Topic: Adding new ciphersuites steps?

Hi, I am a developer from South Korea.

First of all, thanks for the explanation here: https://www.wolfssl.com/docs/implementi … 0gc5joag72

I was able to make my own ARIA cipher, which is CBC encrypt and decrypt function using the tutorial. But I couldn't find any tutorial to implement the new cipher suite. I want to add a new cipher suite using my aria cipher replacing the AES, for example, I want to add TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256. But I really don't know where to start or what are files needed to be modified.

Is there anyone who knows which part that I needed to modify? Because when I just follow the AES keyword it was everywhere, and I'm not sure which one that I really need to modify to add a new cipher suite.

Any help would be appreciated,
Thanks, Derry

Share

2 (edited by tmael 2021-01-08 15:37:18)

Re: Adding new ciphersuites steps?

Hi Derry,

Thanks for reaching out to wolfSSL with your question.

I think you have a couple of options to add the ARIA cipher.

1. You can create a new file `wolfssl/wolfcrypt/src/aria.c` similar to `wolfssl/wolfcrypt/src/aes.c`, add a build/configure option in configure.ac, update include.am, cipher suite names and etc. I would suggest your search for AES GCM to narrow down your search results.

Or

2. You can consider adding a new macro (e.g. WOLFSSL_ARIA_CRYPT)  and create new file `wolfcrypt/src/port/aria/aria-aes.c` similar to `wolfcrypt/src/port/ti/ti-aes.c` with your implementations. You can edit wolfssl/wolfcrypt/src/aes.c and choose your implementations similar to the way we handle hardware acceleration support. 

If you need the cipher name changed then you would have to go with option #1. Otherwise, option #2 is easier and cleaner but the cipher name shows AES but you are really doing ARIA cipher.

Please let me know if this helps or you can also send us any follow-up questions to support@wolfssl.com.

Thanks,
Tesfa

Share

Re: Adding new ciphersuites steps?

Hi tmael,

Thanks for the answer, I successfully managed to add my own aria cipher suites on wolfSSL using the option #1. smile

Best Regards,
Derry

Share

Re: Adding new ciphersuites steps?

Hi Derry,

I'm glad to hear that you got it working.
If you are interested in contributing your changes, you can open a pull request at https://github.com/wolfSSL/wolfssl.

Cheers,
Tesfa

Share