Added PSK NULL ciphers from RFC4785

2013-04-19 19:48:45 +02:00 · 2013-04-19 19:48:45 +02:00 · a1bf92ddb4
commit a1bf92ddb4
parent b91c2b5782
3 changed files with 35 additions and 2 deletions
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@ -118,6 +118,9 @@ static const int ciphersuite_preference[] =
    TLS_RSA_WITH_NULL_SHA256,
    TLS_RSA_WITH_NULL_SHA,
    TLS_RSA_WITH_NULL_MD5,
+    TLS_PSK_WITH_NULL_SHA,
+    TLS_DHE_PSK_WITH_NULL_SHA,
+    TLS_RSA_PSK_WITH_NULL_SHA,

    0
 };
@ -487,8 +490,8 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
 #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */

 #if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
-#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
+#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
    { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
      POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
      SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
@ -506,9 +509,33 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
      SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
      SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
      POLARSSL_CIPHERSUITE_WEAK },
-#endif /* POLARSSL_CIPHER_NULL_CIPHER */
 #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */

+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+    { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
+      POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
+      SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
+      SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
+      POLARSSL_CIPHERSUITE_WEAK },
+#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
+
+#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
+      POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
+      SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
+      SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
+      POLARSSL_CIPHERSUITE_WEAK },
+#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
+      POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
+      SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
+      SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
+      POLARSSL_CIPHERSUITE_WEAK },
+#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#endif /* POLARSSL_CIPHER_NULL_CIPHER */
+
 #if defined(POLARSSL_DES_C)
 #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
    { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",