diff options
author | Nikolay Morozov <nmorozoff77@yandex.ru> | 2020-03-25 16:00:43 +0300 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-04-02 18:01:41 +0300 |
commit | 98278b963171ece10a42d18594045b875103115b (patch) | |
tree | b5996748f6464e54d562f49850cba86e1f8003e9 /test | |
parent | b5f7aa5ce72023bdfa5ad6342ab609ee03dcdf1a (diff) |
TLS Cipher Suite 0xC102 Support
For GOST2012-GOST8912-GOST8912 was used 0xFF85 identifier,
but new identifier 0xc102 was assigned.
Because of old software we will support both numbers.
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-2
https://datatracker.ietf.org/doc/draft-smyshlyaev-tls12-gost-suites/
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11403)
Diffstat (limited to 'test')
-rw-r--r-- | test/ciphername_test.c | 4 | ||||
-rw-r--r-- | test/gosttest.c | 10 |
2 files changed, 11 insertions, 3 deletions
diff --git a/test/ciphername_test.c b/test/ciphername_test.c index 4cf825dd78..c4ec6cadd7 100644 --- a/test/ciphername_test.c +++ b/test/ciphername_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2017 BaishanCloud. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"); @@ -431,7 +431,7 @@ static int test_cipher_name(void) for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { c = sk_SSL_CIPHER_value(sk, i); id = SSL_CIPHER_get_id(c) & 0xFFFF; - if ((id == 0xFF85) || (id == 0xFF87)) + if ((id == 0xC102) || (id == 0xFF85) ||(id == 0xFF87)) /* skip GOST2012-GOST8912-GOST891 and GOST2012-NULL-GOST12 */ continue; p = SSL_CIPHER_standard_name(c); diff --git a/test/gosttest.c b/test/gosttest.c index 7737a68f5f..f619ebd35d 100644 --- a/test/gosttest.c +++ b/test/gosttest.c @@ -1,5 +1,5 @@ /* - * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -28,6 +28,14 @@ static struct { /* Server doesn't have a TLSv1.3 capable cert - should use TLSv1.2 */ {"GOST2012-GOST8912-GOST8912", TLS1_2_VERSION, 1}, /* Server doesn't have a TLSv1.3 capable cert - should use TLSv1.2 */ + {"IANA-GOST2012-GOST8912-GOST8912", TLS1_2_VERSION, 0}, + /* Server doesn't have a TLSv1.3 capable cert - should use TLSv1.2 */ + {"IANA-GOST2012-GOST8912-GOST8912", TLS1_2_VERSION, 1}, + /* Server doesn't have a TLSv1.3 capable cert - should use TLSv1.2 */ + {"LEGACY-GOST2012-GOST8912-GOST8912", TLS1_2_VERSION, 0}, + /* Server doesn't have a TLSv1.3 capable cert - should use TLSv1.2 */ + {"LEGACY-GOST2012-GOST8912-GOST8912", TLS1_2_VERSION, 1}, + /* Server doesn't have a TLSv1.3 capable cert - should use TLSv1.2 */ {"GOST2001-GOST89-GOST89", TLS1_2_VERSION, 0}, }; |