#include <x509/common.h>
/* Cipher SUITES */
-#define GNUTLS_CIPHER_SUITE_ENTRY( name, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls ) \
- { #name, {name}, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls, GNUTLS_MAC_SHA256}
-#define GNUTLS_CIPHER_SUITE_ENTRY_PRF( name, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls, prf ) \
- { #name, {name}, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls, prf}
+#define ENTRY( name, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls ) \
+ { #name, name, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls, GNUTLS_MAC_SHA256}
+#define ENTRY_PRF( name, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls, prf ) \
+ { #name, name, block_algorithm, kx_algorithm, mac_algorithm, min_version, max_version, dtls, prf}
typedef struct
{
const char *name;
- const cipher_suite_st id;
+ const uint8_t id[2];
gnutls_cipher_algorithm_t block_algorithm;
gnutls_kx_algorithm_t kx_algorithm;
gnutls_mac_algorithm_t mac_algorithm;
static const gnutls_cipher_suite_entry cs_algorithms[] = {
/* DH_ANON */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_ARCFOUR_MD5,
+ ENTRY (GNUTLS_DH_ANON_ARCFOUR_MD5,
GNUTLS_CIPHER_ARCFOUR_128,
GNUTLS_KX_ANON_DH, GNUTLS_MAC_MD5,
GNUTLS_SSL3, GNUTLS_VERSION_MAX, 0),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_3DES_EDE_CBC_SHA1,
+ ENTRY (GNUTLS_DH_ANON_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_DH,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_AES_128_CBC_SHA1,
+ ENTRY (GNUTLS_DH_ANON_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_AES_256_CBC_SHA1,
+ ENTRY (GNUTLS_DH_ANON_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA1,
+ ENTRY (GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA1,
GNUTLS_CIPHER_CAMELLIA_128_CBC,
GNUTLS_KX_ANON_DH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA1,
+ ENTRY (GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA1,
GNUTLS_CIPHER_CAMELLIA_256_CBC,
GNUTLS_KX_ANON_DH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_AES_128_CBC_SHA256,
+ ENTRY (GNUTLS_DH_ANON_AES_128_CBC_SHA256,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_AES_256_CBC_SHA256,
+ ENTRY (GNUTLS_DH_ANON_AES_256_CBC_SHA256,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
/* PSK */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_ARCFOUR_SHA1,
+ ENTRY (GNUTLS_PSK_SHA_ARCFOUR_SHA1,
GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 0),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_3DES_EDE_CBC_SHA1,
+ ENTRY (GNUTLS_PSK_SHA_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_AES_128_CBC_SHA1,
+ ENTRY (GNUTLS_PSK_SHA_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_AES_256_CBC_SHA1,
+ ENTRY (GNUTLS_PSK_SHA_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_AES_128_CBC_SHA256,
+ ENTRY (GNUTLS_PSK_AES_128_CBC_SHA256,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK,
GNUTLS_MAC_SHA256, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_AES_128_GCM_SHA256,
+ ENTRY (GNUTLS_PSK_AES_128_GCM_SHA256,
GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_PSK,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_NULL_SHA256,
+ ENTRY (GNUTLS_PSK_NULL_SHA256,
GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK,
GNUTLS_MAC_SHA256, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
/* DHE-PSK */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_ARCFOUR_SHA1,
+ ENTRY (GNUTLS_DHE_PSK_SHA_ARCFOUR_SHA1,
GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_DHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 0),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_3DES_EDE_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_PSK_SHA_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_AES_128_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_PSK_SHA_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_AES_256_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_PSK_SHA_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_AES_128_CBC_SHA256,
+ ENTRY (GNUTLS_DHE_PSK_AES_128_CBC_SHA256,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK,
GNUTLS_MAC_SHA256, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_AES_128_GCM_SHA256,
+ ENTRY (GNUTLS_DHE_PSK_AES_128_GCM_SHA256,
GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_PSK,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_NULL_SHA256,
+ ENTRY (GNUTLS_DHE_PSK_NULL_SHA256,
GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK,
GNUTLS_MAC_SHA256, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
/* SRP */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1,
+ ENTRY (GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_128_CBC_SHA1,
+ ENTRY (GNUTLS_SRP_SHA_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_256_CBC_SHA1,
+ ENTRY (GNUTLS_SRP_SHA_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1,
+ ENTRY (GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_DSS,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1,
+ ENTRY (GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1,
