssl->options.tls = 1;
Vanger	0:b86d15c6ba29	1763	ssl->hmac = TLS_hmac;
Vanger	0:b86d15c6ba29	1764	if (ssl->version.minor >= 2)
Vanger	0:b86d15c6ba29	1765	ssl->options.tls1_1 = 1;
Vanger	0:b86d15c6ba29	1766	#endif
Vanger	0:b86d15c6ba29	1767	}
Vanger	0:b86d15c6ba29	1768
Vanger	0:b86d15c6ba29	1769	#ifdef CYASSL_DTLS
Vanger	0:b86d15c6ba29	1770	if (ssl->options.dtls)
Vanger	0:b86d15c6ba29	1771	ssl->hmac = TLS_hmac;
Vanger	0:b86d15c6ba29	1772	#endif
Vanger	0:b86d15c6ba29	1773
Vanger	0:b86d15c6ba29	1774	return 0;
Vanger	0:b86d15c6ba29	1775	}
Vanger	0:b86d15c6ba29	1776
Vanger	0:b86d15c6ba29	1777
Vanger	0:b86d15c6ba29	1778	enum KeyStuff {
Vanger	0:b86d15c6ba29	1779	MASTER_ROUNDS = 3,
Vanger	0:b86d15c6ba29	1780	PREFIX = 3, /* up to three letters for master prefix */
Vanger	0:b86d15c6ba29	1781	KEY_PREFIX = 7 /* up to 7 prefix letters for key rounds */
Vanger	0:b86d15c6ba29	1782
Vanger	0:b86d15c6ba29	1783
Vanger	0:b86d15c6ba29	1784	};
Vanger	0:b86d15c6ba29	1785
Vanger	0:b86d15c6ba29	1786	#ifndef NO_OLD_TLS
Vanger	0:b86d15c6ba29	1787	/* true or false, zero for error */
Vanger	0:b86d15c6ba29	1788	static int SetPrefix(byte* sha_input, int idx)
Vanger	0:b86d15c6ba29	1789	{
Vanger	0:b86d15c6ba29	1790	switch (idx) {
Vanger	0:b86d15c6ba29	1791	case 0:
Vanger	0:b86d15c6ba29	1792	XMEMCPY(sha_input, "A", 1);
Vanger	0:b86d15c6ba29	1793	break;
Vanger	0:b86d15c6ba29	1794	case 1:
Vanger	0:b86d15c6ba29	1795	XMEMCPY(sha_input, "BB", 2);
Vanger	0:b86d15c6ba29	1796	break;
Vanger	0:b86d15c6ba29	1797	case 2:
Vanger	0:b86d15c6ba29	1798	XMEMCPY(sha_input, "CCC", 3);
Vanger	0:b86d15c6ba29	1799	break;
Vanger	0:b86d15c6ba29	1800	case 3:
Vanger	0:b86d15c6ba29	1801	XMEMCPY(sha_input, "DDDD", 4);
Vanger	0:b86d15c6ba29	1802	break;
Vanger	0:b86d15c6ba29	1803	case 4:
Vanger	0:b86d15c6ba29	1804	XMEMCPY(sha_input, "EEEEE", 5);
Vanger	0:b86d15c6ba29	1805	break;
Vanger	0:b86d15c6ba29	1806	case 5:
Vanger	0:b86d15c6ba29	1807	XMEMCPY(sha_input, "FFFFFF", 6);
Vanger	0:b86d15c6ba29	1808	break;
Vanger	0:b86d15c6ba29	1809	case 6:
Vanger	0:b86d15c6ba29	1810	XMEMCPY(sha_input, "GGGGGGG", 7);
Vanger	0:b86d15c6ba29	1811	break;
Vanger	0:b86d15c6ba29	1812	default:
Vanger	0:b86d15c6ba29	1813	CYASSL_MSG("Set Prefix error, bad input");
Vanger	0:b86d15c6ba29	1814	return 0;
Vanger	0:b86d15c6ba29	1815	}
Vanger	0:b86d15c6ba29	1816	return 1;
Vanger	0:b86d15c6ba29	1817	}
Vanger	0:b86d15c6ba29	1818	#endif
Vanger	0:b86d15c6ba29	1819
Vanger	0:b86d15c6ba29	1820
Vanger	0:b86d15c6ba29	1821	static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
Vanger	0:b86d15c6ba29	1822	byte side, void* heap, int devId)
Vanger	0:b86d15c6ba29	1823	{
Vanger	0:b86d15c6ba29	1824	#ifdef BUILD_ARC4
Vanger	0:b86d15c6ba29	1825	word32 sz = specs->key_size;
Vanger	0:b86d15c6ba29	1826	if (specs->bulk_cipher_algorithm == cyassl_rc4) {
Vanger	0:b86d15c6ba29	1827	if (enc && enc->arc4 == NULL)
Vanger	0:b86d15c6ba29	1828	enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	1829	if (enc && enc->arc4 == NULL)
Vanger	0:b86d15c6ba29	1830	return MEMORY_E;
Vanger	0:b86d15c6ba29	1831	if (dec && dec->arc4 == NULL)
Vanger	0:b86d15c6ba29	1832	dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	1833	if (dec && dec->arc4 == NULL)
Vanger	0:b86d15c6ba29	1834	return MEMORY_E;
Vanger	0:b86d15c6ba29	1835	#ifdef HAVE_CAVIUM
Vanger	0:b86d15c6ba29	1836	if (devId != NO_CAVIUM_DEVICE) {
Vanger	0:b86d15c6ba29	1837	if (enc) {
Vanger	0:b86d15c6ba29	1838	if (Arc4InitCavium(enc->arc4, devId) != 0) {
Vanger	0:b86d15c6ba29	1839	CYASSL_MSG("Arc4InitCavium failed in SetKeys");
Vanger	0:b86d15c6ba29	1840	return CAVIUM_INIT_E;
Vanger	0:b86d15c6ba29	1841	}
Vanger	0:b86d15c6ba29	1842	}
Vanger	0:b86d15c6ba29	1843	if (dec) {
Vanger	0:b86d15c6ba29	1844	if (Arc4InitCavium(dec->arc4, devId) != 0) {
Vanger	0:b86d15c6ba29	1845	CYASSL_MSG("Arc4InitCavium failed in SetKeys");
Vanger	0:b86d15c6ba29	1846	return CAVIUM_INIT_E;
Vanger	0:b86d15c6ba29	1847	}
Vanger	0:b86d15c6ba29	1848	}
Vanger	0:b86d15c6ba29	1849	}
Vanger	0:b86d15c6ba29	1850	#endif
Vanger	0:b86d15c6ba29	1851	if (side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	1852	if (enc)
Vanger	0:b86d15c6ba29	1853	Arc4SetKey(enc->arc4, keys->client_write_key, sz);
Vanger	0:b86d15c6ba29	1854	if (dec)
Vanger	0:b86d15c6ba29	1855	Arc4SetKey(dec->arc4, keys->server_write_key, sz);
Vanger	0:b86d15c6ba29	1856	}
Vanger	0:b86d15c6ba29	1857	else {
Vanger	0:b86d15c6ba29	1858	if (enc)
Vanger	0:b86d15c6ba29	1859	Arc4SetKey(enc->arc4, keys->server_write_key, sz);
Vanger	0:b86d15c6ba29	1860	if (dec)
Vanger	0:b86d15c6ba29	1861	Arc4SetKey(dec->arc4, keys->client_write_key, sz);
Vanger	0:b86d15c6ba29	1862	}
Vanger	0:b86d15c6ba29	1863	if (enc)
Vanger	0:b86d15c6ba29	1864	enc->setup = 1;
Vanger	0:b86d15c6ba29	1865	if (dec)
Vanger	0:b86d15c6ba29	1866	dec->setup = 1;
Vanger	0:b86d15c6ba29	1867	}
Vanger	0:b86d15c6ba29	1868	#endif
Vanger	0:b86d15c6ba29	1869
Vanger	0:b86d15c6ba29	1870
Vanger	0:b86d15c6ba29	1871	#ifdef HAVE_CHACHA
Vanger	0:b86d15c6ba29	1872	if (specs->bulk_cipher_algorithm == cyassl_chacha) {
Vanger	0:b86d15c6ba29	1873	int chachaRet;
Vanger	0:b86d15c6ba29	1874	if (enc && enc->chacha == NULL)
Vanger	0:b86d15c6ba29	1875	enc->chacha =
Vanger	0:b86d15c6ba29	1876	(ChaCha*)XMALLOC(sizeof(ChaCha), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	1877	if (enc && enc->chacha == NULL)
Vanger	0:b86d15c6ba29	1878	return MEMORY_E;
Vanger	0:b86d15c6ba29	1879	if (dec && dec->chacha == NULL)
Vanger	0:b86d15c6ba29	1880	dec->chacha =
Vanger	0:b86d15c6ba29	1881	(ChaCha*)XMALLOC(sizeof(ChaCha), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	1882	if (dec && dec->chacha == NULL)
Vanger	0:b86d15c6ba29	1883	return MEMORY_E;
Vanger	0:b86d15c6ba29	1884	if (side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	1885	if (enc) {
Vanger	0:b86d15c6ba29	1886	chachaRet = Chacha_SetKey(enc->chacha, keys->client_write_key,
