Skip to content

Commit

Permalink
Add SHA256 Camellia ciphersuites from RFC5932
Browse files Browse the repository at this point in the history 
PR#2800

(cherry picked from commit e633248)
  • Loading branch information
@PeterMosmans
PeterMosmans committed Jul 13, 2014
1 parent 2c69d8a commit 535e141
Show file tree
Hide file tree
Showing 2 changed files with 226 additions and 0 deletions.
196 changes: 196 additions & 0 deletions ssl/s3_lib.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2039,6 +2039,202 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
},
#endif

#ifndef OPENSSL_NO_CAMELLIA
/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */

/* Cipher BA */
{
1,
TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
SSL_kRSA,
SSL_aRSA,
SSL_CAMELLIA128,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
128,
128,
},

/* Cipher BB */
{
1,
TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256,
SSL_kDHd,
SSL_aDH,
SSL_CAMELLIA128,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
128,
128,
},

/* Cipher BC */
{
1,
TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
SSL_kDHr,
SSL_aDH,
SSL_CAMELLIA128,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
128,
128,
},

/* Cipher BD */
{
1,
TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
SSL_kEDH,
SSL_aDSS,
SSL_CAMELLIA128,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
128,
128,
},

/* Cipher BE */
{
1,
TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
SSL_kEDH,
SSL_aRSA,
SSL_CAMELLIA128,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
128,
128,
},

/* Cipher BF */
{
1,
TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
SSL_kEDH,
SSL_aNULL,
SSL_CAMELLIA128,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
128,
128,
},

/* Cipher C0 */
{
1,
TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
SSL_kRSA,
SSL_aRSA,
SSL_CAMELLIA256,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
256,
256,
},

/* Cipher C1 */
{
1,
TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256,
SSL_kDHd,
SSL_aDH,
SSL_CAMELLIA256,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
256,
256,
},

/* Cipher C2 */
{
1,
TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256,
SSL_kDHr,
SSL_aDH,
SSL_CAMELLIA256,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
256,
256,
},

/* Cipher C3 */
{
1,
TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
SSL_kEDH,
SSL_aDSS,
SSL_CAMELLIA256,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
256,
256,
},

/* Cipher C4 */
{
1,
TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
SSL_kEDH,
SSL_aRSA,
SSL_CAMELLIA256,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
256,
256,
},

/* Cipher C5 */
{
1,
TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
SSL_kEDH,
SSL_aNULL,
SSL_CAMELLIA256,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
256,
256,
},
#endif

#ifndef OPENSSL_NO_ECDH
/* Cipher C001 */
{
Expand Down
30 changes: 30 additions & 0 deletions ssl/tls1.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -488,6 +488,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7

/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF

#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5

/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
Expand Down Expand Up @@ -648,6 +663,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"

/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"

#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"

/* SEED ciphersuites from RFC4162 */
#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
Expand Down

0 comments on commit 535e141

Please sign in to comment.