CAMELLIA PSK ciphersuites from RFC6367
Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Dr. Stephen Henson
parent
b2f8ab8681
commit
69a3a9f5d9
@ -645,6 +645,18 @@ Note: these ciphers can also be used in SSL v3.
|
|||||||
ECDHE_PSK_WITH_NULL_SHA256 ECDHE-PSK-NULL-SHA256
|
ECDHE_PSK_WITH_NULL_SHA256 ECDHE-PSK-NULL-SHA256
|
||||||
ECDHE_PSK_WITH_NULL_SHA384 ECDHE-PSK-NULL-SHA384
|
ECDHE_PSK_WITH_NULL_SHA384 ECDHE-PSK-NULL-SHA384
|
||||||
|
|
||||||
|
PSK_WITH_CAMELLIA_128_CBC_SHA256 PSK-CAMELLIA128-SHA256
|
||||||
|
PSK_WITH_CAMELLIA_256_CBC_SHA384 PSK-CAMELLIA256-SHA384
|
||||||
|
|
||||||
|
DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 DHE-PSK-CAMELLIA128-SHA256
|
||||||
|
DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 DHE-PSK-CAMELLIA256-SHA384
|
||||||
|
|
||||||
|
RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 RSA-PSK-CAMELLIA128-SHA256
|
||||||
|
RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 RSA-PSK-CAMELLIA256-SHA384
|
||||||
|
|
||||||
|
ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-PSK-CAMELLIA128-SHA256
|
||||||
|
ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-PSK-CAMELLIA256-SHA384
|
||||||
|
|
||||||
=head1 NOTES
|
=head1 NOTES
|
||||||
|
|
||||||
Some compiled versions of OpenSSL may not include all the ciphers
|
Some compiled versions of OpenSSL may not include all the ciphers
|
||||||
|
|||||||
@ -625,6 +625,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||||||
# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
|
# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
|
||||||
# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
|
# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
|
||||||
|
|
||||||
|
# define TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C094
|
||||||
|
# define TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C095
|
||||||
|
# define TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C096
|
||||||
|
# define TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C097
|
||||||
|
# define TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C098
|
||||||
|
# define TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C099
|
||||||
|
# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
|
||||||
|
# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
|
* XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
|
||||||
* ciphers names with "EDH" instead of "DHE". Going forward, we should be
|
* ciphers names with "EDH" instead of "DHE". Going forward, we should be
|
||||||
@ -768,6 +777,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||||||
# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
|
# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
|
||||||
# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
|
# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
|
||||||
|
|
||||||
|
# define TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 "PSK-CAMELLIA128-SHA256"
|
||||||
|
# define TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 "PSK-CAMELLIA256-SHA384"
|
||||||
|
# define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "DHE-PSK-CAMELLIA128-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "DHE-PSK-CAMELLIA256-SHA384"
|
||||||
|
# define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 "RSA-PSK-CAMELLIA128-SHA256"
|
||||||
|
# define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 "RSA-PSK-CAMELLIA256-SHA384"
|
||||||
|
# define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-PSK-CAMELLIA128-SHA256"
|
||||||
|
# define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-PSK-CAMELLIA256-SHA384"
|
||||||
|
|
||||||
/* SEED ciphersuites from RFC4162 */
|
/* SEED ciphersuites from RFC4162 */
