mirror of
https://github.com/openssl/openssl.git
synced 2024-11-27 05:21:51 +08:00
Add CCM ciphersuites from RFC6655 and RFC7251
Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
parent
3d3701ea20
commit
176f85a28e
@ -519,6 +519,31 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
||||
# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
|
||||
# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
|
||||
|
||||
/* CCM ciphersuites from RFC6655 */
|
||||
# define TLS1_CK_RSA_WITH_AES_128_CCM 0x0300C09C
|
||||
# define TLS1_CK_RSA_WITH_AES_256_CCM 0x0300C09D
|
||||
# define TLS1_CK_DHE_RSA_WITH_AES_128_CCM 0x0300C09E
|
||||
# define TLS1_CK_DHE_RSA_WITH_AES_256_CCM 0x0300C09F
|
||||
# define TLS1_CK_RSA_WITH_AES_128_CCM_8 0x0300C0A0
|
||||
# define TLS1_CK_RSA_WITH_AES_256_CCM_8 0x0300C0A1
|
||||
# define TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 0x0300C0A2
|
||||
# define TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 0x0300C0A3
|
||||
# define TLS1_CK_PSK_WITH_AES_128_CCM 0x0300C0A4
|
||||
# define TLS1_CK_PSK_WITH_AES_256_CCM 0x0300C0A5
|
||||
# define TLS1_CK_DHE_PSK_WITH_AES_128_CCM 0x0300C0A6
|
||||
# define TLS1_CK_DHE_PSK_WITH_AES_256_CCM 0x0300C0A7
|
||||
# define TLS1_CK_PSK_WITH_AES_128_CCM_8 0x0300C0A8
|
||||
# define TLS1_CK_PSK_WITH_AES_256_CCM_8 0x0300C0A9
|
||||
# define TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 0x0300C0AA
|
||||
# define TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 0x0300C0AB
|
||||
|
||||
/* CCM ciphersuites from RFC7251 */
|
||||
|
||||
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM 0x0300C0AC
|
||||
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM 0x0300C0AD
|
||||
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 0x0300C0AE
|
||||
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 0x0300C0AF
|
||||
|
||||
/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
|
||||
# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
|
||||
# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
|
||||
@ -823,6 +848,35 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
||||
# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
|
||||
# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
|
||||
|
||||
/* CCM ciphersuites from RFC6655 */
|
||||
|
||||
# define TLS1_TXT_RSA_WITH_AES_128_CCM "AES128-CCM"
|
||||
# define TLS1_TXT_RSA_WITH_AES_256_CCM "AES256-CCM"
|
||||
# define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM "DHE-RSA-AES128-CCM"
|
||||
# define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM "DHE-RSA-AES256-CCM"
|
||||
|
||||
# define TLS1_TXT_RSA_WITH_AES_128_CCM_8 "AES128-CCM8"
|
||||
# define TLS1_TXT_RSA_WITH_AES_256_CCM_8 "AES256-CCM8"
|
||||
# define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 "DHE-RSA-AES128-CCM8"
|
||||
# define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 "DHE-RSA-AES256-CCM8"
|
||||
|
||||
# define TLS1_TXT_PSK_WITH_AES_128_CCM "PSK-AES128-CCM"
|
||||
# define TLS1_TXT_PSK_WITH_AES_256_CCM "PSK-AES256-CCM"
|
||||
# define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM "DHE-PSK-AES128-CCM"
|
||||
# define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM "DHE-PSK-AES256-CCM"
|
||||
|
||||
# define TLS1_TXT_PSK_WITH_AES_128_CCM_8 "PSK-AES128-CCM8"
|
||||
# define TLS1_TXT_PSK_WITH_AES_256_CCM_8 "PSK-AES256-CCM8"
|
||||
# define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 "DHE-PSK-AES128-CCM8"
|
||||
# define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 "DHE-PSK-AES256-CCM8"
|
||||
|
||||
/* CCM ciphersuites from RFC7251 */
|
||||
|
||||
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM "ECDHE-ECDSA-AES128-CCM"
|
||||
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM "ECDHE-ECDSA-AES256-CCM"
|
||||
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 "ECDHE-ECDSA-AES128-CCM8"
|
||||
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 "ECDHE-ECDSA-AES256-CCM8"
|
||||
|
||||
/* ECDH HMAC based ciphersuites from RFC5289 */
|
||||
|
||||
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
|
||||
|
320
ssl/s3_lib.c
320
ssl/s3_lib.c
@ -3450,6 +3450,326 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
|
||||
256},
|
||||
#endif
|
||||
|
||||
/* Cipher C09C */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_RSA_WITH_AES_128_CCM,
|
||||
TLS1_CK_RSA_WITH_AES_128_CCM,
|
||||
SSL_kRSA,
|
||||
SSL_aRSA,
|
||||
SSL_AES128CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C09D */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_RSA_WITH_AES_256_CCM,
|
||||
TLS1_CK_RSA_WITH_AES_256_CCM,
