From 750487899ad2b794078ed998b513a4a14f60f2cc Mon Sep 17 00:00:00 2001 From: Hubert Kario Date: Wed, 23 Jul 2014 15:03:59 +0200 Subject: Add support for Camellia HMAC-Based cipher suites from RFC6367 While RFC6367 focuses on Camellia-GCM cipher suites, it also adds a few cipher suites that use SHA-2 based HMAC that can be very easily added. Tested against gnutls 3.3.5 PR#3443 Reviewed-by: Tim Hudson --- doc/apps/ciphers.pod | 11 +++++ ssl/s3_lib.c | 121 +++++++++++++++++++++++++++++++++++++++++++++++++++ ssl/tls1.h | 20 +++++++++ 3 files changed, 152 insertions(+) diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index 153e891015..c41a297fb5 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -587,6 +587,17 @@ Note: these ciphers can also be used in SSL v3. TLS_DH_anon_WITH_AES_128_GCM_SHA256 ADH-AES128-GCM-SHA256 TLS_DH_anon_WITH_AES_256_GCM_SHA384 ADH-AES256-GCM-SHA384 +=head2 Camellia HMAC-Based ciphersuites from RFC6367, extending TLS v1.2 + + TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-ECDSA-CAMELLIA128-SHA256 + TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-ECDSA-CAMELLIA256-SHA384 + TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 ECDH-ECDSA-CAMELLIA128-SHA256 + TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 ECDH-ECDSA-CAMELLIA256-SHA384 + TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-RSA-CAMELLIA128-SHA256 + TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-RSA-CAMELLIA256-SHA384 + TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 ECDH-RSA-CAMELLIA128-SHA256 + TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 ECDH-RSA-CAMELLIA256-SHA384 + =head2 Pre shared keying (PSK) cipheruites TLS_PSK_WITH_RC4_128_SHA PSK-RC4-SHA diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index a4fa1ea4de..6504487c45 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3033,6 +3033,127 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[]={ 256, }, +#ifndef OPENSSL_NO_CAMELLIA + { /* Cipher C072 */ + 1, + TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kECDHE, + SSL_aECDSA, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128 + }, + + { /* Cipher C073 */ + 1, + TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + SSL_kECDHE, + SSL_aECDSA, + SSL_CAMELLIA256, + SSL_SHA384, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 256, + 256 + }, + + { /* Cipher C074 */ + 1, + TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kECDHe, + SSL_aECDH, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128 + }, + + { /* Cipher C075 */ + 1, + TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + SSL_kECDHe, + SSL_aECDH, + SSL_CAMELLIA256, + SSL_SHA384, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 256, + 256 + }, + + { /* Cipher C076 */ + 1, + TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kECDHE, + SSL_aRSA, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128 + }, + + { /* Cipher C077 */ + 1, + TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, + TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, + SSL_kECDHE, + SSL_aRSA, + SSL_CAMELLIA256, + SSL_SHA384, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 256, + 256 + }, + + { /* Cipher C078 */ + 1, + TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + SSL_kECDHr, + SSL_aECDH, + SSL_CAMELLIA128, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + 128, + 128 + }, + + { /* Cipher C079 */ + 1, + TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, + TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, + SSL_kECDHr, + SSL_aECDH, + SSL_CAMELLIA256, + SSL_SHA384, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 256, + 256 + }, +#endif /* OPENSSL_NO_CAMELLIA */ #endif /* OPENSSL_NO_ECDH */ diff --git a/ssl/tls1.h b/ssl/tls1.h index 3499584bc3..11af8393cd 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -575,6 +575,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031 #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032 +/* Camellia-CBC ciphersuites from RFC6367 */ +#define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072 +#define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073 +#define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C074 +#define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C075 +#define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C076 +#define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C077 +#define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078 +#define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079 + /* XXX * Backward compatibility alert: * Older versions of OpenSSL gave some DHE ciphers names with "EDH" @@ -741,6 +751,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256" #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384" +/* Camellia-CBC ciphersuites from RFC6367 */ +#define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-ECDSA-CAMELLIA128-SHA256" +#define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-ECDSA-CAMELLIA256-SHA384" +#define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-ECDSA-CAMELLIA128-SHA256" +#define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-ECDSA-CAMELLIA256-SHA384" +#define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-RSA-CAMELLIA128-SHA256" +#define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-RSA-CAMELLIA256-SHA384" +#define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256" +#define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384" + #define TLS_CT_RSA_SIGN 1 #define TLS_CT_DSS_SIGN 2 #define TLS_CT_RSA_FIXED_DH 3 -- cgit v1.2.3