Hi,
is there a reason why the Camellia cipher suits with SHA2 HMAC is not
supported?
I added them and tested the result with an Nginx server and the s_client
command.
I would like to have a look to support the Camellia GCM based cipher
suites, but if there is a reason why libressl shouldn't support them, I
would spend my time with something else.
Best Regards,
Guenther
Index: lib/libssl/src/ssl/s3_lib.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/ssl/s3_lib.c,v
retrieving revision 1.108
diff -u -p -r1.108 s3_lib.c
--- lib/libssl/src/ssl/s3_lib.c 28 Apr 2016 16:39:45 -0000 1.108
+++ lib/libssl/src/ssl/s3_lib.c 25 Aug 2016 13:45:27 -0000
@@ -1805,6 +1805,138 @@ SSL_CIPHER ssl3_ciphers[] = {
.strength_bits = 256,
.alg_bits = 256,
},
+
+#ifndef OPENSSL_NO_CAMELLIA
+ /* TLS 1.2 ECDH Camellia based ciphersuites from RFC 6367 */
+
+ /* Cipher C072 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kECDHE,
+ .algorithm_auth = SSL_aECDSA,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher C073 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+ .id = TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+ .algorithm_mkey = SSL_kECDHE,
+ .algorithm_auth = SSL_aECDSA,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA384,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+
+ /* Cipher C074 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kECDHe,
+ .algorithm_auth = SSL_aECDH,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher C075 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+ .id = TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+ .algorithm_mkey = SSL_kECDHe,
+ .algorithm_auth = SSL_aECDH,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA384,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+
+ /* Cipher C076 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kECDHE,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher C077 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+ .id = TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+ .algorithm_mkey = SSL_kECDHE,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA384,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+
+ /* Cipher C078 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .id = TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ .algorithm_mkey = SSL_kECDHe,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA128,
+ .algorithm_mac = SSL_SHA256,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+ .strength_bits = 128,
+ .alg_bits = 128,
+ },
+
+ /* Cipher C079 */
+ {
+ .valid = 1,
+ .name = TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+ .id = TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+ .algorithm_mkey = SSL_kECDHe,
+ .algorithm_auth = SSL_aRSA,
+ .algorithm_enc = SSL_CAMELLIA256,
+ .algorithm_mac = SSL_SHA384,
+ .algorithm_ssl = SSL_TLSV1_2,
+ .algo_strength = SSL_HIGH,
+ .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ .strength_bits = 256,
+ .alg_bits = 256,
+ },
+#endif /* OPENSSL_NO_CAMELLIA */
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
/* Cipher CC13 */
Index: lib/libssl/src/ssl/tls1.h
===================================================================
RCS file: /cvs/src/lib/libssl/src/ssl/tls1.h,v
retrieving revision 1.28
diff -u -p -r1.28 tls1.h
--- lib/libssl/src/ssl/tls1.h 28 Apr 2016 16:39:45 -0000 1.28
+++ lib/libssl/src/ssl/tls1.h 25 Aug 2016 13:45:27 -0000
@@ -536,6 +536,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
+/* ECDH Camellia based ciphersuites from RFC 6367. */
+#define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072
+#define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073
+#define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C074
+#define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C075
+#define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C076
+#define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C077
+#define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
+#define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
+
/* ChaCha20-Poly1305 based ciphersuites. */
#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD 0x0300CC13
#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD 0x0300CC14
@@ -702,6 +712,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384
"ECDHE-RSA-AES256-GCM-SHA384"
#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256
"ECDH-RSA-AES128-GCM-SHA256"
#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384
"ECDH-RSA-AES256-GCM-SHA384"
+
+/* ECDH Camellia based ciphersuites from RFC 6367. */
+#define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
"ECDHE-ECDSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
"ECDHE-ECDSA-CAMELLIA256-SHA384"
+#define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
"ECDH-ECDSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
"ECDH-ECDSA-CAMELLIA256-SHA384"
+#define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
"ECDHE-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
"ECDHE-RSA-CAMELLIA256-SHA384"
+#define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
"ECDH-RSA-CAMELLIA128-SHA256"
+#define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
"ECDH-RSA-CAMELLIA256-SHA384"
/* ChaCha20-Poly1305 based ciphersuites. */
#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD
"ECDHE-RSA-CHACHA20-POLY1305-OLD"
