提交 a76ba82c 编写于 作者: A Andy Polyakov

Wire ChaCha20-Poly1305 to TLS.

Reviewed-by: NRichard Levitte <levitte@openssl.org>
上级 bd3385d8
......@@ -249,6 +249,7 @@ extern "C" {
# define SSL_TXT_CAMELLIA128 "CAMELLIA128"
# define SSL_TXT_CAMELLIA256 "CAMELLIA256"
# define SSL_TXT_CAMELLIA "CAMELLIA"
# define SSL_TXT_CHACHA20 "CHACHA20"
# define SSL_TXT_GOST "GOST89"
# define SSL_TXT_MD5 "MD5"
......
......@@ -652,6 +652,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B
/* draft-ietf-tls-chacha20-poly1305-03 */
# define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCA8
# define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0x0300CCA9
# define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCAA
# define TLS1_CK_PSK_WITH_CHACHA20_POLY1305 0x0300CCAB
# define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAC
# define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAD
# define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 0x0300CCAE
/*
* XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
* ciphers names with "EDH" instead of "DHE". Going forward, we should be
......@@ -912,6 +921,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256"
# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384"
/* draft-ietf-tls-chacha20-poly1305-03 */
# define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305"
# define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305"
# define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305"
# define TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 "PSK-CHACHA20-POLY1305"
# define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 "ECDHE-PSK-CHACHA20-POLY1305"
# define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 "DHE-PSK-CHACHA20-POLY1305"
# define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 "RSA-PSK-CHACHA20-POLY1305"
# define TLS_CT_RSA_SIGN 1
# define TLS_CT_DSS_SIGN 2
# define TLS_CT_RSA_FIXED_DH 3
......
......@@ -3527,6 +3527,119 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
256,
256,
},
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
# ifndef OPENSSL_NO_EC
/* Cipher CCA8 as per draft-ietf-tls-chacha20-poly1305-03 */
{
1,
TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
SSL_kECDHE,
SSL_aRSA,
SSL_CHACHA20POLY1305,
SSL_AEAD,
SSL_TLSV1_2,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
},
/* Cipher CCA9 */
{
1,
TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
SSL_kECDHE,
SSL_aECDSA,
SSL_CHACHA20POLY1305,
SSL_AEAD,
SSL_TLSV1_2,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
},
# endif
# ifndef OPENSSL_NO_RSA
/* Cipher CCAA */
{
1,
TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
SSL_kDHE,
SSL_aRSA,
SSL_CHACHA20POLY1305,
SSL_AEAD,
SSL_TLSV1_2,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
},
# endif
# ifndef OPENSSL_NO_PSK
/* Cipher CCAB */
{
1,
TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
SSL_kPSK,
SSL_aPSK,
SSL_CHACHA20POLY1305,
SSL_AEAD,
SSL_TLSV1_2,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
},
/* Cipher CCAC */
{
1,
TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
SSL_kECDHEPSK,
SSL_aPSK,
SSL_CHACHA20POLY1305,
SSL_AEAD,
SSL_TLSV1_2,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
},
/* Cipher CCAD */
{
1,
TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
SSL_kDHEPSK,
SSL_aPSK,
SSL_CHACHA20POLY1305,
SSL_AEAD,
SSL_TLSV1_2,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
},
/* Cipher CCAE */
{
1,
TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
SSL_kRSAPSK,
SSL_aRSA,
SSL_CHACHA20POLY1305,
SSL_AEAD,
SSL_TLSV1_2,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
256,
256,
},
# endif
#endif
#ifndef OPENSSL_NO_GOST
{
1,
......
......@@ -102,6 +102,9 @@ int SSL_library_init(void)
EVP_add_cipher(EVP_camellia_128_cbc());
EVP_add_cipher(EVP_camellia_256_cbc());
#endif
#if !defined(OPENSSL_NO_CHACHA20) && !defined(OPENSSL_NO_POLY1305)
EVP_add_cipher(EVP_chacha20_poly1305());
#endif
#ifndef OPENSSL_NO_SEED
EVP_add_cipher(EVP_seed_cbc());
......
......@@ -169,7 +169,8 @@
#define SSL_ENC_AES128CCM8_IDX 16
#define SSL_ENC_AES256CCM8_IDX 17
#define SSL_ENC_GOST8912_IDX 18
#define SSL_ENC_NUM_IDX 19
#define SSL_ENC_CHACHA_IDX 19
#define SSL_ENC_NUM_IDX 20
/* NB: make sure indices in these tables match values above */
......@@ -199,6 +200,7 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = {
{SSL_AES128CCM8, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM8_IDX 16 */
{SSL_AES256CCM8, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM8_IDX 17 */
{SSL_eGOST2814789CNT12, NID_gost89_cnt_12}, /* SSL_ENC_GOST8912_IDX */
{SSL_CHACHA20POLY1305, NID_chacha20_poly1305},
};
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
......
......@@ -368,6 +368,7 @@
# define SSL_AES128CCM8 0x00010000U
# define SSL_AES256CCM8 0x00020000U
# define SSL_eGOST2814789CNT12 0x00040000U
# define SSL_CHACHA20POLY1305 0x00080000U
# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8)
# define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
......
......@@ -461,6 +461,13 @@ static ssl_trace_tbl ssl_ciphers_tbl[] = {
{0xC0AD, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM"},
{0xC0AE, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"},
{0xC0AF, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"},
{0xCCA8, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305" },
{0xCCA9, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305" },
{0xCCAA, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305" },
{0xCCAB, "TLS_PSK_WITH_CHACHA20_POLY1305" },
{0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305" },
{0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305" },
{0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305" },
{0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
{0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"},
};
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册