Add support for Camellia HMAC-Based cipher suites from RFC6367

While RFC6367 focuses on Camellia-GCM cipher suites, it also adds a few cipher suites that use SHA-2 based HMAC that can be very easily added. Tested against gnutls 3.3.5 PR#3443 Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Hubert Kario <hkario@redhat.com> 2014-07-23 15:03:59 +0200
committer: Matt Caswell <matt@openssl.org> 2014-08-15 23:41:20 +0100
commit: 750487899ad2b794078ed998b513a4a14f60f2cc (patch)
tree: 61a3fe1fbd00c9f14ed6eb6c14448f239f33d15c /ssl/tls1.h
parent: f2be92b94dad3c6cbdf79d99a324804094cf1617 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/ssl/tls1.h b/ssl/tls1.h
index 3499584bc3..11af8393cd 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -575,6 +575,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256        0x0300C031
 #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384        0x0300C032
 
+/* Camellia-CBC ciphersuites from RFC6367 */
+#define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072
+#define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073
+#define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  0x0300C074
+#define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  0x0300C075
+#define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   0x0300C076
+#define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   0x0300C077
+#define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256    0x0300C078
+#define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384    0x0300C079
+
 /* XXX
  * Backward compatibility alert:
  * Older versions of OpenSSL gave some DHE ciphers names with "EDH"
@@ -741,6 +751,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
 #define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256       "ECDH-RSA-AES128-GCM-SHA256"
 #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384       "ECDH-RSA-AES256-GCM-SHA384"
 
+/* Camellia-CBC ciphersuites from RFC6367 */
+#define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-ECDSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-ECDSA-CAMELLIA256-SHA384"
+#define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  "ECDH-ECDSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  "ECDH-ECDSA-CAMELLIA256-SHA384"
+#define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   "ECDHE-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   "ECDHE-RSA-CAMELLIA256-SHA384"
+#define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256    "ECDH-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384    "ECDH-RSA-CAMELLIA256-SHA384"
+
 #define TLS_CT_RSA_SIGN			1
 #define TLS_CT_DSS_SIGN			2
 #define TLS_CT_RSA_FIXED_DH		3
author	Hubert Kario <hkario@redhat.com>	2014-07-23 15:03:59 +0200
committer	Matt Caswell <matt@openssl.org>	2014-08-15 23:41:20 +0100
commit	750487899ad2b794078ed998b513a4a14f60f2cc (patch)
tree	61a3fe1fbd00c9f14ed6eb6c14448f239f33d15c /ssl/tls1.h
parent	f2be92b94dad3c6cbdf79d99a324804094cf1617 (diff)