RSA-PSK key exchange requires TLS 1.x
It's not clear if, with SSL3, one should include send the two length bytes for EncryptedPreMasterSecret or not, so require TLS to avoid interop issues.
This commit is contained in:
Manuel Pégourié-Gonnard
parent
e46aa5e336
commit
a04fa4fa04
2 changed files with 7 additions and 5 deletions
|
|
@ -1444,13 +1444,13 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
#if defined(POLARSSL_SHA1_C)
|
||||
{ TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
|
||||
{ TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
|
||||
POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_SHA1_C */
|
||||
|
|
@ -1500,7 +1500,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
#if defined(POLARSSL_SHA1_C)
|
||||
{ TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_SHA1_C */
|
||||
|
|
@ -1511,7 +1511,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
#if defined(POLARSSL_SHA1_C)
|
||||
{ TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
|
||||
POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
0 },
|
||||
#endif /* POLARSSL_SHA1_C */
|
||||
|
|
@ -1628,7 +1628,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
|||
#if defined(POLARSSL_SHA1_C)
|
||||
{ TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
|
||||
POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_WEAK },
|
||||
#endif /* POLARSSL_SHA1_C */
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue