net: add ChaCha20+Poly1305 support to libssl.

net/third_party/nss/ssl/sslimpl.h

 /*
  * This file is PRIVATE to SSL and should be the first thing included by
  * any SSL implementation file.
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef __sslimpl_h_
 #define __sslimpl_h_
@@ skipping 47 matching lines @@
 #define calg_rc4        ssl_calg_rc4
 #define calg_rc2        ssl_calg_rc2
 #define calg_des        ssl_calg_des
 #define calg_3des       ssl_calg_3des
 #define calg_idea       ssl_calg_idea
 #define calg_fortezza   ssl_calg_fortezza /* deprecated, must preserve */
 #define calg_aes        ssl_calg_aes
 #define calg_camellia   ssl_calg_camellia
 #define calg_seed       ssl_calg_seed
 #define calg_aes_gcm    ssl_calg_aes_gcm
+#define calg_c20p1305   ssl_calg_c20p1305
 
 #define mac_null        ssl_mac_null
 #define mac_md5         ssl_mac_md5
 #define mac_sha         ssl_mac_sha
 #define hmac_md5        ssl_hmac_md5
 #define hmac_sha        ssl_hmac_sha
 #define hmac_sha256     ssl_hmac_sha256
 #define mac_aead        ssl_mac_aead
 
 #define SET_ERROR_CODE          /* reminder */
@@ skipping 207 matching lines @@
     unsigned int    isPresent    :  1;
 #else
     ssl3CipherSuite cipher_suite;
     PRUint8         policy;
     unsigned char   enabled   : 1;
     unsigned char   isPresent : 1;
 #endif
 } ssl3CipherSuiteCfg;
 
 #ifdef NSS_ENABLE_ECC
-#define ssl_V3_SUITES_IMPLEMENTED 61
+#define ssl_V3_SUITES_IMPLEMENTED 63
 #else
-#define ssl_V3_SUITES_IMPLEMENTED 37
+#define ssl_V3_SUITES_IMPLEMENTED 39

[wtc, 2013/09/13 17:29:14]

This should be 37 (unchanged) because the two new ciphers are ECC ciphers.

[agl, 2013/09/13 20:51:45]

Done.

 #endif /* NSS_ENABLE_ECC */
 
 #define MAX_DTLS_SRTP_CIPHER_SUITES 4
 
 typedef struct sslOptionsStr {
     /* If SSL_SetNextProtoNego has been called, then this contains the
      * list of supported protocols. */
     SECItem nextProtoNego;
 
     unsigned int useSecurity            : 1;  /*  1 */
@@ skipping 159 matching lines @@
     cipher_des, 
     cipher_3des, 
     cipher_des40,
     cipher_idea, 
     cipher_aes_128,
     cipher_aes_256,
     cipher_camellia_128,
     cipher_camellia_256,
     cipher_seed,
     cipher_aes_128_gcm,
+    cipher_c20p1305,

[wtc, 2013/09/13 17:29:14]

I think we should at least say "cha". "c" seems too short :-)

But I can see it may make some names too long.

[agl, 2013/09/13 20:51:45]

I've changed to cipher_chacha20, which is less precise but also less confusing.
These names appear in tables and it's very difficult to maintain a limited
line-length with the full name. Let me know whatever you prefer.

     cipher_missing              /* reserved for no such supported cipher */
     /* This enum must match ssl3_cipherName[] in ssl3con.c.  */
 } SSL3BulkCipher;
 
 typedef enum { type_stream, type_block, type_aead } CipherType;
 
 #define MAX_IV_LENGTH 24
 
 /*
  * Do not depend upon 64 bit arithmetic in the underlying machine. 
@@ skipping 1448 matching lines @@
 #if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS)
 #define SSL_GETPID getpid
 #elif defined(WIN32)
 extern int __cdecl _getpid(void);
 #define SSL_GETPID _getpid
 #else
 #define SSL_GETPID() 0
 #endif
 
 #endif /* __sslimpl_h_ */