mirror of
https://github.com/roytam1/basilisk55.git
synced 2026-05-26 15:02:46 +00:00
import changes from `RFC6367' branch in UXP:
- Issue #1462 - Part 3: Add Camellia-GCM capabilities to NSS (51e6c2cf4) - Issue #1462 - Part 4: Add Camellia-GCM suites to NSS (a0aae2586) - Issue #1462 - Part 5: Security manager changes for Camellia-GCM suites. (338888703) - Issue #1462 - Part 6: Don't mess with OIDs, that's a different spec. (d3594baa4) - Issue #1462 - Part 3b: Actually commit -all- the code, and fix space (f23b96fa7)
This commit is contained in:
@@ -24,6 +24,10 @@ pref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true);
|
||||
pref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true);
|
||||
pref("security.ssl3.ecdhe_ecdsa_chacha20_poly1305_sha256", true);
|
||||
pref("security.ssl3.ecdhe_rsa_chacha20_poly1305_sha256", true);
|
||||
pref("security.ssl3.ecdhe_ecdsa_camellia_128_gcm_sha256", true);
|
||||
pref("security.ssl3.ecdhe_rsa_camellia_128_gcm_sha256", true);
|
||||
pref("security.ssl3.ecdhe_ecdsa_camellia_256_gcm_sha384", true);
|
||||
pref("security.ssl3.ecdhe_rsa_camellia_256_gcm_sha384", true);
|
||||
pref("security.ssl3.ecdhe_ecdsa_aes_256_gcm_sha384", true);
|
||||
pref("security.ssl3.ecdhe_rsa_aes_256_gcm_sha384", true);
|
||||
pref("security.ssl3.ecdhe_ecdsa_camellia_256_sha384", true);
|
||||
@@ -34,10 +38,14 @@ pref("security.ssl3.ecdhe_rsa_aes_128_sha", true);
|
||||
pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", true);
|
||||
pref("security.ssl3.ecdhe_rsa_aes_256_sha", true);
|
||||
pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true);
|
||||
pref("security.ssl3.dhe_rsa_camellia_256_gcm_sha384", true);
|
||||
pref("security.ssl3.dhe_rsa_camellia_128_gcm_sha256", true);
|
||||
pref("security.ssl3.dhe_rsa_camellia_256_sha", true);
|
||||
pref("security.ssl3.dhe_rsa_camellia_128_sha", true);
|
||||
pref("security.ssl3.rsa_aes_256_gcm_sha384", true);
|
||||
pref("security.ssl3.rsa_aes_256_sha256", true);
|
||||
pref("security.ssl3.rsa_camellia_128_gcm_sha256", true);
|
||||
pref("security.ssl3.rsa_camellia_256_gcm_sha384", true);
|
||||
pref("security.ssl3.rsa_camellia_128_sha", true);
|
||||
pref("security.ssl3.rsa_camellia_256_sha", true);
|
||||
pref("security.ssl3.rsa_aes_128_sha", true);
|
||||
|
||||
@@ -1328,6 +1328,16 @@ static const CipherPref sCipherPrefs[] = {
|
||||
{ "security.ssl3.ecdhe_rsa_aes_256_gcm_sha384",
|
||||
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, true },
|
||||
|
||||
{ "security.ssl3.ecdhe_ecdsa_camellia_256_gcm_sha384",
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, true },
|
||||
{ "security.ssl3.ecdhe_rsa_camellia_256_gcm_sha384",
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, true },
|
||||
|
||||
{ "security.ssl3.ecdhe_ecdsa_camellia_128_gcm_sha256",
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, true },
|
||||
{ "security.ssl3.ecdhe_rsa_camellia_128_gcm_sha256",
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, true },
|
||||
|
||||
{ "security.ssl3.ecdhe_ecdsa_camellia_256_sha384",
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, true },
|
||||
{ "security.ssl3.ecdhe_rsa_camellia_256_sha384",
|
||||
@@ -1348,6 +1358,11 @@ static const CipherPref sCipherPrefs[] = {
|
||||
{ "security.ssl3.ecdhe_ecdsa_aes_256_sha",
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, true },
|
||||
|
||||
{ "security.ssl3.dhe_rsa_camellia_256_gcm_sha384",
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, true},
