Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(656)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: openssl/ssl/s3_lib.c

Issue 59083010: third_party/openssl: add ChaCha20+Poly1305 support. Base URL: https://chromium.googlesource.com/chromium/deps/openssl.git@master
Patch Set: Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « openssl/ssl/s3_enc.c ('k') | openssl/ssl/s3_pkt.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* ssl/s3_lib.c */ 1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
(...skipping 148 matching lines...) Expand 10 before | Expand all | Expand 10 after
159 #endif /* OPENSSL_NO_TLSEXT */ 159 #endif /* OPENSSL_NO_TLSEXT */
160 #include <openssl/md5.h> 160 #include <openssl/md5.h>
161 #ifndef OPENSSL_NO_DH 161 #ifndef OPENSSL_NO_DH
162 #include <openssl/dh.h> 162 #include <openssl/dh.h>
163 #endif 163 #endif
164 164
165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT; 165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
166 166
167 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) 167 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
168 168
169 /* FIXED_NONCE_LEN is a macro that results in the correct value to set the
170 * fixed nonce length in SSL_CIPHER.algorithms2. It's the inverse of
171 * SSL_CIPHER_AEAD_FIXED_NONCE_LEN. */
172 #define FIXED_NONCE_LEN(x) ((x/2)<<24)
173
169 /* list of available SSLv3 ciphers (sorted by id) */ 174 /* list of available SSLv3 ciphers (sorted by id) */
170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ 175 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
171 176
172 /* The RSA ciphers */ 177 /* The RSA ciphers */
173 /* Cipher 01 */ 178 /* Cipher 01 */
174 { 179 {
175 1, 180 1,
176 SSL3_TXT_RSA_NULL_MD5, 181 SSL3_TXT_RSA_NULL_MD5,
177 SSL3_CK_RSA_NULL_MD5, 182 SSL3_CK_RSA_NULL_MD5,
178 SSL_kRSA, 183 SSL_kRSA,
(...skipping 1650 matching lines...) Expand 10 before | Expand all | Expand 10 after
1829 { 1834 {
1830 1, 1835 1,
1831 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1836 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1832 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1837 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1833 SSL_kRSA, 1838 SSL_kRSA,
1834 SSL_aRSA, 1839 SSL_aRSA,
1835 SSL_AES128GCM, 1840 SSL_AES128GCM,
1836 SSL_AEAD, 1841 SSL_AEAD,
1837 SSL_TLSV1_2, 1842 SSL_TLSV1_2,
1838 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1843 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1839 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1844 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
1845 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
1840 128, 1846 128,
1841 128, 1847 128,
1842 }, 1848 },
1843 1849
1844 /* Cipher 9D */ 1850 /* Cipher 9D */
1845 { 1851 {
1846 1, 1852 1,
1847 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1853 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1848 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1854 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1849 SSL_kRSA, 1855 SSL_kRSA,
(...skipping 11 matching lines...) Expand all
1861 { 1867 {
1862 1, 1868 1,
1863 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1869 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1864 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1870 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1865 SSL_kEDH, 1871 SSL_kEDH,
1866 SSL_aRSA, 1872 SSL_aRSA,
1867 SSL_AES128GCM, 1873 SSL_AES128GCM,
1868 SSL_AEAD, 1874 SSL_AEAD,
1869 SSL_TLSV1_2, 1875 SSL_TLSV1_2,
1870 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1876 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1871 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1877 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
1878 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
1872 128, 1879 128,
1873 128, 1880 128,
1874 }, 1881 },
1875 1882
1876 /* Cipher 9F */ 1883 /* Cipher 9F */
1877 { 1884 {
1878 1, 1885 1,
1879 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1886 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1880 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1887 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1881 SSL_kEDH, 1888 SSL_kEDH,
(...skipping 11 matching lines...) Expand all
1893 { 1900 {
1894 0, 1901 0,
1895 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1902 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
1896 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1903 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
1897 SSL_kDHr, 1904 SSL_kDHr,
1898 SSL_aDH, 1905 SSL_aDH,
1899 SSL_AES128GCM, 1906 SSL_AES128GCM,
1900 SSL_AEAD, 1907 SSL_AEAD,
1901 SSL_TLSV1_2, 1908 SSL_TLSV1_2,
1902 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1909 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1903 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1910 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
1911 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
1904 128, 1912 128,
1905 128, 1913 128,
1906 }, 1914 },
1907 1915
1908 /* Cipher A1 */ 1916 /* Cipher A1 */
1909 { 1917 {
1910 0, 1918 0,
1911 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1919 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
1912 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1920 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
1913 SSL_kDHr, 1921 SSL_kDHr,
(...skipping 11 matching lines...) Expand all
1925 { 1933 {
1926 1, 1934 1,
