Add support for integrity-only cipher suites for TLS v1.3

- add test vectors for tls1_3 integrity-only ciphers - recmethod_local.h: add new member for MAC - tls13_meth.c: add MAC only to tls 1.3 - tls13_enc.c: extend function to add MAC only - ssl_local.h: add ssl_cipher_get_evp_md_mac() - s3_lib.c: add the new ciphers and add #ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS - ssl_ciph.c : add ssl_cipher_get_evp_md_mac() and use it - tls13secretstest.c: add dummy test function - Configure: add integrity-only-ciphers option - document the new ciphers Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22903)
author: Rajeev Ranjan <ranjan.rajeev@siemens.com> 2023-12-01 12:47:07 +0100
committer: Tomas Mraz <tomas@openssl.org> 2024-05-14 15:39:15 +0200
commit: b6a5e801679663c13875cf6e18f475f8700d72a9 (patch)
tree: 437ddfdbc1fbcf49974cc2daa89bfeadd68876ae /CHANGES.md
parent: 61f32392dd67d47018ce46f427339e7191426e45 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/CHANGES.md b/CHANGES.md
index 9211c30be3..cf0efe31ba 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -53,6 +53,13 @@ OpenSSL 3.4
 
    *Tim Perry*
 
+ * Added support for integrity-only cipher suites TLS_SHA256_SHA256 and
+   TLS_SHA384_SHA384 in TLS 1.3, as defined in RFC 9150.
+
+   This work was sponsored by Siemens AG.
+
+   *Rajeev Ranjan*
+
  * Added support for requesting CRL in CMP.
 
    This work was sponsored by Siemens AG.
author	Rajeev Ranjan <ranjan.rajeev@siemens.com>	2023-12-01 12:47:07 +0100
committer	Tomas Mraz <tomas@openssl.org>	2024-05-14 15:39:15 +0200
commit	b6a5e801679663c13875cf6e18f475f8700d72a9 (patch)
tree	437ddfdbc1fbcf49974cc2daa89bfeadd68876ae /CHANGES.md
parent	61f32392dd67d47018ce46f427339e7191426e45 (diff)