Loading CHANGES +11 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,17 @@ Changes between 1.0.0e and 1.0.1 [xx XXX xxxx] *) Add GCM support to TLS library. Some custom code is needed to split the IV between the fixed (from PRF) and explicit (from TLS record) portions. This adds all GCM ciphersuites supported by RFC5288 and RFC5289. Generalise some AES* cipherstrings to inlclude GCM and add a special AESGCM string for GCM only. [Steve Henson] *) Expand range of ctrls for AES GCM. Permit setting invocation field on decrypt and retrieval of invocation field only on encrypt. [Steve Henson] *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support. As required by RFC5289 these ciphersuites cannot be used if for versions of TLS earlier than 1.2. Loading ssl/s3_lib.c +324 −0 Original line number Diff line number Diff line Loading @@ -1823,6 +1823,200 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ #endif /* OPENSSL_NO_SEED */ /* GCM ciphersuites from RFC5288 */ /* Cipher 9C */ { 1, TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, SSL_kRSA, SSL_aRSA, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher 9D */ { 1, TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, SSL_kRSA, SSL_aRSA, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher 9E */ { 1, TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kEDH, SSL_aRSA, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher 9F */ { 1, TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kEDH, SSL_aRSA, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher A0 */ { 0, TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, SSL_kDHr, SSL_aDH, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher A1 */ { 0, TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, SSL_kDHr, SSL_aDH, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher A2 */ { 1, TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, SSL_kEDH, SSL_aDSS, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher A3 */ { 1, TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, SSL_kEDH, SSL_aDSS, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher A4 */ { 0, TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, SSL_kDHr, SSL_aDH, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher A5 */ { 0, TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, SSL_kDHr, SSL_aDH, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher A6 */ { 1, TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, SSL_kEDH, SSL_aNULL, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher A7 */ { 1, TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, SSL_kEDH, SSL_aNULL, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, #ifndef OPENSSL_NO_ECDH /* Cipher C001 */ { Loading Loading @@ -2502,6 +2696,136 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 256, }, /* GCM based TLS v1.2 ciphersuites from RFC5289 */ /* Cipher C02B */ { 1, TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_kEECDH, SSL_aECDSA, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher C02C */ { 1, TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_kEECDH, SSL_aECDSA, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher C02D */ { 1, TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, SSL_kECDHe, SSL_aECDH, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher C02E */ { 1, TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, SSL_kECDHe, SSL_aECDH, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher C02F */ { 1, TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kEECDH, SSL_aRSA, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher C030 */ { 1, TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kEECDH, SSL_aRSA, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher C031 */ { 1, TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, SSL_kECDHe, SSL_aECDH, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher C032 */ { 1, TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, SSL_kECDHe, SSL_aECDH, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, #endif /* OPENSSL_NO_ECDH */ Loading ssl/s3_pkt.c +11 −5 Original line number Diff line number Diff line Loading @@ -742,13 +742,19 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, plen=p; p+=2; /* Explicit IV length, block ciphers and TLS version 1.1 or later */ if (s->enc_write_ctx && s->version >= TLS1_1_VERSION && EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE) if (s->enc_write_ctx && s->version >= TLS1_1_VERSION) { int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx); if (mode == EVP_CIPH_CBC_MODE) { eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx); if (eivlen <= 1) eivlen = 0; } /* Need explicit part of IV for GCM mode */ else if (mode == EVP_CIPH_GCM_MODE) eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN; } else eivlen = 0; Loading ssl/ssl.h +1 −0 Original line number Diff line number Diff line Loading @@ -287,6 +287,7 @@ extern "C" { #define SSL_TXT_AES128 "AES128" #define SSL_TXT_AES256 "AES256" #define SSL_TXT_AES "AES" #define SSL_TXT_AES_GCM "AESGCM" #define SSL_TXT_CAMELLIA128 "CAMELLIA128" #define SSL_TXT_CAMELLIA256 "CAMELLIA256" #define SSL_TXT_CAMELLIA "CAMELLIA" Loading ssl/ssl_ciph.c +31 −7 Original line number Diff line number Diff line Loading @@ -162,11 +162,13 @@ #define SSL_ENC_CAMELLIA256_IDX 9 #define SSL_ENC_GOST89_IDX 10 #define SSL_ENC_SEED_IDX 11 #define SSL_ENC_NUM_IDX 12 #define SSL_ENC_AES128GCM_IDX 12 #define SSL_ENC_AES256GCM_IDX 13 #define SSL_ENC_NUM_IDX 14 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL, NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL }; #define SSL_COMP_NULL_IDX 0 Loading Loading @@ -289,9 +291,10 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_IDEA,0, 0,0,SSL_IDEA, 0,0,0,0,0,0}, {0,SSL_TXT_SEED,0, 0,0,SSL_SEED, 0,0,0,0,0,0}, {0,SSL_TXT_eNULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0}, {0,SSL_TXT_AES128,0, 0,0,SSL_AES128,0,0,0,0,0,0}, {0,SSL_TXT_AES256,0, 0,0,SSL_AES256,0,0,0,0,0,0}, {0,SSL_TXT_AES,0, 0,0,SSL_AES128|SSL_AES256,0,0,0,0,0,0}, {0,SSL_TXT_AES128,0, 0,0,SSL_AES128|SSL_AES128GCM,0,0,0,0,0,0}, {0,SSL_TXT_AES256,0, 0,0,SSL_AES256|SSL_AES256GCM,0,0,0,0,0,0}, {0,SSL_TXT_AES,0, 0,0,SSL_AES,0,0,0,0,0,0}, {0,SSL_TXT_AES_GCM,0, 0,0,SSL_AES128GCM|SSL_AES256GCM,0,0,0,0,0,0}, {0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0}, {0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0}, {0,SSL_TXT_CAMELLIA ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0}, Loading Loading @@ -387,6 +390,11 @@ void ssl_load_ciphers(void) ssl_cipher_methods[SSL_ENC_SEED_IDX]= EVP_get_cipherbyname(SN_seed_cbc); ssl_cipher_methods[SSL_ENC_AES128GCM_IDX]= EVP_get_cipherbyname(SN_aes_128_gcm); ssl_cipher_methods[SSL_ENC_AES256GCM_IDX]= EVP_get_cipherbyname(SN_aes_256_gcm); ssl_digest_methods[SSL_MD_MD5_IDX]= EVP_get_digestbyname(SN_md5); ssl_mac_secret_size[SSL_MD_MD5_IDX]= Loading Loading @@ -541,6 +549,12 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, case SSL_SEED: i=SSL_ENC_SEED_IDX; break; case SSL_AES128GCM: i=SSL_ENC_AES128GCM_IDX; break; case SSL_AES256GCM: i=SSL_ENC_AES256GCM_IDX; break; default: i= -1; break; Loading Loading @@ -585,7 +599,8 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, *md=NULL; if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef; if (mac_secret_size!=NULL) *mac_secret_size = 0; if (c->algorithm_mac == SSL_AEAD) mac_pkey_type = NULL; } else { Loading Loading @@ -1635,6 +1650,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_AES256: enc="AES(256)"; break; case SSL_AES128GCM: enc="AESGCM(128)"; break; case SSL_AES256GCM: enc="AESGCM(256)"; break; case SSL_CAMELLIA128: enc="Camellia(128)"; break; Loading Loading @@ -1663,6 +1684,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_SHA384: mac="SHA384"; break; case SSL_AEAD: mac="AEAD"; break; default: mac="unknown"; break; Loading Loading
CHANGES +11 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,17 @@ Changes between 1.0.0e and 1.0.1 [xx XXX xxxx] *) Add GCM support to TLS library. Some custom code is needed to split the IV between the fixed (from PRF) and explicit (from TLS record) portions. This adds all GCM ciphersuites supported by RFC5288 and RFC5289. Generalise some AES* cipherstrings to inlclude GCM and add a special AESGCM string for GCM only. [Steve Henson] *) Expand range of ctrls for AES GCM. Permit setting invocation field on decrypt and retrieval of invocation field only on encrypt. [Steve Henson] *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support. As required by RFC5289 these ciphersuites cannot be used if for versions of TLS earlier than 1.2. Loading
ssl/s3_lib.c +324 −0 Original line number Diff line number Diff line Loading @@ -1823,6 +1823,200 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ #endif /* OPENSSL_NO_SEED */ /* GCM ciphersuites from RFC5288 */ /* Cipher 9C */ { 1, TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, SSL_kRSA, SSL_aRSA, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher 9D */ { 1, TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, SSL_kRSA, SSL_aRSA, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher 9E */ { 1, TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kEDH, SSL_aRSA, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher 9F */ { 1, TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kEDH, SSL_aRSA, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher A0 */ { 0, TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, SSL_kDHr, SSL_aDH, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher A1 */ { 0, TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, SSL_kDHr, SSL_aDH, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher A2 */ { 1, TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, SSL_kEDH, SSL_aDSS, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher A3 */ { 1, TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, SSL_kEDH, SSL_aDSS, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher A4 */ { 0, TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, SSL_kDHr, SSL_aDH, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher A5 */ { 0, TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, SSL_kDHr, SSL_aDH, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher A6 */ { 1, TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, SSL_kEDH, SSL_aNULL, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher A7 */ { 1, TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, SSL_kEDH, SSL_aNULL, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, #ifndef OPENSSL_NO_ECDH /* Cipher C001 */ { Loading Loading @@ -2502,6 +2696,136 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 256, }, /* GCM based TLS v1.2 ciphersuites from RFC5289 */ /* Cipher C02B */ { 1, TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, SSL_kEECDH, SSL_aECDSA, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher C02C */ { 1, TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_kEECDH, SSL_aECDSA, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher C02D */ { 1, TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, SSL_kECDHe, SSL_aECDH, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher C02E */ { 1, TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, SSL_kECDHe, SSL_aECDH, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher C02F */ { 1, TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_kEECDH, SSL_aRSA, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher C030 */ { 1, TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_kEECDH, SSL_aRSA, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, /* Cipher C031 */ { 1, TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, SSL_kECDHe, SSL_aECDH, SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 128, 128, }, /* Cipher C032 */ { 1, TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, SSL_kECDHe, SSL_aECDH, SSL_AES256GCM, SSL_AEAD, SSL_TLSV1_2, SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 256, 256, }, #endif /* OPENSSL_NO_ECDH */ Loading
ssl/s3_pkt.c +11 −5 Original line number Diff line number Diff line Loading @@ -742,13 +742,19 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, plen=p; p+=2; /* Explicit IV length, block ciphers and TLS version 1.1 or later */ if (s->enc_write_ctx && s->version >= TLS1_1_VERSION && EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE) if (s->enc_write_ctx && s->version >= TLS1_1_VERSION) { int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx); if (mode == EVP_CIPH_CBC_MODE) { eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx); if (eivlen <= 1) eivlen = 0; } /* Need explicit part of IV for GCM mode */ else if (mode == EVP_CIPH_GCM_MODE) eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN; } else eivlen = 0; Loading
ssl/ssl.h +1 −0 Original line number Diff line number Diff line Loading @@ -287,6 +287,7 @@ extern "C" { #define SSL_TXT_AES128 "AES128" #define SSL_TXT_AES256 "AES256" #define SSL_TXT_AES "AES" #define SSL_TXT_AES_GCM "AESGCM" #define SSL_TXT_CAMELLIA128 "CAMELLIA128" #define SSL_TXT_CAMELLIA256 "CAMELLIA256" #define SSL_TXT_CAMELLIA "CAMELLIA" Loading
ssl/ssl_ciph.c +31 −7 Original line number Diff line number Diff line Loading @@ -162,11 +162,13 @@ #define SSL_ENC_CAMELLIA256_IDX 9 #define SSL_ENC_GOST89_IDX 10 #define SSL_ENC_SEED_IDX 11 #define SSL_ENC_NUM_IDX 12 #define SSL_ENC_AES128GCM_IDX 12 #define SSL_ENC_AES256GCM_IDX 13 #define SSL_ENC_NUM_IDX 14 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL, NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL }; #define SSL_COMP_NULL_IDX 0 Loading Loading @@ -289,9 +291,10 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_IDEA,0, 0,0,SSL_IDEA, 0,0,0,0,0,0}, {0,SSL_TXT_SEED,0, 0,0,SSL_SEED, 0,0,0,0,0,0}, {0,SSL_TXT_eNULL,0, 0,0,SSL_eNULL, 0,0,0,0,0,0}, {0,SSL_TXT_AES128,0, 0,0,SSL_AES128,0,0,0,0,0,0}, {0,SSL_TXT_AES256,0, 0,0,SSL_AES256,0,0,0,0,0,0}, {0,SSL_TXT_AES,0, 0,0,SSL_AES128|SSL_AES256,0,0,0,0,0,0}, {0,SSL_TXT_AES128,0, 0,0,SSL_AES128|SSL_AES128GCM,0,0,0,0,0,0}, {0,SSL_TXT_AES256,0, 0,0,SSL_AES256|SSL_AES256GCM,0,0,0,0,0,0}, {0,SSL_TXT_AES,0, 0,0,SSL_AES,0,0,0,0,0,0}, {0,SSL_TXT_AES_GCM,0, 0,0,SSL_AES128GCM|SSL_AES256GCM,0,0,0,0,0,0}, {0,SSL_TXT_CAMELLIA128,0,0,0,SSL_CAMELLIA128,0,0,0,0,0,0}, {0,SSL_TXT_CAMELLIA256,0,0,0,SSL_CAMELLIA256,0,0,0,0,0,0}, {0,SSL_TXT_CAMELLIA ,0,0,0,SSL_CAMELLIA128|SSL_CAMELLIA256,0,0,0,0,0,0}, Loading Loading @@ -387,6 +390,11 @@ void ssl_load_ciphers(void) ssl_cipher_methods[SSL_ENC_SEED_IDX]= EVP_get_cipherbyname(SN_seed_cbc); ssl_cipher_methods[SSL_ENC_AES128GCM_IDX]= EVP_get_cipherbyname(SN_aes_128_gcm); ssl_cipher_methods[SSL_ENC_AES256GCM_IDX]= EVP_get_cipherbyname(SN_aes_256_gcm); ssl_digest_methods[SSL_MD_MD5_IDX]= EVP_get_digestbyname(SN_md5); ssl_mac_secret_size[SSL_MD_MD5_IDX]= Loading Loading @@ -541,6 +549,12 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, case SSL_SEED: i=SSL_ENC_SEED_IDX; break; case SSL_AES128GCM: i=SSL_ENC_AES128GCM_IDX; break; case SSL_AES256GCM: i=SSL_ENC_AES256GCM_IDX; break; default: i= -1; break; Loading Loading @@ -585,7 +599,8 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, *md=NULL; if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef; if (mac_secret_size!=NULL) *mac_secret_size = 0; if (c->algorithm_mac == SSL_AEAD) mac_pkey_type = NULL; } else { Loading Loading @@ -1635,6 +1650,12 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_AES256: enc="AES(256)"; break; case SSL_AES128GCM: enc="AESGCM(128)"; break; case SSL_AES256GCM: enc="AESGCM(256)"; break; case SSL_CAMELLIA128: enc="Camellia(128)"; break; Loading Loading @@ -1663,6 +1684,9 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) case SSL_SHA384: mac="SHA384"; break; case SSL_AEAD: mac="AEAD"; break; default: mac="unknown"; break; Loading