+ ENTRY (GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_DSS,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1,
+ ENTRY (GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1,
+ ENTRY (GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_DSS,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1,
+ ENTRY (GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
/* DHE_DSS */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_ARCFOUR_SHA1,
+ ENTRY (GNUTLS_DHE_DSS_ARCFOUR_SHA1,
GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_KX_DHE_DSS,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 0),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_DSS,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1,
GNUTLS_CIPHER_CAMELLIA_128_CBC,
GNUTLS_KX_DHE_DSS,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1,
GNUTLS_CIPHER_CAMELLIA_256_CBC,
GNUTLS_KX_DHE_DSS,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA256,
+ ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA256,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA256,
+ ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA256,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
/* DHE_RSA */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1,
GNUTLS_CIPHER_CAMELLIA_128_CBC,
GNUTLS_KX_DHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1,
+ ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1,
GNUTLS_CIPHER_CAMELLIA_256_CBC,
GNUTLS_KX_DHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA256,
+ ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA256,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA256,
+ ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA256,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
/* RSA-NULL */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5,
+ ENTRY (GNUTLS_RSA_NULL_MD5,
GNUTLS_CIPHER_NULL,
GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_SHA1,
+ ENTRY (GNUTLS_RSA_NULL_SHA1,
GNUTLS_CIPHER_NULL,
GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_SHA256,
+ ENTRY (GNUTLS_RSA_NULL_SHA256,
GNUTLS_CIPHER_NULL,
GNUTLS_KX_RSA, GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
/* RSA-EXPORT */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5,
+ ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5,
GNUTLS_CIPHER_ARCFOUR_40,
GNUTLS_KX_RSA_EXPORT, GNUTLS_MAC_MD5,
GNUTLS_SSL3, GNUTLS_TLS1_0, 0),
/* RSA */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_SHA1,
+ ENTRY (GNUTLS_RSA_ARCFOUR_SHA1,
GNUTLS_CIPHER_ARCFOUR_128,
GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 0),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_MD5,
+ ENTRY (GNUTLS_RSA_ARCFOUR_MD5,
GNUTLS_CIPHER_ARCFOUR_128,
GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 0),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_3DES_EDE_CBC_SHA1,
+ ENTRY (GNUTLS_RSA_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC,
GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA1,
+ ENTRY (GNUTLS_RSA_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1,
+ ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA,
GNUTLS_MAC_SHA1, GNUTLS_SSL3,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1,
+ ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1,
GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1,
+ ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1,
GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA256,
+ ENTRY (GNUTLS_RSA_AES_128_CBC_SHA256,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA256,
+ ENTRY (GNUTLS_RSA_AES_256_CBC_SHA256,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
/* GCM */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_GCM_SHA256,
+ ENTRY (GNUTLS_RSA_AES_128_GCM_SHA256,
GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_RSA,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_GCM_SHA256,
+ ENTRY (GNUTLS_DHE_RSA_AES_128_GCM_SHA256,
GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_RSA,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_GCM_SHA256,
+ ENTRY (GNUTLS_DHE_DSS_AES_128_GCM_SHA256,
GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_DSS,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DH_ANON_AES_128_GCM_SHA256,
+ ENTRY (GNUTLS_DH_ANON_AES_128_GCM_SHA256,
GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ANON_DH,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
/* ECC-ANON */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDH_ANON_NULL_SHA,
+ ENTRY (GNUTLS_ECDH_ANON_NULL_SHA,
GNUTLS_CIPHER_NULL, GNUTLS_KX_ANON_ECDH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA,
+ ENTRY (GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_ECDH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDH_ANON_AES_128_CBC_SHA,
+ ENTRY (GNUTLS_ECDH_ANON_AES_128_CBC_SHA,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_ECDH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDH_ANON_AES_256_CBC_SHA,
+ ENTRY (GNUTLS_ECDH_ANON_AES_256_CBC_SHA,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_ECDH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
/* ECC-RSA */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_RSA_NULL_SHA,
+ ENTRY (GNUTLS_ECDHE_RSA_NULL_SHA,
GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
/* ECDHE-ECDSA */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_ECDSA_NULL_SHA,
+ ENTRY (GNUTLS_ECDHE_ECDSA_NULL_SHA,
GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
/* More ECC */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256,
+ ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256,
+ ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256,
+ ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256,
GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256,
+ ENTRY (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256,
GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
/* ECC - PSK */
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256,
+ ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY_PRF (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384,
+ ENTRY_PRF (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA384, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1, GNUTLS_MAC_SHA384),
- GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ECDHE_PSK_NULL_SHA256,
+ ENTRY (GNUTLS_ECDHE_PSK_NULL_SHA256,
GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA256, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- GNUTLS_CIPHER_SUITE_ENTRY_PRF (GNUTLS_ECDHE_PSK_NULL_SHA384,
+ ENTRY_PRF (GNUTLS_ECDHE_PSK_NULL_SHA384,
GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA384, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1, GNUTLS_MAC_SHA384),
- GNUTLS_CIPHER_SUITE_ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384,
+ ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384,
GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1, GNUTLS_DIG_SHA384),
- GNUTLS_CIPHER_SUITE_ENTRY_PRF(GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384,
+ ENTRY_PRF(GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384,
GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1, GNUTLS_DIG_SHA384),
- GNUTLS_CIPHER_SUITE_ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384,
+ ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1, GNUTLS_DIG_SHA384),
- {0, {{0, 0}}, 0, 0, 0, 0, 0, 0}
+ {0, {0, 0}, 0, 0, 0, 0, 0, 0}
};
-#define GNUTLS_CIPHER_SUITE_LOOP(b) \
+#define CIPHER_SUITE_LOOP(b) \
const gnutls_cipher_suite_entry *p; \
for(p = cs_algorithms; p->name != NULL; p++) { b ; }
-#define GNUTLS_CIPHER_SUITE_ALG_LOOP(a) \
- GNUTLS_CIPHER_SUITE_LOOP( if( (p->id.suite[0] == suite->suite[0]) && (p->id.suite[1] == suite->suite[1])) { a; break; } )
+#define CIPHER_SUITE_ALG_LOOP(a) \
+ CIPHER_SUITE_LOOP( if( (p->id[0] == suite[0]) && (p->id[1] == suite[1])) { a; break; } )
/* Cipher Suite's functions */
gnutls_cipher_algorithm_t
-_gnutls_cipher_suite_get_cipher_algo (const cipher_suite_st * suite)
+_gnutls_cipher_suite_get_cipher_algo (const uint8_t suite[2])
{
int ret = 0;
- GNUTLS_CIPHER_SUITE_ALG_LOOP (ret = p->block_algorithm);
+ CIPHER_SUITE_ALG_LOOP (ret = p->block_algorithm);
return ret;
}
gnutls_kx_algorithm_t
-_gnutls_cipher_suite_get_kx_algo (const cipher_suite_st * suite)
+_gnutls_cipher_suite_get_kx_algo (const uint8_t suite[2])
{
int ret = 0;
- GNUTLS_CIPHER_SUITE_ALG_LOOP (ret = p->kx_algorithm);
+ CIPHER_SUITE_ALG_LOOP (ret = p->kx_algorithm);
return ret;
}
gnutls_mac_algorithm_t
-_gnutls_cipher_suite_get_prf (const cipher_suite_st * suite)
+_gnutls_cipher_suite_get_prf (const uint8_t suite[2])
{
int ret = 0;
- GNUTLS_CIPHER_SUITE_ALG_LOOP (ret = p->prf);
+ CIPHER_SUITE_ALG_LOOP (ret = p->prf);
return ret;
}
gnutls_mac_algorithm_t
-_gnutls_cipher_suite_get_mac_algo (const cipher_suite_st * suite)
+_gnutls_cipher_suite_get_mac_algo (const uint8_t suite[2])
{ /* In bytes */
int ret = 0;
- GNUTLS_CIPHER_SUITE_ALG_LOOP (ret = p->mac_algorithm);
+ CIPHER_SUITE_ALG_LOOP (ret = p->mac_algorithm);
return ret;
}
const char *
-_gnutls_cipher_suite_get_name (cipher_suite_st * suite)
+_gnutls_cipher_suite_get_name (const uint8_t suite[2])
{
const char *ret = NULL;
/* avoid prefix */
- GNUTLS_CIPHER_SUITE_ALG_LOOP (ret = p->name + sizeof ("GNUTLS_") - 1);
+ CIPHER_SUITE_ALG_LOOP (ret = p->name + sizeof ("GNUTLS_") - 1);
return ret;
}
{
const gnutls_cipher_suite_entry *ret = NULL;
- GNUTLS_CIPHER_SUITE_LOOP (
+ CIPHER_SUITE_LOOP (
if (kx_algorithm == p->kx_algorithm &&
cipher_algorithm == p->block_algorithm && mac_algorithm == p->mac_algorithm)
{
return NULL;
if (cs_id)
- memcpy (cs_id, cs_algorithms[idx].id.suite, 2);
+ memcpy (cs_id, cs_algorithms[idx].id, 2);
if (kx)
*kx = cs_algorithms[idx].kx_algorithm;
if (cipher)
static inline int
-_gnutls_cipher_suite_is_ok (cipher_suite_st * suite)
+_gnutls_cipher_suite_is_ok (const uint8_t suite[2])
{
size_t ret;
const char *name = NULL;
- GNUTLS_CIPHER_SUITE_ALG_LOOP (name = p->name);
+ CIPHER_SUITE_ALG_LOOP (name = p->name);
if (name != NULL)
ret = 0;
else
if (k+2 > max_cipher_suite_size)
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
- memcpy (&cipher_suites[k], ce->id.suite, 2);
+ memcpy (&cipher_suites[k], ce->id, 2);
k+=2;
}
* That is because the client must see these in our
* hello message.
