tlsv1_common.c (337817) | tlsv1_common.c (346981) |
---|---|
1/* 2 * TLSv1 common routines 3 * Copyright (c) 2006-2014, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 --- 7 unchanged lines hidden (view full) --- 16#include "tlsv1_common.h" 17 18 19/* 20 * TODO: 21 * RFC 2246 Section 9: Mandatory to implement TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA 22 * Add support for commonly used cipher suites; don't bother with exportable 23 * suites. | 1/* 2 * TLSv1 common routines 3 * Copyright (c) 2006-2014, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 --- 7 unchanged lines hidden (view full) --- 16#include "tlsv1_common.h" 17 18 19/* 20 * TODO: 21 * RFC 2246 Section 9: Mandatory to implement TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA 22 * Add support for commonly used cipher suites; don't bother with exportable 23 * suites. |
24 */ | 24 */ |
25 26static const struct tls_cipher_suite tls_cipher_suites[] = { 27 { TLS_NULL_WITH_NULL_NULL, TLS_KEY_X_NULL, TLS_CIPHER_NULL, 28 TLS_HASH_NULL }, 29 { TLS_RSA_WITH_RC4_128_MD5, TLS_KEY_X_RSA, TLS_CIPHER_RC4_128, 30 TLS_HASH_MD5 }, 31 { TLS_RSA_WITH_RC4_128_SHA, TLS_KEY_X_RSA, TLS_CIPHER_RC4_128, 32 TLS_HASH_SHA }, --- 444 unchanged lines hidden (view full) --- 477 * DER encoded DigestInfo for SHA256 per RFC 3447: 478 * 30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 || 479 * H 480 */ 481 if (buflen >= 19 + 32 && 482 os_memcmp(buf, "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01" 483 "\x65\x03\x04\x02\x01\x05\x00\x04\x20", 19) == 0) 484 { | 25 26static const struct tls_cipher_suite tls_cipher_suites[] = { 27 { TLS_NULL_WITH_NULL_NULL, TLS_KEY_X_NULL, TLS_CIPHER_NULL, 28 TLS_HASH_NULL }, 29 { TLS_RSA_WITH_RC4_128_MD5, TLS_KEY_X_RSA, TLS_CIPHER_RC4_128, 30 TLS_HASH_MD5 }, 31 { TLS_RSA_WITH_RC4_128_SHA, TLS_KEY_X_RSA, TLS_CIPHER_RC4_128, 32 TLS_HASH_SHA }, --- 444 unchanged lines hidden (view full) --- 477 * DER encoded DigestInfo for SHA256 per RFC 3447: 478 * 30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 || 479 * H 480 */ 481 if (buflen >= 19 + 32 && 482 os_memcmp(buf, "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01" 483 "\x65\x03\x04\x02\x01\x05\x00\x04\x20", 19) == 0) 484 { |
485 wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithn = SHA-256"); | 485 wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithm = SHA-256"); |
486 decrypted = buf + 19; 487 buflen -= 19; 488 } else if (buflen >= 19 + 48 && 489 os_memcmp(buf, "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01" 490 "\x65\x03\x04\x02\x02\x05\x00\x04\x30", 19) == 0) 491 { | 486 decrypted = buf + 19; 487 buflen -= 19; 488 } else if (buflen >= 19 + 48 && 489 os_memcmp(buf, "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01" 490 "\x65\x03\x04\x02\x02\x05\x00\x04\x30", 19) == 0) 491 { |
492 wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithn = SHA-384"); | 492 wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithm = SHA-384"); |
493 decrypted = buf + 19; 494 buflen -= 19; 495 } else if (buflen >= 19 + 64 && 496 os_memcmp(buf, "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01" 497 "\x65\x03\x04\x02\x03\x05\x00\x04\x40", 19) == 0) 498 { | 493 decrypted = buf + 19; 494 buflen -= 19; 495 } else if (buflen >= 19 + 64 && 496 os_memcmp(buf, "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01" 497 "\x65\x03\x04\x02\x03\x05\x00\x04\x40", 19) == 0) 498 { |
499 wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithn = SHA-512"); | 499 wpa_printf(MSG_DEBUG, "TLSv1.2: DigestAlgorithm = SHA-512"); |
500 decrypted = buf + 19; 501 buflen -= 19; 502 503 } else { 504 wpa_printf(MSG_DEBUG, "TLSv1.2: Unrecognized DigestInfo"); 505 os_free(buf); 506 *alert = TLS_ALERT_DECRYPT_ERROR; 507 return -1; --- 16 unchanged lines hidden --- | 500 decrypted = buf + 19; 501 buflen -= 19; 502 503 } else { 504 wpa_printf(MSG_DEBUG, "TLSv1.2: Unrecognized DigestInfo"); 505 os_free(buf); 506 *alert = TLS_ALERT_DECRYPT_ERROR; 507 return -1; --- 16 unchanged lines hidden --- |