Vanger	0:b86d15c6ba29	1887	specs->key_size);
Vanger	0:b86d15c6ba29	1888	XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
Vanger	0:b86d15c6ba29	1889	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	1890	if (chachaRet != 0) return chachaRet;
Vanger	0:b86d15c6ba29	1891	}
Vanger	0:b86d15c6ba29	1892	if (dec) {
Vanger	0:b86d15c6ba29	1893	chachaRet = Chacha_SetKey(dec->chacha, keys->server_write_key,
Vanger	0:b86d15c6ba29	1894	specs->key_size);
Vanger	0:b86d15c6ba29	1895	XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
Vanger	0:b86d15c6ba29	1896	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	1897	if (chachaRet != 0) return chachaRet;
Vanger	0:b86d15c6ba29	1898	}
Vanger	0:b86d15c6ba29	1899	}
Vanger	0:b86d15c6ba29	1900	else {
Vanger	0:b86d15c6ba29	1901	if (enc) {
Vanger	0:b86d15c6ba29	1902	chachaRet = Chacha_SetKey(enc->chacha, keys->server_write_key,
Vanger	0:b86d15c6ba29	1903	specs->key_size);
Vanger	0:b86d15c6ba29	1904	XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
Vanger	0:b86d15c6ba29	1905	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	1906	if (chachaRet != 0) return chachaRet;
Vanger	0:b86d15c6ba29	1907	}
Vanger	0:b86d15c6ba29	1908	if (dec) {
Vanger	0:b86d15c6ba29	1909	chachaRet = Chacha_SetKey(dec->chacha, keys->client_write_key,
Vanger	0:b86d15c6ba29	1910	specs->key_size);
Vanger	0:b86d15c6ba29	1911	XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
Vanger	0:b86d15c6ba29	1912	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	1913	if (chachaRet != 0) return chachaRet;
Vanger	0:b86d15c6ba29	1914	}
Vanger	0:b86d15c6ba29	1915	}
Vanger	0:b86d15c6ba29	1916
Vanger	0:b86d15c6ba29	1917	if (enc)
Vanger	0:b86d15c6ba29	1918	enc->setup = 1;
Vanger	0:b86d15c6ba29	1919	if (dec)
Vanger	0:b86d15c6ba29	1920	dec->setup = 1;
Vanger	0:b86d15c6ba29	1921	}
Vanger	0:b86d15c6ba29	1922	#endif
Vanger	0:b86d15c6ba29	1923
Vanger	0:b86d15c6ba29	1924	#ifdef HAVE_HC128
Vanger	0:b86d15c6ba29	1925	if (specs->bulk_cipher_algorithm == cyassl_hc128) {
Vanger	0:b86d15c6ba29	1926	int hcRet;
Vanger	0:b86d15c6ba29	1927	if (enc && enc->hc128 == NULL)
Vanger	0:b86d15c6ba29	1928	enc->hc128 =
Vanger	0:b86d15c6ba29	1929	(HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	1930	if (enc && enc->hc128 == NULL)
Vanger	0:b86d15c6ba29	1931	return MEMORY_E;
Vanger	0:b86d15c6ba29	1932	if (dec && dec->hc128 == NULL)
Vanger	0:b86d15c6ba29	1933	dec->hc128 =
Vanger	0:b86d15c6ba29	1934	(HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	1935	if (dec && dec->hc128 == NULL)
Vanger	0:b86d15c6ba29	1936	return MEMORY_E;
Vanger	0:b86d15c6ba29	1937	if (side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	1938	if (enc) {
Vanger	0:b86d15c6ba29	1939	hcRet = Hc128_SetKey(enc->hc128, keys->client_write_key,
Vanger	0:b86d15c6ba29	1940	keys->client_write_IV);
Vanger	0:b86d15c6ba29	1941	if (hcRet != 0) return hcRet;
Vanger	0:b86d15c6ba29	1942	}
Vanger	0:b86d15c6ba29	1943	if (dec) {
Vanger	0:b86d15c6ba29	1944	hcRet = Hc128_SetKey(dec->hc128, keys->server_write_key,
Vanger	0:b86d15c6ba29	1945	keys->server_write_IV);
Vanger	0:b86d15c6ba29	1946	if (hcRet != 0) return hcRet;
Vanger	0:b86d15c6ba29	1947	}
Vanger	0:b86d15c6ba29	1948	}
Vanger	0:b86d15c6ba29	1949	else {
Vanger	0:b86d15c6ba29	1950	if (enc) {
Vanger	0:b86d15c6ba29	1951	hcRet = Hc128_SetKey(enc->hc128, keys->server_write_key,
Vanger	0:b86d15c6ba29	1952	keys->server_write_IV);
Vanger	0:b86d15c6ba29	1953	if (hcRet != 0) return hcRet;
Vanger	0:b86d15c6ba29	1954	}
Vanger	0:b86d15c6ba29	1955	if (dec) {
Vanger	0:b86d15c6ba29	1956	hcRet = Hc128_SetKey(dec->hc128, keys->client_write_key,
Vanger	0:b86d15c6ba29	1957	keys->client_write_IV);
Vanger	0:b86d15c6ba29	1958	if (hcRet != 0) return hcRet;
Vanger	0:b86d15c6ba29	1959	}
Vanger	0:b86d15c6ba29	1960	}
Vanger	0:b86d15c6ba29	1961	if (enc)
Vanger	0:b86d15c6ba29	1962	enc->setup = 1;
Vanger	0:b86d15c6ba29	1963	if (dec)
Vanger	0:b86d15c6ba29	1964	dec->setup = 1;
Vanger	0:b86d15c6ba29	1965	}
Vanger	0:b86d15c6ba29	1966	#endif
Vanger	0:b86d15c6ba29	1967
Vanger	0:b86d15c6ba29	1968	#ifdef BUILD_RABBIT
Vanger	0:b86d15c6ba29	1969	if (specs->bulk_cipher_algorithm == cyassl_rabbit) {
Vanger	0:b86d15c6ba29	1970	int rabRet;
Vanger	0:b86d15c6ba29	1971	if (enc && enc->rabbit == NULL)
Vanger	0:b86d15c6ba29	1972	enc->rabbit =
Vanger	0:b86d15c6ba29	1973	(Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	1974	if (enc && enc->rabbit == NULL)
Vanger	0:b86d15c6ba29	1975	return MEMORY_E;
Vanger	0:b86d15c6ba29	1976	if (dec && dec->rabbit == NULL)
Vanger	0:b86d15c6ba29	1977	dec->rabbit =
Vanger	0:b86d15c6ba29	1978	(Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	1979	if (dec && dec->rabbit == NULL)
Vanger	0:b86d15c6ba29	1980	return MEMORY_E;
Vanger	0:b86d15c6ba29	1981	if (side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	1982	if (enc) {
Vanger	0:b86d15c6ba29	1983	rabRet = RabbitSetKey(enc->rabbit, keys->client_write_key,
Vanger	0:b86d15c6ba29	1984	keys->client_write_IV);
Vanger	0:b86d15c6ba29	1985	if (rabRet != 0) return rabRet;
Vanger	0:b86d15c6ba29	1986	}
Vanger	0:b86d15c6ba29	1987	if (dec) {
Vanger	0:b86d15c6ba29	1988	rabRet = RabbitSetKey(dec->rabbit, keys->server_write_key,
Vanger	0:b86d15c6ba29	1989	keys->server_write_IV);
Vanger	0:b86d15c6ba29	1990	if (rabRet != 0) return rabRet;
Vanger	0:b86d15c6ba29	1991	}
Vanger	0:b86d15c6ba29	1992	}
Vanger	0:b86d15c6ba29	1993	else {
Vanger	0:b86d15c6ba29	1994	if (enc) {
Vanger	0:b86d15c6ba29	1995	rabRet = RabbitSetKey(enc->rabbit, keys->server_write_key,
Vanger	0:b86d15c6ba29	1996	keys->server_write_IV);
Vanger	0:b86d15c6ba29	1997	if (rabRet != 0) return rabRet;
Vanger	0:b86d15c6ba29	1998	}
Vanger	0:b86d15c6ba29	1999	if (dec) {
Vanger	0:b86d15c6ba29	2000	rabRet = RabbitSetKey(dec->rabbit, keys->client_write_key,
Vanger	0:b86d15c6ba29	2001	keys->client_write_IV);
Vanger	0:b86d15c6ba29	2002	if (rabRet != 0) return rabRet;
Vanger	0:b86d15c6ba29	2003	}
Vanger	0:b86d15c6ba29	2004	}
Vanger	0:b86d15c6ba29	2005	if (enc)
Vanger	0:b86d15c6ba29	2006	enc->setup = 1;
Vanger	0:b86d15c6ba29	2007	if (dec)
Vanger	0:b86d15c6ba29	2008	dec->setup = 1;
Vanger	0:b86d15c6ba29	2009	}
Vanger	0:b86d15c6ba29	2010	#endif
Vanger	0:b86d15c6ba29	2011
Vanger	0:b86d15c6ba29	2012	#ifdef BUILD_DES3
Vanger	0:b86d15c6ba29	2013	if (specs->bulk_cipher_algorithm == cyassl_triple_des) {
Vanger	0:b86d15c6ba29	2014	int desRet = 0;
Vanger	0:b86d15c6ba29	2015
Vanger	0:b86d15c6ba29	2016	if (enc && enc->des3 == NULL)
Vanger	0:b86d15c6ba29	2017	enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2018	if (enc && enc->des3 == NULL)
Vanger	0:b86d15c6ba29	2019	return MEMORY_E;
Vanger	0:b86d15c6ba29	2020	if (dec && dec->des3 == NULL)
Vanger	0:b86d15c6ba29	2021	dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2022	if (dec && dec->des3 == NULL)
Vanger	0:b86d15c6ba29	2023	return MEMORY_E;
Vanger	0:b86d15c6ba29	2024	#ifdef HAVE_CAVIUM
Vanger	0:b86d15c6ba29	2025	if (devId != NO_CAVIUM_DEVICE) {
Vanger	0:b86d15c6ba29	2026	if (enc) {
Vanger	0:b86d15c6ba29	2027	if (Des3_InitCavium(enc->des3, devId) != 0) {
Vanger	0:b86d15c6ba29	2028	CYASSL_MSG("Des3_InitCavium failed in SetKeys");
Vanger	0:b86d15c6ba29	2029	return CAVIUM_INIT_E;
Vanger	0:b86d15c6ba29	2030	}
Vanger	0:b86d15c6ba29	2031	}
Vanger	0:b86d15c6ba29	2032	if (dec) {
Vanger	0:b86d15c6ba29	2033	if (Des3_InitCavium(dec->des3, devId) != 0) {
Vanger	0:b86d15c6ba29	2034	CYASSL_MSG("Des3_InitCavium failed in SetKeys");
Vanger	0:b86d15c6ba29	2035	return CAVIUM_INIT_E;
Vanger	0:b86d15c6ba29	2036	}
Vanger	0:b86d15c6ba29	2037	}
Vanger	0:b86d15c6ba29	2038	}
Vanger	0:b86d15c6ba29	2039	#endif
Vanger	0:b86d15c6ba29	2040	if (side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	2041	if (enc) {
Vanger	0:b86d15c6ba29	2042	desRet = Des3_SetKey(enc->des3, keys->client_write_key,
Vanger	0:b86d15c6ba29	2043	keys->client_write_IV, DES_ENCRYPTION);
Vanger	0:b86d15c6ba29	2044	if (desRet != 0) return desRet;
Vanger	0:b86d15c6ba29	2045	}
Vanger	0:b86d15c6ba29	2046	if (dec) {
Vanger	0:b86d15c6ba29	2047	desRet = Des3_SetKey(dec->des3, keys->server_write_key,
Vanger	0:b86d15c6ba29	2048	keys->server_write_IV, DES_DECRYPTION);
Vanger	0:b86d15c6ba29	2049	if (desRet != 0) return desRet;
Vanger	0:b86d15c6ba29	2050	}
Vanger	0:b86d15c6ba29	2051	}
Vanger	0:b86d15c6ba29	2052	else {
Vanger	0:b86d15c6ba29	2053	if (enc) {
Vanger	0:b86d15c6ba29	2054	desRet = Des3_SetKey(enc->des3, keys->server_write_key,
Vanger	0:b86d15c6ba29	2055	keys->server_write_IV, DES_ENCRYPTION);
Vanger	0:b86d15c6ba29	2056	if (desRet != 0) return desRet;
Vanger	0:b86d15c6ba29	2057	}
Vanger	0:b86d15c6ba29	2058	if (dec) {
Vanger	0:b86d15c6ba29	2059	desRet = Des3_SetKey(dec->des3, keys->client_write_key,
Vanger	0:b86d15c6ba29	2060	keys->client_write_IV, DES_DECRYPTION);
Vanger	0:b86d15c6ba29	2061	if (desRet != 0) return desRet;
Vanger	0:b86d15c6ba29	2062	}
Vanger	0:b86d15c6ba29	2063	}
Vanger	0:b86d15c6ba29	2064	if (enc)
Vanger	0:b86d15c6ba29	2065	enc->setup = 1;
Vanger	0:b86d15c6ba29	2066	if (dec)
Vanger	0:b86d15c6ba29	2067	dec->setup = 1;
Vanger	0:b86d15c6ba29	2068	}
Vanger	0:b86d15c6ba29	2069	#endif
Vanger	0:b86d15c6ba29	2070
Vanger	0:b86d15c6ba29	2071	#ifdef BUILD_AES
Vanger	0:b86d15c6ba29	2072	if (specs->bulk_cipher_algorithm == cyassl_aes) {
Vanger	0:b86d15c6ba29	2073	int aesRet = 0;
Vanger	0:b86d15c6ba29	2074
Vanger	0:b86d15c6ba29	2075	if (enc && enc->aes == NULL)
Vanger	0:b86d15c6ba29	2076	enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2077	if (enc && enc->aes == NULL)
Vanger	0:b86d15c6ba29	2078	return MEMORY_E;
Vanger	0:b86d15c6ba29	2079	if (dec && dec->aes == NULL)
Vanger	0:b86d15c6ba29	2080	dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2081	if (dec && dec->aes == NULL)
Vanger	0:b86d15c6ba29	2082	return MEMORY_E;
Vanger	0:b86d15c6ba29	2083	#ifdef HAVE_CAVIUM
Vanger	0:b86d15c6ba29	2084	if (devId != NO_CAVIUM_DEVICE) {
Vanger	0:b86d15c6ba29	2085	if (enc) {
Vanger	0:b86d15c6ba29	2086	if (AesInitCavium(enc->aes, devId) != 0) {
Vanger	0:b86d15c6ba29	2087	CYASSL_MSG("AesInitCavium failed in SetKeys");
Vanger	0:b86d15c6ba29	2088	return CAVIUM_INIT_E;
Vanger	0:b86d15c6ba29	2089	}
Vanger	0:b86d15c6ba29	2090	}
Vanger	0:b86d15c6ba29	2091	if (dec) {
Vanger	0:b86d15c6ba29	2092	if (AesInitCavium(dec->aes, devId) != 0) {
Vanger	0:b86d15c6ba29	2093	CYASSL_MSG("AesInitCavium failed in SetKeys");
Vanger	0:b86d15c6ba29	2094	return CAVIUM_INIT_E;
Vanger	0:b86d15c6ba29	2095	}
Vanger	0:b86d15c6ba29	2096	}
Vanger	0:b86d15c6ba29	2097	}
Vanger	0:b86d15c6ba29	2098	#endif
Vanger	0:b86d15c6ba29	2099	if (side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	2100	if (enc) {
Vanger	0:b86d15c6ba29	2101	aesRet = AesSetKey(enc->aes, keys->client_write_key,
Vanger	0:b86d15c6ba29	2102	specs->key_size, keys->client_write_IV,
Vanger	0:b86d15c6ba29	2103	AES_ENCRYPTION);
Vanger	0:b86d15c6ba29	2104	if (aesRet != 0) return aesRet;
Vanger	0:b86d15c6ba29	2105	}
Vanger	0:b86d15c6ba29	2106	if (dec) {
Vanger	0:b86d15c6ba29	2107	aesRet = AesSetKey(dec->aes, keys->server_write_key,
Vanger	0:b86d15c6ba29	2108	specs->key_size, keys->server_write_IV,
Vanger	0:b86d15c6ba29	2109	AES_DECRYPTION);
Vanger	0:b86d15c6ba29	2110	if (aesRet != 0) return aesRet;
Vanger	0:b86d15c6ba29	2111	}
Vanger	0:b86d15c6ba29	2112	}
Vanger	0:b86d15c6ba29	2113	else {
Vanger	0:b86d15c6ba29	2114	if (enc) {
Vanger	0:b86d15c6ba29	2115	aesRet = AesSetKey(enc->aes, keys->server_write_key,
Vanger	0:b86d15c6ba29	2116	specs->key_size, keys->server_write_IV,
Vanger	0:b86d15c6ba29	2117	AES_ENCRYPTION);
Vanger	0:b86d15c6ba29	2118	if (aesRet != 0) return aesRet;
Vanger	0:b86d15c6ba29	2119	}
Vanger	0:b86d15c6ba29	2120	if (dec) {
Vanger	0:b86d15c6ba29	2121	aesRet = AesSetKey(dec->aes, keys->client_write_key,
Vanger	0:b86d15c6ba29	2122	specs->key_size, keys->client_write_IV,
Vanger	0:b86d15c6ba29	2123	AES_DECRYPTION);
Vanger	0:b86d15c6ba29	2124	if (aesRet != 0) return aesRet;
Vanger	0:b86d15c6ba29	2125	}
Vanger	0:b86d15c6ba29	2126	}
Vanger	0:b86d15c6ba29	2127	if (enc)
Vanger	0:b86d15c6ba29	2128	enc->setup = 1;
Vanger	0:b86d15c6ba29	2129	if (dec)
Vanger	0:b86d15c6ba29	2130	dec->setup = 1;
Vanger	0:b86d15c6ba29	2131	}
Vanger	0:b86d15c6ba29	2132	#endif
Vanger	0:b86d15c6ba29	2133
Vanger	0:b86d15c6ba29	2134	#ifdef BUILD_AESGCM
Vanger	0:b86d15c6ba29	2135	if (specs->bulk_cipher_algorithm == cyassl_aes_gcm) {
Vanger	0:b86d15c6ba29	2136	int gcmRet;
Vanger	0:b86d15c6ba29	2137
Vanger	0:b86d15c6ba29	2138	if (enc && enc->aes == NULL)
Vanger	0:b86d15c6ba29	2139	enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2140	if (enc && enc->aes == NULL)
Vanger	0:b86d15c6ba29	2141	return MEMORY_E;
Vanger	0:b86d15c6ba29	2142	if (dec && dec->aes == NULL)
Vanger	0:b86d15c6ba29	2143	dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2144	if (dec && dec->aes == NULL)
Vanger	0:b86d15c6ba29	2145	return MEMORY_E;
Vanger	0:b86d15c6ba29	2146
Vanger	0:b86d15c6ba29	2147	if (side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	2148	if (enc) {
Vanger	0:b86d15c6ba29	2149	gcmRet = AesGcmSetKey(enc->aes, keys->client_write_key,
Vanger	0:b86d15c6ba29	2150	specs->key_size);
Vanger	0:b86d15c6ba29	2151	if (gcmRet != 0) return gcmRet;
Vanger	0:b86d15c6ba29	2152	XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
Vanger	0:b86d15c6ba29	2153	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	2154	}
Vanger	0:b86d15c6ba29	2155	if (dec) {
Vanger	0:b86d15c6ba29	2156	gcmRet = AesGcmSetKey(dec->aes, keys->server_write_key,
Vanger	0:b86d15c6ba29	2157	specs->key_size);
Vanger	0:b86d15c6ba29	2158	if (gcmRet != 0) return gcmRet;
Vanger	0:b86d15c6ba29	2159	XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
Vanger	0:b86d15c6ba29	2160	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	2161	}
Vanger	0:b86d15c6ba29	2162	}
Vanger	0:b86d15c6ba29	2163	else {
Vanger	0:b86d15c6ba29	2164	if (enc) {
Vanger	0:b86d15c6ba29	2165	gcmRet = AesGcmSetKey(enc->aes, keys->server_write_key,
Vanger	0:b86d15c6ba29	2166	specs->key_size);
Vanger	0:b86d15c6ba29	2167	if (gcmRet != 0) return gcmRet;
Vanger	0:b86d15c6ba29	2168	XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
Vanger	0:b86d15c6ba29	2169	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	2170	}
Vanger	0:b86d15c6ba29	2171	if (dec) {
Vanger	0:b86d15c6ba29	2172	gcmRet = AesGcmSetKey(dec->aes, keys->client_write_key,
Vanger	0:b86d15c6ba29	2173	specs->key_size);
Vanger	0:b86d15c6ba29	2174	if (gcmRet != 0) return gcmRet;
Vanger	0:b86d15c6ba29	2175	XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
Vanger	0:b86d15c6ba29	2176	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	2177	}
Vanger	0:b86d15c6ba29	2178	}
Vanger	0:b86d15c6ba29	2179	if (enc)
Vanger	0:b86d15c6ba29	2180	enc->setup = 1;
Vanger	0:b86d15c6ba29	2181	if (dec)
Vanger	0:b86d15c6ba29	2182	dec->setup = 1;
Vanger	0:b86d15c6ba29	2183	}
Vanger	0:b86d15c6ba29	2184	#endif
Vanger	0:b86d15c6ba29	2185
Vanger	0:b86d15c6ba29	2186	#ifdef HAVE_AESCCM
Vanger	0:b86d15c6ba29	2187	if (specs->bulk_cipher_algorithm == cyassl_aes_ccm) {
Vanger	0:b86d15c6ba29	2188	if (enc && enc->aes == NULL)
Vanger	0:b86d15c6ba29	2189	enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2190	if (enc && enc->aes == NULL)
Vanger	0:b86d15c6ba29	2191	return MEMORY_E;
Vanger	0:b86d15c6ba29	2192	if (dec && dec->aes == NULL)
Vanger	0:b86d15c6ba29	2193	dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2194	if (dec && dec->aes == NULL)
Vanger	0:b86d15c6ba29	2195	return MEMORY_E;
Vanger	0:b86d15c6ba29	2196
Vanger	0:b86d15c6ba29	2197	if (side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	2198	if (enc) {
Vanger	0:b86d15c6ba29	2199	AesCcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
Vanger	0:b86d15c6ba29	2200	XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
Vanger	0:b86d15c6ba29	2201	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	2202	}
Vanger	0:b86d15c6ba29	2203	if (dec) {
Vanger	0:b86d15c6ba29	2204	AesCcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
Vanger	0:b86d15c6ba29	2205	XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
Vanger	0:b86d15c6ba29	2206	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	2207	}
Vanger	0:b86d15c6ba29	2208	}
Vanger	0:b86d15c6ba29	2209	else {
Vanger	0:b86d15c6ba29	2210	if (enc) {
Vanger	0:b86d15c6ba29	2211	AesCcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
Vanger	0:b86d15c6ba29	2212	XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
Vanger	0:b86d15c6ba29	2213	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	2214	}
Vanger	0:b86d15c6ba29	2215	if (dec) {
Vanger	0:b86d15c6ba29	2216	AesCcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
Vanger	0:b86d15c6ba29	2217	XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
Vanger	0:b86d15c6ba29	2218	AEAD_IMP_IV_SZ);
Vanger	0:b86d15c6ba29	2219	}
Vanger	0:b86d15c6ba29	2220	}
Vanger	0:b86d15c6ba29	2221	if (enc)
Vanger	0:b86d15c6ba29	2222	enc->setup = 1;
Vanger	0:b86d15c6ba29	2223	if (dec)
Vanger	0:b86d15c6ba29	2224	dec->setup = 1;
Vanger	0:b86d15c6ba29	2225	}
Vanger	0:b86d15c6ba29	2226	#endif
Vanger	0:b86d15c6ba29	2227
Vanger	0:b86d15c6ba29	2228	#ifdef HAVE_CAMELLIA
Vanger	0:b86d15c6ba29	2229	if (specs->bulk_cipher_algorithm == cyassl_camellia) {
Vanger	0:b86d15c6ba29	2230	int camRet;
Vanger	0:b86d15c6ba29	2231
Vanger	0:b86d15c6ba29	2232	if (enc && enc->cam == NULL)
Vanger	0:b86d15c6ba29	2233	enc->cam =
Vanger	0:b86d15c6ba29	2234	(Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2235	if (enc && enc->cam == NULL)
Vanger	0:b86d15c6ba29	2236	return MEMORY_E;
Vanger	0:b86d15c6ba29	2237
Vanger	0:b86d15c6ba29	2238	if (dec && dec->cam == NULL)
Vanger	0:b86d15c6ba29	2239	dec->cam =
Vanger	0:b86d15c6ba29	2240	(Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2241	if (dec && dec->cam == NULL)
