diff options
author | Joel Sing <jsing@cvs.openbsd.org> | 2020-04-19 14:54:15 +0000 |
---|---|---|
committer | Joel Sing <jsing@cvs.openbsd.org> | 2020-04-19 14:54:15 +0000 |
commit | cb0e33d12f3726a64bb0169970aae1944e425e4b (patch) | |
tree | 42c066d87e6286345124bfa667d8276846617e55 /lib | |
parent | c96c108bcd88088f9321a743ff19d5907682e66c (diff) |
Provide TLSv1.3 cipher suite aliases to match the names used in RFC 8446.
ok beck@ inoguchi@ tb@
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libssl/ssl_ciph.c | 27 |
1 files changed, 25 insertions, 2 deletions
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index 9ba8f404379..37417efc08d 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_ciph.c,v 1.116 2020/04/18 14:41:05 jsing Exp $ */ +/* $OpenBSD: ssl_ciph.c,v 1.117 2020/04/19 14:54:14 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -396,6 +396,28 @@ static const SSL_CIPHER cipher_aliases[] = { .algorithm_ssl = SSL_TLSV1_3, }, + /* cipher suite aliases */ +#ifdef LIBRESSL_HAS_TLS1_3 + { + .valid = 1, + .name = "TLS_AES_128_GCM_SHA256", + .id = TLS1_3_CK_AES_128_GCM_SHA256, + .algorithm_ssl = SSL_TLSV1_3, + }, + { + .valid = 1, + .name = "TLS_AES_256_GCM_SHA384", + .id = TLS1_3_CK_AES_256_GCM_SHA384, + .algorithm_ssl = SSL_TLSV1_3, + }, + { + .valid = 1, + .name = "TLS_CHACHA20_POLY1305_SHA256", + .id = TLS1_3_CK_CHACHA20_POLY1305_SHA256, + .algorithm_ssl = SSL_TLSV1_3, + }, +#endif + /* strength classes */ { .name = SSL_TXT_LOW, @@ -961,7 +983,8 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p, while (((ch >= 'A') && (ch <= 'Z')) || ((ch >= '0') && (ch <= '9')) || ((ch >= 'a') && (ch <= 'z')) || - (ch == '-') || (ch == '.')) { + (ch == '-') || (ch == '.') || + (ch == '_')) { ch = *(++l); buflen++; } |