diff options
| author | jsing <> | 2014-06-13 13:28:53 +0000 |
|---|---|---|
| committer | jsing <> | 2014-06-13 13:28:53 +0000 |
| commit | 1b457449c180438027e5a01bd91548b9c39cdcb5 (patch) | |
| tree | 438ba40d37fa8918a8cbfba204604048af3118cc /src/lib/libssl/s3_lib.c | |
| parent | f783149b42dde459053d469f10461a7db0238550 (diff) | |
| download | openbsd-1b457449c180438027e5a01bd91548b9c39cdcb5.tar.gz openbsd-1b457449c180438027e5a01bd91548b9c39cdcb5.tar.bz2 openbsd-1b457449c180438027e5a01bd91548b9c39cdcb5.zip | |
Add ChaCha20-Poly1305 based ciphersuites.
Based on Adam Langley's chromium patches.
Tested by and ok sthen@
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 53 |
1 files changed, 52 insertions, 1 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 939557e48e..fa7df59779 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.60 2014/06/13 13:21:09 jsing Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.61 2014/06/13 13:28:53 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2287,6 +2287,57 @@ SSL_CIPHER ssl3_ciphers[] = { | |||
| 2287 | .alg_bits = 256 | 2287 | .alg_bits = 256 |
| 2288 | }, | 2288 | }, |
| 2289 | #endif | 2289 | #endif |
| 2290 | |||
| 2291 | #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) | ||
| 2292 | { | ||
| 2293 | .valid = 1, | ||
| 2294 | .name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, | ||
| 2295 | .id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, | ||
| 2296 | .algorithm_mkey = SSL_kEECDH, | ||
| 2297 | .algorithm_auth = SSL_aRSA, | ||
| 2298 | .algorithm_enc = SSL_CHACHA20POLY1305, | ||
| 2299 | .algorithm_mac = SSL_AEAD, | ||
| 2300 | .algorithm_ssl = SSL_TLSV1_2, | ||
| 2301 | .algo_strength = SSL_NOT_EXP|SSL_HIGH, | ||
| 2302 | .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| | ||
| 2303 | SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), | ||
| 2304 | .strength_bits = 256, | ||
| 2305 | .alg_bits = 0, | ||
| 2306 | }, | ||
| 2307 | |||
| 2308 | { | ||
| 2309 | .valid = 1, | ||
| 2310 | .name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, | ||
| 2311 | .id = TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305, | ||
| 2312 | .algorithm_mkey = SSL_kEECDH, | ||
| 2313 | .algorithm_auth = SSL_aECDSA, | ||
| 2314 | .algorithm_enc = SSL_CHACHA20POLY1305, | ||
| 2315 | .algorithm_mac = SSL_AEAD, | ||
| 2316 | .algorithm_ssl = SSL_TLSV1_2, | ||
| 2317 | .algo_strength = SSL_NOT_EXP|SSL_HIGH, | ||
| 2318 | .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| | ||
| 2319 | SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), | ||
| 2320 | .strength_bits = 256, | ||
| 2321 | .alg_bits = 0, | ||
| 2322 | }, | ||
| 2323 | |||
| 2324 | { | ||
| 2325 | .valid = 1, | ||
| 2326 | .name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305, | ||
| 2327 | .id = TLS1_CK_DHE_RSA_CHACHA20_POLY1305, | ||
| 2328 | .algorithm_mkey = SSL_kEDH, | ||
| 2329 | .algorithm_auth = SSL_aRSA, | ||
| 2330 | .algorithm_enc = SSL_CHACHA20POLY1305, | ||
| 2331 | .algorithm_mac = SSL_AEAD, | ||
| 2332 | .algorithm_ssl = SSL_TLSV1_2, | ||
| 2333 | .algo_strength = SSL_NOT_EXP|SSL_HIGH, | ||
| 2334 | .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256| | ||
| 2335 | SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0), | ||
| 2336 | .strength_bits = 256, | ||
| 2337 | .alg_bits = 0, | ||
| 2338 | }, | ||
| 2339 | #endif | ||
| 2340 | |||
| 2290 | /* end of list */ | 2341 | /* end of list */ |
| 2291 | }; | 2342 | }; |
| 2292 | 2343 | ||