the Camellia ciphersuites for TLS 1.2 introduced in RFC 5932. From OpenSSL HEAD.
-/* $OpenBSD: s3_lib.c,v 1.90 2014/12/14 16:07:26 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.91 2014/12/16 05:47:28 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
.alg_bits = 256,
},
+#ifndef OPENSSL_NO_CAMELLIA
+ /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+
+ /* Cipher BA */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kRSA,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher BD */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aDSS,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher BE */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher BF */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aNULL,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher C0 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ .algorithm_mkey = SSL_kRSA,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+
+ /* Cipher C3 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+ .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aDSS,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+
+ /* Cipher C4 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+
+ /* Cipher C5 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+ .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aNULL,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+#endif /* OPENSSL_NO_CAMELLIA */
+
/* Cipher C001 */
{
.valid = 1,
-/* $OpenBSD: s3_lib.c,v 1.90 2014/12/14 16:07:26 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.91 2014/12/16 05:47:28 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
.alg_bits = 256,
},
+#ifndef OPENSSL_NO_CAMELLIA
+ /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+
+ /* Cipher BA */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kRSA,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher BD */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aDSS,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher BE */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher BF */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aNULL,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher C0 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ .algorithm_mkey = SSL_kRSA,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+
+ /* Cipher C3 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+ .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aDSS,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+
+ /* Cipher C4 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+
+ /* Cipher C5 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+ .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+ .algorithm_mkey = SSL_kDHE,
+ .algorithm_auth = SSL_aNULL,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+#endif /* OPENSSL_NO_CAMELLIA */
+
/* Cipher C001 */
{
.valid = 1,
-/* $OpenBSD: tls1.h,v 1.22 2014/11/18 05:33:43 miod Exp $ */
+/* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
+#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF
+
+#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
+#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5
+
/* ECC ciphersuites from RFC 4492. */
#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"
+
+#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
+
/* SEED ciphersuites from RFC 4162. */
#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
-/* $OpenBSD: tls1.h,v 1.22 2014/11/18 05:33:43 miod Exp $ */
+/* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
+#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF
+
+#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
+#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
+#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
+#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
+#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
+#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5
+
/* ECC ciphersuites from RFC 4492. */
#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"
+
+#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
+#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
+
/* SEED ciphersuites from RFC 4162. */
#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
projects / openbsd / commitdiff