From 7dcbb28cdeb1e9b07d4bf8873e8e800cbdc232b9 Mon Sep 17 00:00:00 2001 From: miod Date: Tue, 16 Dec 2014 05:47:28 +0000 Subject: [PATCH] Now that we have Camellia support in libcrypto, bring in the SHA256 flavour of the Camellia ciphersuites for TLS 1.2 introduced in RFC 5932. From OpenSSL HEAD. --- lib/libssl/s3_lib.c | 134 +++++++++++++++++++++++++++++++++++- lib/libssl/src/ssl/s3_lib.c | 134 +++++++++++++++++++++++++++++++++++- lib/libssl/src/ssl/tls1.h | 32 ++++++++- lib/libssl/tls1.h | 32 ++++++++- 4 files changed, 328 insertions(+), 4 deletions(-) diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index f372b6523c8..98eff971317 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.90 2014/12/14 16:07:26 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.91 2014/12/16 05:47:28 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -996,6 +996,138 @@ SSL_CIPHER ssl3_ciphers[] = { .alg_bits = 256, }, +#ifndef OPENSSL_NO_CAMELLIA + /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ + + /* Cipher BA */ + { + .valid = 1, + .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256, + .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256, + .algorithm_mkey = SSL_kRSA, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CAMELLIA128, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 128, + .alg_bits = 128, + }, + + /* Cipher BD */ + { + .valid = 1, + .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, + .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aDSS, + .algorithm_enc = SSL_CAMELLIA128, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 128, + .alg_bits = 128, + }, + + /* Cipher BE */ + { + .valid = 1, + .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CAMELLIA128, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 128, + .alg_bits = 128, + }, + + /* Cipher BF */ + { + .valid = 1, + .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256, + .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aNULL, + .algorithm_enc = SSL_CAMELLIA128, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 128, + .alg_bits = 128, + }, + + /* Cipher C0 */ + { + .valid = 1, + .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256, + .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256, + .algorithm_mkey = SSL_kRSA, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CAMELLIA256, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 256, + .alg_bits = 256, + }, + + /* Cipher C3 */ + { + .valid = 1, + .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, + .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aDSS, + .algorithm_enc = SSL_CAMELLIA256, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 256, + .alg_bits = 256, + }, + + /* Cipher C4 */ + { + .valid = 1, + .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, + .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CAMELLIA256, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 256, + .alg_bits = 256, + }, + + /* Cipher C5 */ + { + .valid = 1, + .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256, + .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aNULL, + .algorithm_enc = SSL_CAMELLIA256, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 256, + .alg_bits = 256, + }, +#endif /* OPENSSL_NO_CAMELLIA */ + /* Cipher C001 */ { .valid = 1, diff --git a/lib/libssl/src/ssl/s3_lib.c b/lib/libssl/src/ssl/s3_lib.c index f372b6523c8..98eff971317 100644 --- a/lib/libssl/src/ssl/s3_lib.c +++ b/lib/libssl/src/ssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.90 2014/12/14 16:07:26 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.91 2014/12/16 05:47:28 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -996,6 +996,138 @@ SSL_CIPHER ssl3_ciphers[] = { .alg_bits = 256, }, +#ifndef OPENSSL_NO_CAMELLIA + /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ + + /* Cipher BA */ + { + .valid = 1, + .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256, + .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256, + .algorithm_mkey = SSL_kRSA, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CAMELLIA128, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 128, + .alg_bits = 128, + }, + + /* Cipher BD */ + { + .valid = 1, + .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, + .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aDSS, + .algorithm_enc = SSL_CAMELLIA128, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 128, + .alg_bits = 128, + }, + + /* Cipher BE */ + { + .valid = 1, + .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CAMELLIA128, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 128, + .alg_bits = 128, + }, + + /* Cipher BF */ + { + .valid = 1, + .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256, + .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aNULL, + .algorithm_enc = SSL_CAMELLIA128, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 128, + .alg_bits = 128, + }, + + /* Cipher C0 */ + { + .valid = 1, + .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256, + .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256, + .algorithm_mkey = SSL_kRSA, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CAMELLIA256, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 256, + .alg_bits = 256, + }, + + /* Cipher C3 */ + { + .valid = 1, + .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, + .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aDSS, + .algorithm_enc = SSL_CAMELLIA256, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 256, + .alg_bits = 256, + }, + + /* Cipher C4 */ + { + .valid = 1, + .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, + .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aRSA, + .algorithm_enc = SSL_CAMELLIA256, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 256, + .alg_bits = 256, + }, + + /* Cipher C5 */ + { + .valid = 1, + .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256, + .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256, + .algorithm_mkey = SSL_kDHE, + .algorithm_auth = SSL_aNULL, + .algorithm_enc = SSL_CAMELLIA256, + .algorithm_mac = SSL_SHA256, + .algorithm_ssl = SSL_TLSV1_2, + .algo_strength = SSL_HIGH, + .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, + .strength_bits = 256, + .alg_bits = 256, + }, +#endif /* OPENSSL_NO_CAMELLIA */ + /* Cipher C001 */ { .valid = 1, diff --git a/lib/libssl/src/ssl/tls1.h b/lib/libssl/src/ssl/tls1.h index 60dc7919a45..60651572a22 100644 --- a/lib/libssl/src/ssl/tls1.h +++ b/lib/libssl/src/ssl/tls1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls1.h,v 1.22 2014/11/18 05:33:43 miod Exp $ */ +/* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -452,6 +452,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6 #define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7 +/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ +#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA +#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB +#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC +#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD +#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE +#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF + +#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0 +#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1 +#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2 +#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3 +#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4 +#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5 + /* ECC ciphersuites from RFC 4492. */ #define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001 #define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002 @@ -605,6 +620,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA" #define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA" +/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ +#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256" +#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256" +#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256" +#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256" +#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256" +#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256" + +#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256" +#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256" +#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256" +#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256" +#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256" +#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256" + /* SEED ciphersuites from RFC 4162. */ #define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA" #define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA" diff --git a/lib/libssl/tls1.h b/lib/libssl/tls1.h index 60dc7919a45..60651572a22 100644 --- a/lib/libssl/tls1.h +++ b/lib/libssl/tls1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls1.h,v 1.22 2014/11/18 05:33:43 miod Exp $ */ +/* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -452,6 +452,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6 #define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7 +/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ +#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA +#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB +#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC +#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD +#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE +#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF + +#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0 +#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1 +#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2 +#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3 +#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4 +#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5 + /* ECC ciphersuites from RFC 4492. */ #define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001 #define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002 @@ -605,6 +620,21 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA" #define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA" +/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ +#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256" +#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256" +#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256" +#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256" +#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256" +#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256" + +#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256" +#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256" +#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256" +#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256" +#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256" +#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256" + /* SEED ciphersuites from RFC 4162. */ #define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA" #define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA" -- 2.20.1