Add CHACHA20 alias for ciphers.

author Todd Short <tshort@akamai.com>

Mon, 28 Dec 2015 14:41:52 +0000 (09:41 -0500)

committer Kurt Roeckx <kurt@roeckx.be>

Wed, 10 Feb 2016 19:13:26 +0000 (20:13 +0100)
author Todd Short <tshort@akamai.com>
Mon, 28 Dec 2015 14:41:52 +0000 (09:41 -0500)
committer Kurt Roeckx <kurt@roeckx.be>
Wed, 10 Feb 2016 19:13:26 +0000 (20:13 +0100)
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod

index 066f1e63495505a36eb948e089919a2ac58e343a..e3fa4c04b0abd28b54b1090b6fcbc6796468287e 100644 (file)
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -280,6 +280,10 @@ while B<AESCCM8> only references 8 octet ICV.
  cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit
  CAMELLIA.
  
+=item B<CHACHA20>
+
+cipher suites using ChaCha20.
+
  =item B<3DES>
  
  cipher suites using triple DES.
@@ -657,6 +661,16 @@ Note: these ciphers can also be used in SSL v3.
   DHE_PSK_WITH_AES_128_CCM_8                DHE-PSK-AES128-CCM8
   DHE_PSK_WITH_AES_256_CCM_8                DHE-PSK-AES256-CCM8
  
+=head2 ChaCha20-Poly1305 cipher suites from draft-ietf-tls-chacha20-poly1305-04, extending TLS v1.2
+
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256      ECDHE-RSA-CHACHA20-POLY1305
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256    ECDHE-ECDSA-CHACHA20-POLY1305
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256        DHE-RSA-CHACHA20-POLY1305
+ TLS_PSK_WITH_CHACHA20_POLY1305_SHA256            PSK-CHACHA20-POLY1305
+ TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256      ECDHE-PSK-CHACHA20-POLY1305
+ TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256        DHE-PSK-CHACHA20-POLY1305
+ TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256        RSA-PSK-CHACHA20-POLY1305
+
  =head1 NOTES
  
  Some compiled versions of OpenSSL may not include all the ciphers
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c

index ecefc79b27af0c91b303b19089fb98464009f23a..8843c41f28e6b09b5fe43686b5a0342cfacaf616 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -375,8 +375,8 @@ static const SSL_CIPHER cipher_aliases[] = {
       0, 0},
      {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
      {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0,
-     0, 0, 0},
+    {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_CHACHA20, 0, 0, 0, SSL_CHACHA20, 0, 0, 0, 0, 0, 0 },
  
      /* MAC aliases */
      {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0},
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h

index b5053093751721d252465220ba75458e961a4c20..f10570b50de1c14e3dbd7456e5d5ac814d44000b 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -364,6 +364,7 @@
  
  # define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8)
  # define SSL_CAMELLIA            (SSL_CAMELLIA128|SSL_CAMELLIA256)
+# define SSL_CHACHA20            (SSL_CHACHA20POLY1305)
  
  /* Bits for algorithm_mac (symmetric authentication) */
author	Todd Short <tshort@akamai.com>
	Mon, 28 Dec 2015 14:41:52 +0000 (09:41 -0500)
committer	Kurt Roeckx <kurt@roeckx.be>
	Wed, 10 Feb 2016 19:13:26 +0000 (20:13 +0100)
doc/apps/ciphers.pod		patch \| blob \| history
ssl/ssl_ciph.c		patch \| blob \| history
ssl/ssl_locl.h		patch \| blob \| history