Add SHA256 Camellia ciphersuites from RFC5932
authorPK <runningdoglackey@yahoo.com>
Fri, 27 Jun 2014 17:22:51 +0000 (18:22 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 27 Jun 2014 17:24:05 +0000 (18:24 +0100)
PR#2800

ssl/s3_lib.c
ssl/tls1.h

index 3a82b40..36ff200 100644 (file)
@@ -2028,6 +2028,202 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
        },
 #endif
 
+#ifndef OPENSSL_NO_CAMELLIA
+       /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+
+       /* Cipher BA */
+       {
+       1,
+       TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+       TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+       SSL_kRSA,
+       SSL_aRSA,
+       SSL_CAMELLIA128,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       128,
+       128,
+       },
+
+       /* Cipher BB */
+       {
+       1,
+       TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+       TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+       SSL_kDHd,
+       SSL_aDH,
+       SSL_CAMELLIA128,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       128,
+       128,
+       },
+
+       /* Cipher BC */
+       {
+       1,
+       TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+       TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+       SSL_kDHr,
+       SSL_aDH,
+       SSL_CAMELLIA128,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       128,
+       128,
+       },
+
+       /* Cipher BD */
+       {
+       1,
+       TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+       TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+       SSL_kEDH,
+       SSL_aDSS,
+       SSL_CAMELLIA128,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       128,
+       128,
+       },
+
+       /* Cipher BE */
+       {
+       1,
+       TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+       TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+       SSL_kEDH,
+       SSL_aRSA,
+       SSL_CAMELLIA128,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       128,
+       128,
+       },
+
+       /* Cipher BF */
+       {
+       1,
+       TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+       TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+       SSL_kEDH,
+       SSL_aNULL,
+       SSL_CAMELLIA128,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       128,
+       128,
+       },
+
+       /* Cipher C0 */
+       {
+       1,
+       TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+       TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+       SSL_kRSA,
+       SSL_aRSA,
+       SSL_CAMELLIA256,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       256,
+       256,
+       },
+
+       /* Cipher C1 */
+       {
+       1,
+       TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+       TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+       SSL_kDHd,
+       SSL_aDH,
+       SSL_CAMELLIA256,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       256,
+       256,
+       },
+
+       /* Cipher C2 */
+       {
+       1,
+       TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+       TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+       SSL_kDHr,
+       SSL_aDH,
+       SSL_CAMELLIA256,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       256,
+       256,
+       },
+
+       /* Cipher C3 */
+       {
+       1,
+       TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+       TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+       SSL_kEDH,
+       SSL_aDSS,
+       SSL_CAMELLIA256,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       256,
+       256,
+       },
+
+       /* Cipher C4 */
+       {
+       1,
+       TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+       TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+       SSL_kEDH,
+       SSL_aRSA,
+       SSL_CAMELLIA256,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       256,
+       256,
+       },
+
+       /* Cipher C5 */
+       {
+       1,
+       TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+       TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+       SSL_kEDH,
+       SSL_aNULL,
+       SSL_CAMELLIA256,
+       SSL_SHA256,
+       SSL_TLSV1_2,
+       SSL_NOT_EXP|SSL_HIGH,
+       SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+       256,
+       256,
+       },
+#endif
+
 #ifndef OPENSSL_NO_ECDH
        /* Cipher C001 */
        {
index b51716a..013aa4a 100644 (file)
@@ -510,6 +510,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256            0x030000A6
 #define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384            0x030000A7
 
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256               0x030000BA
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256            0x030000BB
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256            0x030000BC
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256           0x030000BD
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256           0x030000BE
+#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256               0x030000BF
+
+#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256               0x030000C0
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256            0x030000C1
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256            0x030000C2
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256           0x030000C3
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256           0x030000C4
+#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256               0x030000C5
+
 /* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
 #define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x0300C001
 #define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x0300C002
@@ -666,6 +681,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA     "DHE-RSA-CAMELLIA256-SHA"
 #define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA         "ADH-CAMELLIA256-SHA"
 
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256              "CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256           "DH-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256           "DH-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256          "DHE-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256          "DHE-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256              "ADH-CAMELLIA128-SHA256"
+
+#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256              "CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256           "DH-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256           "DH-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256          "DHE-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256          "DHE-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256              "ADH-CAMELLIA256-SHA256"
+
 /* SEED ciphersuites from RFC4162 */
 #define TLS1_TXT_RSA_WITH_SEED_SHA                      "SEED-SHA"
 #define TLS1_TXT_DH_DSS_WITH_SEED_SHA                   "DH-DSS-SEED-SHA"