From: Dr. Stephen Henson <steve@openssl.org>
Date: Thu, 2 Feb 2017 23:11:07 +0000 (+0000)
Subject: Add remaining TLS1.3 ciphersuites
X-Git-Tag: OpenSSL_1_1_1-pre1~2459
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=f68521ee41ce72d291e6ac9778758584d6bd3c70

Add remaining TLS1.3 ciphersuites

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2550)
---

diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index a4258ac886..6902f5010c 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -622,6 +622,10 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 
 /* TLS v1.3 ciphersuites */
 # define TLS1_3_CK_AES_128_GCM_SHA256                     0x03001301
+# define TLS1_3_CK_AES_256_GCM_SHA384                     0x03001302
+# define TLS1_3_CK_CHACHA20_POLY1305_SHA256               0x03001303
+# define TLS1_3_CK_AES_128_CCM_SHA256                     0x03001304
+# define TLS1_3_CK_AES_128_CCM_8_SHA256                   0x03001305
 
 /*
  * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
@@ -898,6 +902,10 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
  * cipherstring selection process for these ciphers
  */
 # define TLS1_3_TXT_AES_128_GCM_SHA256                     "TLS13-AES-128-GCM-SHA256"
+# define TLS1_3_TXT_AES_256_GCM_SHA384                     "TLS13-AES-256-GCM-SHA384"
+# define TLS1_3_TXT_CHACHA20_POLY1305_SHA256               "TLS13-CHACHA20-POLY1305-SHA256"
+# define TLS1_3_TXT_AES_128_CCM_SHA256                     "TLS13-AES-128-CCM-SHA256"
+# define TLS1_3_TXT_AES_128_CCM_8_SHA256                   "TLS13-AES-128-CCM-8-SHA256"
 
 # define TLS_CT_RSA_SIGN                 1
 # define TLS_CT_DSS_SIGN                 2
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 0d8421032f..8065e15cb6 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -842,9 +842,72 @@ static SSL_CIPHER ssl3_ciphers[] = {
      SSL_AES128GCM,
      SSL_AEAD,
      TLS1_3_VERSION, TLS1_3_VERSION,
+     SSL_kANY,
+     SSL_aANY,
+     SSL_HIGH,
+     SSL_HANDSHAKE_MAC_SHA256,
+     128,
+     128,
+     },
+    {
+     1,
+     TLS1_3_TXT_AES_256_GCM_SHA384,
+     TLS1_3_CK_AES_256_GCM_SHA384,
+     SSL_kANY,
+     SSL_aANY,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     TLS1_3_VERSION, TLS1_3_VERSION,
      0, 0,
      SSL_HIGH,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     SSL_HANDSHAKE_MAC_SHA384,
+     256,
+     256,
+     },
+#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+    {
+     1,
+     TLS1_3_TXT_CHACHA20_POLY1305_SHA256,
+     TLS1_3_CK_CHACHA20_POLY1305_SHA256,
+     SSL_kANY,
+     SSL_aANY,
+     SSL_CHACHA20POLY1305,
+     SSL_AEAD,
+     TLS1_3_VERSION, TLS1_3_VERSION,
+     0, 0,
+     SSL_HIGH,
+     SSL_HANDSHAKE_MAC_SHA256,
+     256,
+     256,
+     },
+#endif
+    {
+     1,
+     TLS1_3_TXT_AES_128_CCM_SHA256,
+     TLS1_3_CK_AES_128_CCM_SHA256,
+     SSL_kANY,
+     SSL_aANY,
+     SSL_AES128CCM,
+     SSL_AEAD,
+     TLS1_3_VERSION, TLS1_3_VERSION,
+     0, 0,
+     SSL_NOT_DEFAULT | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_SHA256,
+     128,
+     128,
+     },
+    {
+     1,
+     TLS1_3_TXT_AES_128_CCM_8_SHA256,
+     TLS1_3_CK_AES_128_CCM_8_SHA256,
+     SSL_kANY,
+     SSL_aANY,
+     SSL_AES128CCM8,
+     SSL_AEAD,
+     TLS1_3_VERSION, TLS1_3_VERSION,
+     0, 0,
+     SSL_NOT_DEFAULT | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_SHA256,
      128,
      128,
      },