CAMELLIA PSK ciphersuites from RFC6367
Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Dr. Stephen Henson
parent
b2f8ab8681
commit
69a3a9f5d9
3 changed files with 144 additions and 0 deletions
|
|
@ -645,6 +645,18 @@ Note: these ciphers can also be used in SSL v3.
|
|||
ECDHE_PSK_WITH_NULL_SHA256 ECDHE-PSK-NULL-SHA256
|
||||
ECDHE_PSK_WITH_NULL_SHA384 ECDHE-PSK-NULL-SHA384
|
||||
|
||||
PSK_WITH_CAMELLIA_128_CBC_SHA256 PSK-CAMELLIA128-SHA256
|
||||
PSK_WITH_CAMELLIA_256_CBC_SHA384 PSK-CAMELLIA256-SHA384
|
||||
|
||||
DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 DHE-PSK-CAMELLIA128-SHA256
|
||||
DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 DHE-PSK-CAMELLIA256-SHA384
|
||||
|
||||
RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 RSA-PSK-CAMELLIA128-SHA256
|
||||
RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 RSA-PSK-CAMELLIA256-SHA384
|
||||
|
||||
ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-PSK-CAMELLIA128-SHA256
|
||||
ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-PSK-CAMELLIA256-SHA384
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
Some compiled versions of OpenSSL may not include all the ciphers
|
||||
|
|
|
|||
|
|
@ -625,6 +625,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
|
||||
# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
|
||||
|
||||
# define TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C094
|
||||
# define TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C095
|
||||
# define TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C096
|
||||
# define TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C097
|
||||
# define TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C098
|
||||
# define TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C099
|
||||
# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
|
||||
# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B
|
||||
|
||||
/*
|
||||
* XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
|
||||
* ciphers names with "EDH" instead of "DHE". Going forward, we should be
|
||||
|
|
@ -768,6 +777,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
|
||||
# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
|
||||
|
||||
# define TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 "PSK-CAMELLIA128-SHA256"
|
||||
# define TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 "PSK-CAMELLIA256-SHA384"
|
||||
# define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "DHE-PSK-CAMELLIA128-SHA256"
|
||||
# define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "DHE-PSK-CAMELLIA256-SHA384"
|
||||
# define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 "RSA-PSK-CAMELLIA128-SHA256"
|
||||
# define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 "RSA-PSK-CAMELLIA256-SHA384"
|
||||
# define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-PSK-CAMELLIA128-SHA256"
|
||||
# define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-PSK-CAMELLIA256-SHA384"
|
||||
|
||||
/* SEED ciphersuites from RFC4162 */
|
||||
# define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
|
||||
# define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
|
||||
|
|
|
|||
114
ssl/s3_lib.c
114
ssl/s3_lib.c
|
|
@ -3362,6 +3362,120 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
|
|||
# endif /* OPENSSL_NO_CAMELLIA */
|
||||
#endif /* OPENSSL_NO_EC */
|
||||
|
||||
#if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_PSK)
|
||||
{ /* Cipher C094 */
|
||||
1,
|
||||
TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
SSL_kPSK,
|
||||
SSL_aPSK,
|
||||
SSL_CAMELLIA128,
|
||||
SSL_SHA256,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
128,
|
||||
128},
|
||||
|
||||
{ /* Cipher C095 */
|
||||
1,
|
||||
TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
SSL_kPSK,
|
||||
SSL_aPSK,
|
||||
SSL_CAMELLIA256,
|
||||
SSL_SHA384,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
|
||||
256,
|
||||
256},
|
||||
|
||||
{ /* Cipher C096 */
|
||||
1,
|
||||
TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
SSL_kDHEPSK,
|
||||
SSL_aPSK,
|
||||
SSL_CAMELLIA128,
|
||||
SSL_SHA256,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
128,
|
||||
128},
|
||||
|
||||
{ /* Cipher C097 */
|
||||
1,
|
||||
TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
SSL_kDHEPSK,
|
||||
SSL_aPSK,
|
||||
SSL_CAMELLIA256,
|
||||
SSL_SHA384,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
|
||||
256,
|
||||
256},
|
||||
|
||||
{ /* Cipher C098 */
|
||||
1,
|
||||
TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
SSL_kRSAPSK,
|
||||
SSL_aRSA,
|
||||
SSL_CAMELLIA128,
|
||||
SSL_SHA256,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
128,
|
||||
128},
|
||||
|
||||
{ /* Cipher C099 */
|
||||
1,
|
||||
TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
SSL_kRSAPSK,
|
||||
SSL_aRSA,
|
||||
SSL_CAMELLIA256,
|
||||
SSL_SHA384,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
|
||||
256,
|
||||
256},
|
||||
|
||||
{ /* Cipher C09A */
|
||||
1,
|
||||
TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
SSL_kECDHEPSK,
|
||||
SSL_aPSK,
|
||||
SSL_CAMELLIA128,
|
||||
SSL_SHA256,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||
128,
|
||||
128},
|
||||
|
||||
{ /* Cipher C09B */
|
||||
1,
|
||||
TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
SSL_kECDHEPSK,
|
||||
SSL_aPSK,
|
||||
SSL_CAMELLIA256,
|
||||
SSL_SHA384,
|
||||
SSL_TLSV1,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
|
||||
256,
|
||||
256},
|
||||
#endif
|
||||
|
||||
#ifdef TEMP_GOST_TLS
|
||||
/* Cipher FF00 */
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in a new issue