Vanger	0:b86d15c6ba29	2242	return MEMORY_E;
Vanger	0:b86d15c6ba29	2243
Vanger	0:b86d15c6ba29	2244	if (side == CYASSL_CLIENT_END) {
Vanger	0:b86d15c6ba29	2245	if (enc) {
Vanger	0:b86d15c6ba29	2246	camRet = CamelliaSetKey(enc->cam, keys->client_write_key,
Vanger	0:b86d15c6ba29	2247	specs->key_size, keys->client_write_IV);
Vanger	0:b86d15c6ba29	2248	if (camRet != 0) return camRet;
Vanger	0:b86d15c6ba29	2249	}
Vanger	0:b86d15c6ba29	2250	if (dec) {
Vanger	0:b86d15c6ba29	2251	camRet = CamelliaSetKey(dec->cam, keys->server_write_key,
Vanger	0:b86d15c6ba29	2252	specs->key_size, keys->server_write_IV);
Vanger	0:b86d15c6ba29	2253	if (camRet != 0) return camRet;
Vanger	0:b86d15c6ba29	2254	}
Vanger	0:b86d15c6ba29	2255	}
Vanger	0:b86d15c6ba29	2256	else {
Vanger	0:b86d15c6ba29	2257	if (enc) {
Vanger	0:b86d15c6ba29	2258	camRet = CamelliaSetKey(enc->cam, keys->server_write_key,
Vanger	0:b86d15c6ba29	2259	specs->key_size, keys->server_write_IV);
Vanger	0:b86d15c6ba29	2260	if (camRet != 0) return camRet;
Vanger	0:b86d15c6ba29	2261	}
Vanger	0:b86d15c6ba29	2262	if (dec) {
Vanger	0:b86d15c6ba29	2263	camRet = CamelliaSetKey(dec->cam, keys->client_write_key,
Vanger	0:b86d15c6ba29	2264	specs->key_size, keys->client_write_IV);
Vanger	0:b86d15c6ba29	2265	if (camRet != 0) return camRet;
Vanger	0:b86d15c6ba29	2266	}
Vanger	0:b86d15c6ba29	2267	}
Vanger	0:b86d15c6ba29	2268	if (enc)
Vanger	0:b86d15c6ba29	2269	enc->setup = 1;
Vanger	0:b86d15c6ba29	2270	if (dec)
Vanger	0:b86d15c6ba29	2271	dec->setup = 1;
Vanger	0:b86d15c6ba29	2272	}
Vanger	0:b86d15c6ba29	2273	#endif
Vanger	0:b86d15c6ba29	2274
Vanger	0:b86d15c6ba29	2275	#ifdef HAVE_NULL_CIPHER
Vanger	0:b86d15c6ba29	2276	if (specs->bulk_cipher_algorithm == cyassl_cipher_null) {
Vanger	0:b86d15c6ba29	2277	if (enc)
Vanger	0:b86d15c6ba29	2278	enc->setup = 1;
Vanger	0:b86d15c6ba29	2279	if (dec)
Vanger	0:b86d15c6ba29	2280	dec->setup = 1;
Vanger	0:b86d15c6ba29	2281	}
Vanger	0:b86d15c6ba29	2282	#endif
Vanger	0:b86d15c6ba29	2283
Vanger	0:b86d15c6ba29	2284	if (enc)
Vanger	0:b86d15c6ba29	2285	keys->sequence_number = 0;
Vanger	0:b86d15c6ba29	2286	if (dec)
Vanger	0:b86d15c6ba29	2287	keys->peer_sequence_number = 0;
Vanger	0:b86d15c6ba29	2288	(void)side;
Vanger	0:b86d15c6ba29	2289	(void)heap;
Vanger	0:b86d15c6ba29	2290	(void)enc;
Vanger	0:b86d15c6ba29	2291	(void)dec;
Vanger	0:b86d15c6ba29	2292	(void)specs;
Vanger	0:b86d15c6ba29	2293	(void)devId;
Vanger	0:b86d15c6ba29	2294
Vanger	0:b86d15c6ba29	2295	return 0;
Vanger	0:b86d15c6ba29	2296	}
Vanger	0:b86d15c6ba29	2297
Vanger	0:b86d15c6ba29	2298
Vanger	0:b86d15c6ba29	2299	#ifdef HAVE_ONE_TIME_AUTH
Vanger	0:b86d15c6ba29	2300	/* set one time authentication keys */
Vanger	0:b86d15c6ba29	2301	static int SetAuthKeys(OneTimeAuth* authentication, Keys* keys,
Vanger	0:b86d15c6ba29	2302	CipherSpecs* specs, void* heap, int devId)
Vanger	0:b86d15c6ba29	2303	{
Vanger	0:b86d15c6ba29	2304
Vanger	0:b86d15c6ba29	2305	#ifdef HAVE_POLY1305
Vanger	0:b86d15c6ba29	2306	/* set up memory space for poly1305 */
Vanger	0:b86d15c6ba29	2307	if (authentication && authentication->poly1305 == NULL)
Vanger	0:b86d15c6ba29	2308	authentication->poly1305 =
Vanger	0:b86d15c6ba29	2309	(Poly1305*)XMALLOC(sizeof(Poly1305), heap, DYNAMIC_TYPE_CIPHER);
Vanger	0:b86d15c6ba29	2310	if (authentication && authentication->poly1305 == NULL)
Vanger	0:b86d15c6ba29	2311	return MEMORY_E;
Vanger	0:b86d15c6ba29	2312	authentication->setup = 1;
Vanger	0:b86d15c6ba29	2313	#endif
Vanger	0:b86d15c6ba29	2314	(void)heap;
Vanger	0:b86d15c6ba29	2315	(void)keys;
Vanger	0:b86d15c6ba29	2316	(void)specs;
Vanger	0:b86d15c6ba29	2317	(void)devId;
Vanger	0:b86d15c6ba29	2318
Vanger	0:b86d15c6ba29	2319	return 0;
Vanger	0:b86d15c6ba29	2320	}
Vanger	0:b86d15c6ba29	2321	#endif /* HAVE_ONE_TIME_AUTH */
Vanger	0:b86d15c6ba29	2322
Vanger	0:b86d15c6ba29	2323
Vanger	0:b86d15c6ba29	2324	/* Set encrypt/decrypt or both sides of key setup */
Vanger	0:b86d15c6ba29	2325	int SetKeysSide(CYASSL* ssl, enum encrypt_side side)
Vanger	0:b86d15c6ba29	2326	{
Vanger	0:b86d15c6ba29	2327	int devId = NO_CAVIUM_DEVICE, ret, copy = 0;
Vanger	0:b86d15c6ba29	2328	Ciphers* encrypt = NULL;
Vanger	0:b86d15c6ba29	2329	Ciphers* decrypt = NULL;
Vanger	0:b86d15c6ba29	2330	Keys* keys = &ssl->keys;
Vanger	0:b86d15c6ba29	2331
Vanger	0:b86d15c6ba29	2332	(void)copy;
Vanger	0:b86d15c6ba29	2333
Vanger	0:b86d15c6ba29	2334	#ifdef HAVE_CAVIUM
Vanger	0:b86d15c6ba29	2335	devId = ssl->devId;
Vanger	0:b86d15c6ba29	2336	#endif
Vanger	0:b86d15c6ba29	2337
Vanger	0:b86d15c6ba29	2338	#ifdef HAVE_SECURE_RENEGOTIATION
Vanger	0:b86d15c6ba29	2339	if (ssl->secure_renegotiation && ssl->secure_renegotiation->cache_status) {
Vanger	0:b86d15c6ba29	2340	keys = &ssl->secure_renegotiation->tmp_keys;
Vanger	0:b86d15c6ba29	2341	copy = 1;
Vanger	0:b86d15c6ba29	2342	}
Vanger	0:b86d15c6ba29	2343	#endif /* HAVE_SECURE_RENEGOTIATION */
Vanger	0:b86d15c6ba29	2344
Vanger	0:b86d15c6ba29	2345	switch (side) {
Vanger	0:b86d15c6ba29	2346	case ENCRYPT_SIDE_ONLY:
Vanger	0:b86d15c6ba29	2347	encrypt = &ssl->encrypt;
Vanger	0:b86d15c6ba29	2348	break;
Vanger	0:b86d15c6ba29	2349
Vanger	0:b86d15c6ba29	2350	case DECRYPT_SIDE_ONLY:
Vanger	0:b86d15c6ba29	2351	decrypt = &ssl->decrypt;
Vanger	0:b86d15c6ba29	2352	break;
Vanger	0:b86d15c6ba29	2353
Vanger	0:b86d15c6ba29	2354	case ENCRYPT_AND_DECRYPT_SIDE:
Vanger	0:b86d15c6ba29	2355	encrypt = &ssl->encrypt;
Vanger	0:b86d15c6ba29	2356	decrypt = &ssl->decrypt;
Vanger	0:b86d15c6ba29	2357	break;
Vanger	0:b86d15c6ba29	2358
Vanger	0:b86d15c6ba29	2359	default:
Vanger	0:b86d15c6ba29	2360	return BAD_FUNC_ARG;
Vanger	0:b86d15c6ba29	2361	}
Vanger	0:b86d15c6ba29	2362
Vanger	0:b86d15c6ba29	2363	#ifdef HAVE_ONE_TIME_AUTH
Vanger	0:b86d15c6ba29	2364	if (!ssl->auth.setup) {
Vanger	0:b86d15c6ba29	2365	ret = SetAuthKeys(&ssl->auth, keys, &ssl->specs, ssl->heap, devId);