|
||||
{ "security.ssl3.dhe_rsa_camellia_128_gcm_sha256",
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, true },
|
||||
|
||||
{ "security.ssl3.dhe_rsa_camellia_256_sha",
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, true},
|
||||
{ "security.ssl3.dhe_rsa_aes_256_sha",
|
||||
@@ -1370,9 +1385,13 @@ static const CipherPref sCipherPrefs[] = {
|
||||
TLS_RSA_WITH_AES_256_GCM_SHA384, true },
|
||||
{ "security.ssl3.rsa_aes_256_sha256",
|
||||
TLS_RSA_WITH_AES_256_CBC_SHA256, true },
|
||||
{"security.ssl3.rsa_camellia_128_sha",
|
||||
{ "security.ssl3.rsa_camellia_256_gcm_sha384",
|
||||
TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, true},
|
||||
{ "security.ssl3.rsa_camellia_128_gcm_sha256",
|
||||
TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, true },
|
||||
{ "security.ssl3.rsa_camellia_128_sha",
|
||||
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, true },
|
||||
{"security.ssl3.rsa_camellia_256_sha",
|
||||
{ "security.ssl3.rsa_camellia_256_sha",
|
||||
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, true },
|
||||
{ "security.ssl3.rsa_aes_128_sha",
|
||||
TLS_RSA_WITH_AES_128_CBC_SHA, true },
|
||||
|
||||
@@ -409,6 +409,7 @@ print_mechanism(CK_MECHANISM_PTR m)
|
||||
CASE(CKM_CAMELLIA_KEY_GEN);
|
||||
CASE(CKM_CAMELLIA_MAC);
|
||||
CASE(CKM_CAMELLIA_MAC_GENERAL);
|
||||
CASE(CKM_CAMELLIA_GCM);
|
||||
CASE(CKM_CDMF_CBC);
|
||||
CASE(CKM_CDMF_CBC_PAD);
|
||||
CASE(CKM_CDMF_ECB);
|
||||
|
||||
@@ -223,6 +223,7 @@ PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len)
|
||||
case CKM_CAMELLIA_MAC_GENERAL:
|
||||
case CKM_CAMELLIA_CBC_PAD:
|
||||
case CKM_CAMELLIA_KEY_GEN:
|
||||
case CKM_CAMELLIA_GCM:
|
||||
return CKK_CAMELLIA;
|
||||
case CKM_NSS_CHACHA20_POLY1305:
|
||||
case CKM_NSS_CHACHA20_KEY_GEN:
|
||||
@@ -443,6 +444,7 @@ PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size)
|
||||
case CKM_CAMELLIA_MAC_GENERAL:
|
||||
case CKM_CAMELLIA_CBC_PAD:
|
||||
case CKM_CAMELLIA_KEY_GEN:
|
||||
case CKM_CAMELLIA_GCM:
|
||||
return CKM_CAMELLIA_KEY_GEN;
|
||||
case CKM_NSS_CHACHA20_POLY1305:
|
||||
case CKM_NSS_CHACHA20_CTR:
|
||||
@@ -796,6 +798,7 @@ PK11_GetIVLength(CK_MECHANISM_TYPE type)
|
||||
case CKM_CAST5_CBC_PAD:
|
||||
return 8;
|
||||
case CKM_AES_GCM:
|
||||
case CKM_CAMELLIA_GCM:
|
||||
case CKM_NSS_CHACHA20_POLY1305:
|
||||
return 12;
|
||||
case CKM_SEED_CBC:
|
||||
|
||||
@@ -879,6 +879,7 @@ PK11_GetSlotList(CK_MECHANISM_TYPE type)
|
||||
return &pk11_seedSlotList;
|
||||
case CKM_CAMELLIA_CBC:
|
||||
case CKM_CAMELLIA_ECB:
|
||||
case CKM_CAMELLIA_GCM:
|
||||
return &pk11_camelliaSlotList;
|
||||
case CKM_AES_CBC:
|
||||
case CKM_AES_CCM:
|
||||
|
||||
@@ -339,6 +339,7 @@ static const struct mechanismList mechanisms[] = {
|
||||
{ CKM_CAMELLIA_MAC, { 16, 32, CKF_SN_VR }, PR_TRUE },
|
||||
{ CKM_CAMELLIA_MAC_GENERAL, { 16, 32, CKF_SN_VR }, PR_TRUE },
|
||||
{ CKM_CAMELLIA_CBC_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
|
||||
{ CKM_CAMELLIA_GCM, { 16, 32, CKF_EN_DE }, PR_TRUE},
|
||||
/* ------------------------- SEED Operations --------------------------- */
|
||||
{ CKM_SEED_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
|
||||
{ CKM_SEED_ECB, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
|
||||
|
||||
@@ -98,6 +98,10 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
|
||||
{ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is out of order to work around
|
||||
* bug 946147.
|
||||
*/
|
||||
@@ -123,6 +127,8 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
|
||||
{ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
@@ -151,6 +157,8 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
|
||||
/* RSA */
|
||||
{ TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
{ TLS_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
|
||||
{ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
|
||||
@@ -297,6 +305,14 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] =
|
||||
cipher_camellia_256, ssl_mac_sha, kea_dhe_dss, ssl_hash_none },
|
||||
{ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||
cipher_camellia_256, ssl_mac_sha, kea_dhe_rsa, ssl_hash_none },
|
||||
{ TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
cipher_camellia_256_gcm, ssl_mac_aead, kea_dhe_rsa, ssl_hash_sha384},
|
||||
{ TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
cipher_camellia_128_gcm, ssl_mac_aead, kea_dhe_rsa, ssl_hash_sha256},
|
||||
{ TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
cipher_camellia_256_gcm, ssl_mac_aead, kea_rsa, ssl_hash_sha384},
|
||||
{ TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
cipher_camellia_128_gcm, ssl_mac_aead, kea_rsa, ssl_hash_sha256},
|
||||
|
||||
{ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, ssl_mac_aead, kea_dhe_rsa, ssl_hash_sha256 },
|
||||
{ TLS_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, ssl_mac_aead, kea_rsa, ssl_hash_sha256 },
|
||||
@@ -308,6 +324,10 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] =
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, cipher_aes_256, ssl_hmac_sha384, kea_ecdhe_ecdsa, ssl_hash_sha384 },
|
||||
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, cipher_aes_256, ssl_hmac_sha384, kea_ecdhe_rsa, ssl_hash_sha384 },
|
||||
|
||||
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, cipher_camellia_256_gcm, ssl_mac_aead, kea_ecdhe_ecdsa, ssl_hash_sha384},
|
||||
{ TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, cipher_camellia_256_gcm, ssl_mac_aead, kea_ecdhe_rsa, ssl_hash_sha384},
|
||||
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, cipher_camellia_128_gcm, ssl_mac_aead, kea_ecdhe_ecdsa, ssl_hash_sha256},
|
||||
{ TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, cipher_camellia_128_gcm, ssl_mac_aead, kea_ecdhe_rsa, ssl_hash_sha256},
|
||||
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, cipher_camellia_256, ssl_hmac_sha384, kea_ecdhe_ecdsa, ssl_hash_sha384 },
|
||||
{ TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, cipher_camellia_256, ssl_hmac_sha384, kea_ecdhe_rsa, ssl_hash_sha384 },
|
||||
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, cipher_camellia_128, ssl_hmac_sha256, kea_ecdhe_ecdsa, ssl_hash_sha256 },
|
||||
@@ -401,6 +421,7 @@ static const SSLCipher2Mech alg2Mech[] = {
|
||||
{ ssl_calg_camellia, CKM_CAMELLIA_CBC },
|
||||
{ ssl_calg_seed, CKM_SEED_CBC },
|
||||
{ ssl_calg_aes_gcm, CKM_AES_GCM },
|
||||
{ ssl_calg_camellia_gcm, CKM_CAMELLIA_GCM },
|
||||
{ ssl_calg_chacha20, CKM_NSS_CHACHA20_POLY1305 },
|
||||
};
|
||||
|
||||
@@ -599,6 +620,14 @@ ssl3_CipherSuiteAllowedForVersionRange(ssl3CipherSuite cipherSuite,
|
||||
case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
|
||||
case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
|
||||
case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
|
||||
case TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
|
||||
case TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
|
||||
case TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
|
||||
case TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
|
||||
case TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
|
||||
case TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
|
||||
case TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
|
||||
case TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
|
||||
return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_2 &&
|
||||
vrange->min < SSL_LIBRARY_VERSION_TLS_1_3;
|
||||
|
||||
@@ -1815,6 +1844,68 @@ ssl3_AESGCM(const ssl3KeyMaterial *keys,
|
||||
return rv;
|
||||
}
|
||||
|
||||
static SECStatus
|
||||
ssl3_CamelliaGCM(const ssl3KeyMaterial *keys,
|
||||
PRBool doDecrypt,
|
||||
unsigned char *out,
|
||||
unsigned int *outlen,
|
||||
unsigned int maxout,
|
||||
const unsigned char *in,
|
||||
unsigned int inlen,
|
||||
const unsigned char *additionalData,
|
||||
unsigned int additionalDataLen)
|
||||
{
|
||||
SECItem param;
|
||||
SECStatus rv = SECFailure;
|
||||
unsigned char nonce[12];
|
||||
unsigned int uOutLen;
|
||||
CK_GCM_PARAMS gcmParams;
|
||||
|
||||
const int tagSize = 16;
|
||||
const int explicitNonceLen = 8;
|
||||
|
||||
/* See https://tools.ietf.org/html/rfc5288#section-3 for details of how the
|
||||
* nonce is formed. */
|
||||
memcpy(nonce, keys->iv, 4);
|
||||
if (doDecrypt) {
|
||||
memcpy(nonce + 4, in, explicitNonceLen);
|
||||
in += explicitNonceLen;
|
||||
inlen -= explicitNonceLen;
|
||||
*outlen = 0;
|
||||
} else {
|
||||
if (maxout < explicitNonceLen) {
|
||||
PORT_SetError(SEC_ERROR_INPUT_LEN);
|
||||
return SECFailure;
|
||||
}
|
||||
/* Use the 64-bit sequence number as the explicit nonce. */
|
||||
memcpy(nonce + 4, additionalData, explicitNonceLen);
|
||||
memcpy(out, additionalData, explicitNonceLen);
|
||||
out += explicitNonceLen;
|
||||
maxout -= explicitNonceLen;
|
||||
*outlen = explicitNonceLen;
|
||||
}
|
||||
|
||||
param.type = siBuffer;
|
||||
param.data = (unsigned char *)&gcmParams;
|
||||
param.len = sizeof(gcmParams);
|
||||
gcmParams.pIv = nonce;
|
||||
gcmParams.ulIvLen = sizeof(nonce);
|
||||
gcmParams.pAAD = (unsigned char *)additionalData; /* const cast */
|
||||
gcmParams.ulAADLen = additionalDataLen;
|
||||
gcmParams.ulTagBits = tagSize * 8;
|
||||
|
||||
if (doDecrypt) {
|
||||
rv = PK11_Decrypt(keys->key, CKM_CAMELLIA_GCM, ¶m, out, &uOutLen,
|
||||
maxout, in, inlen);
|
||||
} else {
|
||||
rv = PK11_Encrypt(keys->key, CKM_CAMELLIA_GCM, ¶m, out, &uOutLen,
|
||||
maxout, in, inlen);
|
||||
}
|
||||
*outlen += (int)uOutLen;
|
||||
|
||||
return rv;
|
||||
}
|
||||
|
||||
static SECStatus
|
||||
ssl3_ChaCha20Poly1305(const ssl3KeyMaterial *keys, PRBool doDecrypt,
|
||||
unsigned char *out, unsigned int *outlen, unsigned int maxout,
|
||||
@@ -1892,6 +1983,9 @@ ssl3_InitPendingContexts(sslSocket *ss, ssl3CipherSpec *spec)
|
||||
case ssl_calg_aes_gcm:
|
||||
spec->aead = ssl3_AESGCM;
|
||||
break;
|
||||
case ssl_calg_camellia_gcm:
|
||||
spec->aead = ssl3_CamelliaGCM;
|
||||
break;
|
||||
case ssl_calg_chacha20:
|
||||
spec->aead = ssl3_ChaCha20Poly1305;
|
||||
break;
|
||||
|
||||
@@ -763,21 +763,25 @@ static const ssl3CipherSuite ssl_all_ec_suites[] = {
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_NULL_SHA,
|
||||
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_NULL_SHA,
|
||||
TLS_ECDHE_RSA_WITH_RC4_128_SHA,
|
||||
@@ -804,12 +808,14 @@ static const ssl3CipherSuite ssl_dhe_suites[] = {
|
||||
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
||||
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
|
||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
||||
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
|
||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
||||
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
|
||||
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
|
||||
|
||||
@@ -65,6 +65,10 @@ const PRUint16 SSL_ImplementedCiphers[] = {
|
||||
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147.
|
||||
*/
|
||||
@@ -90,6 +94,8 @@ const PRUint16 SSL_ImplementedCiphers[] = {
|
||||
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
|
||||
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
||||
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
|
||||
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
||||
@@ -117,6 +123,8 @@ const PRUint16 SSL_ImplementedCiphers[] = {
|
||||
|
||||
TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||
TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||
TLS_RSA_WITH_AES_128_CBC_SHA,
|
||||
TLS_RSA_WITH_AES_128_CBC_SHA256,
|
||||
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||
|
||||
@@ -236,7 +236,7 @@ typedef struct {
|
||||
#endif
|
||||
} ssl3CipherSuiteCfg;
|
||||
|
||||
#define ssl_V3_SUITES_IMPLEMENTED 75
|
||||
#define ssl_V3_SUITES_IMPLEMENTED 83
|
||||
|
||||
#define MAX_DTLS_SRTP_CIPHER_SUITES 4
|
||||
|
||||
|
||||
@@ -210,6 +210,7 @@ SSL_GetPreliminaryChannelInfo(PRFileDesc *fd,
|
||||
#define C_SJ "SKIPJACK", ssl_calg_sj
|
||||
#define C_AESGCM "AES-GCM", ssl_calg_aes_gcm
|
||||
#define C_CHACHA20 "CHACHA20POLY1305", ssl_calg_chacha20
|
||||
#define C_CAMELLIAGCM "CAMELLIA-GCM", ssl_calg_camellia_gcm
|
||||
|
||||
/* "block cipher" sizes */
|
||||
#define B_256 256, 256, 256
|
||||
@@ -248,16 +249,19 @@ static const SSLCipherSuiteInfo suiteInfo[] = {
|
||||
{ 0, CS(RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_RSA, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_RSAD, ssl_hash_sha256 },
|
||||
{ 0, CS(DHE_RSA_WITH_CHACHA20_POLY1305_SHA256), S_RSA, K_DHE, C_CHACHA20, B_256, M_AEAD_128, F_NFIPS_STD, A_RSAS, ssl_hash_sha256 },
|
||||
|
||||
{ 0, CS(DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384), S_RSA, K_DHE, C_CAMELLIAGCM, B_256, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_sha384 },
|
||||
{ 0, CS(DHE_RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_256, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_none },
|
||||
{ 0, CS(DHE_DSS_WITH_CAMELLIA_256_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_256, M_SHA, F_NFIPS_STD, A_DSA, ssl_hash_none },