*/
- memcpy (session->security_parameters.current_cipher_suite.suite,
- session->internals.resumed_security_parameters.current_cipher_suite.
- suite, 2);
+ memcpy (session->security_parameters.cipher_suite,
+ session->internals.resumed_security_parameters.cipher_suite, 2);
session->security_parameters.compression_method = session->internals.resumed_security_parameters.compression_method;
_gnutls_epoch_set_cipher_suite (session, EPOCH_NEXT,
- &session->
- internals.resumed_security_parameters.current_cipher_suite);
+ session->
+ internals.resumed_security_parameters.cipher_suite);
_gnutls_epoch_set_compression (session, EPOCH_NEXT,
session->
internals.resumed_security_parameters.compression_method);
}
else
{
- int algorithm = _gnutls_cipher_suite_get_prf(&session->security_parameters.current_cipher_suite);
+ int algorithm = _gnutls_cipher_suite_get_prf(session->security_parameters.cipher_suite);
rc = _gnutls_hash_fast( algorithm, session->internals.handshake_hash_buffer.data, len, concat);
if (rc < 0)
{
unsigned int j;
gnutls_kx_algorithm_t kx;
- cipher_suite_st cs;
int max = *algos_size;
if (datalen % 2 != 0)
*algos_size = 0;
for (j = 0; j < datalen; j += 2)
{
- memcpy (&cs.suite, &data[j], 2);
- kx = _gnutls_cipher_suite_get_kx_algo (&cs);
+ kx = _gnutls_cipher_suite_get_kx_algo (&data[j]);
if (_gnutls_map_kx_get_cred (kx, 1) == GNUTLS_CRD_CERTIFICATE)
{
algos[(*algos_size)++] = _gnutls_map_pk_get_pk (kx);
{
int i, j, ret, cipher_suites_size;
size_t pk_algos_size;
- cipher_suite_st cs;
uint8_t cipher_suites[MAX_CIPHERSUITE_SIZE];
int retval, err;
gnutls_pk_algorithm_t pk_algos[MAX_ALGOS]; /* will hold the pk algorithms
return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
}
- memset (session->security_parameters.current_cipher_suite.suite, 0, 2);
+ memset (session->security_parameters.cipher_suite, 0, 2);
retval = GNUTLS_E_UNKNOWN_CIPHER_SUITE;
{
for (j = 0; j < datalen; j += 2)
{
- memcpy (&cs.suite, &data[j], 2);
- _gnutls_handshake_log ("\t0x%.2x, 0x%.2x %s\n", data[j], data[j+1], _gnutls_cipher_suite_get_name (&cs));
+ _gnutls_handshake_log ("\t0x%.2x, 0x%.2x %s\n", data[j], data[j+1], _gnutls_cipher_suite_get_name (&data[j]));
for (i = 0; i < cipher_suites_size; i+=2)
{
if (memcmp (&cipher_suites[i], &data[j], 2) == 0)
{
_gnutls_handshake_log
("HSK[%p]: Selected cipher suite: %s\n", session,
- _gnutls_cipher_suite_get_name (&cs));
- memcpy (session->security_parameters.current_cipher_suite.suite,
+ _gnutls_cipher_suite_get_name (&data[j]));
+ memcpy (session->security_parameters.cipher_suite,
&cipher_suites[i], 2);
_gnutls_epoch_set_cipher_suite (session, EPOCH_NEXT,
- &session->
- security_parameters.current_cipher_suite);
+ session->
+ security_parameters.cipher_suite);
retval = 0;
{
if (memcmp (&cipher_suites[i], &data[j], 2) == 0)
{
- memcpy (&cs.suite, &data[j], 2);
_gnutls_handshake_log
("HSK[%p]: Selected cipher suite: %s\n", session,
- _gnutls_cipher_suite_get_name (&cs));
- memcpy (session->security_parameters.current_cipher_suite.suite,
+ _gnutls_cipher_suite_get_name (&data[j]));
+ memcpy (session->security_parameters.cipher_suite,
&cipher_suites[i], 2);
_gnutls_epoch_set_cipher_suite (session, EPOCH_NEXT,
- &session->
- security_parameters.current_cipher_suite);
+ session->
+ security_parameters.cipher_suite);
retval = 0;
*/