|
||||||
# define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
|
# define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
|
||||||
# define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
|
# define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
|
||||||
|
|||||||
114
ssl/s3_lib.c
114
ssl/s3_lib.c
@ -3362,6 +3362,120 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
|
|||||||
# endif /* OPENSSL_NO_CAMELLIA */
|
# endif /* OPENSSL_NO_CAMELLIA */
|
||||||
#endif /* OPENSSL_NO_EC */
|
#endif /* OPENSSL_NO_EC */
|
||||||
|
|
||||||
|
#if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_PSK)
|
||||||
|
{ /* Cipher C094 */
|
||||||
|
1,
|
||||||
|
TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
SSL_kPSK,
|
||||||
|
SSL_aPSK,
|
||||||
|
SSL_CAMELLIA128,
|
||||||
|
SSL_SHA256,
|
||||||
|
SSL_TLSV1,
|
||||||
|
SSL_NOT_EXP | SSL_HIGH,
|
||||||
|
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||||
|
128,
|
||||||
|
128},
|
||||||
|
|
||||||
|
{ /* Cipher C095 */
|
||||||
|
1,
|
||||||
|
TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
SSL_kPSK,
|
||||||
|
SSL_aPSK,
|
||||||
|
SSL_CAMELLIA256,
|
||||||
|
SSL_SHA384,
|
||||||
|
SSL_TLSV1,
|
||||||
|
SSL_NOT_EXP | SSL_HIGH,
|
||||||
|
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
|
||||||
|
256,
|
||||||
|
256},
|
||||||
|
|
||||||
|
{ /* Cipher C096 */
|
||||||
|
1,
|
||||||
|
TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
SSL_kDHEPSK,
|
||||||
|
SSL_aPSK,
|
||||||
|
SSL_CAMELLIA128,
|
||||||
|
SSL_SHA256,
|
||||||
|
SSL_TLSV1,
|
||||||
|
SSL_NOT_EXP | SSL_HIGH,
|
||||||
|
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||||
|
128,
|
||||||
|
128},
|
||||||
|
|
||||||
|
{ /* Cipher C097 */
|
||||||
|
1,
|
||||||
|
TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
SSL_kDHEPSK,
|
||||||
|
SSL_aPSK,
|
||||||
|
SSL_CAMELLIA256,
|
||||||
|
SSL_SHA384,
|
||||||
|
SSL_TLSV1,
|
||||||
|
SSL_NOT_EXP | SSL_HIGH,
|
||||||
|
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
|
||||||
|
256,
|
||||||
|
256},
|
||||||
|
|
||||||
|
{ /* Cipher C098 */
|
||||||
|
1,
|
||||||
|
TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
SSL_kRSAPSK,
|
||||||
|
SSL_aRSA,
|
||||||
|
SSL_CAMELLIA128,
|
||||||
|
SSL_SHA256,
|
||||||
|
SSL_TLSV1,
|
||||||
|
SSL_NOT_EXP | SSL_HIGH,
|
||||||
|
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||||
|
128,
|
||||||
|
128},
|
||||||
|
|
||||||
|
{ /* Cipher C099 */
|
||||||
|
1,
|
||||||
|
TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
SSL_kRSAPSK,
|
||||||
|
SSL_aRSA,
|
||||||
|
SSL_CAMELLIA256,
|
||||||
|
SSL_SHA384,
|
||||||
|
SSL_TLSV1,
|
||||||
|
SSL_NOT_EXP | SSL_HIGH,
|
||||||
|
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
|
||||||
|
256,
|
||||||
|
256},
|
||||||
|
|
||||||
|
{ /* Cipher C09A */
|
||||||
|
1,
|
||||||
|
TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
SSL_kECDHEPSK,
|
||||||
|
SSL_aPSK,
|
||||||
|
SSL_CAMELLIA128,
|
||||||
|
SSL_SHA256,
|
||||||
|
SSL_TLSV1,
|
||||||
|
SSL_NOT_EXP | SSL_HIGH,
|
||||||
|
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
|
||||||
|
128,
|
||||||
|
128},
|
||||||
|
|
||||||
|
{ /* Cipher C09B */
|
||||||
|
1,
|
||||||
|
TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
SSL_kECDHEPSK,
|
||||||
|
SSL_aPSK,
|
||||||
|
SSL_CAMELLIA256,
|
||||||
|
SSL_SHA384,
|
||||||
|
SSL_TLSV1,
|
||||||
|
SSL_NOT_EXP | SSL_HIGH,
|
||||||
|
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
|
||||||
|
256,
|
||||||
|
256},
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef TEMP_GOST_TLS
|
#ifdef TEMP_GOST_TLS
|
||||||
/* Cipher FF00 */
|
/* Cipher FF00 */
|
||||||
{
|
{
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user