Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS
Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included.
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 7640a96..40ea455 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -140,6 +140,7 @@
* TLS_RSA_WITH_NULL_MD5
* TLS_RSA_WITH_NULL_SHA
* TLS_RSA_WITH_NULL_SHA256
+ * TLS_ECDHE_RSA_WITH_NULL_SHA
*
* Uncomment this macro to enable the NULL cipher and ciphersuites
#define POLARSSL_CIPHER_NULL_CIPHER
@@ -345,6 +346,8 @@
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
* TLS_RSA_WITH_AES_128_GCM_SHA256
* TLS_RSA_WITH_AES_256_GCM_SHA384
+ * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
*
* PEM uses AES for decrypting encrypted keys.
*/
@@ -358,9 +361,11 @@
* Module: library/arc4.c
* Caller: library/ssl_tls.c
*
- * This module enables the following ciphersuites:
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
* TLS_RSA_WITH_RC4_128_MD5
* TLS_RSA_WITH_RC4_128_SHA
+ * TLS_ECDHE_RSA_WITH_RC4_128_SHA
*/
#define POLARSSL_ARC4_C
@@ -505,6 +510,7 @@
* enabled as well):
* TLS_RSA_WITH_3DES_EDE_CBC_SHA
* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
*
* PEM uses DES/3DES for decrypting encrypted keys.
*/
@@ -542,7 +548,16 @@
* Enable the elliptic curve Diffie-Hellman library.
*
* Module: library/ecdh.c
- * Caller:
+ * Caller: library/ssl_cli.c
+ * library/ssl_srv.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * TLS_ECDHE_RSA_WITH_NULL_SHA
+ * TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
*
* Requires: POLARSSL_ECP_C
*/
diff --git a/include/polarssl/debug.h b/include/polarssl/debug.h
index 511e926..f0cc261 100644
--- a/include/polarssl/debug.h
+++ b/include/polarssl/debug.h
@@ -29,6 +29,9 @@
#include "config.h"
#include "ssl.h"
+#if defined(POLARSSL_ECP_C)
+#include "ecp.h"
+#endif
#if defined(POLARSSL_DEBUG_C)
@@ -44,6 +47,9 @@
#define SSL_DEBUG_MPI( level, text, X ) \
debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X );
+#define SSL_DEBUG_ECP( level, text, X ) \
+ debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X );
+
#define SSL_DEBUG_CRT( level, text, crt ) \
debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt );
@@ -53,6 +59,7 @@
#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 )
#define SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 )
#define SSL_DEBUG_MPI( level, text, X ) do { } while( 0 )
+#define SSL_DEBUG_ECP( level, text, X ) do { } while( 0 )
#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
#endif
@@ -78,6 +85,12 @@
const char *file, int line,
const char *text, const mpi *X );
+#if defined(POLARSSL_ECP_C)
+void debug_print_ecp( const ssl_context *ssl, int level,
+ const char *file, int line,
+ const char *text, const ecp_point *X );
+#endif
+
void debug_print_crt( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const x509_cert *crt );
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 756441c..a223586 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -43,6 +43,10 @@
#include "dhm.h"
#endif
+#if defined(POLARSSL_ECDH_C)
+#include "ecdh.h"
+#endif
+
#if defined(POLARSSL_ZLIB_SUPPORT)
#include "zlib.h"
#endif
@@ -82,8 +86,8 @@
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */
-#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM Read Public. */
-#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM Calculate Secret. */
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */
#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */
#define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */
@@ -140,44 +144,6 @@
#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + SSL_COMPRESSION_ADD + 512)
-/*
- * Supported ciphersuites (Official IANA names)
- */
-#define TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */
-#define TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */
-#define TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */
-#define TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */
-#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */
-
-#define TLS_RSA_WITH_RC4_128_MD5 0x04
-#define TLS_RSA_WITH_RC4_128_SHA 0x05
-
-#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
-#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
-
-#define TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
-#define TLS_RSA_WITH_AES_256_CBC_SHA 0x35
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
-#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */
-#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */
-
-#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
-#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
-#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
-#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
-#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */
-#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */
-#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */
-#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */
-
-#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
-#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
-#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
-#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
-
#define SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */
/*
@@ -250,12 +216,15 @@
/*
* TLS extensions
*/
-#define TLS_EXT_SERVERNAME 0
-#define TLS_EXT_SERVERNAME_HOSTNAME 0
+#define TLS_EXT_SERVERNAME 0
+#define TLS_EXT_SERVERNAME_HOSTNAME 0
-#define TLS_EXT_SIG_ALG 13
+#define TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10
+#define TLS_EXT_SUPPORTED_POINT_FORMATS 11
-#define TLS_EXT_RENEGOTIATION_INFO 0xFF01
+#define TLS_EXT_SIG_ALG 13
+
+#define TLS_EXT_RENEGOTIATION_INFO 0xFF01
/*
@@ -368,6 +337,13 @@
#if defined(POLARSSL_DHM_C)
dhm_context dhm_ctx; /*!< DHM key exchange */
#endif
+#if defined(POLARSSL_ECDH_C)
+ ecdh_context ecdh_ctx; /*!< ECDH key exchange */
+#endif
+#if defined(POLARSSL_ECP_C)
+ int ec_curve; /*!< Selected elliptic curve */
+ int ec_point_format; /*!< Client supported format */
+#endif
/*
* Checksum contexts
@@ -1114,7 +1090,7 @@
int ssl_parse_finished( ssl_context *ssl );
int ssl_write_finished( ssl_context *ssl );
-void ssl_optimize_checksum( ssl_context *ssl, int ciphersuite );
+void ssl_optimize_checksum( ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info );
#ifdef __cplusplus
}
diff --git a/include/polarssl/ssl_ciphersuites.h b/include/polarssl/ssl_ciphersuites.h
index 62a928e..5e1e28d 100644
--- a/include/polarssl/ssl_ciphersuites.h
+++ b/include/polarssl/ssl_ciphersuites.h
@@ -34,15 +34,61 @@
extern "C" {
#endif
+/*
+ * Supported ciphersuites (Official IANA names)
+ */
+#define TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */
+#define TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */
+#define TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */
+#define TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */
+#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */
+
+#define TLS_RSA_WITH_RC4_128_MD5 0x04
+#define TLS_RSA_WITH_RC4_128_SHA 0x05
+
+#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
+#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
+
+#define TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
+#define TLS_RSA_WITH_AES_256_CBC_SHA 0x35
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
+#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */
+#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */
+
+#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
+#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
+#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
+#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
+#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */
+#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */
+#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */
+#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */
+
+#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
+#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
+#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
+#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
+
+#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
+#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
+#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
+#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
+#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
+
typedef enum {
POLARSSL_KEY_EXCHANGE_NONE = 0,
POLARSSL_KEY_EXCHANGE_RSA,
- POLARSSL_KEY_EXCHANGE_DHE_RSA
+ POLARSSL_KEY_EXCHANGE_DHE_RSA,
+ POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
} key_exchange_type_t;
typedef struct _ssl_ciphersuite_t ssl_ciphersuite_t;
-#define POLARSSL_CIPHERSUITE_WEAK 0x01
+#define POLARSSL_CIPHERSUITE_WEAK 0x01 /*<! Weak ciphersuite flag */
+#define POLARSSL_CIPHERSUITE_EC 0x02 /*<! EC-based ciphersuite flag */
/**
* \brief This structure is used for storing ciphersuite information