You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
101 lines
3.2 KiB
Diff
101 lines
3.2 KiB
Diff
From cf389e16d8dc49e97c0b13ea3a1c373c6f6f94bd Mon Sep 17 00:00:00 2001
|
|
From: Adam Langley <agl@chromium.org>
|
|
Date: Wed, 4 Jun 2014 10:59:32 -0700
|
|
Subject: ECDHE-PSK_AES-CBC-SHA_cipher_suites
|
|
|
|
Add ECDHE-PSK AES-CBC-SHA cipher suites from RFC 5489.
|
|
Remove ECDHE-PSK AES-CBC-SHA2 cipher suites from RFC 5489 because
|
|
they cannot be used with SSLv3 and there's no way to express that in
|
|
OpenSSL's configuration.
|
|
---
|
|
ssl/s3_lib.c | 25 ++++++++++++-------------
|
|
ssl/tls1.h | 14 ++++++++------
|
|
2 files changed, 20 insertions(+), 19 deletions(-)
|
|
|
|
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
|
|
index f84da7f..e016fc8 100644
|
|
--- a/ssl/s3_lib.c
|
|
+++ b/ssl/s3_lib.c
|
|
@@ -2828,35 +2828,34 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
|
|
|
|
#ifndef OPENSSL_NO_PSK
|
|
/* ECDH PSK ciphersuites from RFC 5489 */
|
|
-
|
|
- /* Cipher C037 */
|
|
+ /* Cipher C035 */
|
|
{
|
|
1,
|
|
- TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
|
|
- TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
|
|
+ TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
|
|
+ TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
|
|
SSL_kEECDH,
|
|
SSL_aPSK,
|
|
SSL_AES128,
|
|
- SSL_SHA256,
|
|
+ SSL_SHA1,
|
|
SSL_TLSV1,
|
|
- SSL_NOT_EXP|SSL_HIGH,
|
|
- SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF_SHA256,
|
|
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
|
|
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
|
|
128,
|
|
128,
|
|
},
|
|
|
|
- /* Cipher C038 */
|
|
+ /* Cipher C036 */
|
|
{
|
|
1,
|
|
- TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
|
|
- TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
|
|
+ TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
|
|
+ TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
|
|
SSL_kEECDH,
|
|
SSL_aPSK,
|
|
SSL_AES256,
|
|
- SSL_SHA384,
|
|
+ SSL_SHA1,
|
|
SSL_TLSV1,
|
|
- SSL_NOT_EXP|SSL_HIGH,
|
|
- SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF_SHA384,
|
|
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
|
|
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
|
|
256,
|
|
256,
|
|
},
|
|
diff --git a/ssl/tls1.h b/ssl/tls1.h
|
|
index ec8948d..51d073d 100644
|
|
--- a/ssl/tls1.h
|
|
+++ b/ssl/tls1.h
|
|
@@ -531,9 +531,11 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|
#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
|
|
#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
|
|
|
|
-/* ECDHE PSK ciphersuites from RFC 5489 */
|
|
-#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0x0300C037
|
|
-#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0x0300C038
|
|
+/* ECDHE PSK ciphersuites from RFC5489
|
|
+ * SHA-2 cipher suites are omitted because they cannot be used safely with
|
|
+ * SSLv3. */
|
|
+#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035
|
|
+#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036
|
|
|
|
/* XXX
|
|
* Inconsistency alert:
|
|
@@ -686,9 +688,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|
#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
|
|
#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
|
|
|
|
-/* ECDHE PSK ciphersuites from RFC 5489 */
|
|
-#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "ECDHE-PSK-WITH-AES-128-CBC-SHA256"
|
|
-#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "ECDHE-PSK-WITH-AES-256-CBC-SHA384"
|
|
+/* ECDHE PSK ciphersuites from RFC5489 */
|
|
+#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA"
|
|
+#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA"
|
|
|
|
#define TLS_CT_RSA_SIGN 1
|
|
#define TLS_CT_DSS_SIGN 2
|
|
--
|
|
2.0.0.526.g5318336
|