diff options
| author | jsing <> | 2016-04-28 16:39:45 +0000 |
|---|---|---|
| committer | jsing <> | 2016-04-28 16:39:45 +0000 |
| commit | 21309143ef5fb22db3d96c345e9b175fe105c359 (patch) | |
| tree | ca382a2cc99fb482286b7f98c3934ee45e6ad36b /src/lib/libssl/tls1.h | |
| parent | 35453e7b42f588a5186b183921334942e38a0a4b (diff) | |
| download | openbsd-21309143ef5fb22db3d96c345e9b175fe105c359.tar.gz openbsd-21309143ef5fb22db3d96c345e9b175fe105c359.tar.bz2 openbsd-21309143ef5fb22db3d96c345e9b175fe105c359.zip | |
Implement the IETF ChaCha20-Poly1305 cipher suites.
Rename the existing ChaCha20-Poly1305 cipher suites with an "-OLD" suffix,
effectively replaces the original Google implementation. We continue to
support both the IETF and Google versions, however the existing names
now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04.
Feedback from doug@
Diffstat (limited to 'src/lib/libssl/tls1.h')
| -rw-r--r-- | src/lib/libssl/tls1.h | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h index e564ec23e9..e123117866 100644 --- a/src/lib/libssl/tls1.h +++ b/src/lib/libssl/tls1.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls1.h,v 1.27 2016/03/07 19:33:26 mmcc Exp $ */ | 1 | /* $OpenBSD: tls1.h,v 1.28 2016/04/28 16:39:45 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -537,9 +537,12 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) | |||
| 537 | #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032 | 537 | #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032 |
| 538 | 538 | ||
| 539 | /* ChaCha20-Poly1305 based ciphersuites. */ | 539 | /* ChaCha20-Poly1305 based ciphersuites. */ |
| 540 | #define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305 0x0300CC13 | 540 | #define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD 0x0300CC13 |
| 541 | #define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305 0x0300CC14 | 541 | #define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD 0x0300CC14 |
| 542 | #define TLS1_CK_DHE_RSA_CHACHA20_POLY1305 0x0300CC15 | 542 | #define TLS1_CK_DHE_RSA_CHACHA20_POLY1305_OLD 0x0300CC15 |
| 543 | #define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305 0x0300CCA8 | ||
| 544 | #define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305 0x0300CCA9 | ||
| 545 | #define TLS1_CK_DHE_RSA_CHACHA20_POLY1305 0x0300CCAA | ||
| 543 | 546 | ||
| 544 | #define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5" | 547 | #define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5" |
| 545 | #define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5" | 548 | #define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5" |
| @@ -701,6 +704,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) | |||
| 701 | #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384" | 704 | #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384" |
| 702 | 705 | ||
| 703 | /* ChaCha20-Poly1305 based ciphersuites. */ | 706 | /* ChaCha20-Poly1305 based ciphersuites. */ |
| 707 | #define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD "ECDHE-RSA-CHACHA20-POLY1305-OLD" | ||
| 708 | #define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD "ECDHE-ECDSA-CHACHA20-POLY1305-OLD" | ||
| 709 | #define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_OLD "DHE-RSA-CHACHA20-POLY1305-OLD" | ||
| 704 | #define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305" | 710 | #define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305" |
| 705 | #define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305" | 711 | #define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305" |
| 706 | #define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305" | 712 | #define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305" |