Vanger	0:b86d15c6ba29	2366	if (ret != 0)
Vanger	0:b86d15c6ba29	2367	return ret;
Vanger	0:b86d15c6ba29	2368	}
Vanger	0:b86d15c6ba29	2369	#endif
Vanger	0:b86d15c6ba29	2370
Vanger	0:b86d15c6ba29	2371	ret = SetKeys(encrypt, decrypt, keys, &ssl->specs, ssl->options.side,
Vanger	0:b86d15c6ba29	2372	ssl->heap, devId);
Vanger	0:b86d15c6ba29	2373
Vanger	0:b86d15c6ba29	2374	#ifdef HAVE_SECURE_RENEGOTIATION
Vanger	0:b86d15c6ba29	2375	if (copy) {
Vanger	0:b86d15c6ba29	2376	int clientCopy = 0;
Vanger	0:b86d15c6ba29	2377
Vanger	0:b86d15c6ba29	2378	if (ssl->options.side == CYASSL_CLIENT_END && encrypt)
Vanger	0:b86d15c6ba29	2379	clientCopy = 1;
Vanger	0:b86d15c6ba29	2380	else if (ssl->options.side == CYASSL_SERVER_END && decrypt)
Vanger	0:b86d15c6ba29	2381	clientCopy = 1;
Vanger	0:b86d15c6ba29	2382
Vanger	0:b86d15c6ba29	2383	if (clientCopy) {
Vanger	0:b86d15c6ba29	2384	XMEMCPY(ssl->keys.client_write_MAC_secret,
Vanger	0:b86d15c6ba29	2385	keys->client_write_MAC_secret, MAX_DIGEST_SIZE);
Vanger	0:b86d15c6ba29	2386	XMEMCPY(ssl->keys.client_write_key,
Vanger	0:b86d15c6ba29	2387	keys->client_write_key, AES_256_KEY_SIZE);
Vanger	0:b86d15c6ba29	2388	XMEMCPY(ssl->keys.client_write_IV,
Vanger	0:b86d15c6ba29	2389	keys->client_write_IV, AES_IV_SIZE);
Vanger	0:b86d15c6ba29	2390	} else {
Vanger	0:b86d15c6ba29	2391	XMEMCPY(ssl->keys.server_write_MAC_secret,
Vanger	0:b86d15c6ba29	2392	keys->server_write_MAC_secret, MAX_DIGEST_SIZE);
Vanger	0:b86d15c6ba29	2393	XMEMCPY(ssl->keys.server_write_key,
Vanger	0:b86d15c6ba29	2394	keys->server_write_key, AES_256_KEY_SIZE);
Vanger	0:b86d15c6ba29	2395	XMEMCPY(ssl->keys.server_write_IV,
Vanger	0:b86d15c6ba29	2396	keys->server_write_IV, AES_IV_SIZE);
Vanger	0:b86d15c6ba29	2397	}
Vanger	0:b86d15c6ba29	2398	if (encrypt) {
Vanger	0:b86d15c6ba29	2399	ssl->keys.sequence_number = keys->sequence_number;
Vanger	0:b86d15c6ba29	2400	#ifdef HAVE_AEAD
Vanger	0:b86d15c6ba29	2401	if (ssl->specs.cipher_type == aead) {
Vanger	0:b86d15c6ba29	2402	/* Initialize the AES-GCM/CCM explicit IV to a zero. */
Vanger	0:b86d15c6ba29	2403	XMEMCPY(ssl->keys.aead_exp_IV, keys->aead_exp_IV,
Vanger	0:b86d15c6ba29	2404	AEAD_EXP_IV_SZ);
Vanger	0:b86d15c6ba29	2405	}
Vanger	0:b86d15c6ba29	2406	#endif
Vanger	0:b86d15c6ba29	2407	}
Vanger	0:b86d15c6ba29	2408	if (decrypt)
Vanger	0:b86d15c6ba29	2409	ssl->keys.peer_sequence_number = keys->peer_sequence_number;
Vanger	0:b86d15c6ba29	2410	ssl->secure_renegotiation->cache_status++;
Vanger	0:b86d15c6ba29	2411	}
Vanger	0:b86d15c6ba29	2412	#endif /* HAVE_SECURE_RENEGOTIATION */
Vanger	0:b86d15c6ba29	2413
Vanger	0:b86d15c6ba29	2414	return ret;
Vanger	0:b86d15c6ba29	2415	}
Vanger	0:b86d15c6ba29	2416
Vanger	0:b86d15c6ba29	2417
Vanger	0:b86d15c6ba29	2418	/* TLS can call too */
Vanger	0:b86d15c6ba29	2419	int StoreKeys(CYASSL* ssl, const byte* keyData)
Vanger	0:b86d15c6ba29	2420	{
Vanger	0:b86d15c6ba29	2421	int sz, i = 0;
Vanger	0:b86d15c6ba29	2422	Keys* keys = &ssl->keys;
Vanger	0:b86d15c6ba29	2423
Vanger	0:b86d15c6ba29	2424	#ifdef HAVE_SECURE_RENEGOTIATION
Vanger	0:b86d15c6ba29	2425	if (ssl->secure_renegotiation && ssl->secure_renegotiation->cache_status ==
Vanger	0:b86d15c6ba29	2426	SCR_CACHE_NEEDED) {
Vanger	0:b86d15c6ba29	2427	keys = &ssl->secure_renegotiation->tmp_keys;
Vanger	0:b86d15c6ba29	2428	ssl->secure_renegotiation->cache_status++;
Vanger	0:b86d15c6ba29	2429	}
Vanger	0:b86d15c6ba29	2430	#endif /* HAVE_SECURE_RENEGOTIATION */
Vanger	0:b86d15c6ba29	2431
Vanger	0:b86d15c6ba29	2432	if (ssl->specs.cipher_type != aead) {
Vanger	0:b86d15c6ba29	2433	sz = ssl->specs.hash_size;
Vanger	0:b86d15c6ba29	2434	XMEMCPY(keys->client_write_MAC_secret,&keyData[i], sz);
Vanger	0:b86d15c6ba29	2435	i += sz;
Vanger	0:b86d15c6ba29	2436	XMEMCPY(keys->server_write_MAC_secret,&keyData[i], sz);
Vanger	0:b86d15c6ba29	2437	i += sz;
Vanger	0:b86d15c6ba29	2438	}
Vanger	0:b86d15c6ba29	2439	sz = ssl->specs.key_size;
Vanger	0:b86d15c6ba29	2440	XMEMCPY(keys->client_write_key, &keyData[i], sz);
Vanger	0:b86d15c6ba29	2441	i += sz;
Vanger	0:b86d15c6ba29	2442	XMEMCPY(keys->server_write_key, &keyData[i], sz);
Vanger	0:b86d15c6ba29	2443	i += sz;
Vanger	0:b86d15c6ba29	2444
Vanger	0:b86d15c6ba29	2445	sz = ssl->specs.iv_size;
Vanger	0:b86d15c6ba29	2446	XMEMCPY(keys->client_write_IV, &keyData[i], sz);
Vanger	0:b86d15c6ba29	2447	i += sz;
Vanger	0:b86d15c6ba29	2448	XMEMCPY(keys->server_write_IV, &keyData[i], sz);
Vanger	0:b86d15c6ba29	2449
Vanger	0:b86d15c6ba29	2450	#ifdef HAVE_AEAD
Vanger	0:b86d15c6ba29	2451	if (ssl->specs.cipher_type == aead) {
Vanger	0:b86d15c6ba29	2452	/* Initialize the AES-GCM/CCM explicit IV to a zero. */
Vanger	0:b86d15c6ba29	2453	XMEMSET(keys->aead_exp_IV, 0, AEAD_EXP_IV_SZ);
Vanger	0:b86d15c6ba29	2454	}
Vanger	0:b86d15c6ba29	2455	#endif
Vanger	0:b86d15c6ba29	2456
Vanger	0:b86d15c6ba29	2457	return 0;
Vanger	0:b86d15c6ba29	2458	}
Vanger	0:b86d15c6ba29	2459
Vanger	0:b86d15c6ba29	2460	#ifndef NO_OLD_TLS
Vanger	0:b86d15c6ba29	2461	int DeriveKeys(CYASSL* ssl)
Vanger	0:b86d15c6ba29	2462	{
Vanger	0:b86d15c6ba29	2463	int length = 2 * ssl->specs.hash_size +
Vanger	0:b86d15c6ba29	2464	2 * ssl->specs.key_size +
Vanger	0:b86d15c6ba29	2465	2 * ssl->specs.iv_size;
Vanger	0:b86d15c6ba29	2466	int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i;
Vanger	0:b86d15c6ba29	2467	int ret = 0;
Vanger	0:b86d15c6ba29	2468
Vanger	0:b86d15c6ba29	2469	#ifdef CYASSL_SMALL_STACK
Vanger	0:b86d15c6ba29	2470	byte* shaOutput;
Vanger	0:b86d15c6ba29	2471	byte* md5Input;
Vanger	0:b86d15c6ba29	2472	byte* shaInput;
Vanger	0:b86d15c6ba29	2473	byte* keyData;
Vanger	0:b86d15c6ba29	2474	Md5* md5;
Vanger	0:b86d15c6ba29	2475	Sha* sha;
Vanger	0:b86d15c6ba29	2476	#else
Vanger	0:b86d15c6ba29	2477	byte shaOutput[SHA_DIGEST_SIZE];
Vanger	0:b86d15c6ba29	2478	byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE];
Vanger	0:b86d15c6ba29	2479	byte shaInput[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN];