1927 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 1935 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1928 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 1936 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1929 SSL_kEDH, 1937 SSL_kEDH,
1930 SSL_aDSS, 1938 SSL_aDSS,
1931 SSL_AES128GCM, 1939 SSL_AES128GCM,
1932 SSL_AEAD, 1940 SSL_AEAD,
1933 SSL_TLSV1_2, 1941 SSL_TLSV1_2,
1934 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1942 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1935 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1943 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
1944 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
1936 128, 1945 128,
1937 128, 1946 128,
1938 }, 1947 },
1939 1948
1940 /* Cipher A3 */ 1949 /* Cipher A3 */
1941 { 1950 {
1942 1, 1951 1,
1943 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 1952 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1944 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 1953 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1945 SSL_kEDH, 1954 SSL_kEDH,
(...skipping 11 matching lines...) Expand all
1957 { 1966 {
1958 0, 1967 0,
1959 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 1968 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
1960 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 1969 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
1961 SSL_kDHd, 1970 SSL_kDHd,
1962 SSL_aDH, 1971 SSL_aDH,
1963 SSL_AES128GCM, 1972 SSL_AES128GCM,
1964 SSL_AEAD, 1973 SSL_AEAD,
1965 SSL_TLSV1_2, 1974 SSL_TLSV1_2,
1966 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1975 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1967 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1976 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
1977 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
1968 128, 1978 128,
1969 128, 1979 128,
1970 }, 1980 },
1971 1981
1972 /* Cipher A5 */ 1982 /* Cipher A5 */
1973 { 1983 {
1974 0, 1984 0,
1975 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 1985 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
1976 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 1986 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
1977 SSL_kDHd, 1987 SSL_kDHd,
(...skipping 11 matching lines...) Expand all
1989 { 1999 {
1990 1, 2000 1,
1991 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 2001 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
1992 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 2002 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
1993 SSL_kEDH, 2003 SSL_kEDH,
1994 SSL_aNULL, 2004 SSL_aNULL,
1995 SSL_AES128GCM, 2005 SSL_AES128GCM,
1996 SSL_AEAD, 2006 SSL_AEAD,
1997 SSL_TLSV1_2, 2007 SSL_TLSV1_2,
1998 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2008 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1999 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2009 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
2010 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
2000 128, 2011 128,
2001 128, 2012 128,
2002 }, 2013 },
2003 2014
2004 /* Cipher A7 */ 2015 /* Cipher A7 */
2005 { 2016 {
2006 1, 2017 1,
2007 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 2018 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
2008 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 2019 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
2009 SSL_kEDH, 2020 SSL_kEDH,
(...skipping 692 matching lines...) Expand 10 before | Expand all | Expand 10 after
2702 { 2713 {
2703 1, 2714 1,
2704 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2715 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2705 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2716 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2706 SSL_kEECDH, 2717 SSL_kEECDH,
2707 SSL_aECDSA, 2718 SSL_aECDSA,
2708 SSL_AES128GCM, 2719 SSL_AES128GCM,
2709 SSL_AEAD, 2720 SSL_AEAD,
2710 SSL_TLSV1_2, 2721 SSL_TLSV1_2,
2711 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2722 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2712 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2723 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
2724 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
2713 128, 2725 128,
2714 128, 2726 128,
2715 }, 2727 },
2716 2728
2717 /* Cipher C02C */ 2729 /* Cipher C02C */
2718 { 2730 {
2719 1, 2731 1,
2720 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2732 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2721 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2733 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2722 SSL_kEECDH, 2734 SSL_kEECDH,
(...skipping 11 matching lines...) Expand all
2734 { 2746 {
2735 1, 2747 1,
2736 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2748 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2737 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2749 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2738 SSL_kECDHe, 2750 SSL_kECDHe,
2739 SSL_aECDH, 2751 SSL_aECDH,
2740 SSL_AES128GCM, 2752 SSL_AES128GCM,
2741 SSL_AEAD, 2753 SSL_AEAD,
2742 SSL_TLSV1_2, 2754 SSL_TLSV1_2,
2743 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2755 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2744 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2756 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
2757 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
2745 128, 2758 128,
2746 128, 2759 128,
2747 }, 2760 },
2748 2761
2749 /* Cipher C02E */ 2762 /* Cipher C02E */
2750 { 2763 {
2751 1, 2764 1,
2752 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2765 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2753 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2766 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2754 SSL_kECDHe, 2767 SSL_kECDHe,
(...skipping 11 matching lines...) Expand all
2766 { 2779 {
2767 1, 2780 1,
2768 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2781 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2769 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2782 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2770 SSL_kEECDH, 2783 SSL_kEECDH,
2771 SSL_aRSA, 2784 SSL_aRSA,
2772 SSL_AES128GCM, 2785 SSL_AES128GCM,
2773 SSL_AEAD, 2786 SSL_AEAD,
2774 SSL_TLSV1_2, 2787 SSL_TLSV1_2,
2775 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2788 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2776 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2789 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
2790 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
2777 128, 2791 128,
2778 128, 2792 128,
2779 }, 2793 },
2780 2794
2781 /* Cipher C030 */ 2795 /* Cipher C030 */
2782 { 2796 {
2783 1, 2797 1,
2784 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2798 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2785 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2799 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2786 SSL_kEECDH, 2800 SSL_kEECDH,
(...skipping 11 matching lines...) Expand all
2798 { 2812 {
2799 1, 2813 1,
2800 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2814 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2801 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2815 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2802 SSL_kECDHr, 2816 SSL_kECDHr,
2803 SSL_aECDH, 2817 SSL_aECDH,
2804 SSL_AES128GCM, 2818 SSL_AES128GCM,
2805 SSL_AEAD, 2819 SSL_AEAD,
2806 SSL_TLSV1_2, 2820 SSL_TLSV1_2,
2807 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2821 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2808 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2822 » SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(4)|
2823 » » SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD,
2809 128, 2824 128,
2810 128, 2825 128,
2811 }, 2826 },
2812 2827
2813 /* Cipher C032 */ 2828 /* Cipher C032 */
2814 { 2829 {
2815 1, 2830 1,
2816 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2831 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2817 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2832 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2818 SSL_kECDHr, 2833 SSL_kECDHr,
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after
2882 SSL_eGOST2814789CNT, 2897 SSL_eGOST2814789CNT,
2883 SSL_GOST89MAC, 2898 SSL_GOST89MAC,
2884 SSL_TLSV1, 2899 SSL_TLSV1,
2885 SSL_NOT_EXP|SSL_HIGH, 2900 SSL_NOT_EXP|SSL_HIGH,
2886 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC, 2901 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
2887 256, 2902 256,
2888 256 2903 256
2889 }, 2904 },
2890 #endif 2905 #endif
2891 2906
2907 {
2908 1,
2909 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2910 TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
2911 SSL_kEECDH,
2912 SSL_aRSA,
2913 SSL_CHACHA20POLY1305,
2914 SSL_AEAD,
2915 SSL_TLSV1_2,
2916 SSL_NOT_EXP|SSL_HIGH,
2917 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(0),
2918 256,
2919 0,
2920 },
2921
2922 {
2923 1,
2924 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2925 TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305,
2926 SSL_kEECDH,
2927 SSL_aECDSA,
2928 SSL_CHACHA20POLY1305,
2929 SSL_AEAD,
2930 SSL_TLSV1_2,
2931 SSL_NOT_EXP|SSL_HIGH,
2932 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(0),
2933 256,
2934 0,
2935 },
2936
2937 {
2938 1,
2939 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
2940 TLS1_CK_DHE_RSA_CHACHA20_POLY1305,
2941 SSL_kEDH,
2942 SSL_aRSA,
2943 SSL_CHACHA20POLY1305,
2944 SSL_AEAD,
2945 SSL_TLSV1_2,
2946 SSL_NOT_EXP|SSL_HIGH,
2947 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|FIXE D_NONCE_LEN(0),
2948 256,
2949 0,
2950 },
2951
2892 /* end of list */ 2952 /* end of list */
2893 }; 2953 };
2894 2954
2895 SSL3_ENC_METHOD SSLv3_enc_data={ 2955 SSL3_ENC_METHOD SSLv3_enc_data={
2896 ssl3_enc, 2956 ssl3_enc,
2897 n_ssl3_mac, 2957 n_ssl3_mac,
2898 ssl3_setup_key_block, 2958 ssl3_setup_key_block,
2899 ssl3_generate_master_secret, 2959 ssl3_generate_master_secret,
2900 ssl3_change_cipher_state, 2960 ssl3_change_cipher_state,
2901 ssl3_final_finish_mac, 2961 ssl3_final_finish_mac,
(...skipping 1438 matching lines...) Expand 10 before | Expand all | Expand 10 after
4340 */ 4400 */
4341 long ssl_get_algorithm2(SSL *s) 4401 long ssl_get_algorithm2(SSL *s)
4342 { 4402 {
4343 long alg2 = s->s3->tmp.new_cipher->algorithm2; 4403 long alg2 = s->s3->tmp.new_cipher->algorithm2;
4344 if (TLS1_get_version(s) >= TLS1_2_VERSION && 4404 if (TLS1_get_version(s) >= TLS1_2_VERSION &&
4345 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF)) 4405 alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
4346 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 4406 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4347 return alg2; 4407 return alg2;
4348 } 4408 }
4349 4409
OLDNEW
« no previous file with comments | « openssl/ssl/s3_enc.c ('k') | openssl/ssl/s3_pkt.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698