|
||||
SSL_kRSA,
|
||||
SSL_aRSA,
|
||||
SSL_AES256CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* Cipher C09E */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
|
||||
TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
|
||||
SSL_kDHE,
|
||||
SSL_aRSA,
|
||||
SSL_AES128CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C09F */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
|
||||
TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
|
||||
SSL_kDHE,
|
||||
SSL_aRSA,
|
||||
SSL_AES256CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* Cipher C0A0 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_RSA_WITH_AES_128_CCM_8,
|
||||
TLS1_CK_RSA_WITH_AES_128_CCM_8,
|
||||
SSL_kRSA,
|
||||
SSL_aRSA,
|
||||
SSL_AES128CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C0A1 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_RSA_WITH_AES_256_CCM_8,
|
||||
TLS1_CK_RSA_WITH_AES_256_CCM_8,
|
||||
SSL_kRSA,
|
||||
SSL_aRSA,
|
||||
SSL_AES256CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* Cipher C0A2 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
|
||||
TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
|
||||
SSL_kDHE,
|
||||
SSL_aRSA,
|
||||
SSL_AES128CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C0A3 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
|
||||
TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
|
||||
SSL_kDHE,
|
||||
SSL_aRSA,
|
||||
SSL_AES256CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* Cipher C0A4 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_PSK_WITH_AES_128_CCM,
|
||||
TLS1_CK_PSK_WITH_AES_128_CCM,
|
||||
SSL_kPSK,
|
||||
SSL_aPSK,
|
||||
SSL_AES128CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C0A4 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_PSK_WITH_AES_256_CCM,
|
||||
TLS1_CK_PSK_WITH_AES_256_CCM,
|
||||
SSL_kPSK,
|
||||
SSL_aPSK,
|
||||
SSL_AES256CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* Cipher C0A6 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
|
||||
TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
|
||||
SSL_kDHEPSK,
|
||||
SSL_aPSK,
|
||||
SSL_AES128CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C0A7 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
|
||||
TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
|
||||
SSL_kDHEPSK,
|
||||
SSL_aPSK,
|
||||
SSL_AES256CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* Cipher C0A8 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_PSK_WITH_AES_128_CCM_8,
|
||||
TLS1_CK_PSK_WITH_AES_128_CCM_8,
|
||||
SSL_kPSK,
|
||||
SSL_aPSK,
|
||||
SSL_AES128CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C0A9 */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_PSK_WITH_AES_256_CCM_8,
|
||||
TLS1_CK_PSK_WITH_AES_256_CCM_8,
|
||||
SSL_kPSK,
|
||||
SSL_aPSK,
|
||||
SSL_AES256CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* Cipher C0AA */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
|
||||
TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
|
||||
SSL_kDHEPSK,
|
||||
SSL_aPSK,
|
||||
SSL_AES128CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C0AB */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
|
||||
TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
|
||||
SSL_kDHEPSK,
|
||||
SSL_aPSK,
|
||||
SSL_AES256CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* Cipher C0AC */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
|
||||
TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
|
||||
SSL_kECDHE,
|
||||
SSL_aECDSA,
|
||||
SSL_AES128CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C0AD */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
|
||||
TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
|
||||
SSL_kECDHE,
|
||||
SSL_aECDSA,
|
||||
SSL_AES256CCM,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* Cipher C0AE */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
|
||||
TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
|
||||
SSL_kECDHE,
|
||||
SSL_aECDSA,
|
||||
SSL_AES128CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
128,
|
||||
128,
|
||||
},
|
||||
|
||||
/* Cipher C0AF */
|
||||
{
|
||||
1,
|
||||
TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
|
||||
TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
|
||||
SSL_kECDHE,
|
||||
SSL_aECDSA,
|
||||
SSL_AES256CCM8,
|
||||
SSL_AEAD,
|
||||
SSL_TLSV1_2,
|
||||
SSL_NOT_EXP | SSL_HIGH,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
256,
|
||||
256,
|
||||
},
|
||||
|
||||
/* end of list */
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user