CIPHER_BLOCK, 16,
16, 0},
#endif
+
+#ifndef ENABLE_FIPS140
+ /* All the other ciphers are disabled on the back-end library.
+ * This needs to be disabled here as it is merely a placeholder
+ * rather than an actual cipher.
+ */
{"NULL", GNUTLS_CIPHER_NULL, 1, 0, CIPHER_STREAM, 0, 0, 0},
+#endif
+
{0, 0, 0, 0, 0, 0, 0}
};
GNUTLS_CIPHER_LOOP(
if (strcasecmp(p->name, name) == 0) {
- ret = p->id;
+ if (p->id == GNUTLS_CIPHER_NULL || _gnutls_cipher_exists(p->id))
+ ret = p->id;
break;
}
);
int i = 0;
GNUTLS_CIPHER_LOOP(
- if (_gnutls_cipher_exists(p->id))
+ if (p->id == GNUTLS_CIPHER_NULL || _gnutls_cipher_exists(p->id))
supported_ciphers[i++] = p->id;
);
supported_ciphers[i++] = 0;
#define CIPHER_SUITES_COUNT (sizeof(cs_algorithms)/sizeof(gnutls_cipher_suite_entry)-1)
+/* The following is a potential list of ciphersuites. For the options to be
+ * available, the ciphers and MACs must be available to gnutls as well.
+ */
static const gnutls_cipher_suite_entry cs_algorithms[] = {
/* RSA-NULL */
ENTRY(GNUTLS_RSA_NULL_MD5,
GNUTLS_HASH_LOOP(
if (p->oid != NULL && strcasecmp(p->name, name) == 0) {
- ret = p->id;
+ if (_gnutls_digest_exists(p->id))
+ ret = p->id;
break;
}
);
GNUTLS_HASH_LOOP(
if (strcasecmp(p->name, name) == 0) {
- ret = p->id;
+ if (p->placeholder != 0 || _gnutls_mac_exists(p->id))
+ ret = p->id;
break;
}
);
return 0;
}
+/* Returns true(non-zero) or false(0) if the
+ * provided hash exists
+ */
+int _gnutls_digest_exists(gnutls_digest_algorithm_t algo)
+{
+ const gnutls_crypto_digest_st *cc = NULL;
+
+ cc = _gnutls_get_crypto_digest(algo);
+ if (cc != NULL)
+ return 1;
+
+ return _gnutls_digest_ops.exists(algo);
+}
+
void _gnutls_hash_deinit(digest_hd_st * handle, void *digest)
{
if (handle->handle == NULL) {
} mac_hd_st;
/* basic functions */
+int _gnutls_digest_exists(gnutls_digest_algorithm_t algo);
+
int _gnutls_mac_exists(gnutls_mac_algorithm_t algorithm);
int _gnutls_mac_init(mac_hd_st *, const mac_entry_st * e,
const void *key, int keylen);
0
};
+#ifndef ENABLE_FIPS140
/* If GCM and AES acceleration is available then prefer
* them over anything else.
*/
GNUTLS_CIPHER_ARCFOUR_128,
0
};
+#else
+static const int cipher_priority_performance[] = {
+ GNUTLS_CIPHER_AES_128_GCM,
+ GNUTLS_CIPHER_AES_256_GCM,
+ GNUTLS_CIPHER_AES_128_CBC,
+ GNUTLS_CIPHER_AES_256_CBC,
+ GNUTLS_CIPHER_3DES_CBC,
+ 0
+};
+
+static const int cipher_priority_normal[] = {
+ GNUTLS_CIPHER_AES_128_GCM,
+ GNUTLS_CIPHER_AES_256_GCM,
+ GNUTLS_CIPHER_AES_128_CBC,
+ GNUTLS_CIPHER_AES_256_CBC,
+ GNUTLS_CIPHER_3DES_CBC,
+ 0
+};
+#endif
static const int cipher_priority_suiteb128[] = {
GNUTLS_CIPHER_AES_128_GCM,
GNUTLS_MAC_SHA256,
GNUTLS_MAC_SHA384,
GNUTLS_MAC_AEAD,
+#ifndef ENABLE_FIPS140
GNUTLS_MAC_MD5,
+#endif
0
};
switch (algo) {
case GNUTLS_CIPHER_AES_128_GCM:
case GNUTLS_CIPHER_AES_256_GCM:
+ case GNUTLS_CIPHER_AES_128_CBC:
+ case GNUTLS_CIPHER_AES_192_CBC:
+ case GNUTLS_CIPHER_AES_256_CBC:
+ case GNUTLS_CIPHER_3DES_CBC:
+#ifndef ENABLE_FIPS140
case GNUTLS_CIPHER_CAMELLIA_128_GCM:
case GNUTLS_CIPHER_CAMELLIA_256_GCM:
case GNUTLS_CIPHER_CAMELLIA_128_CBC:
case GNUTLS_CIPHER_CAMELLIA_192_CBC:
case GNUTLS_CIPHER_CAMELLIA_256_CBC:
- case GNUTLS_CIPHER_AES_128_CBC:
- case GNUTLS_CIPHER_AES_192_CBC:
- case GNUTLS_CIPHER_AES_256_CBC:
- case GNUTLS_CIPHER_3DES_CBC:
case GNUTLS_CIPHER_DES_CBC:
case GNUTLS_CIPHER_ARCFOUR_128:
case GNUTLS_CIPHER_SALSA20_256:
case GNUTLS_CIPHER_ESTREAM_SALSA20_256:
case GNUTLS_CIPHER_ARCFOUR_40:
case GNUTLS_CIPHER_RC2_40_CBC:
+#endif
return 1;
default:
return 0;
ctx->ctx_ptr = &ctx->ctx.aes_gcm;
ctx->block_size = AES_BLOCK_SIZE;
break;
+ case GNUTLS_CIPHER_AES_128_CBC:
+ case GNUTLS_CIPHER_AES_192_CBC:
+ case GNUTLS_CIPHER_AES_256_CBC:
+ ctx->encrypt = cbc_encrypt;
+ ctx->decrypt = cbc_decrypt;
+ ctx->i_encrypt = (nettle_crypt_func *) aes_encrypt;
+ ctx->i_decrypt = (nettle_crypt_func *) aes_decrypt;
+ ctx->ctx_ptr = &ctx->ctx.aes;
+ ctx->block_size = AES_BLOCK_SIZE;
+ break;
+ case GNUTLS_CIPHER_3DES_CBC:
+ ctx->encrypt = cbc_encrypt;
+ ctx->decrypt = cbc_decrypt;
+ ctx->i_encrypt = (nettle_crypt_func *) des3_encrypt;
+ ctx->i_decrypt = (nettle_crypt_func *) des3_decrypt;
+ ctx->ctx_ptr = &ctx->ctx.des3;
+ ctx->block_size = DES3_BLOCK_SIZE;
+ break;
+#ifndef ENABLE_FIPS140
case GNUTLS_CIPHER_CAMELLIA_128_GCM:
case GNUTLS_CIPHER_CAMELLIA_256_GCM:
ctx->encrypt = _camellia_gcm_encrypt;
ctx->ctx_ptr = &ctx->ctx.camellia;
ctx->block_size = CAMELLIA_BLOCK_SIZE;
break;
- case GNUTLS_CIPHER_AES_128_CBC:
- case GNUTLS_CIPHER_AES_192_CBC:
- case GNUTLS_CIPHER_AES_256_CBC:
- ctx->encrypt = cbc_encrypt;
- ctx->decrypt = cbc_decrypt;
- ctx->i_encrypt = (nettle_crypt_func *) aes_encrypt;
- ctx->i_decrypt = (nettle_crypt_func *) aes_decrypt;
- ctx->ctx_ptr = &ctx->ctx.aes;
- ctx->block_size = AES_BLOCK_SIZE;
- break;
- case GNUTLS_CIPHER_3DES_CBC:
- ctx->encrypt = cbc_encrypt;
- ctx->decrypt = cbc_decrypt;
- ctx->i_encrypt = (nettle_crypt_func *) des3_encrypt;
- ctx->i_decrypt = (nettle_crypt_func *) des3_decrypt;
- ctx->ctx_ptr = &ctx->ctx.des3;
- ctx->block_size = DES3_BLOCK_SIZE;
- break;
case GNUTLS_CIPHER_DES_CBC:
ctx->encrypt = cbc_encrypt;
ctx->decrypt = cbc_decrypt;
ctx->ctx_ptr = &ctx->ctx.arctwo;
ctx->block_size = ARCTWO_BLOCK_SIZE;
break;
+#endif
default:
gnutls_assert();
gnutls_free(ctx);
case GNUTLS_CIPHER_AES_256_GCM:
gcm_aes_set_key(&ctx->ctx.aes_gcm, keysize, key);
break;
- case GNUTLS_CIPHER_CAMELLIA_128_GCM:
- case GNUTLS_CIPHER_CAMELLIA_256_GCM:
- _gcm_camellia_set_key(&ctx->ctx.camellia_gcm, keysize,
- key);
- break;
case GNUTLS_CIPHER_AES_128_CBC:
case GNUTLS_CIPHER_AES_192_CBC:
case GNUTLS_CIPHER_AES_256_CBC:
zeroize_temp_key(des_key, sizeof(des_key));
break;
+#ifndef ENABLE_FIPS140
+ case GNUTLS_CIPHER_CAMELLIA_128_GCM:
+ case GNUTLS_CIPHER_CAMELLIA_256_GCM:
+ _gcm_camellia_set_key(&ctx->ctx.camellia_gcm, keysize,
