Now that we have Camellia support in libcrypto, bring in the SHA256 flavour of

the Camellia ciphersuites for TLS 1.2 introduced in RFC 5932. From OpenSSL HEAD.
author: miod <> 2014-12-16 05:47:28 +0000
committer: miod <> 2014-12-16 05:47:28 +0000
commit: a63238a908c7339f2847ad8ec606486c57f77c58 (patch)
tree: 03a6199fcaffc9b432abb94e85c13118ebe8f1be /src/lib
parent: 3b17dd2b93326115c99733ff57ea69db5eee0f94 (diff)
download: openbsd-a63238a908c7339f2847ad8ec606486c57f77c58.tar.gz
openbsd-a63238a908c7339f2847ad8ec606486c57f77c58.tar.bz2
openbsd-a63238a908c7339f2847ad8ec606486c57f77c58.zip
4 files changed, 328 insertions, 4 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index f372b6523c..98eff97131 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.90 2014/12/14 16:07:26 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.91 2014/12/16 05:47:28 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -996,6 +996,138 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 256,
        },
+#ifndef OPENSSL_NO_CAMELLIA
+        /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+        /* Cipher BA */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+                .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+                .algorithm_mkey = SSL_kRSA,
+                .algorithm_auth = SSL_aRSA,
+                .algorithm_enc = SSL_CAMELLIA128,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 128,
+                .alg_bits = 128,
+        },
+        /* Cipher BD */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+                .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aDSS,
+                .algorithm_enc = SSL_CAMELLIA128,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 128,
+                .alg_bits = 128,
+        },
+        /* Cipher BE */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+                .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aRSA,
+                .algorithm_enc = SSL_CAMELLIA128,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 128,
+                .alg_bits = 128,
+        },
+        /* Cipher BF */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+                .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aNULL,
+                .algorithm_enc = SSL_CAMELLIA128,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 128,
+                .alg_bits = 128,
+        },
+        /* Cipher C0 */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+                .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+                .algorithm_mkey = SSL_kRSA,
+                .algorithm_auth = SSL_aRSA,
+                .algorithm_enc = SSL_CAMELLIA256,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 256,
+                .alg_bits = 256,
+        },
+        /* Cipher C3 */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+                .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aDSS,
+                .algorithm_enc = SSL_CAMELLIA256,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 256,
+                .alg_bits = 256,
+        },
+        /* Cipher C4 */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+                .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aRSA,
+                .algorithm_enc = SSL_CAMELLIA256,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 256,
+                .alg_bits = 256,
+        },
+        /* Cipher C5 */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+                .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aNULL,
+                .algorithm_enc = SSL_CAMELLIA256,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 256,
+                .alg_bits = 256,
+        },
+#endif /* OPENSSL_NO_CAMELLIA */
        /* Cipher C001 */
        {
                .valid = 1,
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index f372b6523c..98eff97131 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.90 2014/12/14 16:07:26 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.91 2014/12/16 05:47:28 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -996,6 +996,138 @@ SSL_CIPHER ssl3_ciphers[] = {
                .alg_bits = 256,
        },
+#ifndef OPENSSL_NO_CAMELLIA
+        /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+        /* Cipher BA */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+                .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+                .algorithm_mkey = SSL_kRSA,
+                .algorithm_auth = SSL_aRSA,
+                .algorithm_enc = SSL_CAMELLIA128,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 128,
+                .alg_bits = 128,
+        },
+        /* Cipher BD */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+                .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aDSS,
+                .algorithm_enc = SSL_CAMELLIA128,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 128,
+                .alg_bits = 128,
+        },
+        /* Cipher BE */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+                .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aRSA,
+                .algorithm_enc = SSL_CAMELLIA128,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 128,
+                .alg_bits = 128,
+        },
+        /* Cipher BF */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+                .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aNULL,
+                .algorithm_enc = SSL_CAMELLIA128,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 128,
+                .alg_bits = 128,
+        },
+        /* Cipher C0 */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+                .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+                .algorithm_mkey = SSL_kRSA,
+                .algorithm_auth = SSL_aRSA,
+                .algorithm_enc = SSL_CAMELLIA256,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 256,
+                .alg_bits = 256,
+        },
+        /* Cipher C3 */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+                .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aDSS,
+                .algorithm_enc = SSL_CAMELLIA256,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 256,
+                .alg_bits = 256,
+        },
+        /* Cipher C4 */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+                .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aRSA,
+                .algorithm_enc = SSL_CAMELLIA256,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 256,
+                .alg_bits = 256,
+        },
+        /* Cipher C5 */
+        {
+                .valid = 1,
+                .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+                .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+                .algorithm_mkey = SSL_kDHE,
+                .algorithm_auth = SSL_aNULL,
+                .algorithm_enc = SSL_CAMELLIA256,
+                .algorithm_mac = SSL_SHA256,
+                .algorithm_ssl = SSL_TLSV1_2,
+                .algo_strength = SSL_HIGH,
+                .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+                .strength_bits = 256,
+                .alg_bits = 256,
+        },
+#endif /* OPENSSL_NO_CAMELLIA */
        /* Cipher C001 */
        {
                .valid = 1,
diff --git a/src/lib/libssl/src/ssl/tls1.h b/src/lib/libssl/src/ssl/tls1.h
index 60dc7919a4..60651572a2 100644
--- a/src/lib/libssl/src/ssl/tls1.h
+++ b/src/lib/libssl/src/ssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.22 2014/11/18 05:33:43 miod Exp $ */
+/* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -452,6 +452,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256             0x030000A6
 #define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384             0x030000A7
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256        0x030000BA
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256     0x030000BB
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256     0x030000BC
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256    0x030000BD
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256    0x030000BE
+#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256        0x030000BF
+#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256        0x030000C0
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256     0x030000C1
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256     0x030000C2
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256    0x030000C3
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256    0x030000C4
+#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256        0x030000C5
 /* ECC ciphersuites from RFC 4492. */
 #define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x0300C001
 #define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x0300C002
@@ -605,6 +620,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA      "DHE-RSA-CAMELLIA256-SHA"
 #define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA          "ADH-CAMELLIA256-SHA"
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256       "CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256    "DH-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256    "DH-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256   "DHE-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   "DHE-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256       "ADH-CAMELLIA128-SHA256"
+#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256       "CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256    "DH-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256    "DH-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256   "DHE-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256   "DHE-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256       "ADH-CAMELLIA256-SHA256"
 /* SEED ciphersuites from RFC 4162. */
 #define TLS1_TXT_RSA_WITH_SEED_SHA                      "SEED-SHA"
 #define TLS1_TXT_DH_DSS_WITH_SEED_SHA                   "DH-DSS-SEED-SHA"
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index 60dc7919a4..60651572a2 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.22 2014/11/18 05:33:43 miod Exp $ */
+/* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -452,6 +452,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256             0x030000A6
 #define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384             0x030000A7
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256        0x030000BA
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256     0x030000BB
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256     0x030000BC
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256    0x030000BD
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256    0x030000BE
+#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256        0x030000BF
+#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256        0x030000C0
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256     0x030000C1
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256     0x030000C2
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256    0x030000C3
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256    0x030000C4
+#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256        0x030000C5
 /* ECC ciphersuites from RFC 4492. */
 #define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x0300C001
 #define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x0300C002
@@ -605,6 +620,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA      "DHE-RSA-CAMELLIA256-SHA"