|
||||
{ 0, CS(DHE_RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_DHE, C_AES, B_256, M_SHA256, F_FIPS_STD, A_RSAS, ssl_hash_sha256 },
|
||||
{ 0, CS(DHE_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_DHE, C_AES, B_256, M_SHA, F_FIPS_STD, A_RSAS, ssl_hash_none },
|
||||
{ 0, CS(DHE_DSS_WITH_AES_256_CBC_SHA), S_DSA, K_DHE, C_AES, B_256, M_SHA, F_FIPS_STD, A_DSA, ssl_hash_none },
|
||||
{ 0, CS(DHE_DSS_WITH_AES_256_CBC_SHA256), S_DSA, K_DHE, C_AES, B_256, M_SHA256, F_FIPS_STD, A_DSA, ssl_hash_sha256 },
|
||||
{ 0, CS(RSA_WITH_CAMELLIA_256_GCM_SHA384), S_RSA, K_RSA, C_CAMELLIAGCM, B_256, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_sha384 },
|
||||
{ 0, CS(RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_256, M_SHA, F_NFIPS_STD, A_RSAD, ssl_hash_none },
|
||||
{ 0, CS(RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_RSA, C_AES, B_256, M_SHA256, F_FIPS_STD, A_RSAD, ssl_hash_sha256 },
|
||||
{ 0, CS(RSA_WITH_AES_256_CBC_SHA), S_RSA, K_RSA, C_AES, B_256, M_SHA, F_FIPS_STD, A_RSAD, ssl_hash_none },
|
||||
|
||||
{ 0, CS(DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256), S_RSA, K_DHE, C_CAMELLIAGCM, B_128, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_sha256 },
|
||||
{ 0, CS(DHE_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_128, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_none },
|
||||
{ 0, CS(DHE_DSS_WITH_CAMELLIA_128_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_128, M_SHA, F_NFIPS_STD, A_DSA, ssl_hash_none },
|
||||
{ 0, CS(DHE_DSS_WITH_RC4_128_SHA), S_DSA, K_DHE, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_DSA, ssl_hash_none },
|
||||
@@ -268,6 +272,7 @@ static const SSLCipherSuiteInfo suiteInfo[] = {
|
||||
{ 0, CS(DHE_DSS_WITH_AES_128_CBC_SHA), S_DSA, K_DHE, C_AES, B_128, M_SHA, F_FIPS_STD, A_DSA, ssl_hash_none },
|
||||
{ 0, CS(DHE_DSS_WITH_AES_128_CBC_SHA256), S_DSA, K_DHE, C_AES, B_128, M_SHA256, F_FIPS_STD, A_DSA, ssl_hash_sha256 },
|
||||
{ 0, CS(RSA_WITH_SEED_CBC_SHA), S_RSA, K_RSA, C_SEED, B_128, M_SHA, F_FIPS_STD, A_RSAD, ssl_hash_none },
|
||||
{ 0, CS(RSA_WITH_CAMELLIA_128_GCM_SHA256), S_RSA, K_RSA, C_CAMELLIAGCM, B_128, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_sha256 },
|
||||
{ 0, CS(RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_128, M_SHA, F_NFIPS_STD, A_RSAD, ssl_hash_none },
|
||||
{ 0, CS(RSA_WITH_RC4_128_SHA), S_RSA, K_RSA, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_RSAD, ssl_hash_none },
|
||||
{ 0, CS(RSA_WITH_RC4_128_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5, F_NFIPS_STD, A_RSAD, ssl_hash_none },
|
||||
@@ -325,6 +330,11 @@ static const SSLCipherSuiteInfo suiteInfo[] = {
|
||||
{ 0, CS(ECDHE_RSA_WITH_AES_256_GCM_SHA384), S_RSA, K_ECDHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_RSAS, ssl_hash_sha384 },
|
||||
{ 0, CS(ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384), S_RSA, K_ECDHE, C_CAMELLIA, B_256, M_SHA384, F_NFIPS_STD, A_RSAS, ssl_hash_sha384 },
|
||||
|
||||
{ 0, CS(ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256), S_ECDSA, K_ECDHE, C_CAMELLIAGCM, B_128, M_AEAD_128, F_NFIPS_STD, A_ECDSA, ssl_hash_sha256 },
|
||||
{ 0, CS(ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256), S_RSA, K_ECDHE, C_CAMELLIAGCM, B_128, M_AEAD_128, F_NFIPS_STD, A_RSAS, ssl_hash_sha256 },
|
||||
{ 0, CS(ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384), S_ECDSA, K_ECDHE, C_CAMELLIAGCM, B_256, M_AEAD_128, F_NFIPS_STD, A_ECDSA, ssl_hash_sha384 },
|
||||
{ 0, CS(ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384), S_RSA, K_ECDHE, C_CAMELLIAGCM, B_256, M_AEAD_128, F_NFIPS_STD, A_RSAS, ssl_hash_sha384 },
|
||||
|
||||
{ 0, CS(DHE_DSS_WITH_AES_256_GCM_SHA384), S_DSA, K_DHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_DSA, ssl_hash_sha384 },
|
||||
{ 0, CS(DHE_RSA_WITH_AES_256_GCM_SHA384), S_RSA, K_DHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_RSAS, ssl_hash_sha384 },
|
||||
{ 0, CS(RSA_WITH_AES_256_GCM_SHA384), S_RSA, K_RSA, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_RSAD, ssl_hash_sha384 },
|
||||
|
||||
@@ -143,6 +143,11 @@
|
||||
#define TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 0x00A2
|
||||
#define TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 0x00A3
|
||||
|
||||
#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
|
||||
#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
|
||||
#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
|
||||
#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
|
||||
|
||||
/* TLS "Signaling Cipher Suite Value" (SCSV). May be requested by client.
|
||||
* Must NEVER be chosen by server. SSL 3.0 server acknowledges by sending
|
||||
* back an empty Renegotiation Info (RI) server hello extension.
|
||||
@@ -205,6 +210,13 @@
|
||||
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076
|
||||
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077
|
||||
|
||||
/* RFC 6367 2.2 GCM, ephemeral only */
|
||||
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
|
||||
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
|
||||
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
|
||||
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
|
||||
|
||||
|
||||
/* draft-ietf-tls-chacha20-poly1305-04 */
|
||||
#define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8
|
||||
#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9
|
||||
|
||||
@@ -43,6 +43,8 @@ typedef enum {
|
||||
cipher_aes_128_gcm,
|
||||
cipher_aes_256_gcm,
|
||||
cipher_chacha20,
|
||||
cipher_camellia_128_gcm,
|
||||
cipher_camellia_256_gcm,
|
||||
cipher_missing /* reserved for no such supported cipher */
|
||||
/* This enum must match ssl3_cipherName[] in ssl3con.c. */
|
||||
} SSL3BulkCipher;
|
||||
|
||||
@@ -199,7 +199,8 @@ typedef enum {
|
||||
ssl_calg_camellia = 8,
|
||||
ssl_calg_seed = 9,
|
||||
ssl_calg_aes_gcm = 10,
|
||||
ssl_calg_chacha20 = 11
|
||||
ssl_calg_chacha20 = 11,
|
||||
ssl_calg_camellia_gcm = 12
|
||||
} SSLCipherAlgorithm;
|
||||
|
||||
typedef enum {
|
||||
|
||||
@@ -918,6 +918,7 @@ typedef CK_ULONG CK_MECHANISM_TYPE;
|
||||
#define CKM_CAMELLIA_CBC_PAD 0x00000555
|
||||
#define CKM_CAMELLIA_ECB_ENCRYPT_DATA 0x00000556
|
||||
#define CKM_CAMELLIA_CBC_ENCRYPT_DATA 0x00000557
|
||||
#define CKM_CAMELLIA_GCM 0x00000558
|
||||
|
||||
#define CKM_SEED_KEY_GEN 0x00000650
|
||||
#define CKM_SEED_ECB 0x00000651
|
||||
|
||||
Reference in New Issue
Block a user