Add SEED encryption algorithm.

PR: 1503 Submitted by: KISA Reviewed by: Bodo Moeller
2007-04-23 23:50:26 +00:00
parent 22892f9803
commit c3cc4662af
46 changed files with 1627 additions and 84 deletions
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -105,7 +105,8 @@ The following is a list of all permitted cipher strings and their meanings.
 =item B<DEFAULT>

 the default cipher list. This is determined at compile time and is normally
-B<ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH>. This must be the first cipher string
+B<ALL:!aNULL:!eNULL:+RC4:@STRENGTH> or
+B<AES:CAMELLIA:ALL!aNULL:!eNULL:+RC4:@STRENGTH>. This must be the first cipher string
 specified.

 =item B<COMPLEMENTOFDEFAULT>
@@ -209,6 +210,10 @@ anonymous DH cipher suites.

 cipher suites using AES.

+=item B<CAMELLIA>
+
+cipher suites using Camellia.
+
 =item B<3DES>

 cipher suites using triple DES.
@@ -229,6 +234,10 @@ cipher suites using RC2.

 cipher suites using IDEA.

+=item B<SEED>
+
+cipher suites using SEED.
+
 =item B<MD5>

 cipher suites using MD5.
@@ -237,10 +246,6 @@ cipher suites using MD5.

 cipher suites using SHA1.

-=item B<Camellia>
-
-cipher suites using Camellia.
-
 =back

 =head1 CIPHER SUITE NAMES
@@ -323,10 +328,10 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
 TLS_RSA_WITH_AES_128_CBC_SHA            AES128-SHA
 TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA

- TLS_DH_DSS_WITH_AES_128_CBC_SHA         DH-DSS-AES128-SHA
- TLS_DH_DSS_WITH_AES_256_CBC_SHA         DH-DSS-AES256-SHA
- TLS_DH_RSA_WITH_AES_128_CBC_SHA         DH-RSA-AES128-SHA
- TLS_DH_RSA_WITH_AES_256_CBC_SHA         DH-RSA-AES256-SHA
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA         Not implemented.
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA         Not implemented.
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA         Not implemented.
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA         Not implemented.

 TLS_DHE_DSS_WITH_AES_128_CBC_SHA        DHE-DSS-AES128-SHA
 TLS_DHE_DSS_WITH_AES_256_CBC_SHA        DHE-DSS-AES256-SHA
@@ -354,6 +359,18 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
 TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA  ADH-CAMELLIA128-SHA
 TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA  ADH-CAMELLIA256-SHA

+=head2 SEED ciphersuites from RFC4162, extending TLS v1.0
+
+ TLS_RSA_WITH_SEED_CBC_SHA              SEED-SHA
+
+ TLS_DH_DSS_WITH_SEED_CBC_SHA           Not implemented.
+ TLS_DH_RSA_WITH_SEED_CBC_SHA           Not implemented.
+
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA          DHE-DSS-SEED-SHA
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA          DHE-RSA-SEED-SHA
+
+ TLS_DH_anon_WITH_SEED_CBC_SHA          ADH-SEED-SHA
+
 =head2 Additional Export 1024 and other cipher suites

 Note: these ciphers can also be used in SSL v3.
--- a/doc/standards.txt
+++ b/doc/standards.txt
@@ -100,6 +100,15 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
     (TLS). S. Moriai, A. Kato, M. Kanda. July 2005. (Format: TXT=13590
     bytes) (Status: PROPOSED STANDARD)

+4162 Addition of SEED Cipher Suites to Transport Layer Security (TLS).
+     H.J. Lee, J.H. Yoon, J.I. Lee. August 2005. (Format: TXT=10578 bytes)
+     (Status: PROPOSED STANDARD)
+
+4269 The SEED Encryption Algorithm. H.J. Lee, S.J. Lee, J.H. Yoon,
+     D.H. Cheon, J.I. Lee. December 2005. (Format: TXT=34390 bytes)
+     (Obsoletes RFC4009) (Status: INFORMATIONAL)
+
+
 Related:
 --------