diff options
| author |   jsing <jsing@openbsd.org> | 2016-04-28 16:39:45 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2016-04-28 16:39:45 +0000 |
| commit | f43d4a20f8cf46e5ee7a06dc7edd5ff5d44e0e75 (patch) | |
| tree | 710f6d0c39f9fa716dd78c44b39adc7e7b9bdeff /lib/libssl/s3_lib.c | |
| parent | Update AEAD regress to match EVP_aead_chacha20_poly1305() changes. (diff) | |
| download | wireguard-openbsd-f43d4a20f8cf46e5ee7a06dc7edd5ff5d44e0e75.tar.xz wireguard-openbsd-f43d4a20f8cf46e5ee7a06dc7edd5ff5d44e0e75.zip | |
Implement the IETF ChaCha20-Poly1305 cipher suites.
Rename the existing ChaCha20-Poly1305 cipher suites with an "-OLD" suffix,
effectively replaces the original Google implementation. We continue to
support both the IETF and Google versions, however the existing names
now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04.
Feedback from doug@
Diffstat (limited to 'lib/libssl/s3_lib.c')
| -rw-r--r-- | lib/libssl/s3_lib.c | 63 |
1 files changed, 57 insertions, 6 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index e7f71d6b6f4..e873c17c876 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.107 2016/01/27 02:06:16 beck Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.108 2016/04/28 16:39:45 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1810,6 +1810,57 @@ SSL_CIPHER ssl3_ciphers[] = { /* Cipher CC13 */ { .valid = 1, + .name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD, + .id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD, + .algorithm_mkey = SSL_kECDHE, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CHACHA20POLY1305_OLD, + .algorithm_mac = SSL_AEAD, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| + SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), + .strength_bits = 256, + .alg_bits = 256, + }, + + /* Cipher CC14 */ + { + .valid = 1, + .name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD, + .id = TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD, + .algorithm_mkey = SSL_kECDHE, + .algorithm_auth = SSL_aECDSA, + .algorithm_enc = SSL_CHACHA20POLY1305_OLD, + .algorithm_mac = SSL_AEAD, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| + SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), + .strength_bits = 256, + .alg_bits = 256, + }, + + /* Cipher CC15 */ + { + .valid = 1, + .name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_OLD, + .id = TLS1_CK_DHE_RSA_CHACHA20_POLY1305_OLD, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CHACHA20POLY1305_OLD, + .algorithm_mac = SSL_AEAD, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| + SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), + .strength_bits = 256, + .alg_bits = 256, + }, + + /* Cipher CCA8 */ + { + .valid = 1, .name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, .id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, .algorithm_mkey = SSL_kECDHE, @@ -1819,12 +1870,12 @@ SSL_CIPHER ssl3_ciphers[] = { .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), + SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(12), .strength_bits = 256, .alg_bits = 256, }, - /* Cipher CC14 */ + /* Cipher CCA9 */ { .valid = 1, .name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, @@ -1836,12 +1887,12 @@ SSL_CIPHER ssl3_ciphers[] = { .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), + SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(12), .strength_bits = 256, .alg_bits = 256, }, - /* Cipher CC15 */ + /* Cipher CCAA */ { .valid = 1, .name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305, @@ -1853,7 +1904,7 @@ SSL_CIPHER ssl3_ciphers[] = { .algorithm_ssl = SSL_TLSV1_2, .algo_strength = SSL_HIGH, .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| - SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), + SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(12), .strength_bits = 256, .alg_bits = 256, }, |