Vanger	0:b86d15c6ba29	2480	byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE];
Vanger	0:b86d15c6ba29	2481	Md5 md5[1];
Vanger	0:b86d15c6ba29	2482	Sha sha[1];
Vanger	0:b86d15c6ba29	2483	#endif
Vanger	0:b86d15c6ba29	2484
Vanger	0:b86d15c6ba29	2485	#ifdef CYASSL_SMALL_STACK
Vanger	0:b86d15c6ba29	2486	shaOutput = (byte*)XMALLOC(SHA_DIGEST_SIZE,
Vanger	0:b86d15c6ba29	2487	NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2488	md5Input = (byte*)XMALLOC(SECRET_LEN + SHA_DIGEST_SIZE,
Vanger	0:b86d15c6ba29	2489	NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2490	shaInput = (byte)XMALLOC(KEY_PREFIX + SECRET_LEN + 2 RAN_LEN,
Vanger	0:b86d15c6ba29	2491	NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2492	keyData = (byte)XMALLOC(KEY_PREFIX MD5_DIGEST_SIZE,
Vanger	0:b86d15c6ba29	2493	NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2494	md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2495	sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2496
Vanger	0:b86d15c6ba29	2497	if (shaOutput == NULL \|\| md5Input == NULL \|\| shaInput == NULL \|\|
Vanger	0:b86d15c6ba29	2498	keyData == NULL \|\| md5 == NULL \|\| sha == NULL) {
Vanger	0:b86d15c6ba29	2499	if (shaOutput) XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2500	if (md5Input) XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2501	if (shaInput) XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2502	if (keyData) XFREE(keyData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2503	if (md5) XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2504	if (sha) XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2505
Vanger	0:b86d15c6ba29	2506	return MEMORY_E;
Vanger	0:b86d15c6ba29	2507	}
Vanger	0:b86d15c6ba29	2508	#endif
Vanger	0:b86d15c6ba29	2509
Vanger	0:b86d15c6ba29	2510	InitMd5(md5);
Vanger	0:b86d15c6ba29	2511
Vanger	0:b86d15c6ba29	2512	ret = InitSha(sha);
Vanger	0:b86d15c6ba29	2513
Vanger	0:b86d15c6ba29	2514	if (ret == 0) {
Vanger	0:b86d15c6ba29	2515	XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN);
Vanger	0:b86d15c6ba29	2516
Vanger	0:b86d15c6ba29	2517	for (i = 0; i < rounds; ++i) {
Vanger	0:b86d15c6ba29	2518	int j = i + 1;
Vanger	0:b86d15c6ba29	2519	int idx = j;
Vanger	0:b86d15c6ba29	2520
Vanger	0:b86d15c6ba29	2521	if (!SetPrefix(shaInput, i)) {
Vanger	0:b86d15c6ba29	2522	ret = PREFIX_ERROR;
Vanger	0:b86d15c6ba29	2523	break;
Vanger	0:b86d15c6ba29	2524	}
Vanger	0:b86d15c6ba29	2525
Vanger	0:b86d15c6ba29	2526	XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN);
Vanger	0:b86d15c6ba29	2527	idx += SECRET_LEN;
Vanger	0:b86d15c6ba29	2528	XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
Vanger	0:b86d15c6ba29	2529	idx += RAN_LEN;
Vanger	0:b86d15c6ba29	2530	XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
Vanger	0:b86d15c6ba29	2531
Vanger	0:b86d15c6ba29	2532	ShaUpdate(sha, shaInput, (KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN)
Vanger	0:b86d15c6ba29	2533	- KEY_PREFIX + j);
Vanger	0:b86d15c6ba29	2534	ShaFinal(sha, shaOutput);
Vanger	0:b86d15c6ba29	2535
Vanger	0:b86d15c6ba29	2536	XMEMCPY(md5Input + SECRET_LEN, shaOutput, SHA_DIGEST_SIZE);
Vanger	0:b86d15c6ba29	2537	Md5Update(md5, md5Input, SECRET_LEN + SHA_DIGEST_SIZE);
Vanger	0:b86d15c6ba29	2538	Md5Final(md5, keyData + i * MD5_DIGEST_SIZE);
Vanger	0:b86d15c6ba29	2539	}
Vanger	0:b86d15c6ba29	2540
Vanger	0:b86d15c6ba29	2541	if (ret == 0)
Vanger	0:b86d15c6ba29	2542	ret = StoreKeys(ssl, keyData);
Vanger	0:b86d15c6ba29	2543	}
Vanger	0:b86d15c6ba29	2544
Vanger	0:b86d15c6ba29	2545	#ifdef CYASSL_SMALL_STACK
Vanger	0:b86d15c6ba29	2546	XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2547	XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2548	XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2549	XFREE(keyData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2550	XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2551	XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2552	#endif
Vanger	0:b86d15c6ba29	2553
Vanger	0:b86d15c6ba29	2554	return ret;
Vanger	0:b86d15c6ba29	2555	}
Vanger	0:b86d15c6ba29	2556
Vanger	0:b86d15c6ba29	2557
Vanger	0:b86d15c6ba29	2558	static int CleanPreMaster(CYASSL* ssl)
Vanger	0:b86d15c6ba29	2559	{
Vanger	0:b86d15c6ba29	2560	int i, ret, sz = ssl->arrays->preMasterSz;
Vanger	0:b86d15c6ba29	2561
Vanger	0:b86d15c6ba29	2562	for (i = 0; i < sz; i++)
Vanger	0:b86d15c6ba29	2563	ssl->arrays->preMasterSecret[i] = 0;
Vanger	0:b86d15c6ba29	2564
Vanger	0:b86d15c6ba29	2565	ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz);
Vanger	0:b86d15c6ba29	2566	if (ret != 0)
Vanger	0:b86d15c6ba29	2567	return ret;
Vanger	0:b86d15c6ba29	2568
Vanger	0:b86d15c6ba29	2569	for (i = 0; i < sz; i++)
Vanger	0:b86d15c6ba29	2570	ssl->arrays->preMasterSecret[i] = 0;
Vanger	0:b86d15c6ba29	2571
Vanger	0:b86d15c6ba29	2572	return 0;
Vanger	0:b86d15c6ba29	2573	}
Vanger	0:b86d15c6ba29	2574
Vanger	0:b86d15c6ba29	2575
Vanger	0:b86d15c6ba29	2576	/* Create and store the master secret see page 32, 6.1 */
Vanger	0:b86d15c6ba29	2577	static int MakeSslMasterSecret(CYASSL* ssl)
Vanger	0:b86d15c6ba29	2578	{
Vanger	0:b86d15c6ba29	2579	int i, ret;
Vanger	0:b86d15c6ba29	2580	word32 idx;
Vanger	0:b86d15c6ba29	2581	word32 pmsSz = ssl->arrays->preMasterSz;
Vanger	0:b86d15c6ba29	2582
Vanger	0:b86d15c6ba29	2583	#ifdef CYASSL_SMALL_STACK
Vanger	0:b86d15c6ba29	2584	byte* shaOutput;
Vanger	0:b86d15c6ba29	2585	byte* md5Input;
Vanger	0:b86d15c6ba29	2586	byte* shaInput;
Vanger	0:b86d15c6ba29	2587	Md5* md5;
Vanger	0:b86d15c6ba29	2588	Sha* sha;
Vanger	0:b86d15c6ba29	2589	#else
Vanger	0:b86d15c6ba29	2590	byte shaOutput[SHA_DIGEST_SIZE];
Vanger	0:b86d15c6ba29	2591	byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE];
Vanger	0:b86d15c6ba29	2592	byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN];
Vanger	0:b86d15c6ba29	2593	Md5 md5[1];
Vanger	0:b86d15c6ba29	2594	Sha sha[1];
Vanger	0:b86d15c6ba29	2595	#endif
Vanger	0:b86d15c6ba29	2596
Vanger	0:b86d15c6ba29	2597	#ifdef SHOW_SECRETS
Vanger	0:b86d15c6ba29	2598	{
Vanger	0:b86d15c6ba29	2599	word32 j;
Vanger	0:b86d15c6ba29	2600	printf("pre master secret: ");
Vanger	0:b86d15c6ba29	2601	for (j = 0; j < pmsSz; j++)
Vanger	0:b86d15c6ba29	2602	printf("%02x", ssl->arrays->preMasterSecret[j]);
Vanger	0:b86d15c6ba29	2603	printf("\n");
Vanger	0:b86d15c6ba29	2604	}
Vanger	0:b86d15c6ba29	2605	#endif
Vanger	0:b86d15c6ba29	2606
Vanger	0:b86d15c6ba29	2607	#ifdef CYASSL_SMALL_STACK
Vanger	0:b86d15c6ba29	2608	shaOutput = (byte*)XMALLOC(SHA_DIGEST_SIZE,
Vanger	0:b86d15c6ba29	2609	NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2610	md5Input = (byte*)XMALLOC(ENCRYPT_LEN + SHA_DIGEST_SIZE,
Vanger	0:b86d15c6ba29	2611	NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2612	shaInput = (byte)XMALLOC(PREFIX + ENCRYPT_LEN + 2 RAN_LEN,
Vanger	0:b86d15c6ba29	2613	NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2614	md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2615	sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2616
Vanger	0:b86d15c6ba29	2617	if (shaOutput == NULL \|\| md5Input == NULL \|\| shaInput == NULL \|\|
Vanger	0:b86d15c6ba29	2618	md5 == NULL \|\| sha == NULL) {
Vanger	0:b86d15c6ba29	2619	if (shaOutput) XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2620	if (md5Input) XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2621	if (shaInput) XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2622	if (md5) XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2623	if (sha) XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2624
Vanger	0:b86d15c6ba29	2625	return MEMORY_E;
Vanger	0:b86d15c6ba29	2626	}
Vanger	0:b86d15c6ba29	2627	#endif
Vanger	0:b86d15c6ba29	2628
Vanger	0:b86d15c6ba29	2629	InitMd5(md5);
Vanger	0:b86d15c6ba29	2630
Vanger	0:b86d15c6ba29	2631	ret = InitSha(sha);
Vanger	0:b86d15c6ba29	2632
Vanger	0:b86d15c6ba29	2633	if (ret == 0) {
Vanger	0:b86d15c6ba29	2634	XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz);
Vanger	0:b86d15c6ba29	2635
Vanger	0:b86d15c6ba29	2636	for (i = 0; i < MASTER_ROUNDS; ++i) {
Vanger	0:b86d15c6ba29	2637	byte prefix[KEY_PREFIX]; /* only need PREFIX bytes but static */
Vanger	0:b86d15c6ba29	2638	if (!SetPrefix(prefix, i)) { /* analysis thinks will overrun */
Vanger	0:b86d15c6ba29	2639	ret = PREFIX_ERROR;
Vanger	0:b86d15c6ba29	2640	break;
Vanger	0:b86d15c6ba29	2641	}
Vanger	0:b86d15c6ba29	2642
Vanger	0:b86d15c6ba29	2643	idx = 0;
Vanger	0:b86d15c6ba29	2644	XMEMCPY(shaInput, prefix, i + 1);
Vanger	0:b86d15c6ba29	2645	idx += i + 1;
Vanger	0:b86d15c6ba29	2646
Vanger	0:b86d15c6ba29	2647	XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz);
Vanger	0:b86d15c6ba29	2648	idx += pmsSz;
Vanger	0:b86d15c6ba29	2649	XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
Vanger	0:b86d15c6ba29	2650	idx += RAN_LEN;
Vanger	0:b86d15c6ba29	2651	XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
Vanger	0:b86d15c6ba29	2652	idx += RAN_LEN;
Vanger	0:b86d15c6ba29	2653	ShaUpdate(sha, shaInput, idx);
Vanger	0:b86d15c6ba29	2654	ShaFinal(sha, shaOutput);
Vanger	0:b86d15c6ba29	2655
Vanger	0:b86d15c6ba29	2656	idx = pmsSz; /* preSz */
Vanger	0:b86d15c6ba29	2657	XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
Vanger	0:b86d15c6ba29	2658	idx += SHA_DIGEST_SIZE;
Vanger	0:b86d15c6ba29	2659	Md5Update(md5, md5Input, idx);
Vanger	0:b86d15c6ba29	2660	Md5Final(md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]);
Vanger	0:b86d15c6ba29	2661	}
Vanger	0:b86d15c6ba29	2662
Vanger	0:b86d15c6ba29	2663	#ifdef SHOW_SECRETS
Vanger	0:b86d15c6ba29	2664	{
Vanger	0:b86d15c6ba29	2665	word32 j;
Vanger	0:b86d15c6ba29	2666	printf("master secret: ");
Vanger	0:b86d15c6ba29	2667	for (j = 0; j < SECRET_LEN; j++)
Vanger	0:b86d15c6ba29	2668	printf("%02x", ssl->arrays->masterSecret[j]);
Vanger	0:b86d15c6ba29	2669	printf("\n");
Vanger	0:b86d15c6ba29	2670	}
Vanger	0:b86d15c6ba29	2671	#endif
Vanger	0:b86d15c6ba29	2672
Vanger	0:b86d15c6ba29	2673	if (ret == 0)
Vanger	0:b86d15c6ba29	2674	ret = DeriveKeys(ssl);
Vanger	0:b86d15c6ba29	2675	}
Vanger	0:b86d15c6ba29	2676
Vanger	0:b86d15c6ba29	2677	#ifdef CYASSL_SMALL_STACK
Vanger	0:b86d15c6ba29	2678	XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2679	XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2680	XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2681	XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2682	XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
Vanger	0:b86d15c6ba29	2683	#endif
Vanger	0:b86d15c6ba29	2684
Vanger	0:b86d15c6ba29	2685	if (ret == 0)
Vanger	0:b86d15c6ba29	2686	ret = CleanPreMaster(ssl);
Vanger	0:b86d15c6ba29	2687	else
Vanger	0:b86d15c6ba29	2688	CleanPreMaster(ssl);
Vanger	0:b86d15c6ba29	2689
Vanger	0:b86d15c6ba29	2690	return ret;
Vanger	0:b86d15c6ba29	2691	}
Vanger	0:b86d15c6ba29	2692	#endif
Vanger	0:b86d15c6ba29	2693
Vanger	0:b86d15c6ba29	2694
Vanger	0:b86d15c6ba29	2695	/* Master wrapper, doesn't use SSL stack space in TLS mode */
Vanger	0:b86d15c6ba29	2696	int MakeMasterSecret(CYASSL* ssl)
Vanger	0:b86d15c6ba29	2697	{
Vanger	0:b86d15c6ba29	2698	#ifdef NO_OLD_TLS
Vanger	0:b86d15c6ba29	2699	return MakeTlsMasterSecret(ssl);
Vanger	0:b86d15c6ba29	2700	#elif !defined(NO_TLS)
Vanger	0:b86d15c6ba29	2701	if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
Vanger	0:b86d15c6ba29	2702	#endif
Vanger	0:b86d15c6ba29	2703
Vanger	0:b86d15c6ba29	2704	#ifndef NO_OLD_TLS
Vanger	0:b86d15c6ba29	2705	return MakeSslMasterSecret(ssl);
Vanger	0:b86d15c6ba29	2706	#endif
Vanger	0:b86d15c6ba29	2707	}
Vanger	0:b86d15c6ba29	2708

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	27 Mar 2015
Imports:	27
Forks:	0
Commits:	7
Dependents:	4
Dependencies:	0
Followers:	87

src/keys.c@6:cf58d49e1a86, 2015-03-23 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning