mirror of
https://git.suyu.dev/suyu/mbedtls.git
synced 2025-12-24 00:06:32 +01:00
Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer
This commit is contained in:
Paul Bakker
commit
1642122f8b
32 changed files with 5615 additions and 3443 deletions
|
|
@ -191,26 +191,27 @@
|
|||
*
|
||||
* Requires POLARSSL_ENABLE_WEAK_CIPHERSUITES as well to enable
|
||||
* the following ciphersuites:
|
||||
* TLS_RSA_WITH_NULL_MD5
|
||||
* TLS_RSA_WITH_NULL_SHA
|
||||
* TLS_RSA_WITH_NULL_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_NULL_SHA
|
||||
* TLS_ECDHE_RSA_WITH_NULL_SHA
|
||||
* TLS_PSK_WITH_NULL_SHA
|
||||
* TLS_PSK_WITH_NULL_SHA256
|
||||
* TLS_PSK_WITH_NULL_SHA384
|
||||
* TLS_DHE_PSK_WITH_NULL_SHA
|
||||
* TLS_DHE_PSK_WITH_NULL_SHA256
|
||||
* TLS_DHE_PSK_WITH_NULL_SHA384
|
||||
* TLS_RSA_PSK_WITH_NULL_SHA
|
||||
* TLS_RSA_PSK_WITH_NULL_SHA256
|
||||
* TLS_RSA_PSK_WITH_NULL_SHA384
|
||||
* TLS_ECDHE_PSK_WITH_NULL_SHA
|
||||
* TLS_ECDHE_PSK_WITH_NULL_SHA256
|
||||
* TLS_ECDHE_PSK_WITH_NULL_SHA384
|
||||
* TLS_ECDHE_PSK_WITH_NULL_SHA256
|
||||
* TLS_ECDHE_PSK_WITH_NULL_SHA
|
||||
* TLS_DHE_PSK_WITH_NULL_SHA384
|
||||
* TLS_DHE_PSK_WITH_NULL_SHA256
|
||||
* TLS_DHE_PSK_WITH_NULL_SHA
|
||||
* TLS_RSA_WITH_NULL_SHA256
|
||||
* TLS_RSA_WITH_NULL_SHA
|
||||
* TLS_RSA_WITH_NULL_MD5
|
||||
* TLS_RSA_PSK_WITH_NULL_SHA384
|
||||
* TLS_RSA_PSK_WITH_NULL_SHA256
|
||||
* TLS_RSA_PSK_WITH_NULL_SHA
|
||||
* TLS_PSK_WITH_NULL_SHA384
|
||||
* TLS_PSK_WITH_NULL_SHA256
|
||||
* TLS_PSK_WITH_NULL_SHA
|
||||
*
|
||||
* Uncomment this macro to enable the NULL cipher and ciphersuites
|
||||
#define POLARSSL_CIPHER_NULL_CIPHER
|
||||
*/
|
||||
//#define POLARSSL_CIPHER_NULL_CIPHER
|
||||
|
||||
/**
|
||||
* \def POLARSSL_CIPHER_PADDING_XXX
|
||||
|
|
@ -239,14 +240,14 @@
|
|||
* TLS_DHE_RSA_WITH_DES_CBC_SHA
|
||||
*
|
||||
* Uncomment this macro to enable weak ciphersuites
|
||||
#define POLARSSL_ENABLE_WEAK_CIPHERSUITES
|
||||
*/
|
||||
//#define POLARSSL_ENABLE_WEAK_CIPHERSUITES
|
||||
|
||||
/**
|
||||
* \def POLARSSL_ECP_XXXX_ENABLED
|
||||
*
|
||||
* Enables specific curves within the Elliptic Curve module.
|
||||
* By default all supported curves are enables.
|
||||
* By default all supported curves are enabled.
|
||||
*
|
||||
* Comment macros to disable the curve and functions for it
|
||||
*/
|
||||
|
|
@ -277,14 +278,18 @@
|
|||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_PSK_WITH_RC4_128_SHA
|
||||
* TLS_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_PSK_WITH_AES_256_GCM_SHA384
|
||||
* TLS_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_PSK_WITH_RC4_128_SHA
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
|
||||
|
||||
|
|
@ -297,14 +302,18 @@
|
|||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_DHE_PSK_WITH_RC4_128_SHA
|
||||
* TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_DHE_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_DHE_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_RC4_128_SHA
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
|
||||
|
||||
|
|
@ -317,14 +326,14 @@
|
|||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_ECDHE_PSK_WITH_RC4_128_SHA
|
||||
* TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_ECDHE_PSK_WITH_RC4_128_SHA
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
|
||||
|
||||
|
|
@ -338,14 +347,18 @@
|
|||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_RSA_PSK_WITH_RC4_128_SHA
|
||||
* TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
|
||||
* TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_RSA_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_RSA_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_RC4_128_SHA
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
|
||||
|
||||
|
|
@ -359,19 +372,21 @@
|
|||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_RSA_WITH_AES_256_CBC_SHA256
|
||||
* TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
* TLS_RSA_WITH_RC4_128_MD5
|
||||
* TLS_RSA_WITH_RC4_128_SHA
|
||||
* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
|
||||
* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
|
||||
* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_RSA_WITH_AES_256_CBC_SHA256
|
||||
* TLS_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
|
||||
* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
|
||||
* TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
|
||||
* TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_RSA_WITH_RC4_128_SHA
|
||||
* TLS_RSA_WITH_RC4_128_MD5
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_RSA_ENABLED
|
||||
|
||||
|
|
@ -385,14 +400,18 @@
|
|||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED
|
||||
|
|
@ -407,16 +426,18 @@
|
|||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
||||
* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
|
||||
|
|
@ -429,16 +450,18 @@
|
|||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
|
||||
* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
|
||||
|
|
@ -798,20 +821,52 @@
|
|||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_RSA_WITH_AES_256_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
|
||||
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
|
||||
* TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
|
||||
* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
* TLS_RSA_WITH_AES_256_CBC_SHA256
|
||||
* TLS_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
|
||||
* TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_RSA_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_RSA_PSK_WITH_AES_128_CBC_SHA
|
||||
* TLS_PSK_WITH_AES_256_GCM_SHA384
|
||||
* TLS_PSK_WITH_AES_256_CBC_SHA384
|
||||
* TLS_PSK_WITH_AES_256_CBC_SHA
|
||||
* TLS_PSK_WITH_AES_128_GCM_SHA256
|
||||
* TLS_PSK_WITH_AES_128_CBC_SHA256
|
||||
* TLS_PSK_WITH_AES_128_CBC_SHA
|
||||
*
|
||||
* PEM_PARSE uses AES for decrypting encrypted keys.
|
||||
*/
|
||||
|
|
@ -827,9 +882,13 @@
|
|||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_RSA_WITH_RC4_128_MD5
|
||||
* TLS_RSA_WITH_RC4_128_SHA
|
||||
* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
|
||||
* TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
||||
* TLS_ECDHE_PSK_WITH_RC4_128_SHA
|
||||
* TLS_DHE_PSK_WITH_RC4_128_SHA
|
||||
* TLS_RSA_WITH_RC4_128_SHA
|
||||
* TLS_RSA_WITH_RC4_128_MD5
|
||||
* TLS_RSA_PSK_WITH_RC4_128_SHA
|
||||
* TLS_PSK_WITH_RC4_128_SHA
|
||||
*/
|
||||
#define POLARSSL_ARC4_C
|
||||
|
|
@ -908,14 +967,40 @@
|
|||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
|
||||
* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
|
||||
* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
|
||||
* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
|
||||
* TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
|
||||
* TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
|
||||
* TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
|
||||
* TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
|
||||
*/
|
||||
#define POLARSSL_CAMELLIA_C
|
||||
|
||||
|
|
@ -984,9 +1069,13 @@
|
|||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_PSK_WITH_3DES_EDE_CBC_SHA
|
||||
*
|
||||
* PEM_PARSE uses DES/3DES for decrypting encrypted keys.
|
||||
|
|
@ -996,26 +1085,14 @@
|
|||
/**
|
||||
* \def POLARSSL_DHM_C
|
||||
*
|
||||
* Enable the Diffie-Hellman-Merkle key exchange.
|
||||
* Enable the Diffie-Hellman-Merkle module.
|
||||
*
|
||||
* Module: library/dhm.c
|
||||
* Caller: library/ssl_cli.c
|
||||
* library/ssl_srv.c
|
||||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_DHE_RSA_WITH_DES_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
* This module is used by the following key exchanges:
|
||||
* DHE-RSA, DHE-PSK
|
||||
*/
|
||||
#define POLARSSL_DHM_C
|
||||
|
||||
|
|
@ -1028,13 +1105,8 @@
|
|||
* Caller: library/ssl_cli.c
|
||||
* library/ssl_srv.c
|
||||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_ECDHE_RSA_WITH_NULL_SHA
|
||||
* TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
||||
* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||
* This module is used by the following key exchanges:
|
||||
* ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
|
||||
*
|
||||
* Requires: POLARSSL_ECP_C
|
||||
*/
|
||||
|
|
@ -1048,6 +1120,9 @@
|
|||
* Module: library/ecdsa.c
|
||||
* Caller:
|
||||
*
|
||||
* This module is used by the following key exchanges:
|
||||
* ECDHE-ECDSA
|
||||
*
|
||||
* Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C
|
||||
*/
|
||||
#define POLARSSL_ECDSA_C
|
||||
|
|
@ -1098,12 +1173,10 @@
|
|||
*
|
||||
* Module: library/gcm.c
|
||||
*
|
||||
* Requires: POLARSSL_AES_C
|
||||
* Requires: POLARSSL_AES_C or POLARSSL_CAMELLIA_C
|
||||
*
|
||||
* This module enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
* This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
|
||||
* requisites are enabled as well.
|
||||
*/
|
||||
#define POLARSSL_GCM_C
|
||||
|
||||
|
|
@ -1404,9 +1477,10 @@
|
|||
* library/ssl_tls.c
|
||||
* library/x509.c
|
||||
*
|
||||
* Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C
|
||||
* This module is used by the following key exchanges:
|
||||
* RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
|
||||
*
|
||||
* This module is required for SSL/TLS and MD5-signed certificates.
|
||||
* Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C
|
||||
*/
|
||||
#define POLARSSL_RSA_C
|
||||
|
||||
|
|
@ -1782,7 +1856,8 @@
|
|||
#error "CTR_DRBG_ENTROPY_LEN value too high"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_GCM_C) && !defined(POLARSSL_AES_C)
|
||||
#if defined(POLARSSL_GCM_C) && ( \
|
||||
!defined(POLARSSL_AES_C) && !defined(POLARSSL_CAMELLIA_C) )
|
||||
#error "POLARSSL_GCM_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue