From 21309143ef5fb22db3d96c345e9b175fe105c359 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Thu, 28 Apr 2016 16:39:45 +0000
Subject: Implement the IETF ChaCha20-Poly1305 cipher suites.

Rename the existing ChaCha20-Poly1305 cipher suites with an "-OLD" suffix,
effectively replaces the original Google implementation. We continue to
support both the IETF and Google versions, however the existing names
now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04.

Feedback from doug@
---
 src/lib/libssl/tls1.h | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'src/lib/libssl/tls1.h')

diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index e564ec23e9..e123117866 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.27 2016/03/07 19:33:26 mmcc Exp $ */
+/* $OpenBSD: tls1.h,v 1.28 2016/04/28 16:39:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -537,9 +537,12 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384        0x0300C032
 
 /* ChaCha20-Poly1305 based ciphersuites. */
-#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305		0x0300CC13
-#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305		0x0300CC14
-#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305		0x0300CC15
+#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD		0x0300CC13
+#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD	0x0300CC14
+#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305_OLD		0x0300CC15
+#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305		0x0300CCA8
+#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305		0x0300CCA9
+#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305		0x0300CCAA
 
 #define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5		"EXP1024-RC4-MD5"
 #define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5	"EXP1024-RC2-CBC-MD5"
@@ -701,6 +704,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384       "ECDH-RSA-AES256-GCM-SHA384"
 
 /* ChaCha20-Poly1305 based ciphersuites. */
+#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD	"ECDHE-RSA-CHACHA20-POLY1305-OLD"
+#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD	"ECDHE-ECDSA-CHACHA20-POLY1305-OLD"
+#define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_OLD	"DHE-RSA-CHACHA20-POLY1305-OLD"
 #define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305	"ECDHE-RSA-CHACHA20-POLY1305"
 #define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305	"ECDHE-ECDSA-CHACHA20-POLY1305"
 #define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305		"DHE-RSA-CHACHA20-POLY1305"
-- 
cgit v1.2.3-55-g6feb