- Added SSL_RSA_CAMELLIA_128_SHA, SSL_RSA_CAMELLIA_256_SHA, SSL_EDH_RSA_CAMELLIA_256_SHA ciphersuites to SSL

commit: b5ef0bada4cc24a580c9f1f2e391edd64b4f5f23 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Sun Jan 11 20:25:36 2009 +0000
committer: Paul Bakker <p.j.bakker@polarssl.org> Sun Jan 11 20:25:36 2009 +0000
tree: f72ce92b8e22870ab92b274645894a2b776b7bfb
parent: 38119b18d6940a2eef43b4b46db7dc8484063413 [diff]
diff --git a/library/camellia.c b/library/camellia.c
index e504146..69a9840 100644
--- a/library/camellia.c
+++ b/library/camellia.c

@@ -18,10 +18,10 @@
  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  */
 /*
- *  The AES block cipher was designed by Vincent Rijmen and Joan Daemen.
+ *  The Camellia block cipher was designed by NTT and Mitsubishi Electric
+ *  Corporation.
  *
- *  http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
- *  http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
+ *  http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
  */
 
 #include "polarssl/config.h"

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 9492ce5..df21ecb 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -319,7 +319,8 @@
     SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
 
     if( ssl->session->cipher != SSL_EDH_RSA_DES_168_SHA &&
-        ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA )
+        ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA &&
+	ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA)
     {
         SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
         ssl->state++;
@@ -509,7 +510,8 @@
     SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
 
     if( ssl->session->cipher == SSL_EDH_RSA_DES_168_SHA ||
-        ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA )
+        ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA ||
+	ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
     {
 #if !defined(POLARSSL_DHM_C)
         SSL_DEBUG_MSG( 1, ( "support for dhm in not available" ) );

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 036344b..cb8d140 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -521,7 +521,8 @@
     SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) );
 
     if( ssl->session->cipher != SSL_EDH_RSA_DES_168_SHA &&
-        ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA )
+        ssl->session->cipher != SSL_EDH_RSA_AES_256_SHA &&
+	ssl->session->cipher != SSL_EDH_RSA_CAMELLIA_256_SHA)
     {
         SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
         ssl->state++;
@@ -658,7 +659,8 @@
     }
 
     if( ssl->session->cipher == SSL_EDH_RSA_DES_168_SHA ||
-        ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA )
+        ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA ||
+	ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
     {
 #if !defined(POLARSSL_DHM_C)
         SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) );

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3e70ccf..29fcffd 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -34,6 +34,7 @@
 
 #include "polarssl/aes.h"
 #include "polarssl/arc4.h"
+#include "polarssl/camellia.h"
 #include "polarssl/des.h"
 #include "polarssl/debug.h"
 #include "polarssl/ssl.h"
@@ -255,6 +256,19 @@
             break;
 #endif
 
+#if defined(POLARSSL_CAMELLIA_C)
+        case SSL_RSA_CAMELLIA_128_SHA:
+            ssl->keylen = 16; ssl->minlen = 32;
+            ssl->ivlen  = 16; ssl->maclen = 20;
+            break;
+
+        case SSL_RSA_CAMELLIA_256_SHA:
+        case SSL_EDH_RSA_CAMELLIA_256_SHA:
+            ssl->keylen = 32; ssl->minlen = 32;
+            ssl->ivlen  = 16; ssl->maclen = 20;
+            break;
+#endif
+
         default:
             SSL_DEBUG_MSG( 1, ( "cipher %s is not available",
                            ssl_get_cipher( ssl ) ) );
@@ -323,6 +337,19 @@
             break;
 #endif
 
+#if defined(POLARSSL_CAMELLIA_C)
+        case SSL_RSA_CAMELLIA_128_SHA:
+            camellia_setkey_enc( (camellia_context *) ssl->ctx_enc, key1, 128 );
+            camellia_setkey_dec( (camellia_context *) ssl->ctx_dec, key2, 128 );
+            break;
+
+        case SSL_RSA_CAMELLIA_256_SHA:
+        case SSL_EDH_RSA_CAMELLIA_256_SHA:
+            camellia_setkey_enc( (camellia_context *) ssl->ctx_enc, key1, 256 );
+            camellia_setkey_dec( (camellia_context *) ssl->ctx_dec, key2, 256 );
+            break;
+#endif
+
         default:
             return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
     }
@@ -538,10 +565,27 @@
 
             case 16:
 #if defined(POLARSSL_AES_C)
-                aes_crypt_cbc( (aes_context *) ssl->ctx_enc,
-                    AES_ENCRYPT, ssl->out_msglen,
-                    ssl->iv_enc, ssl->out_msg, ssl->out_msg );
-                break;
+		if ( ssl->session->cipher == SSL_RSA_AES_128_SHA ||
+		     ssl->session->cipher == SSL_RSA_AES_256_SHA ||
+		     ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA)
+		{
+                    aes_crypt_cbc( (aes_context *) ssl->ctx_enc,
+                        AES_ENCRYPT, ssl->out_msglen,
+                        ssl->iv_enc, ssl->out_msg, ssl->out_msg );
+                    break;
+		}
+#endif
+
+#if defined(POLARSSL_CAMELLIA_C)
+		if ( ssl->session->cipher == SSL_RSA_CAMELLIA_128_SHA ||
+		     ssl->session->cipher == SSL_RSA_CAMELLIA_256_SHA ||
+		     ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
+		{
+                    camellia_crypt_cbc( (camellia_context *) ssl->ctx_enc,
+                        CAMELLIA_ENCRYPT, ssl->out_msglen,
+                        ssl->iv_enc, ssl->out_msg, ssl->out_msg );
+                    break;
+		}
 #endif
 
             default:
@@ -600,12 +644,29 @@
                 break;
 #endif
 
-#if defined(POLARSSL_AES_C)
             case 16:
-                 aes_crypt_cbc( (aes_context *) ssl->ctx_dec,
-                    AES_DECRYPT, ssl->in_msglen,
-                    ssl->iv_dec, ssl->in_msg, ssl->in_msg );
-                 break;
+#if defined(POLARSSL_AES_C)
+		if ( ssl->session->cipher == SSL_RSA_AES_128_SHA ||
+		     ssl->session->cipher == SSL_RSA_AES_256_SHA ||
+		     ssl->session->cipher == SSL_EDH_RSA_AES_256_SHA)
+		{
+                    aes_crypt_cbc( (aes_context *) ssl->ctx_dec,
+                       AES_DECRYPT, ssl->in_msglen,
+                       ssl->iv_dec, ssl->in_msg, ssl->in_msg );
+                    break;
+		}
+#endif
+
+#if defined(POLARSSL_CAMELLIA_C)
+		if ( ssl->session->cipher == SSL_RSA_CAMELLIA_128_SHA ||
+		     ssl->session->cipher == SSL_RSA_CAMELLIA_256_SHA ||
+		     ssl->session->cipher == SSL_EDH_RSA_CAMELLIA_256_SHA)
+		{
+                    camellia_crypt_cbc( (camellia_context *) ssl->ctx_dec,
+                       CAMELLIA_DECRYPT, ssl->in_msglen,
+                       ssl->iv_dec, ssl->in_msg, ssl->in_msg );
+                    break;
+		}
 #endif
 
             default:
@@ -1731,6 +1792,17 @@
             return( "SSL_EDH_RSA_AES_256_SHA" );
 #endif
 
+#if defined(POLARSSL_CAMELLIA_C)
+        case SSL_RSA_CAMELLIA_128_SHA:
+            return( "SSL_RSA_CAMELLIA_128_SHA" );
+
+        case SSL_RSA_CAMELLIA_256_SHA:
+            return( "SSL_RSA_CAMELLIA_256_SHA" );
+
+        case SSL_EDH_RSA_CAMELLIA_256_SHA:
+            return( "SSL_EDH_RSA_CAMELLIA_256_SHA" );
+#endif
+
     default:
         break;
     }
@@ -1744,6 +1816,9 @@
 #if defined(POLARSSL_AES_C)
     SSL_EDH_RSA_AES_256_SHA,
 #endif
+#if defined(POLARSSL_CAMELLIA_C)
+    SSL_EDH_RSA_CAMELLIA_256_SHA,
+#endif
 #if defined(POLARSSL_DES_C)
     SSL_EDH_RSA_DES_168_SHA,
 #endif
@@ -1753,6 +1828,10 @@
     SSL_RSA_AES_128_SHA,
     SSL_RSA_AES_256_SHA,
 #endif
+#if defined(POLARSSL_CAMELLIA_C)
+    SSL_RSA_CAMELLIA_128_SHA,
+    SSL_RSA_CAMELLIA_256_SHA,
+#endif
 #if defined(POLARSSL_DES_C)
     SSL_RSA_DES_168_SHA,
 #endif
commit	b5ef0bada4cc24a580c9f1f2e391edd64b4f5f23	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Sun Jan 11 20:25:36 2009 +0000
committer	Paul Bakker <p.j.bakker@polarssl.org>	Sun Jan 11 20:25:36 2009 +0000
tree	f72ce92b8e22870ab92b274645894a2b776b7bfb
parent	38119b18d6940a2eef43b4b46db7dc8484063413 [diff]