diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-10-21 22:18:47 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-10-21 22:25:45 +0200 |
commit | d57475d8952103cc9a8b2b97a0d070bcdedd6aa6 (patch) | |
tree | 79040ea9f8fb40d2cedb4072dc2c0a40e7015cc5 | |
parent | d3e4b9a3d0dd36e825bb5dfef534215c0c82b622 (diff) | |
download | gnutls-d57475d8952103cc9a8b2b97a0d070bcdedd6aa6.tar.gz |
Added more ciphersuites from RFC5487.
Added GNUTLS_PSK_AES_256_CBC_SHA384, GNUTLS_PSK_NULL_SHA384,
GNUTLS_DHE_PSK_AES_256_CBC_SHA384, GNUTLS_DHE_PSK_NULL_SHA384,
GNUTLS_RSA_PSK_AES_128_GCM_SHA256, GNUTLS_RSA_PSK_AES_256_GCM_SHA384,
GNUTLS_RSA_PSK_AES_128_CBC_SHA256, GNUTLS_RSA_PSK_AES_256_CBC_SHA384,
GNUTLS_RSA_PSK_NULL_SHA256, GNUTLS_RSA_PSK_NULL_SHA384.
-rw-r--r-- | lib/algorithms/ciphersuites.c | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index e3b0e19bec..9dbeb06656 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -176,6 +176,19 @@ typedef struct #define GNUTLS_PSK_WITH_AES_256_GCM_SHA384 { 0x00, 0xA9 } #define GNUTLS_DHE_PSK_WITH_AES_256_GCM_SHA384 { 0x00, 0xAB } +#define GNUTLS_PSK_AES_256_CBC_SHA384 { 0x00,0xAF } +#define GNUTLS_PSK_NULL_SHA384 { 0x00,0xB1 } +#define GNUTLS_DHE_PSK_AES_256_CBC_SHA384 { 0x00,0xB3 } +#define GNUTLS_DHE_PSK_NULL_SHA384 { 0x00,0xB5 } + +#define GNUTLS_RSA_PSK_AES_128_GCM_SHA256 { 0x00,0xAC } +#define GNUTLS_RSA_PSK_AES_256_GCM_SHA384 { 0x00,0xAD } +#define GNUTLS_RSA_PSK_AES_128_CBC_SHA256 { 0x00,0xB6 } +#define GNUTLS_RSA_PSK_AES_256_CBC_SHA384 { 0x00,0xB7 } +#define GNUTLS_RSA_PSK_NULL_SHA256 { 0x00,0xB8 } +#define GNUTLS_RSA_PSK_NULL_SHA384 { 0x00,0xB9 } + + /* PSK - SHA256 HMAC */ #define GNUTLS_PSK_AES_128_CBC_SHA256 { 0x00, 0xAE } #define GNUTLS_DHE_PSK_AES_128_CBC_SHA256 { 0x00, 0xB2 } @@ -630,6 +643,14 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_ESTREAM_SALSA20_256, GNUTLS_KX_PSK, GNUTLS_MAC_UMAC_96, GNUTLS_SSL3, GNUTLS_DTLS_VERSION_MIN), + ENTRY_PRF(GNUTLS_PSK_AES_256_CBC_SHA384, + GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_PSK, + GNUTLS_MAC_SHA384, GNUTLS_SSL3, + GNUTLS_DTLS_VERSION_MIN, GNUTLS_DIG_SHA384), + ENTRY_PRF(GNUTLS_PSK_NULL_SHA384, + GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK, + GNUTLS_MAC_SHA384, GNUTLS_SSL3, + GNUTLS_DTLS_VERSION_MIN, GNUTLS_DIG_SHA384), /* RSA-PSK */ ENTRY (GNUTLS_RSA_PSK_SHA_ARCFOUR_SHA1, @@ -648,6 +669,30 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA_PSK, GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_DTLS_VERSION_MIN), + ENTRY (GNUTLS_RSA_PSK_AES_128_GCM_SHA256, + GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_RSA_PSK, + GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, + GNUTLS_DTLS1_2), + ENTRY (GNUTLS_RSA_PSK_AES_128_CBC_SHA256, + GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA_PSK, + GNUTLS_MAC_SHA256, GNUTLS_SSL3, + GNUTLS_DTLS_VERSION_MIN), + ENTRY (GNUTLS_RSA_PSK_NULL_SHA256, + GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK, + GNUTLS_MAC_SHA256, GNUTLS_SSL3, + GNUTLS_DTLS_VERSION_MIN), + ENTRY_PRF (GNUTLS_RSA_PSK_AES_256_GCM_SHA384, + GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_RSA_PSK, + GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, + GNUTLS_DTLS1_2, GNUTLS_DIG_SHA384), + ENTRY_PRF (GNUTLS_RSA_PSK_AES_256_CBC_SHA384, + GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA_PSK, + GNUTLS_MAC_SHA384, GNUTLS_SSL3, + GNUTLS_DTLS_VERSION_MIN, GNUTLS_DIG_SHA384), + ENTRY_PRF (GNUTLS_RSA_PSK_NULL_SHA384, + GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK, + GNUTLS_MAC_SHA384, GNUTLS_SSL3, + GNUTLS_DTLS_VERSION_MIN, GNUTLS_DIG_SHA384), /* DHE-PSK */ ENTRY (GNUTLS_DHE_PSK_SHA_ARCFOUR_SHA1, @@ -678,6 +723,14 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK, GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_DTLS1_2), + ENTRY_PRF(GNUTLS_DHE_PSK_NULL_SHA384, + GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK, + GNUTLS_MAC_SHA384, GNUTLS_SSL3, + GNUTLS_DTLS_VERSION_MIN, GNUTLS_DIG_SHA384), + ENTRY_PRF(GNUTLS_DHE_PSK_AES_256_CBC_SHA384, + GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK, + GNUTLS_MAC_SHA384, GNUTLS_SSL3, + GNUTLS_DTLS_VERSION_MIN, GNUTLS_DIG_SHA384), ENTRY_PRF(GNUTLS_PSK_WITH_AES_256_GCM_SHA384, GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_PSK, |