Add PSK GCM ciphersuites from RFC5487

Reviewed-by: Matt Caswell <matt@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2015-06-17 14:47:53 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2015-06-23 22:25:20 +0100
commit: 547dba74f3c07a5d3bdac3e6436207061d781118 (patch)
tree: a4729cbdf9e923eaa7de2a4a660e2b3e75c6e03e /ssl
parent: 52f782698df6970e0b56373c3fb4e357f2deb04f (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index bc780c1f14..0550471f95 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -1612,6 +1612,40 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
      256,
      256,
      },
+#ifndef OPENSSL_NO_PSK
+    /* Cipher A8 */
+    {
+     1,
+     TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
+     SSL_kPSK,
+     SSL_aPSK,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher A9 */
+    {
+     1,
+     TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
+     SSL_kPSK,
+     SSL_aPSK,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+#endif
 
 #ifndef OPENSSL_NO_CAMELLIA
     /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
author	Dr. Stephen Henson <steve@openssl.org>	2015-06-17 14:47:53 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2015-06-23 22:25:20 +0100
commit	547dba74f3c07a5d3bdac3e6436207061d781118 (patch)
tree	a4729cbdf9e923eaa7de2a4a660e2b3e75c6e03e /ssl
parent	52f782698df6970e0b56373c3fb4e357f2deb04f (diff)