+ key);
+ break;
case GNUTLS_CIPHER_DES_CBC:
if (keysize != DES_KEY_SIZE) {
gnutls_assert();
case GNUTLS_CIPHER_RC2_40_CBC:
arctwo_set_key(ctx->ctx_ptr, keysize, key);
break;
+#endif
default:
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
gcm_aes_set_iv(&ctx->ctx.aes_gcm, GCM_DEFAULT_NONCE_SIZE,
iv);
break;
+#ifndef ENABLE_FIPS140
case GNUTLS_CIPHER_CAMELLIA_128_GCM:
case GNUTLS_CIPHER_CAMELLIA_256_GCM:
if (ivsize != GCM_DEFAULT_NONCE_SIZE)
salsa20_set_iv(&ctx->ctx.salsa20, iv);
break;
+#endif
default:
if (ivsize > ctx->block_size)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
struct nettle_hash_ctx {
union {
struct md5_ctx md5;
- struct md2_ctx md2;
struct sha224_ctx sha224;
struct sha256_ctx sha256;
struct sha384_ctx sha384;
struct sha512_ctx sha512;
struct sha1_ctx sha1;
+#ifndef ENABLE_FIPS140
+ struct md2_ctx md2;
+#endif
} ctx;
void *ctx_ptr;
gnutls_digest_algorithm_t algo;
struct hmac_sha384_ctx sha384;
struct hmac_sha512_ctx sha512;
struct hmac_sha1_ctx sha1;
+#ifndef ENABLE_FIPS140
struct umac96_ctx umac96;
struct umac128_ctx umac128;
+#endif
} ctx;
void *ctx_ptr;
set_nonce_func set_nonce;
};
+#ifndef ENABLE_FIPS140
static void
_wrap_umac96_set_key(void *ctx, unsigned len, const uint8_t * key)
{
abort();
umac128_set_key(ctx, key);
}
+#endif
static int _mac_ctx_init(gnutls_mac_algorithm_t algo,
struct nettle_mac_ctx *ctx)
ctx->ctx_ptr = &ctx->ctx.sha512;
ctx->length = SHA512_DIGEST_SIZE;
break;
+#ifndef ENABLE_FIPS140
case GNUTLS_MAC_UMAC_96:
ctx->update = (update_func) umac96_update;
ctx->digest = (digest_func) umac96_digest;
ctx->ctx_ptr = &ctx->ctx.umac128;
ctx->length = 16;
break;
+#endif
default:
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
case GNUTLS_MAC_SHA256:
case GNUTLS_MAC_SHA384:
case GNUTLS_MAC_SHA512:
+#ifndef ENABLE_FIPS140
case GNUTLS_MAC_UMAC_96:
case GNUTLS_MAC_UMAC_128:
+#endif
return 1;
default:
return 0;
switch (algo) {
case GNUTLS_DIG_MD5:
case GNUTLS_DIG_SHA1:
- case GNUTLS_DIG_MD2:
+
case GNUTLS_DIG_SHA224:
case GNUTLS_DIG_SHA256:
case GNUTLS_DIG_SHA384:
case GNUTLS_DIG_SHA512:
+#ifndef ENABLE_FIPS140
+ case GNUTLS_DIG_MD2:
+#endif
return 1;
default:
return 0;
ctx->ctx_ptr = &ctx->ctx.sha1;
ctx->length = SHA1_DIGEST_SIZE;
break;
- case GNUTLS_DIG_MD2:
- md2_init(&ctx->ctx.md2);
- ctx->update = (update_func) md2_update;
- ctx->digest = (digest_func) md2_digest;
- ctx->ctx_ptr = &ctx->ctx.md2;
- ctx->length = MD2_DIGEST_SIZE;
- break;
case GNUTLS_DIG_SHA224:
sha224_init(&ctx->ctx.sha224);
ctx->update = (update_func) sha224_update;
ctx->ctx_ptr = &ctx->ctx.sha512;
ctx->length = SHA512_DIGEST_SIZE;
break;
+#ifndef ENABLE_FIPS140
+ case GNUTLS_DIG_MD2:
+ md2_init(&ctx->ctx.md2);
+ ctx->update = (update_func) md2_update;
+ ctx->digest = (digest_func) md2_digest;
+ ctx->ctx_ptr = &ctx->ctx.md2;
+ ctx->length = MD2_DIGEST_SIZE;
+ break;
+#endif
default:
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;