Constants for new GOST TLS 1.2 ciphersuites
authorDmitry Belyavskiy <beldmit@gmail.com>
Mon, 30 Mar 2020 15:04:07 +0000 (18:04 +0300)
committerDmitry Belyavskiy <beldmit@gmail.com>
Tue, 19 May 2020 10:02:43 +0000 (13:02 +0300)
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11442)

crypto/err/openssl.txt
include/openssl/evp.h
include/openssl/ssl.h
include/openssl/sslerr.h

index 4451ba9..1b2c94b 100644 (file)
@@ -1527,6 +1527,7 @@ SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC:427:tls_construct_change_cipher_spec
 SSL_F_TLS_CONSTRUCT_CKE_DHE:404:tls_construct_cke_dhe
 SSL_F_TLS_CONSTRUCT_CKE_ECDHE:405:tls_construct_cke_ecdhe
 SSL_F_TLS_CONSTRUCT_CKE_GOST:406:tls_construct_cke_gost
+SSL_F_TLS_CONSTRUCT_CKE_GOST18:641:
 SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE:407:tls_construct_cke_psk_preamble
 SSL_F_TLS_CONSTRUCT_CKE_RSA:409:tls_construct_cke_rsa
 SSL_F_TLS_CONSTRUCT_CKE_SRP:410:tls_construct_cke_srp
@@ -1658,6 +1659,7 @@ SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC:363:tls_process_change_cipher_spec
 SSL_F_TLS_PROCESS_CKE_DHE:411:tls_process_cke_dhe
 SSL_F_TLS_PROCESS_CKE_ECDHE:412:tls_process_cke_ecdhe
 SSL_F_TLS_PROCESS_CKE_GOST:413:tls_process_cke_gost
+SSL_F_TLS_PROCESS_CKE_GOST18:642:
 SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE:414:tls_process_cke_psk_preamble
 SSL_F_TLS_PROCESS_CKE_RSA:415:tls_process_cke_rsa
 SSL_F_TLS_PROCESS_CKE_SRP:416:tls_process_cke_srp
index fe2e440..ea305c2 100644 (file)
@@ -153,6 +153,7 @@ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
 #  define EVP_MD_CTRL_DIGALGID                    0x1
 #  define EVP_MD_CTRL_MICALG                      0x2
 #  define EVP_MD_CTRL_XOF_LEN                     0x3
+#  define EVP_MD_CTRL_TLSTREE                     0x4
 
 /* Minimum Algorithm specific ctrl value */
 
@@ -382,6 +383,8 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
 # define         EVP_CTRL_PROCESS_UNPROTECTED            0x28
 /* Get the supplementary wrap cipher */
 #define          EVP_CTRL_GET_WRAP_CIPHER                0x29
+/* TLSTREE key diversification */
+#define          EVP_CTRL_TLSTREE                        0x2A
 
 /* Padding modes */
 #define EVP_PADDING_PKCS7       1
index 74d4e30..05755b0 100644 (file)
@@ -87,6 +87,7 @@ extern "C" {
 # define SSL_TXT_kECDHEPSK       "kECDHEPSK"
 # define SSL_TXT_kDHEPSK         "kDHEPSK"
 # define SSL_TXT_kGOST           "kGOST"
+# define SSL_TXT_kGOST18         "kGOST18"
 # define SSL_TXT_kSRP            "kSRP"
 
 # define SSL_TXT_aRSA            "aRSA"
@@ -933,6 +934,8 @@ __owur int SSL_extension_supported(unsigned int ext_type);
 
 # define SSL_MAC_FLAG_READ_MAC_STREAM 1
 # define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+# define SSL_MAC_FLAG_READ_MAC_TLSTREE 4
+# define SSL_MAC_FLAG_WRITE_MAC_TLSTREE 8
 
 /*
  * A callback for logging out TLS key material. This callback should log out
index 47667f9..bbce792 100644 (file)
@@ -298,6 +298,7 @@ int ERR_load_SSL_strings(void);
 #  define SSL_F_TLS_CONSTRUCT_CKE_DHE                      0
 #  define SSL_F_TLS_CONSTRUCT_CKE_ECDHE                    0
 #  define SSL_F_TLS_CONSTRUCT_CKE_GOST                     0
+#  define SSL_F_TLS_CONSTRUCT_CKE_GOST18                   0
 #  define SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE             0
 #  define SSL_F_TLS_CONSTRUCT_CKE_RSA                      0
 #  define SSL_F_TLS_CONSTRUCT_CKE_SRP                      0
@@ -422,6 +423,7 @@ int ERR_load_SSL_strings(void);
 #  define SSL_F_TLS_PROCESS_CKE_DHE                        0
 #  define SSL_F_TLS_PROCESS_CKE_ECDHE                      0
 #  define SSL_F_TLS_PROCESS_CKE_GOST                       0
+#  define SSL_F_TLS_PROCESS_CKE_GOST18                     0
 #  define SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE               0
 #  define SSL_F_TLS_PROCESS_CKE_RSA                        0
 #  define SSL_F_TLS_PROCESS_CKE_SRP                        0
@@ -457,6 +459,7 @@ int ERR_load_SSL_strings(void);
 /*
  * SSL reason codes.
  */
+# define SSL_R_ALGORITHM_FETCH_FAILED                     295
 # define SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY        291
 # define SSL_R_APP_DATA_IN_HANDSHAKE                      100
 # define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
@@ -556,7 +559,6 @@ int ERR_load_SSL_strings(void);
 # define SSL_R_EXTRA_DATA_IN_MESSAGE                      153
 # define SSL_R_EXT_LENGTH_MISMATCH                        163
 # define SSL_R_FAILED_TO_INIT_ASYNC                       405
-# define SSL_R_ALGORITHM_FETCH_FAILED                     295
 # define SSL_R_FRAGMENTED_CLIENT_HELLO                    401
 # define SSL_R_GOT_A_FIN_BEFORE_A_CCS                     154
 # define SSL_R_HTTPS_PROXY_REQUEST                        155