Hello, Considering that AES-192 seems to be very resistant against related key attacks (http://eprint.iacr.org/2009/317) and the algorithm is already available in the openssl code I am trying to expose the AES-192 ciphers.
Attached is a patch against 1.0.1u (adapted from the version I created against RHEL "1.0.1e hobbled") that tries to accomplish this for plain and EDH ciphers. Once I get this to work I will continue by adding the EECDH ciphers. The patch seems to work for most parts, except from exposing the AES192-GCM ciphers. When the self test is run (make -C test apps tests) it chokes with a client error: ERROR in CLIENT 140069906728640:error:140740B5:SSL routines:SSL23_CLIENT_HELLO:no ciphers available:s23_clnt.c:502: TLSv1.2, cipher (NONE) (NONE) 1 handshakes of 256 bytes done Failed DHE-RSA-AES192-GCM-SHA384 make: *** [test_ssl] Error 1 The error occurs in ssl23_client_hello(); Note that the last hunk disables the testing of AES-192-GCM ciphers. This is a hack to get the adapted RHEL srpm to build that should eventually be removed. Time stamps on the files are also garbled as I have not normalized the patch against a fresh tree yet. This is no problem when applying it. So my question is, could someone point me in the right direction on how to expose the AES-192-GCM ciphers, i.e. what am I doing wrong that is causing the client error? Would the development team consider adding a patch exposing AES-192 ciphers in openssl once it's complete? Thanks for your help. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research
diff -pur openssl-1.0.1u.000/ssl/s3_lib.c openssl-1.0.1u/ssl/s3_lib.c --- openssl-1.0.1u.000/ssl/s3_lib.c 2016-09-22 12:29:27.000000000 +0200 +++ openssl-1.0.1u/ssl/s3_lib.c 2017-01-09 01:25:22.608967809 +0100 @@ -948,7 +948,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] }, /* Cipher 30 */ { - 0, + 0, /* not implemented (non-ephemeral DH) */ TLS1_TXT_DH_DSS_WITH_AES_128_SHA, TLS1_CK_DH_DSS_WITH_AES_128_SHA, SSL_kDHd, @@ -963,7 +963,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] }, /* Cipher 31 */ { - 0, + 0, /* not implemented (non-ephemeral DH) */ TLS1_TXT_DH_RSA_WITH_AES_128_SHA, TLS1_CK_DH_RSA_WITH_AES_128_SHA, SSL_kDHr, @@ -1039,7 +1039,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] }, /* Cipher 36 */ { - 0, + 0, /* not implemented (non-ephemeral DH) */ TLS1_TXT_DH_DSS_WITH_AES_256_SHA, TLS1_CK_DH_DSS_WITH_AES_256_SHA, SSL_kDHd, @@ -1314,6 +1314,117 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] }, #endif /* OPENSSL_NO_CAMELLIA */ +/* AES-192 */ + /* Cipher 47 */ + { + 1, + TLS1_TXT_RSA_WITH_AES_192_SHA, + TLS1_CK_RSA_WITH_AES_192_SHA, + SSL_kRSA, + SSL_aRSA, + SSL_AES192, + SSL_SHA1, + SSL_TLSV1, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + /* Cipher 48 */ + { + 0, /* not implemented (non-ephemeral DH) */ + TLS1_TXT_DH_DSS_WITH_AES_192_SHA, + TLS1_CK_DH_DSS_WITH_AES_192_SHA, + SSL_kDHd, + SSL_aDH, + SSL_AES192, + SSL_SHA1, + SSL_TLSV1, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + + /* Cipher 49 */ + { + 0, /* not implemented (non-ephemeral DH) */ + TLS1_TXT_DH_RSA_WITH_AES_192_SHA, + TLS1_CK_DH_RSA_WITH_AES_192_SHA, + SSL_kDHr, + SSL_aDH, + SSL_AES192, + SSL_SHA1, + SSL_TLSV1, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + + /* Cipher 4A */ + { + 1, + TLS1_TXT_DHE_DSS_WITH_AES_192_SHA, + TLS1_CK_DHE_DSS_WITH_AES_192_SHA, + SSL_kEDH, + SSL_aDSS, + SSL_AES192, + SSL_SHA1, + SSL_TLSV1, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + + /* Cipher 4B */ + { + 1, + TLS1_TXT_DHE_RSA_WITH_AES_192_SHA, + TLS1_CK_DHE_RSA_WITH_AES_192_SHA, + SSL_kEDH, + SSL_aRSA, + SSL_AES192, + SSL_SHA1, + SSL_TLSV1, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + + /* Cipher 4C */ + { + 1, + TLS1_TXT_ADH_WITH_AES_192_SHA, + TLS1_CK_ADH_WITH_AES_192_SHA, + SSL_kEDH, + SSL_aNULL, + SSL_AES192, + SSL_SHA1, + SSL_TLSV1, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + /* Cipher 4D */ + { + 1, + TLS1_TXT_RSA_WITH_AES_192_SHA256, + TLS1_CK_RSA_WITH_AES_192_SHA256, + SSL_kRSA, + SSL_aRSA, + SSL_AES192, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES /* New TLS Export CipherSuites from expired ID */ # if 0 @@ -1941,7 +2052,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] /* Cipher A0 */ { - 0, + 0, /* not implemented (non-ephemeral DH) */ TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, SSL_kDHr, @@ -1957,7 +2068,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] /* Cipher A1 */ { - 0, + 0, /* not implemented (non-ephemeral DH) */ TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, SSL_kDHr, @@ -2005,7 +2116,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] /* Cipher A4 */ { - 0, + 0, /* not implemented (non-ephemeral DH) */ TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, SSL_kDHd, @@ -2021,7 +2132,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] /* Cipher A5 */ { - 0, + 0, /* not implemented (non-ephemeral DH) */ TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, SSL_kDHd, @@ -2067,6 +2178,183 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] 256, }, + +/* AES-192 */ + /* Cipher A8 */ + { + 0, /* not implemented (non-ephemeral DH) */ + TLS1_TXT_DH_DSS_WITH_AES_192_SHA256, + TLS1_CK_DH_DSS_WITH_AES_192_SHA256, + SSL_kDHd, + SSL_aDH, + SSL_AES192, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + + /* Cipher A9 */ + { + 0, /* not implemented (non-ephemeral DH) */ + TLS1_TXT_DH_RSA_WITH_AES_192_SHA256, + TLS1_CK_DH_RSA_WITH_AES_192_SHA256, + SSL_kDHr, + SSL_aDH, + SSL_AES192, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + + /* Cipher AA */ + { + 1, + TLS1_TXT_DHE_DSS_WITH_AES_192_SHA256, + TLS1_CK_DHE_DSS_WITH_AES_192_SHA256, + SSL_kEDH, + SSL_aDSS, + SSL_AES192, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + + /* Cipher AB */ + { + 1, + TLS1_TXT_DHE_RSA_WITH_AES_192_SHA256, + TLS1_CK_DHE_RSA_WITH_AES_192_SHA256, + SSL_kEDH, + SSL_aRSA, + SSL_AES192, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + + /* Cipher AC */ + { + 1, + TLS1_TXT_ADH_WITH_AES_192_SHA256, + TLS1_CK_ADH_WITH_AES_192_SHA256, + SSL_kEDH, + SSL_aNULL, + SSL_AES192, + SSL_SHA256, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, + 192, + 192, + }, + /* Cipher AD */ + { + 1, + TLS1_TXT_RSA_WITH_AES_192_GCM_SHA384, + TLS1_CK_RSA_WITH_AES_192_GCM_SHA384, + SSL_kRSA, + SSL_aRSA, + SSL_AES192GCM, + SSL_AEAD, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 192, + 192, + }, + + /* Cipher AE */ + { + 1, + TLS1_TXT_DHE_RSA_WITH_AES_192_GCM_SHA384, + TLS1_CK_DHE_RSA_WITH_AES_192_GCM_SHA384, + SSL_kEDH, + SSL_aRSA, + SSL_AES192GCM, + SSL_AEAD, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 192, + 192, + }, + + /* Cipher AF */ + { + 0, /* not implemented (non-ephemeral DH) */ + TLS1_TXT_DH_RSA_WITH_AES_192_GCM_SHA384, + TLS1_CK_DH_RSA_WITH_AES_192_GCM_SHA384, + SSL_kDHr, + SSL_aDH, + SSL_AES192GCM, + SSL_AEAD, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 192, + 192, + }, + + /* Cipher B0 */ + { + 1, + TLS1_TXT_DHE_DSS_WITH_AES_192_GCM_SHA384, + TLS1_CK_DHE_DSS_WITH_AES_192_GCM_SHA384, + SSL_kEDH, + SSL_aDSS, + SSL_AES192GCM, + SSL_AEAD, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 192, + 192, + }, + + /* Cipher B1 */ + { + 0, /* not implemented (non-ephemeral DH) */ + TLS1_TXT_DH_DSS_WITH_AES_192_GCM_SHA384, + TLS1_CK_DH_DSS_WITH_AES_192_GCM_SHA384, + SSL_kDHd, + SSL_aDH, + SSL_AES192GCM, + SSL_AEAD, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 192, + 192, + }, + + /* Cipher B2 */ + { + 1, + TLS1_TXT_ADH_WITH_AES_192_GCM_SHA384, + TLS1_CK_ADH_WITH_AES_192_GCM_SHA384, + SSL_kEDH, + SSL_aNULL, + SSL_AES192GCM, + SSL_AEAD, + SSL_TLSV1_2, + SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, + SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, + 192, + 192, + }, + #ifndef OPENSSL_NO_ECDH /* Cipher C001 */ { diff -pur openssl-1.0.1u.000/ssl/ssl_ciph.c openssl-1.0.1u/ssl/ssl_ciph.c --- openssl-1.0.1u.000/ssl/ssl_ciph.c 2016-09-22 12:29:27.000000000 +0200 +++ openssl-1.0.1u/ssl/ssl_ciph.c 2017-01-09 01:48:00.640502823 +0100 @@ -164,11 +164,13 @@ #define SSL_ENC_SEED_IDX 11 #define SSL_ENC_AES128GCM_IDX 12 #define SSL_ENC_AES256GCM_IDX 13 -#define SSL_ENC_NUM_IDX 14 +#define SSL_ENC_AES192_IDX 14 +#define SSL_ENC_AES192GCM_IDX 15 +#define SSL_ENC_NUM_IDX 16 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, - NULL, NULL + NULL, NULL, NULL, NULL }; #define SSL_COMP_NULL_IDX 0 @@ -305,10 +307,11 @@ static const SSL_CIPHER cipher_aliases[] {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0, 0}, + {0, SSL_TXT_AES192, 0, 0, 0, SSL_AES192 | SSL_AES192GCM, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0}, - {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0, + {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES192GCM | SSL_AES256GCM, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0}, {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0}, @@ -396,6 +399,8 @@ void ssl_load_ciphers(void) #endif ssl_cipher_methods[SSL_ENC_AES128_IDX] = EVP_get_cipherbyname(SN_aes_128_cbc); + ssl_cipher_methods[SSL_ENC_AES192_IDX]= + EVP_get_cipherbyname(SN_aes_192_cbc); ssl_cipher_methods[SSL_ENC_AES256_IDX] = EVP_get_cipherbyname(SN_aes_256_cbc); ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] = @@ -408,6 +413,8 @@ void ssl_load_ciphers(void) ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] = EVP_get_cipherbyname(SN_aes_128_gcm); + ssl_cipher_methods[SSL_ENC_AES192GCM_IDX] = + EVP_get_cipherbyname(SN_aes_192_gcm); ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] = EVP_get_cipherbyname(SN_aes_256_gcm); @@ -540,6 +547,9 @@ int ssl_cipher_get_evp(const SSL_SESSION case SSL_AES128: i = SSL_ENC_AES128_IDX; break; + case SSL_AES192: + i=SSL_ENC_AES192_IDX; + break; case SSL_AES256: i = SSL_ENC_AES256_IDX; break; @@ -558,6 +568,9 @@ int ssl_cipher_get_evp(const SSL_SESSION case SSL_AES128GCM: i = SSL_ENC_AES128GCM_IDX; break; + case SSL_AES192GCM: + i=SSL_ENC_AES192GCM_IDX; + break; case SSL_AES256GCM: i = SSL_ENC_AES256GCM_IDX; break; @@ -636,6 +649,10 @@ int ssl_cipher_get_evp(const SSL_SESSION c->algorithm_mac == SSL_SHA1 && (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) *enc = evp, *md = NULL; + else if (c->algorithm_enc == SSL_AES192 && + c->algorithm_mac == SSL_SHA1 && + (evp=EVP_get_cipherbyname("AES-192-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; else if (c->algorithm_enc == SSL_AES256 && c->algorithm_mac == SSL_SHA1 && (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) @@ -762,11 +779,15 @@ static void ssl_cipher_get_disabled(unsi *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0; *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0; *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0; + *enc |= (ssl_cipher_methods[SSL_ENC_AES192_IDX] == NULL) ? SSL_AES192 : 0; *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0; *enc |= (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == NULL) ? SSL_AES128GCM : 0; *enc |= + (ssl_cipher_methods[SSL_ENC_AES192GCM_IDX] == + NULL) ? SSL_AES192GCM : 0; + *enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM : 0; *enc |= @@ -1707,12 +1728,18 @@ char *SSL_CIPHER_description(const SSL_C case SSL_AES128: enc = "AES(128)"; break; + case SSL_AES192: + enc = "AES(192)"; + break; case SSL_AES256: enc = "AES(256)"; break; case SSL_AES128GCM: enc = "AESGCM(128)"; break; + case SSL_AES192GCM: + enc = "AESGCM(192)"; + break; case SSL_AES256GCM: enc = "AESGCM(256)"; break; diff -pur openssl-1.0.1u.000/ssl/ssl.h openssl-1.0.1u/ssl/ssl.h --- openssl-1.0.1u.000/ssl/ssl.h 2016-09-22 12:29:27.000000000 +0200 +++ openssl-1.0.1u/ssl/ssl.h 2017-01-09 01:29:06.213239326 +0100 @@ -287,6 +287,7 @@ extern "C" { # define SSL_TXT_IDEA "IDEA" # define SSL_TXT_SEED "SEED" # define SSL_TXT_AES128 "AES128" +# define SSL_TXT_AES192 "AES192" # define SSL_TXT_AES256 "AES256" # define SSL_TXT_AES "AES" # define SSL_TXT_AES_GCM "AESGCM" diff -pur openssl-1.0.1u.000/ssl/ssl_locl.h openssl-1.0.1u/ssl/ssl_locl.h --- openssl-1.0.1u.000/ssl/ssl_locl.h 2016-09-22 12:29:27.000000000 +0200 +++ openssl-1.0.1u/ssl/ssl_locl.h 2017-01-09 02:09:28.063606617 +0100 @@ -353,8 +353,10 @@ # define SSL_SEED 0x00000800L # define SSL_AES128GCM 0x00001000L # define SSL_AES256GCM 0x00002000L +# define SSL_AES192 0x00004000L +# define SSL_AES192GCM 0x00008000L -# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM) +# define SSL_AES (SSL_AES128|SSL_AES192|SSL_AES256|SSL_AES128GCM|SSL_AES192GCM|SSL_AES256GCM) # define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) /* Bits for algorithm_mac (symmetric authentication) */ diff -pur openssl-1.0.1u.000/ssl/tls1.h openssl-1.0.1u/ssl/tls1.h --- openssl-1.0.1u.000/ssl/tls1.h 2016-09-22 12:29:27.000000000 +0200 +++ openssl-1.0.1u/ssl/tls1.h 2017-01-09 02:37:39.512719622 +0100 @@ -403,15 +403,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T /* AES ciphersuites from RFC3268 */ # define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F -# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030 -# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031 +# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030 /* not implemented */ +# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031 /* not implemented */ # define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032 # define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033 # define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034 # define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035 -# define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036 -# define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037 +# define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036 /* not implemented */ +# define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037 /* not implemented */ # define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038 # define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039 # define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A @@ -420,8 +420,8 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T # define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B # define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C # define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D -# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E -# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F +# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E /* not implemented */ +# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F /* not implemented */ # define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040 /* Camellia ciphersuites from RFC4132 */ @@ -432,10 +432,19 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045 # define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046 +/* AES-192 */ +# define TLS1_CK_RSA_WITH_AES_192_SHA 0x03000047 +# define TLS1_CK_DH_DSS_WITH_AES_192_SHA 0x03000048 /* not implemented */ +# define TLS1_CK_DH_RSA_WITH_AES_192_SHA 0x03000049 /* not implemented */ +# define TLS1_CK_DHE_DSS_WITH_AES_192_SHA 0x0300004A +# define TLS1_CK_DHE_RSA_WITH_AES_192_SHA 0x0300004B +# define TLS1_CK_ADH_WITH_AES_192_SHA 0x0300004C +# define TLS1_CK_RSA_WITH_AES_192_SHA256 0x0300004D + /* TLS v1.2 ciphersuites */ # define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067 -# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068 -# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069 +# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068 /* not implemented */ +# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069 /* not implemented */ # define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A # define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B # define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C @@ -443,16 +452,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T /* Camellia ciphersuites from RFC4132 */ # define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084 -# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085 -# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086 +# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085 /* not implemented */ +# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086 /* not implemented */ # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088 # define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089 /* SEED ciphersuites from RFC4162 */ # define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096 -# define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097 -# define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098 +# define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097 /* not implemented */ +# define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098 /* not implemented */ # define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099 # define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A # define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B @@ -462,15 +471,29 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T # define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D # define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E # define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F -# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0 -# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1 +# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0 /* not implemented */ +# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1 /* not implemented */ # define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2 # define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3 -# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4 -# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5 +# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4 /* not implemented */ +# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5 /* not implemented */ # define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6 # define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7 +/* AES-192 */ +#define TLS1_CK_DH_DSS_WITH_AES_192_SHA256 0x030000A8 /* not implemented */ +#define TLS1_CK_DH_RSA_WITH_AES_192_SHA256 0x030000A9 /* not implemented */ +#define TLS1_CK_DHE_DSS_WITH_AES_192_SHA256 0x030000AA +#define TLS1_CK_DHE_RSA_WITH_AES_192_SHA256 0x030000AB +#define TLS1_CK_ADH_WITH_AES_192_SHA256 0x030000AC + +#define TLS1_CK_RSA_WITH_AES_192_GCM_SHA384 0x030000AD +#define TLS1_CK_DHE_RSA_WITH_AES_192_GCM_SHA384 0x030000AE +#define TLS1_CK_DH_RSA_WITH_AES_192_GCM_SHA384 0x030000AF /* not implemented */ +#define TLS1_CK_DHE_DSS_WITH_AES_192_GCM_SHA384 0x030000B0 +#define TLS1_CK_DH_DSS_WITH_AES_192_GCM_SHA384 0x030000B1 /* not implemented */ +#define TLS1_CK_ADH_WITH_AES_192_GCM_SHA384 0x030000B2 + /* * ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in * draft 13 @@ -567,6 +590,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T # define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA" # define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA" +/* AES-192 */ +#define TLS1_TXT_RSA_WITH_AES_192_SHA "AES192-SHA" +#define TLS1_TXT_DH_DSS_WITH_AES_192_SHA "DH-DSS-AES192-SHA" +#define TLS1_TXT_DH_RSA_WITH_AES_192_SHA "DH-RSA-AES192-SHA" +#define TLS1_TXT_DHE_DSS_WITH_AES_192_SHA "DHE-DSS-AES192-SHA" +#define TLS1_TXT_DHE_RSA_WITH_AES_192_SHA "DHE-RSA-AES192-SHA" +#define TLS1_TXT_ADH_WITH_AES_192_SHA "ADH-AES192-SHA" + /* ECC ciphersuites from RFC4492 */ # define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA" # define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA" @@ -653,6 +684,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T # define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256" # define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256" +/* AES-192 */ +#define TLS1_TXT_RSA_WITH_AES_192_SHA256 "AES192-SHA256" +#define TLS1_TXT_DH_DSS_WITH_AES_192_SHA256 "DH-DSS-AES192-SHA256" +#define TLS1_TXT_DH_RSA_WITH_AES_192_SHA256 "DH-RSA-AES192-SHA256" +#define TLS1_TXT_DHE_DSS_WITH_AES_192_SHA256 "DHE-DSS-AES192-SHA256" +#define TLS1_TXT_DHE_RSA_WITH_AES_192_SHA256 "DHE-RSA-AES192-SHA256" +#define TLS1_TXT_ADH_WITH_AES_192_SHA256 "ADH-AES192-SHA256" + /* TLS v1.2 GCM ciphersuites from RFC5288 */ # define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256" # define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384" @@ -667,6 +706,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T # define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256" # define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384" +/* AES-192 */ +#define TLS1_TXT_RSA_WITH_AES_192_GCM_SHA384 "AES192-GCM-SHA384" +#define TLS1_TXT_DHE_RSA_WITH_AES_192_GCM_SHA384 "DHE-RSA-AES192-GCM-SHA384" +#define TLS1_TXT_DH_RSA_WITH_AES_192_GCM_SHA384 "DH-RSA-AES192-GCM-SHA384" +#define TLS1_TXT_DHE_DSS_WITH_AES_192_GCM_SHA384 "DHE-DSS-AES192-GCM-SHA384" +#define TLS1_TXT_DH_DSS_WITH_AES_192_GCM_SHA384 "DH-DSS-AES192-GCM-SHA384" +#define TLS1_TXT_ADH_WITH_AES_192_GCM_SHA384 "ADH-AES192-GCM-SHA384" + /* ECDH HMAC based ciphersuites from RFC5289 */ # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256" diff -pur openssl-1.0.1u.000/test/testssl openssl-1.0.1u/test/testssl --- openssl-1.0.1u.000/test/testssl 2016-09-22 12:29:27.000000000 +0200 +++ openssl-1.0.1u/test/testssl 2017-01-09 02:46:48.948896959 +0100 @@ -136,13 +136,13 @@ test_cipher() { echo "Testing ciphersuites" for protocol in TLSv1.2 SSLv3; do echo "Testing ciphersuites for $protocol" - for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do + for cipher in $(../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' ' | grep -v AES192-GCM); do test_cipher $cipher $protocol done if ../util/shlib_wrap.sh ../apps/openssl no-dh; then echo "skipping RSA+DHE tests" else - for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do + for cipher in $(../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' ' | grep -v AES192-GCM); do test_cipher $cipher $protocol done echo "testing connection with weak DH, expecting failure"
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev