Loading include/openssl/ssl.h +1 −0 Original line number Diff line number Diff line Loading @@ -246,6 +246,7 @@ extern "C" { # define SSL_TXT_AES "AES" # define SSL_TXT_AES_GCM "AESGCM" # define SSL_TXT_AES_CCM "AESCCM" # define SSL_TXT_AES_CCM_8 "AESCCM8" # define SSL_TXT_CAMELLIA128 "CAMELLIA128" # define SSL_TXT_CAMELLIA256 "CAMELLIA256" # define SSL_TXT_CAMELLIA "CAMELLIA" Loading ssl/ssl_ciph.c +17 −5 Original line number Diff line number Diff line Loading @@ -166,7 +166,9 @@ #define SSL_ENC_AES256GCM_IDX 13 #define SSL_ENC_AES128CCM_IDX 14 #define SSL_ENC_AES256CCM_IDX 15 #define SSL_ENC_NUM_IDX 16 #define SSL_ENC_AES128CCM8_IDX 16 #define SSL_ENC_AES256CCM8_IDX 17 #define SSL_ENC_NUM_IDX 18 /* NB: make sure indices in these tables match values above */ Loading @@ -192,7 +194,9 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = { {SSL_AES128GCM, NID_aes_128_gcm}, /* SSL_ENC_AES128GCM_IDX 12 */ {SSL_AES256GCM, NID_aes_256_gcm}, /* SSL_ENC_AES256GCM_IDX 13 */ {SSL_AES128CCM, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM_IDX 14 */ {SSL_AES256CCM, NID_aes_256_ccm} /* SSL_ENC_AES256CCM_IDX 15 */ {SSL_AES256CCM, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM_IDX 15 */ {SSL_AES128CCM8, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM8_IDX 16 */ {SSL_AES256CCM8, NID_aes_256_ccm} /* SSL_ENC_AES256CCM8_IDX 17 */ }; static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = { Loading Loading @@ -359,14 +363,16 @@ static const SSL_CIPHER cipher_aliases[] = { {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM | SSL_AES128CCM, 0, {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM | SSL_AES128CCM | SSL_AES128CCM8, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM | SSL_AES256CCM, 0, {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM | SSL_AES256CCM | SSL_AES256CCM8, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES_CCM, 0, 0, 0, SSL_AES128CCM | SSL_AES256CCM, 0, 0, 0, 0, {0, SSL_TXT_AES_CCM, 0, 0, 0, SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES_CCM_8, 0, 0, 0, SSL_AES128CCM8 | SSL_AES256CCM8, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0}, Loading Loading @@ -1721,6 +1727,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_AES256CCM: enc = "AESCCM(256)"; break; case SSL_AES128CCM8: enc = "AESCCM8(128)"; break; case SSL_AES256CCM8: enc = "AESCCM8(256)"; break; case SSL_CAMELLIA128: enc = "Camellia(128)"; break; Loading ssl/ssl_locl.h +3 −1 Original line number Diff line number Diff line Loading @@ -361,8 +361,10 @@ # define SSL_AES256GCM 0x00002000L # define SSL_AES128CCM 0x00004000L # define SSL_AES256CCM 0x00008000L # define SSL_AES128CCM8 0x00010000L # define SSL_AES256CCM8 0x00020000L # define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM) # define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8) # define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) /* Bits for algorithm_mac (symmetric authentication) */ Loading ssl/t1_enc.c +5 −1 Original line number Diff line number Diff line Loading @@ -509,7 +509,11 @@ int tls1_change_cipher_state(SSL *s, int which) goto err2; } } else if (EVP_CIPHER_mode(c) == EVP_CIPH_CCM_MODE) { int taglen = 16; int taglen; if (s->s3->tmp.new_cipher->algorithm_enc & (SSL_AES128CCM8|SSL_AES256CCM8)) taglen = 8; else taglen = 16; if (!EVP_CipherInit_ex(dd, c, NULL, NULL, NULL, (which & SSL3_CC_WRITE)) || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_IVLEN, 12, NULL) || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_TAG, taglen, NULL) Loading Loading
include/openssl/ssl.h +1 −0 Original line number Diff line number Diff line Loading @@ -246,6 +246,7 @@ extern "C" { # define SSL_TXT_AES "AES" # define SSL_TXT_AES_GCM "AESGCM" # define SSL_TXT_AES_CCM "AESCCM" # define SSL_TXT_AES_CCM_8 "AESCCM8" # define SSL_TXT_CAMELLIA128 "CAMELLIA128" # define SSL_TXT_CAMELLIA256 "CAMELLIA256" # define SSL_TXT_CAMELLIA "CAMELLIA" Loading
ssl/ssl_ciph.c +17 −5 Original line number Diff line number Diff line Loading @@ -166,7 +166,9 @@ #define SSL_ENC_AES256GCM_IDX 13 #define SSL_ENC_AES128CCM_IDX 14 #define SSL_ENC_AES256CCM_IDX 15 #define SSL_ENC_NUM_IDX 16 #define SSL_ENC_AES128CCM8_IDX 16 #define SSL_ENC_AES256CCM8_IDX 17 #define SSL_ENC_NUM_IDX 18 /* NB: make sure indices in these tables match values above */ Loading @@ -192,7 +194,9 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = { {SSL_AES128GCM, NID_aes_128_gcm}, /* SSL_ENC_AES128GCM_IDX 12 */ {SSL_AES256GCM, NID_aes_256_gcm}, /* SSL_ENC_AES256GCM_IDX 13 */ {SSL_AES128CCM, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM_IDX 14 */ {SSL_AES256CCM, NID_aes_256_ccm} /* SSL_ENC_AES256CCM_IDX 15 */ {SSL_AES256CCM, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM_IDX 15 */ {SSL_AES128CCM8, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM8_IDX 16 */ {SSL_AES256CCM8, NID_aes_256_ccm} /* SSL_ENC_AES256CCM8_IDX 17 */ }; static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = { Loading Loading @@ -359,14 +363,16 @@ static const SSL_CIPHER cipher_aliases[] = { {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM | SSL_AES128CCM, 0, {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM | SSL_AES128CCM | SSL_AES128CCM8, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM | SSL_AES256CCM, 0, {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM | SSL_AES256CCM | SSL_AES256CCM8, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES_CCM, 0, 0, 0, SSL_AES128CCM | SSL_AES256CCM, 0, 0, 0, 0, {0, SSL_TXT_AES_CCM, 0, 0, 0, SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES_CCM_8, 0, 0, 0, SSL_AES128CCM8 | SSL_AES256CCM8, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0}, Loading Loading @@ -1721,6 +1727,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_AES256CCM: enc = "AESCCM(256)"; break; case SSL_AES128CCM8: enc = "AESCCM8(128)"; break; case SSL_AES256CCM8: enc = "AESCCM8(256)"; break; case SSL_CAMELLIA128: enc = "Camellia(128)"; break; Loading
ssl/ssl_locl.h +3 −1 Original line number Diff line number Diff line Loading @@ -361,8 +361,10 @@ # define SSL_AES256GCM 0x00002000L # define SSL_AES128CCM 0x00004000L # define SSL_AES256CCM 0x00008000L # define SSL_AES128CCM8 0x00010000L # define SSL_AES256CCM8 0x00020000L # define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM) # define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8) # define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) /* Bits for algorithm_mac (symmetric authentication) */ Loading
ssl/t1_enc.c +5 −1 Original line number Diff line number Diff line Loading @@ -509,7 +509,11 @@ int tls1_change_cipher_state(SSL *s, int which) goto err2; } } else if (EVP_CIPHER_mode(c) == EVP_CIPH_CCM_MODE) { int taglen = 16; int taglen; if (s->s3->tmp.new_cipher->algorithm_enc & (SSL_AES128CCM8|SSL_AES256CCM8)) taglen = 8; else taglen = 16; if (!EVP_CipherInit_ex(dd, c, NULL, NULL, NULL, (which & SSL3_CC_WRITE)) || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_IVLEN, 12, NULL) || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_TAG, taglen, NULL) Loading
Tim Hudson <tjh@openssl.org>Tim Hudson <tjh@openssl.org>