if (_gnutls_get_kx_cred
(session,
- _gnutls_cipher_suite_get_kx_algo (&session->
- security_parameters.current_cipher_suite),
+ _gnutls_cipher_suite_get_kx_algo (session->
+ security_parameters.cipher_suite),
&err) == NULL && err != 0)
{
gnutls_assert ();
*/
session->internals.auth_struct =
_gnutls_kx_auth_struct (_gnutls_cipher_suite_get_kx_algo
- (&session->
- security_parameters.current_cipher_suite));
+ (session->
+ security_parameters.cipher_suite));
if (session->internals.auth_struct == NULL)
{
return GNUTLS_E_UNKNOWN_CIPHER_SUITE;
}
- memcpy (session->security_parameters.current_cipher_suite.suite, suite, 2);
+ memcpy (session->security_parameters.cipher_suite, suite, 2);
_gnutls_epoch_set_cipher_suite (session, EPOCH_NEXT,
- &session->
- security_parameters.current_cipher_suite);
+ session->
+ security_parameters.cipher_suite);
_gnutls_handshake_log ("HSK[%p]: Selected cipher suite: %s\n", session,
_gnutls_cipher_suite_get_name
- (&session->
- security_parameters.current_cipher_suite));
+ (session->
+ security_parameters.cipher_suite));
/* check if the credentials (username, public key etc.) are ok.
if (_gnutls_get_kx_cred
(session,
_gnutls_cipher_suite_get_kx_algo
- (&session->security_parameters.current_cipher_suite), &err) == NULL
+ (session->security_parameters.cipher_suite), &err) == NULL
&& err != 0)
{
gnutls_assert ();
*/
session->internals.auth_struct =
_gnutls_kx_auth_struct (_gnutls_cipher_suite_get_kx_algo
- (&session->
- security_parameters.current_cipher_suite));
+ (session->
+ security_parameters.cipher_suite));
if (session->internals.auth_struct == NULL)
{
_gnutls_epoch_set_cipher_suite
(session, EPOCH_NEXT,
- &session->internals.
- resumed_security_parameters.current_cipher_suite);
+ session->internals.
+ resumed_security_parameters.cipher_suite);
_gnutls_epoch_set_compression (session, EPOCH_NEXT,
session->
internals.resumed_security_parameters.compression_method);
sizeof (buf), NULL));
memcpy (&data[pos],
- session->security_parameters.current_cipher_suite.suite, 2);
+ session->security_parameters.cipher_suite, 2);
pos += 2;
comp = _gnutls_compression_get_num ( session->security_parameters.compression_method);
}
/* RECEIVE A HELLO MESSAGE. This should be called from gnutls_recv_handshake_int only if a
- * hello message is expected. It uses the security_parameters.current_cipher_suite
+ * hello message is expected. It uses the security_parameters.cipher_suite
* and internals.compression_method.
*/
int
{
int ret = 0;
- cipher_suite_st cs;
int i, new_suites_size;
gnutls_certificate_credentials_t cert_cred;
gnutls_kx_algorithm_t kx;
/* finds the key exchange algorithm in
* the ciphersuite
*/
- cs.suite[0] = cipher_suites[i];
- cs.suite[1] = cipher_suites[i+1];
- kx = _gnutls_cipher_suite_get_kx_algo (&cs);
+ kx = _gnutls_cipher_suite_get_kx_algo (&cipher_suites[i]);
/* if it is defined but had no credentials
*/
_gnutls_handshake_log ("HSK[%p]: Keeping ciphersuite: %s\n",
session,
- _gnutls_cipher_suite_get_name (&cs));
+ _gnutls_cipher_suite_get_name (&cipher_suites[i]));
if (i != new_suites_size)
memmove( &cipher_suites[new_suites_size], &cipher_suites[i], 2);
{
_gnutls_handshake_log ("HSK[%p]: Removing ciphersuite: %s\n",
session,
- _gnutls_cipher_suite_get_name (&cs));
+ _gnutls_cipher_suite_get_name (&cipher_suites[i]));
}
}