diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2007-03-23 17:04:05 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2007-03-23 17:04:05 +0000 |
commit | 9981a51e426b5b346848163ff89e8a63d0916097 (patch) | |
tree | a2811b8d579d5cd881ec49d481764a02a02d5bd0 /ssl | |
parent | ebb326afe6662b65b688151375723d95536eba8f (diff) |
Stage 1 GOST ciphersuite support.
Submitted by: ran@cryptocom.ru
Reviewed by: steve@openssl.org
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_lib.c | 18 | ||||
-rw-r--r-- | ssl/ssl_ciph.c | 11 | ||||
-rw-r--r-- | ssl/ssl_locl.h | 1 |
3 files changed, 28 insertions, 2 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 759a9e4e12..6e4ce00caf 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -1855,6 +1855,24 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ }, #endif /* OPENSSL_NO_ECDH */ +#ifdef TEMP_GOST_TLS +/* Cipher FF00 */ + { + 1, + "GOST-MD5", + 0x0300ff00, + SSL_kRSA, + SSL_aRSA, + SSL_eGOST2814789CNT, + SSL_MD5, + SSL_TLSV1, + SSL_NOT_EXP|SSL_HIGH, + 0, + 256, + 256, + }, +#endif + /* end of list */ }; diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 9b5a2648f6..aa7893b346 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -155,11 +155,12 @@ #define SSL_ENC_AES256_IDX 7 #define SSL_ENC_CAMELLIA128_IDX 8 #define SSL_ENC_CAMELLIA256_IDX 9 -#define SSL_ENC_NUM_IDX 10 +#define SSL_ENC_GOST89_IDX 10 +#define SSL_ENC_NUM_IDX 11 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ - NULL,NULL,NULL,NULL,NULL,NULL, + NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL, }; #define SSL_COMP_NULL_IDX 0 @@ -305,6 +306,8 @@ void ssl_load_ciphers(void) EVP_get_cipherbyname(SN_camellia_128_cbc); ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX]= EVP_get_cipherbyname(SN_camellia_256_cbc); + ssl_cipher_methods[SSL_ENC_GOST89_IDX]= + EVP_get_cipherbyname(SN_gost89_cnt); ssl_digest_methods[SSL_MD_MD5_IDX]= EVP_get_digestbyname(SN_md5); @@ -427,6 +430,9 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, case SSL_CAMELLIA256: i=SSL_ENC_CAMELLIA256_IDX; break; + case SSL_eGOST2814789CNT: + i=SSL_ENC_GOST89_IDX; + break; default: i= -1; break; @@ -549,6 +555,7 @@ static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth, un *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256:0; *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128:0; *enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256:0; + *enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT:0; *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0; *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index d4d773a0b1..6dbcef3de1 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -310,6 +310,7 @@ #define SSL_AES256 0x00000080L #define SSL_CAMELLIA128 0x00000100L #define SSL_CAMELLIA256 0x00000200L +#define SSL_eGOST2814789CNT 0x00000400L #define SSL_AES (SSL_AES128|SSL_AES256) #define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) |