Remove the original (pre-IETF) chacha20-poly1305 cipher suites.

Support for the IETF standardised chacha20-poly1305 cipher suites was
added 16 months ago, which means they exist in both of the currently
supported OpenBSD releases.

Also prompted by Andreas Bartelt <obsd at bartula dot de>.

ok beck@ doug@

4 files changed, 5 insertions, 73 deletions

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index acbe30d804..bbf0444c21 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.158 2017/08/12 21:03:08 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.159 2017/08/28 16:37:04 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1299,57 +1299,6 @@ SSL_CIPHER ssl3_ciphers[] = {
                 .alg_bits = 256,
         },
 
-        /* Cipher CC13 */
-        {
-                .valid = 1,
-                .name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD,
-                .id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD,
-                .algorithm_mkey = SSL_kECDHE,
-                .algorithm_auth = SSL_aRSA,
-                .algorithm_enc = SSL_CHACHA20POLY1305_OLD,
-                .algorithm_mac = SSL_AEAD,
-                .algorithm_ssl = SSL_TLSV1_2,
-                .algo_strength = SSL_HIGH,
-                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-                    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0),
-                .strength_bits = 256,
-                .alg_bits = 256,
-        },
-
-        /* Cipher CC14 */
-        {
-                .valid = 1,
-                .name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD,
-                .id = TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD,
-                .algorithm_mkey = SSL_kECDHE,
-                .algorithm_auth = SSL_aECDSA,
-                .algorithm_enc = SSL_CHACHA20POLY1305_OLD,
-                .algorithm_mac = SSL_AEAD,
-                .algorithm_ssl = SSL_TLSV1_2,
-                .algo_strength = SSL_HIGH,
-                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-                    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0),
-                .strength_bits = 256,
-                .alg_bits = 256,
-        },
-
-        /* Cipher CC15 */
-        {
-                .valid = 1,
-                .name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_OLD,
-                .id = TLS1_CK_DHE_RSA_CHACHA20_POLY1305_OLD,
-                .algorithm_mkey = SSL_kDHE,
-                .algorithm_auth = SSL_aRSA,
-                .algorithm_enc = SSL_CHACHA20POLY1305_OLD,
-                .algorithm_mac = SSL_AEAD,
-                .algorithm_ssl = SSL_TLSV1_2,
-                .algo_strength = SSL_HIGH,
-                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-                    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0),
-                .strength_bits = 256,
-                .alg_bits = 256,
-        },
-
         /* Cipher CCA8 */
         {
                 .valid = 1,
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index 49af292d6c..f30ffeaf2c 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.96 2017/03/10 16:03:27 jsing Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.97 2017/08/28 16:37:04 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -388,7 +388,7 @@ static const SSL_CIPHER cipher_aliases[] = {
         },
         {
                 .name = SSL_TXT_CHACHA20,
-                .algorithm_enc = SSL_CHACHA20POLY1305|SSL_CHACHA20POLY1305_OLD,
+                .algorithm_enc = SSL_CHACHA20POLY1305,
         },
 
         /* MAC aliases */
@@ -690,9 +690,6 @@ ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead)
         case SSL_CHACHA20POLY1305:
                 *aead = EVP_aead_chacha20_poly1305();
                 return 1;
-        case SSL_CHACHA20POLY1305_OLD:
-                *aead = EVP_aead_chacha20_poly1305_old();
-                return 1;
         default:
                 break;
         }
@@ -1394,8 +1391,6 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
                     CIPHER_ADD, -1, &head, &tail);
                 ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305,
                     0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-                ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305_OLD,
-                    0, 0, 0, CIPHER_ADD, -1, &head, &tail);
         } else {
                 /*
                  * CHACHA20 is fast and safe on all hardware and is thus our
@@ -1403,8 +1398,6 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
                  */
                 ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305,
                     0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-                ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305_OLD,
-                    0, 0, 0, CIPHER_ADD, -1, &head, &tail);
                 ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0,
                     CIPHER_ADD, -1, &head, &tail);
         }
@@ -1628,9 +1621,6 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
         case SSL_CHACHA20POLY1305:
                 enc = "ChaCha20-Poly1305";
                 break;
-        case SSL_CHACHA20POLY1305_OLD:
-                enc = "ChaCha20-Poly1305-Old";
-                break;
         case SSL_eGOST2814789CNT:
                 enc = "GOST-28178-89-CNT";
                 break;
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index e789a4ae27..17a4a0d4f6 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.192 2017/08/27 02:58:04 doug Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.193 2017/08/28 16:37:04 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -233,7 +233,6 @@ __BEGIN_HIDDEN_DECLS
 #define SSL_AES128GCM           0x00000400L
 #define SSL_AES256GCM           0x00000800L
 #define SSL_CHACHA20POLY1305    0x00001000L
-#define SSL_CHACHA20POLY1305_OLD        0x00002000L
 
 #define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
 #define SSL_CAMELLIA            (SSL_CAMELLIA128|SSL_CAMELLIA256)
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index d06a1969b1..3cf778020b 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.29 2017/03/25 14:15:11 jsing Exp $ */
+/* $OpenBSD: tls1.h,v 1.30 2017/08/28 16:37:04 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -534,9 +534,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384        0x0300C032
 
 /* ChaCha20-Poly1305 based ciphersuites. */
-#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD         0x0300CC13
-#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD       0x0300CC14
-#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305_OLD           0x0300CC15
 #define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305             0x0300CCA8
 #define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305           0x0300CCA9
 #define TLS1_CK_DHE_RSA_CHACHA20_POLY1305               0x0300CCAA
@@ -701,9 +698,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384       "ECDH-RSA-AES256-GCM-SHA384"
 
 /* ChaCha20-Poly1305 based ciphersuites. */
-#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD   "ECDHE-RSA-CHACHA20-POLY1305-OLD"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD "ECDHE-ECDSA-CHACHA20-POLY1305-OLD"
-#define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_OLD     "DHE-RSA-CHACHA20-POLY1305-OLD"
 #define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305       "ECDHE-RSA-CHACHA20-POLY1305"
 #define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305     "ECDHE-ECDSA-CHACHA20-POLY1305"
 #define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305         "DHE-RSA-CHACHA20-POLY1305"