Wire ChaCha20-Poly1305 to TLS. (a76ba82c) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

include/openssl/ssl.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -249,6 +249,7 @@ extern "C" {
		# define SSL_TXT_CAMELLIA128 "CAMELLIA128"
		# define SSL_TXT_CAMELLIA256 "CAMELLIA256"
		# define SSL_TXT_CAMELLIA "CAMELLIA"
		# define SSL_TXT_CHACHA20 "CHACHA20"
		# define SSL_TXT_GOST "GOST89"

		# define SSL_TXT_MD5 "MD5"

include/openssl/tls1.h

+18 −0

Original line number	Diff line number	Diff line
		@@ -652,6 +652,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
		# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
		# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B

		/* draft-ietf-tls-chacha20-poly1305-03 */
		# define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCA8
		# define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0x0300CCA9
		# define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCAA
		# define TLS1_CK_PSK_WITH_CHACHA20_POLY1305 0x0300CCAB
		# define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAC
		# define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAD
		# define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 0x0300CCAE

		/*
		* XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
		* ciphers names with "EDH" instead of "DHE". Going forward, we should be
		@@ -912,6 +921,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
		# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256"
		# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384"

		/* draft-ietf-tls-chacha20-poly1305-03 */
		# define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305"
		# define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305"
		# define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305"
		# define TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 "PSK-CHACHA20-POLY1305"
		# define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 "ECDHE-PSK-CHACHA20-POLY1305"
		# define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 "DHE-PSK-CHACHA20-POLY1305"
		# define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 "RSA-PSK-CHACHA20-POLY1305"

		# define TLS_CT_RSA_SIGN 1
		# define TLS_CT_DSS_SIGN 2
		# define TLS_CT_RSA_FIXED_DH 3

ssl/s3_lib.c

+113 −0

Original line number	Diff line number	Diff line
		@@ -3527,6 +3527,119 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
		256,
		256,
		},
		#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
		# ifndef OPENSSL_NO_EC
		/* Cipher CCA8 as per draft-ietf-tls-chacha20-poly1305-03 */
		{
		1,
		TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
		TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
		SSL_kECDHE,
		SSL_aRSA,
		SSL_CHACHA20POLY1305,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_HIGH,
		SSL_HANDSHAKE_MAC_SHA256 \| TLS1_PRF_SHA256,
		256,
		256,
		},
		/* Cipher CCA9 */
		{
		1,
		TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
		TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
		SSL_kECDHE,
		SSL_aECDSA,
		SSL_CHACHA20POLY1305,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_HIGH,
		SSL_HANDSHAKE_MAC_SHA256 \| TLS1_PRF_SHA256,
		256,
		256,
		},
		# endif
		# ifndef OPENSSL_NO_RSA
		/* Cipher CCAA */
		{
		1,
		TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
		TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
		SSL_kDHE,
		SSL_aRSA,
		SSL_CHACHA20POLY1305,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_HIGH,
		SSL_HANDSHAKE_MAC_SHA256 \| TLS1_PRF_SHA256,
		256,
		256,
		},
		# endif
		# ifndef OPENSSL_NO_PSK
		/* Cipher CCAB */
		{
		1,
		TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
		TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
		SSL_kPSK,
		SSL_aPSK,
		SSL_CHACHA20POLY1305,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_HIGH,
		SSL_HANDSHAKE_MAC_SHA256 \| TLS1_PRF_SHA256,
		256,
		256,
		},
		/* Cipher CCAC */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
		TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_CHACHA20POLY1305,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_HIGH,
		SSL_HANDSHAKE_MAC_SHA256 \| TLS1_PRF_SHA256,
		256,
		256,
		},
		/* Cipher CCAD */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
		TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_CHACHA20POLY1305,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_HIGH,
		SSL_HANDSHAKE_MAC_SHA256 \| TLS1_PRF_SHA256,
		256,
		256,
		},
		/* Cipher CCAE */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
		TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_CHACHA20POLY1305,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_HIGH,
		SSL_HANDSHAKE_MAC_SHA256 \| TLS1_PRF_SHA256,
		256,
		256,
		},
		# endif
		#endif
		#ifndef OPENSSL_NO_GOST
		{
		1,

ssl/ssl_algs.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -102,6 +102,9 @@ int SSL_library_init(void)
		EVP_add_cipher(EVP_camellia_128_cbc());
		EVP_add_cipher(EVP_camellia_256_cbc());
		#endif
		#if !defined(OPENSSL_NO_CHACHA20) && !defined(OPENSSL_NO_POLY1305)
		EVP_add_cipher(EVP_chacha20_poly1305());
		#endif

		#ifndef OPENSSL_NO_SEED
		EVP_add_cipher(EVP_seed_cbc());

ssl/ssl_ciph.c

+3 −1

Original line number	Diff line number	Diff line
		@@ -169,7 +169,8 @@
		#define SSL_ENC_AES128CCM8_IDX 16
		#define SSL_ENC_AES256CCM8_IDX 17
		#define SSL_ENC_GOST8912_IDX 18
		#define SSL_ENC_NUM_IDX 19
		#define SSL_ENC_CHACHA_IDX 19
		#define SSL_ENC_NUM_IDX 20

		/* NB: make sure indices in these tables match values above */

		@@ -199,6 +200,7 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = {
		{SSL_AES128CCM8, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM8_IDX 16 */
		{SSL_AES256CCM8, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM8_IDX 17 */
		{SSL_eGOST2814789CNT12, NID_gost89_cnt_12}, /* SSL_ENC_GOST8912_IDX */
		{SSL_CHACHA20POLY1305, NID_chacha20_poly1305},
		};

		static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {