From f68521ee41ce72d291e6ac9778758584d6bd3c70 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 2 Feb 2017 23:11:07 +0000 Subject: [PATCH] Add remaining TLS1.3 ciphersuites Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/2550) --- include/openssl/tls1.h | 8 ++++++ ssl/s3_lib.c | 65 +++++++++++++++++++++++++++++++++++++++++- 2 files changed, 72 insertions(+), 1 deletion(-) diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index a4258ac886..6902f5010c 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h @@ -622,6 +622,10 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) /* TLS v1.3 ciphersuites */ # define TLS1_3_CK_AES_128_GCM_SHA256 0x03001301 +# define TLS1_3_CK_AES_256_GCM_SHA384 0x03001302 +# define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x03001303 +# define TLS1_3_CK_AES_128_CCM_SHA256 0x03001304 +# define TLS1_3_CK_AES_128_CCM_8_SHA256 0x03001305 /* * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE @@ -898,6 +902,10 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) * cipherstring selection process for these ciphers */ # define TLS1_3_TXT_AES_128_GCM_SHA256 "TLS13-AES-128-GCM-SHA256" +# define TLS1_3_TXT_AES_256_GCM_SHA384 "TLS13-AES-256-GCM-SHA384" +# define TLS1_3_TXT_CHACHA20_POLY1305_SHA256 "TLS13-CHACHA20-POLY1305-SHA256" +# define TLS1_3_TXT_AES_128_CCM_SHA256 "TLS13-AES-128-CCM-SHA256" +# define TLS1_3_TXT_AES_128_CCM_8_SHA256 "TLS13-AES-128-CCM-8-SHA256" # define TLS_CT_RSA_SIGN 1 # define TLS_CT_DSS_SIGN 2 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 0d8421032f..8065e15cb6 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -842,9 +842,72 @@ static SSL_CIPHER ssl3_ciphers[] = { SSL_AES128GCM, SSL_AEAD, TLS1_3_VERSION, TLS1_3_VERSION, + SSL_kANY, + SSL_aANY, + SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256, + 128, + 128, + }, + { + 1, + TLS1_3_TXT_AES_256_GCM_SHA384, + TLS1_3_CK_AES_256_GCM_SHA384, + SSL_kANY, + SSL_aANY, + SSL_AES256GCM, + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, 0, 0, SSL_HIGH, - SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + SSL_HANDSHAKE_MAC_SHA384, + 256, + 256, + }, +#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) + { + 1, + TLS1_3_TXT_CHACHA20_POLY1305_SHA256, + TLS1_3_CK_CHACHA20_POLY1305_SHA256, + SSL_kANY, + SSL_aANY, + SSL_CHACHA20POLY1305, + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, + SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256, + 256, + 256, + }, +#endif + { + 1, + TLS1_3_TXT_AES_128_CCM_SHA256, + TLS1_3_CK_AES_128_CCM_SHA256, + SSL_kANY, + SSL_aANY, + SSL_AES128CCM, + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, + SSL_NOT_DEFAULT | SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256, + 128, + 128, + }, + { + 1, + TLS1_3_TXT_AES_128_CCM_8_SHA256, + TLS1_3_CK_AES_128_CCM_8_SHA256, + SSL_kANY, + SSL_aANY, + SSL_AES128CCM8, + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, + SSL_NOT_DEFAULT | SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256, 128, 128, }, -- 2.25.1