diff options
| -rw-r--r-- | doc/apps/ciphers.pod | 14 | ||||
| -rw-r--r-- | ssl/ssl_ciph.c | 4 | ||||
| -rw-r--r-- | ssl/ssl_locl.h | 1 |
3 files changed, 17 insertions, 2 deletions
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index 066f1e6349..e3fa4c04b0 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -280,6 +280,10 @@ while B<AESCCM8> only references 8 octet ICV. cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit CAMELLIA. +=item B<CHACHA20> + +cipher suites using ChaCha20. + =item B<3DES> cipher suites using triple DES. @@ -657,6 +661,16 @@ Note: these ciphers can also be used in SSL v3. DHE_PSK_WITH_AES_128_CCM_8 DHE-PSK-AES128-CCM8 DHE_PSK_WITH_AES_256_CCM_8 DHE-PSK-AES256-CCM8 +=head2 ChaCha20-Poly1305 cipher suites from draft-ietf-tls-chacha20-poly1305-04, extending TLS v1.2 + + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-RSA-CHACHA20-POLY1305 + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-CHACHA20-POLY1305 + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 DHE-RSA-CHACHA20-POLY1305 + TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 PSK-CHACHA20-POLY1305 + TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 ECDHE-PSK-CHACHA20-POLY1305 + TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 DHE-PSK-CHACHA20-POLY1305 + TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 RSA-PSK-CHACHA20-POLY1305 + =head1 NOTES Some compiled versions of OpenSSL may not include all the ciphers diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index ecefc79b27..8843c41f28 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -375,8 +375,8 @@ static const SSL_CIPHER cipher_aliases[] = { 0, 0}, {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0}, - {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0, - 0, 0, 0}, + {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA, 0, 0, 0, 0, 0, 0}, + {0, SSL_TXT_CHACHA20, 0, 0, 0, SSL_CHACHA20, 0, 0, 0, 0, 0, 0 }, /* MAC aliases */ {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0}, diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index b505309375..f10570b50d 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -364,6 +364,7 @@ # define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8) # define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) +# define SSL_CHACHA20 (SSL_CHACHA20POLY1305) /* Bits for algorithm_mac (symmetric authentication) */ |