diff options
| author | Todd Short <tshort@akamai.com> | 2015-12-28 09:41:52 -0500 |
|---|---|---|
| committer | Kurt Roeckx <kurt@roeckx.be> | 2016-02-10 20:13:26 +0100 |
| commit | 1c37fd96d89f95202f2e54db8d2834cbf1fd8b88 (patch) | |
| tree | 3e531dbbbf55d69a55c9c3c644aacaceb4c49cb0 | |
| parent | cc9c56894606fdf324933cd8090d9a54d967bf5b (diff) | |
| download | openssl-1c37fd96d89f95202f2e54db8d2834cbf1fd8b88.zip openssl-1c37fd96d89f95202f2e54db8d2834cbf1fd8b88.tar.gz openssl-1c37fd96d89f95202f2e54db8d2834cbf1fd8b88.tar.bz2 | |
Add CHACHA20 alias for ciphers.
Update ciphers documentation as well (based on -04 rev of ID).
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
RT: #4206, GH: #642
| -rw-r--r-- | doc/apps/ciphers.pod | 14 | ||||
| -rw-r--r-- | ssl/ssl_ciph.c | 4 | ||||
| -rw-r--r-- | ssl/ssl_locl.h | 1 |
3 files changed, 17 insertions, 2 deletions
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index 066f1e6..e3fa4c0 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -280,6 +280,10 @@ while B<AESCCM8> only references 8 octet ICV. cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit CAMELLIA. +=item B<CHACHA20> + +cipher suites using ChaCha20. + =item B<3DES> cipher suites using triple DES. @@ -657,6 +661,16 @@ Note: these ciphers can also be used in SSL v3. DHE_PSK_WITH_AES_128_CCM_8 DHE-PSK-AES128-CCM8 DHE_PSK_WITH_AES_256_CCM_8 DHE-PSK-AES256-CCM8 +=head2 ChaCha20-Poly1305 cipher suites from draft-ietf-tls-chacha20-poly1305-04, extending TLS v1.2 + + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-RSA-CHACHA20-POLY1305 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-CHACHA20-POLY1305 + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 DHE-RSA-CHACHA20-POLY1305 + TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 PSK-CHACHA20-POLY1305 + TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 ECDHE-PSK-CHACHA20-POLY1305 + TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 DHE-PSK-CHACHA20-POLY1305 + TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 RSA-PSK-CHACHA20-POLY1305 + =head1 NOTES Some compiled versions of OpenSSL may not include all the ciphers diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index ecefc79..8843c41 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -375,8 +375,8 @@ static const SSL_CIPHER cipher_aliases[] = { 0, 0}, {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0}, - {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0, - 0, 0, 0}, + {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA, 0, 0, 0, 0, 0, 0}, + {0, SSL_TXT_CHACHA20, 0, 0, 0, SSL_CHACHA20, 0, 0, 0, 0, 0, 0 }, /* MAC aliases */ {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0}, diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index b505309..f10570b 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -364,6 +364,7 @@ # define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8) # define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) +# define SSL_CHACHA20 (SSL_CHACHA20POLY1305) /* Bits for algorithm_mac (symmetric authentication) */ |