 #define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA          "ADH-CAMELLIA256-SHA"
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256       "CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256    "DH-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256    "DH-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256   "DHE-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   "DHE-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256       "ADH-CAMELLIA128-SHA256"
+#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256       "CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256    "DH-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256    "DH-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256   "DHE-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256   "DHE-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256       "ADH-CAMELLIA256-SHA256"
 /* SEED ciphersuites from RFC 4162. */
 #define TLS1_TXT_RSA_WITH_SEED_SHA                      "SEED-SHA"
 #define TLS1_TXT_DH_DSS_WITH_SEED_SHA                   "DH-DSS-SEED-SHA"
author	miod <>	2014-12-16 05:47:28 +0000
committer	miod <>	2014-12-16 05:47:28 +0000
commit	a63238a908c7339f2847ad8ec606486c57f77c58 (patch)
tree	03a6199fcaffc9b432abb94e85c13118ebe8f1be /src/lib
parent	3b17dd2b93326115c99733ff57ea69db5eee0f94 (diff)
download	openbsd-a63238a908c7339f2847ad8ec606486c57f77c58.tar.gz openbsd-a63238a908c7339f2847ad8ec606486c57f77c58.tar.bz2 openbsd-a63238a908c7339f2847ad8ec606486c57f77c58.zip

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index f372b6523c..98eff97131 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.90 2014/12/14 16:07:26 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.91 2014/12/16 05:47:28 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -996,6 +996,138 @@ SSL_CIPHER ssl3_ciphers[] = {
996	.alg_bits = 256,	996	.alg_bits = 256,
997	},	997	},
998		998
		999	#ifndef OPENSSL_NO_CAMELLIA
		1000	/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
		1001
		1002	/* Cipher BA */
		1003	{
		1004	.valid = 1,
		1005	.name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
		1006	.id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
		1007	.algorithm_mkey = SSL_kRSA,
		1008	.algorithm_auth = SSL_aRSA,
		1009	.algorithm_enc = SSL_CAMELLIA128,
		1010	.algorithm_mac = SSL_SHA256,
		1011	.algorithm_ssl = SSL_TLSV1_2,
		1012	.algo_strength = SSL_HIGH,
		1013	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1014	.strength_bits = 128,
		1015	.alg_bits = 128,
		1016	},
		1017
		1018	/* Cipher BD */
		1019	{
		1020	.valid = 1,
		1021	.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
		1022	.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
		1023	.algorithm_mkey = SSL_kDHE,
		1024	.algorithm_auth = SSL_aDSS,
		1025	.algorithm_enc = SSL_CAMELLIA128,
		1026	.algorithm_mac = SSL_SHA256,
		1027	.algorithm_ssl = SSL_TLSV1_2,
		1028	.algo_strength = SSL_HIGH,
		1029	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1030	.strength_bits = 128,
		1031	.alg_bits = 128,
		1032	},
		1033
		1034	/* Cipher BE */
		1035	{
		1036	.valid = 1,
		1037	.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
		1038	.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
		1039	.algorithm_mkey = SSL_kDHE,
		1040	.algorithm_auth = SSL_aRSA,
		1041	.algorithm_enc = SSL_CAMELLIA128,
		1042	.algorithm_mac = SSL_SHA256,
		1043	.algorithm_ssl = SSL_TLSV1_2,
		1044	.algo_strength = SSL_HIGH,
		1045	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1046	.strength_bits = 128,
		1047	.alg_bits = 128,
		1048	},
		1049
		1050	/* Cipher BF */
		1051	{
		1052	.valid = 1,
		1053	.name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
		1054	.id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
		1055	.algorithm_mkey = SSL_kDHE,
		1056	.algorithm_auth = SSL_aNULL,
		1057	.algorithm_enc = SSL_CAMELLIA128,
		1058	.algorithm_mac = SSL_SHA256,
		1059	.algorithm_ssl = SSL_TLSV1_2,
		1060	.algo_strength = SSL_HIGH,
		1061	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1062	.strength_bits = 128,
		1063	.alg_bits = 128,
		1064	},
		1065
		1066	/* Cipher C0 */
		1067	{
		1068	.valid = 1,
		1069	.name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
		1070	.id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
		1071	.algorithm_mkey = SSL_kRSA,
		1072	.algorithm_auth = SSL_aRSA,
		1073	.algorithm_enc = SSL_CAMELLIA256,
		1074	.algorithm_mac = SSL_SHA256,
		1075	.algorithm_ssl = SSL_TLSV1_2,
		1076	.algo_strength = SSL_HIGH,
		1077	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1078	.strength_bits = 256,
		1079	.alg_bits = 256,
		1080	},
		1081
		1082	/* Cipher C3 */
		1083	{
		1084	.valid = 1,
		1085	.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
		1086	.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
		1087	.algorithm_mkey = SSL_kDHE,
		1088	.algorithm_auth = SSL_aDSS,
		1089	.algorithm_enc = SSL_CAMELLIA256,
		1090	.algorithm_mac = SSL_SHA256,
		1091	.algorithm_ssl = SSL_TLSV1_2,
		1092	.algo_strength = SSL_HIGH,
		1093	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1094	.strength_bits = 256,
		1095	.alg_bits = 256,
		1096	},
		1097
		1098	/* Cipher C4 */
		1099	{
		1100	.valid = 1,
		1101	.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
		1102	.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
		1103	.algorithm_mkey = SSL_kDHE,
		1104	.algorithm_auth = SSL_aRSA,
		1105	.algorithm_enc = SSL_CAMELLIA256,
		1106	.algorithm_mac = SSL_SHA256,
		1107	.algorithm_ssl = SSL_TLSV1_2,
		1108	.algo_strength = SSL_HIGH,
		1109	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1110	.strength_bits = 256,
		1111	.alg_bits = 256,
		1112	},
		1113
		1114	/* Cipher C5 */
		1115	{
		1116	.valid = 1,
		1117	.name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
		1118	.id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
		1119	.algorithm_mkey = SSL_kDHE,
		1120	.algorithm_auth = SSL_aNULL,
		1121	.algorithm_enc = SSL_CAMELLIA256,
		1122	.algorithm_mac = SSL_SHA256,
		1123	.algorithm_ssl = SSL_TLSV1_2,
		1124	.algo_strength = SSL_HIGH,
		1125	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1126	.strength_bits = 256,
		1127	.alg_bits = 256,
		1128	},
		1129	#endif /* OPENSSL_NO_CAMELLIA */
		1130
999	/* Cipher C001 */	1131	/* Cipher C001 */
1000	{	1132	{
1001	.valid = 1,	1133	.valid = 1,


diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c index f372b6523c..98eff97131 100644 --- a/src/lib/libssl/src/ssl/s3_lib.c +++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.90 2014/12/14 16:07:26 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.91 2014/12/16 05:47:28 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -996,6 +996,138 @@ SSL_CIPHER ssl3_ciphers[] = {
996	.alg_bits = 256,	996	.alg_bits = 256,
997	},	997	},
998		998
		999	#ifndef OPENSSL_NO_CAMELLIA
		1000	/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
		1001
		1002	/* Cipher BA */
		1003	{
		1004	.valid = 1,
		1005	.name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
		1006	.id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
		1007	.algorithm_mkey = SSL_kRSA,
		1008	.algorithm_auth = SSL_aRSA,
		1009	.algorithm_enc = SSL_CAMELLIA128,
		1010	.algorithm_mac = SSL_SHA256,
		1011	.algorithm_ssl = SSL_TLSV1_2,
		1012	.algo_strength = SSL_HIGH,
		1013	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1014	.strength_bits = 128,
		1015	.alg_bits = 128,
		1016	},
		1017
		1018	/* Cipher BD */
		1019	{
		1020	.valid = 1,
		1021	.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
		1022	.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
		1023	.algorithm_mkey = SSL_kDHE,
		1024	.algorithm_auth = SSL_aDSS,
		1025	.algorithm_enc = SSL_CAMELLIA128,
		1026	.algorithm_mac = SSL_SHA256,
		1027	.algorithm_ssl = SSL_TLSV1_2,
		1028	.algo_strength = SSL_HIGH,
		1029	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1030	.strength_bits = 128,
		1031	.alg_bits = 128,
		1032	},
		1033
		1034	/* Cipher BE */
		1035	{
		1036	.valid = 1,
		1037	.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
		1038	.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
		1039	.algorithm_mkey = SSL_kDHE,
		1040	.algorithm_auth = SSL_aRSA,
		1041	.algorithm_enc = SSL_CAMELLIA128,
		1042	.algorithm_mac = SSL_SHA256,
		1043	.algorithm_ssl = SSL_TLSV1_2,
		1044	.algo_strength = SSL_HIGH,
		1045	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1046	.strength_bits = 128,
		1047	.alg_bits = 128,
		1048	},
		1049
		1050	/* Cipher BF */
		1051	{
		1052	.valid = 1,
		1053	.name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
		1054	.id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
		1055	.algorithm_mkey = SSL_kDHE,
		1056	.algorithm_auth = SSL_aNULL,
		1057	.algorithm_enc = SSL_CAMELLIA128,
		1058	.algorithm_mac = SSL_SHA256,
		1059	.algorithm_ssl = SSL_TLSV1_2,
		1060	.algo_strength = SSL_HIGH,
		1061	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1062	.strength_bits = 128,
		1063	.alg_bits = 128,
		1064	},
		1065
		1066	/* Cipher C0 */
		1067	{
		1068	.valid = 1,
		1069	.name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
		1070	.id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
		1071	.algorithm_mkey = SSL_kRSA,
		1072	.algorithm_auth = SSL_aRSA,
		1073	.algorithm_enc = SSL_CAMELLIA256,
		1074	.algorithm_mac = SSL_SHA256,
		1075	.algorithm_ssl = SSL_TLSV1_2,
		1076	.algo_strength = SSL_HIGH,
		1077	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1078	.strength_bits = 256,
		1079	.alg_bits = 256,
		1080	},
		1081
		1082	/* Cipher C3 */
		1083	{
		1084	.valid = 1,
		1085	.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
		1086	.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
		1087	.algorithm_mkey = SSL_kDHE,
		1088	.algorithm_auth = SSL_aDSS,
		1089	.algorithm_enc = SSL_CAMELLIA256,
		1090	.algorithm_mac = SSL_SHA256,
		1091	.algorithm_ssl = SSL_TLSV1_2,
		1092	.algo_strength = SSL_HIGH,
		1093	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1094	.strength_bits = 256,
		1095	.alg_bits = 256,
		1096	},
		1097
		1098	/* Cipher C4 */
		1099	{
		1100	.valid = 1,
		1101	.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
		1102	.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
		1103	.algorithm_mkey = SSL_kDHE,
		1104	.algorithm_auth = SSL_aRSA,
		1105	.algorithm_enc = SSL_CAMELLIA256,
		1106	.algorithm_mac = SSL_SHA256,
		1107	.algorithm_ssl = SSL_TLSV1_2,
		1108	.algo_strength = SSL_HIGH,
		1109	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1110	.strength_bits = 256,
		1111	.alg_bits = 256,
		1112	},
		1113
		1114	/* Cipher C5 */
		1115	{
		1116	.valid = 1,
		1117	.name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
		1118	.id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
		1119	.algorithm_mkey = SSL_kDHE,
		1120	.algorithm_auth = SSL_aNULL,
		1121	.algorithm_enc = SSL_CAMELLIA256,
		1122	.algorithm_mac = SSL_SHA256,
		1123	.algorithm_ssl = SSL_TLSV1_2,
		1124	.algo_strength = SSL_HIGH,
		1125	.algorithm2 = SSL_HANDSHAKE_MAC_SHA256\|TLS1_PRF_SHA256,
		1126	.strength_bits = 256,
		1127	.alg_bits = 256,
		1128	},
		1129	#endif /* OPENSSL_NO_CAMELLIA */
		1130
999	/* Cipher C001 */	1131	/* Cipher C001 */
1000	{	1132	{
1001	.valid = 1,	1133	.valid = 1,


diff --git a/src/lib/libssl/src/ssl/tls1.h b/src/lib/libssl/src/ssl/tls1.h index 60dc7919a4..60651572a2 100644 --- a/src/lib/libssl/src/ssl/tls1.h +++ b/src/lib/libssl/src/ssl/tls1.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls1.h,v 1.22 2014/11/18 05:33:43 miod Exp $ */	1	/* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -452,6 +452,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
452	#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6	452	#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
453	#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7	453	#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
454		454
		455	/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
		456	#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
		457	#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
		458	#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
		459	#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
		460	#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
		461	#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF
		462
		463	#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
		464	#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
		465	#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
		466	#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
		467	#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
		468	#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5
		469
455	/* ECC ciphersuites from RFC 4492. */	470	/* ECC ciphersuites from RFC 4492. */
456	#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001	471	#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
457	#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002	472	#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
@@ -605,6 +620,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
605	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"	620	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
606	#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"	621	#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
607		622
		623	/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
		624	#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
		625	#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
		626	#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
		627	#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
		628	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
		629	#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"
		630
		631	#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
		632	#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
		633	#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
		634	#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
		635	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
		636	#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
		637
608	/* SEED ciphersuites from RFC 4162. */	638	/* SEED ciphersuites from RFC 4162. */
609	#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"	639	#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
610	#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"	640	#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"


diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h index 60dc7919a4..60651572a2 100644 --- a/src/lib/libssl/tls1.h +++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls1.h,v 1.22 2014/11/18 05:33:43 miod Exp $ */	1	/* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -452,6 +452,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
452	#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6	452	#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
453	#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7	453	#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
454		454
		455	/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
		456	#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
		457	#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
		458	#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
		459	#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
		460	#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
		461	#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF
		462
		463	#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
		464	#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
		465	#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
		466	#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
		467	#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
		468	#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5
		469
455	/* ECC ciphersuites from RFC 4492. */	470	/* ECC ciphersuites from RFC 4492. */
456	#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001	471	#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
457	#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002	472	#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
@@ -605,6 +620,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
605	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"	620	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
606	#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"	621	#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
607		622
		623	/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
		624	#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
		625	#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
		626	#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
		627	#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
		628	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
		629	#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"
		630
		631	#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
		632	#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
		633	#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
		634	#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
		635	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
		636	#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
		637
608	/* SEED ciphersuites from RFC 4162. */	638	/* SEED ciphersuites from RFC 4162. */
609	#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"	639	#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
610	#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"	640	#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"