diff options
Diffstat (limited to 'src/lib/libssl/ssl_ciph.c')
| -rw-r--r-- | src/lib/libssl/ssl_ciph.c | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c index 5d1d568ff8..526d98e293 100644 --- a/src/lib/libssl/ssl_ciph.c +++ b/src/lib/libssl/ssl_ciph.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_ciph.c,v 1.85 2016/04/28 16:06:53 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_ciph.c,v 1.86 2016/04/28 16:39:45 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -414,7 +414,7 @@ static const SSL_CIPHER cipher_aliases[] = { | |||
| 414 | }, | 414 | }, |
| 415 | { | 415 | { |
| 416 | .name = SSL_TXT_CHACHA20, | 416 | .name = SSL_TXT_CHACHA20, |
| 417 | .algorithm_enc = SSL_CHACHA20POLY1305, | 417 | .algorithm_enc = SSL_CHACHA20POLY1305|SSL_CHACHA20POLY1305_OLD, |
| 418 | }, | 418 | }, |
| 419 | 419 | ||
| 420 | /* MAC aliases */ | 420 | /* MAC aliases */ |
| @@ -731,6 +731,9 @@ ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead) | |||
| 731 | #endif | 731 | #endif |
| 732 | #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) | 732 | #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) |
| 733 | case SSL_CHACHA20POLY1305: | 733 | case SSL_CHACHA20POLY1305: |
| 734 | *aead = EVP_aead_chacha20_poly1305(); | ||
| 735 | return 1; | ||
| 736 | case SSL_CHACHA20POLY1305_OLD: | ||
| 734 | *aead = EVP_aead_chacha20_poly1305_old(); | 737 | *aead = EVP_aead_chacha20_poly1305_old(); |
| 735 | return 1; | 738 | return 1; |
| 736 | #endif | 739 | #endif |
| @@ -1423,15 +1426,19 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method, | |||
| 1423 | */ | 1426 | */ |
| 1424 | ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, | 1427 | ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, |
| 1425 | CIPHER_ADD, -1, &head, &tail); | 1428 | CIPHER_ADD, -1, &head, &tail); |
| 1426 | ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, 0, 0, 0, | 1429 | ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, |
| 1427 | CIPHER_ADD, -1, &head, &tail); | 1430 | 0, 0, 0, CIPHER_ADD, -1, &head, &tail); |
| 1431 | ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305_OLD, | ||
| 1432 | 0, 0, 0, CIPHER_ADD, -1, &head, &tail); | ||
| 1428 | } else { | 1433 | } else { |
| 1429 | /* | 1434 | /* |
| 1430 | * CHACHA20 is fast and safe on all hardware and is thus our | 1435 | * CHACHA20 is fast and safe on all hardware and is thus our |
| 1431 | * preferred symmetric cipher, with AES second. | 1436 | * preferred symmetric cipher, with AES second. |
| 1432 | */ | 1437 | */ |
| 1433 | ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, 0, 0, 0, | 1438 | ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, |
| 1434 | CIPHER_ADD, -1, &head, &tail); | 1439 | 0, 0, 0, CIPHER_ADD, -1, &head, &tail); |
| 1440 | ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305_OLD, | ||
| 1441 | 0, 0, 0, CIPHER_ADD, -1, &head, &tail); | ||
| 1435 | ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, | 1442 | ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, |
| 1436 | CIPHER_ADD, -1, &head, &tail); | 1443 | CIPHER_ADD, -1, &head, &tail); |
| 1437 | } | 1444 | } |
| @@ -1667,6 +1674,9 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) | |||
| 1667 | case SSL_CHACHA20POLY1305: | 1674 | case SSL_CHACHA20POLY1305: |
| 1668 | enc = "ChaCha20-Poly1305"; | 1675 | enc = "ChaCha20-Poly1305"; |
| 1669 | break; | 1676 | break; |
| 1677 | case SSL_CHACHA20POLY1305_OLD: | ||
| 1678 | enc = "ChaCha20-Poly1305-Old"; | ||
| 1679 | break; | ||
| 1670 | case SSL_eGOST2814789CNT: | 1680 | case SSL_eGOST2814789CNT: |
| 1671 | enc = "GOST-28178-89-CNT"; | 1681 | enc = "GOST-28178-89-CNT"; |
| 1672 | break; | 1682 | break; |