Hello,

Considering that AES-192 seems to be very resistant against related key
attacks (http://eprint.iacr.org/2009/317) and the algorithm is already
available in the openssl code I am trying to expose the AES-192
ciphers. 

Attached is a patch against 1.0.1u (adapted from the version I created
against RHEL "1.0.1e hobbled") that tries to accomplish this for plain
and EDH ciphers. Once I get this to work I will continue by adding the
EECDH ciphers.

The patch seems to work for most parts, except from exposing the
AES192-GCM ciphers. When the self test is run (make -C test apps tests)
it chokes with a client error:

ERROR in CLIENT                                                                 
140069906728640:error:140740B5:SSL routines:SSL23_CLIENT_HELLO:no ciphers 
available:s23_clnt.c:502:
TLSv1.2, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
Failed DHE-RSA-AES192-GCM-SHA384
make: *** [test_ssl] Error 1

The error occurs in ssl23_client_hello();

Note that the last hunk disables the testing of AES-192-GCM ciphers.
This is a hack to get the adapted RHEL srpm to build that should
eventually be removed. Time stamps on the files are also garbled as I
have not normalized the patch against a fresh tree yet. This is no
problem when applying it.

So my question is, could someone point me in the right direction on how
to expose the AES-192-GCM ciphers, i.e. what am I doing wrong that is
causing the client error?

Would the development team consider adding a patch exposing AES-192
ciphers in openssl once it's complete?

Thanks for your help.

Regards,
Leonard.

-- 
mount -t life -o ro /dev/dna /genetic/research


diff -pur openssl-1.0.1u.000/ssl/s3_lib.c openssl-1.0.1u/ssl/s3_lib.c
--- openssl-1.0.1u.000/ssl/s3_lib.c	2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/s3_lib.c	2017-01-09 01:25:22.608967809 +0100
@@ -948,7 +948,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
      },
 /* Cipher 30 */
     {
-     0,
+     0, /* not implemented (non-ephemeral DH) */
      TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
      TLS1_CK_DH_DSS_WITH_AES_128_SHA,
      SSL_kDHd,
@@ -963,7 +963,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
      },
 /* Cipher 31 */
     {
-     0,
+     0, /* not implemented (non-ephemeral DH) */
      TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
      TLS1_CK_DH_RSA_WITH_AES_128_SHA,
      SSL_kDHr,
@@ -1039,7 +1039,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
      },
 /* Cipher 36 */
     {
-     0,
+     0, /* not implemented (non-ephemeral DH) */
      TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
      TLS1_CK_DH_DSS_WITH_AES_256_SHA,
      SSL_kDHd,
@@ -1314,6 +1314,117 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
      },
 #endif                          /* OPENSSL_NO_CAMELLIA */
 
+/* AES-192 */
+    /* Cipher 47 */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_AES_192_SHA,
+     TLS1_CK_RSA_WITH_AES_192_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_AES192,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+    /* Cipher 48 */
+    {
+     0, /* not implemented (non-ephemeral DH) */
+     TLS1_TXT_DH_DSS_WITH_AES_192_SHA,
+     TLS1_CK_DH_DSS_WITH_AES_192_SHA,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_AES192,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+
+    /* Cipher 49 */
+    {
+     0, /* not implemented (non-ephemeral DH) */
+     TLS1_TXT_DH_RSA_WITH_AES_192_SHA,
+     TLS1_CK_DH_RSA_WITH_AES_192_SHA,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_AES192,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+
+    /* Cipher 4A */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_AES_192_SHA,
+     TLS1_CK_DHE_DSS_WITH_AES_192_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_AES192,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+
+    /* Cipher 4B */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_AES_192_SHA,
+     TLS1_CK_DHE_RSA_WITH_AES_192_SHA,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_AES192,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+
+    /* Cipher 4C */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_AES_192_SHA,
+     TLS1_CK_ADH_WITH_AES_192_SHA,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_AES192,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+    /* Cipher 4D */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_AES_192_SHA256,
+     TLS1_CK_RSA_WITH_AES_192_SHA256,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_AES192,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+
 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
     /* New TLS Export CipherSuites from expired ID */
 # if 0
@@ -1941,7 +2052,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 
     /* Cipher A0 */
     {
-     0,
+     0, /* not implemented (non-ephemeral DH) */
      TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
      TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
      SSL_kDHr,
@@ -1957,7 +2068,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 
     /* Cipher A1 */
     {
-     0,
+     0, /* not implemented (non-ephemeral DH) */
      TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
      TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
      SSL_kDHr,
@@ -2005,7 +2116,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 
     /* Cipher A4 */
     {
-     0,
+     0, /* not implemented (non-ephemeral DH) */
      TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
      TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
      SSL_kDHd,
@@ -2021,7 +2132,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
 
     /* Cipher A5 */
     {
-     0,
+     0, /* not implemented (non-ephemeral DH) */
      TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
      TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
      SSL_kDHd,
@@ -2067,6 +2178,183 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
      256,
      },
 
+
+/* AES-192 */
+    /* Cipher A8 */
+    {
+     0, /* not implemented (non-ephemeral DH) */
+     TLS1_TXT_DH_DSS_WITH_AES_192_SHA256,
+     TLS1_CK_DH_DSS_WITH_AES_192_SHA256,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_AES192,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+
+    /* Cipher A9 */
+    {
+     0, /* not implemented (non-ephemeral DH) */
+     TLS1_TXT_DH_RSA_WITH_AES_192_SHA256,
+     TLS1_CK_DH_RSA_WITH_AES_192_SHA256,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_AES192,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+
+    /* Cipher AA */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_AES_192_SHA256,
+     TLS1_CK_DHE_DSS_WITH_AES_192_SHA256,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_AES192,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+
+    /* Cipher AB */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_AES_192_SHA256,
+     TLS1_CK_DHE_RSA_WITH_AES_192_SHA256,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_AES192,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+
+    /* Cipher AC */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_AES_192_SHA256,
+     TLS1_CK_ADH_WITH_AES_192_SHA256,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_AES192,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+     192,
+     192,
+     },
+    /* Cipher AD */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_AES_192_GCM_SHA384,
+     TLS1_CK_RSA_WITH_AES_192_GCM_SHA384,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_AES192GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+     192,
+     192,
+     },
+
+    /* Cipher AE */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_AES_192_GCM_SHA384,
+     TLS1_CK_DHE_RSA_WITH_AES_192_GCM_SHA384,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_AES192GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+     192,
+     192,
+     },
+
+    /* Cipher AF */
+    {
+     0, /* not implemented (non-ephemeral DH) */
+     TLS1_TXT_DH_RSA_WITH_AES_192_GCM_SHA384,
+     TLS1_CK_DH_RSA_WITH_AES_192_GCM_SHA384,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_AES192GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+     192,
+     192,
+     },
+
+    /* Cipher B0 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_AES_192_GCM_SHA384,
+     TLS1_CK_DHE_DSS_WITH_AES_192_GCM_SHA384,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_AES192GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+     192,
+     192,
+     },
+
+    /* Cipher B1 */
+    {
+     0, /* not implemented (non-ephemeral DH) */
+     TLS1_TXT_DH_DSS_WITH_AES_192_GCM_SHA384,
+     TLS1_CK_DH_DSS_WITH_AES_192_GCM_SHA384,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_AES192GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+     192,
+     192,
+     },
+
+    /* Cipher B2 */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_AES_192_GCM_SHA384,
+     TLS1_CK_ADH_WITH_AES_192_GCM_SHA384,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_AES192GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+     192,
+     192,
+     },
+
 #ifndef OPENSSL_NO_ECDH
     /* Cipher C001 */
     {
diff -pur openssl-1.0.1u.000/ssl/ssl_ciph.c openssl-1.0.1u/ssl/ssl_ciph.c
--- openssl-1.0.1u.000/ssl/ssl_ciph.c	2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/ssl_ciph.c	2017-01-09 01:48:00.640502823 +0100
@@ -164,11 +164,13 @@
 #define SSL_ENC_SEED_IDX        11
 #define SSL_ENC_AES128GCM_IDX   12
 #define SSL_ENC_AES256GCM_IDX   13
-#define SSL_ENC_NUM_IDX         14
+#define SSL_ENC_AES192_IDX      14
+#define SSL_ENC_AES192GCM_IDX   15
+#define SSL_ENC_NUM_IDX         16
 
 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
     NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
-    NULL, NULL
+    NULL, NULL, NULL, NULL
 };
 
 #define SSL_COMP_NULL_IDX       0
@@ -305,10 +307,11 @@ static const SSL_CIPHER cipher_aliases[]
     {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
     {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0,
      0},
+    {0, SSL_TXT_AES192, 0, 0, 0, SSL_AES192 | SSL_AES192GCM, 0, 0, 0, 0, 0, 0},
     {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0,
      0},
     {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0,
+    {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES192GCM | SSL_AES256GCM, 0, 0, 0, 0,
      0, 0},
     {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
     {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
@@ -396,6 +399,8 @@ void ssl_load_ciphers(void)
 #endif
     ssl_cipher_methods[SSL_ENC_AES128_IDX] =
         EVP_get_cipherbyname(SN_aes_128_cbc);
+    ssl_cipher_methods[SSL_ENC_AES192_IDX]=
+        EVP_get_cipherbyname(SN_aes_192_cbc);
     ssl_cipher_methods[SSL_ENC_AES256_IDX] =
         EVP_get_cipherbyname(SN_aes_256_cbc);
     ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] =
@@ -408,6 +413,8 @@ void ssl_load_ciphers(void)
 
     ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
         EVP_get_cipherbyname(SN_aes_128_gcm);
+    ssl_cipher_methods[SSL_ENC_AES192GCM_IDX] =
+        EVP_get_cipherbyname(SN_aes_192_gcm);
     ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
         EVP_get_cipherbyname(SN_aes_256_gcm);
 
@@ -540,6 +547,9 @@ int ssl_cipher_get_evp(const SSL_SESSION
     case SSL_AES128:
         i = SSL_ENC_AES128_IDX;
         break;
+    case SSL_AES192:
+        i=SSL_ENC_AES192_IDX;
+        break;
     case SSL_AES256:
         i = SSL_ENC_AES256_IDX;
         break;
@@ -558,6 +568,9 @@ int ssl_cipher_get_evp(const SSL_SESSION
     case SSL_AES128GCM:
         i = SSL_ENC_AES128GCM_IDX;
         break;
+    case SSL_AES192GCM:
+        i=SSL_ENC_AES192GCM_IDX;
+        break;
     case SSL_AES256GCM:
         i = SSL_ENC_AES256GCM_IDX;
         break;
@@ -636,6 +649,10 @@ int ssl_cipher_get_evp(const SSL_SESSION
                  c->algorithm_mac == SSL_SHA1 &&
                  (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
             *enc = evp, *md = NULL;
+        else if (c->algorithm_enc == SSL_AES192 &&
+                 c->algorithm_mac == SSL_SHA1 &&
+                 (evp=EVP_get_cipherbyname("AES-192-CBC-HMAC-SHA1")))
+            *enc = evp, *md = NULL;
         else if (c->algorithm_enc == SSL_AES256 &&
                  c->algorithm_mac == SSL_SHA1 &&
                  (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
@@ -762,11 +779,15 @@ static void ssl_cipher_get_disabled(unsi
     *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0;
     *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
     *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
+    *enc |= (ssl_cipher_methods[SSL_ENC_AES192_IDX] == NULL) ? SSL_AES192 : 0;
     *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
     *enc |=
         (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] ==
          NULL) ? SSL_AES128GCM : 0;
     *enc |=
+        (ssl_cipher_methods[SSL_ENC_AES192GCM_IDX] ==
+         NULL) ? SSL_AES192GCM : 0;
+    *enc |=
         (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] ==
          NULL) ? SSL_AES256GCM : 0;
     *enc |=
@@ -1707,12 +1728,18 @@ char *SSL_CIPHER_description(const SSL_C
     case SSL_AES128:
         enc = "AES(128)";
         break;
+    case SSL_AES192:
+        enc = "AES(192)";
+        break;
     case SSL_AES256:
         enc = "AES(256)";
         break;
     case SSL_AES128GCM:
         enc = "AESGCM(128)";
         break;
+    case SSL_AES192GCM:
+        enc = "AESGCM(192)";
+        break;
     case SSL_AES256GCM:
         enc = "AESGCM(256)";
         break;
diff -pur openssl-1.0.1u.000/ssl/ssl.h openssl-1.0.1u/ssl/ssl.h
--- openssl-1.0.1u.000/ssl/ssl.h	2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/ssl.h	2017-01-09 01:29:06.213239326 +0100
@@ -287,6 +287,7 @@ extern "C" {
 # define SSL_TXT_IDEA            "IDEA"
 # define SSL_TXT_SEED            "SEED"
 # define SSL_TXT_AES128          "AES128"
+# define SSL_TXT_AES192          "AES192"
 # define SSL_TXT_AES256          "AES256"
 # define SSL_TXT_AES             "AES"
 # define SSL_TXT_AES_GCM         "AESGCM"
diff -pur openssl-1.0.1u.000/ssl/ssl_locl.h openssl-1.0.1u/ssl/ssl_locl.h
--- openssl-1.0.1u.000/ssl/ssl_locl.h	2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/ssl_locl.h	2017-01-09 02:09:28.063606617 +0100
@@ -353,8 +353,10 @@
 # define SSL_SEED                0x00000800L
 # define SSL_AES128GCM           0x00001000L
 # define SSL_AES256GCM           0x00002000L
+# define SSL_AES192              0x00004000L
+# define SSL_AES192GCM           0x00008000L
 
-# define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
+# define SSL_AES                 (SSL_AES128|SSL_AES192|SSL_AES256|SSL_AES128GCM|SSL_AES192GCM|SSL_AES256GCM)
 # define SSL_CAMELLIA            (SSL_CAMELLIA128|SSL_CAMELLIA256)
 
 /* Bits for algorithm_mac (symmetric authentication) */
diff -pur openssl-1.0.1u.000/ssl/tls1.h openssl-1.0.1u/ssl/tls1.h
--- openssl-1.0.1u.000/ssl/tls1.h	2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/tls1.h	2017-01-09 02:37:39.512719622 +0100
@@ -403,15 +403,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
 
 /* AES ciphersuites from RFC3268 */
 # define TLS1_CK_RSA_WITH_AES_128_SHA                    0x0300002F
-# define TLS1_CK_DH_DSS_WITH_AES_128_SHA                 0x03000030
-# define TLS1_CK_DH_RSA_WITH_AES_128_SHA                 0x03000031
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA                 0x03000030 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA                 0x03000031 /* not implemented */
 # define TLS1_CK_DHE_DSS_WITH_AES_128_SHA                0x03000032
 # define TLS1_CK_DHE_RSA_WITH_AES_128_SHA                0x03000033
 # define TLS1_CK_ADH_WITH_AES_128_SHA                    0x03000034
 
 # define TLS1_CK_RSA_WITH_AES_256_SHA                    0x03000035
-# define TLS1_CK_DH_DSS_WITH_AES_256_SHA                 0x03000036
-# define TLS1_CK_DH_RSA_WITH_AES_256_SHA                 0x03000037
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA                 0x03000036 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA                 0x03000037 /* not implemented */
 # define TLS1_CK_DHE_DSS_WITH_AES_256_SHA                0x03000038
 # define TLS1_CK_DHE_RSA_WITH_AES_256_SHA                0x03000039
 # define TLS1_CK_ADH_WITH_AES_256_SHA                    0x0300003A
@@ -420,8 +420,8 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
 # define TLS1_CK_RSA_WITH_NULL_SHA256                    0x0300003B
 # define TLS1_CK_RSA_WITH_AES_128_SHA256                 0x0300003C
 # define TLS1_CK_RSA_WITH_AES_256_SHA256                 0x0300003D
-# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256              0x0300003E
-# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256              0x0300003F
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256              0x0300003E /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256              0x0300003F /* not implemented */
 # define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256             0x03000040
 
 /* Camellia ciphersuites from RFC4132 */
@@ -432,10 +432,19 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA       0x03000045
 # define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA           0x03000046
 
+/* AES-192 */
+# define TLS1_CK_RSA_WITH_AES_192_SHA                    0x03000047
+# define TLS1_CK_DH_DSS_WITH_AES_192_SHA                 0x03000048 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_192_SHA                 0x03000049 /* not implemented */
+# define TLS1_CK_DHE_DSS_WITH_AES_192_SHA                0x0300004A
+# define TLS1_CK_DHE_RSA_WITH_AES_192_SHA                0x0300004B
+# define TLS1_CK_ADH_WITH_AES_192_SHA                    0x0300004C
+# define TLS1_CK_RSA_WITH_AES_192_SHA256                 0x0300004D
+
 /* TLS v1.2 ciphersuites */
 # define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256             0x03000067
-# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256              0x03000068
-# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256              0x03000069
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256              0x03000068 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256              0x03000069 /* not implemented */
 # define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256             0x0300006A
 # define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256             0x0300006B
 # define TLS1_CK_ADH_WITH_AES_128_SHA256                 0x0300006C
@@ -443,16 +452,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
 
 /* Camellia ciphersuites from RFC4132 */
 # define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA           0x03000084
-# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA        0x03000085
-# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA        0x03000086
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA        0x03000085 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA        0x03000086 /* not implemented */
 # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA       0x03000087
 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA       0x03000088
 # define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA           0x03000089
 
 /* SEED ciphersuites from RFC4162 */
 # define TLS1_CK_RSA_WITH_SEED_SHA                       0x03000096
-# define TLS1_CK_DH_DSS_WITH_SEED_SHA                    0x03000097
-# define TLS1_CK_DH_RSA_WITH_SEED_SHA                    0x03000098
+# define TLS1_CK_DH_DSS_WITH_SEED_SHA                    0x03000097 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_SEED_SHA                    0x03000098 /* not implemented */
 # define TLS1_CK_DHE_DSS_WITH_SEED_SHA                   0x03000099
 # define TLS1_CK_DHE_RSA_WITH_SEED_SHA                   0x0300009A
 # define TLS1_CK_ADH_WITH_SEED_SHA                       0x0300009B
@@ -462,15 +471,29 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
 # define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384             0x0300009D
 # define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256         0x0300009E
 # define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384         0x0300009F
-# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256          0x030000A0
-# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384          0x030000A1
+# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256          0x030000A0 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384          0x030000A1 /* not implemented */
 # define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256         0x030000A2
 # define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384         0x030000A3
-# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256          0x030000A4
-# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384          0x030000A5
+# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256          0x030000A4 /* not implemented */
+# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384          0x030000A5 /* not implemented */
 # define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256             0x030000A6
 # define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384             0x030000A7
 
+/* AES-192 */
+#define TLS1_CK_DH_DSS_WITH_AES_192_SHA256              0x030000A8 /* not implemented */
+#define TLS1_CK_DH_RSA_WITH_AES_192_SHA256              0x030000A9 /* not implemented */
+#define TLS1_CK_DHE_DSS_WITH_AES_192_SHA256             0x030000AA
+#define TLS1_CK_DHE_RSA_WITH_AES_192_SHA256             0x030000AB
+#define TLS1_CK_ADH_WITH_AES_192_SHA256                 0x030000AC
+
+#define TLS1_CK_RSA_WITH_AES_192_GCM_SHA384             0x030000AD
+#define TLS1_CK_DHE_RSA_WITH_AES_192_GCM_SHA384         0x030000AE
+#define TLS1_CK_DH_RSA_WITH_AES_192_GCM_SHA384          0x030000AF /* not implemented */
+#define TLS1_CK_DHE_DSS_WITH_AES_192_GCM_SHA384         0x030000B0
+#define TLS1_CK_DH_DSS_WITH_AES_192_GCM_SHA384          0x030000B1 /* not implemented */
+#define TLS1_CK_ADH_WITH_AES_192_GCM_SHA384             0x030000B2
+
 /*
  * ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
  * draft 13
@@ -567,6 +590,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
 # define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA               "DHE-RSA-AES256-SHA"
 # define TLS1_TXT_ADH_WITH_AES_256_SHA                   "ADH-AES256-SHA"
 
+/* AES-192 */
+#define TLS1_TXT_RSA_WITH_AES_192_SHA                   "AES192-SHA"
+#define TLS1_TXT_DH_DSS_WITH_AES_192_SHA                "DH-DSS-AES192-SHA"
+#define TLS1_TXT_DH_RSA_WITH_AES_192_SHA                "DH-RSA-AES192-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_AES_192_SHA               "DHE-DSS-AES192-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_AES_192_SHA               "DHE-RSA-AES192-SHA"
+#define TLS1_TXT_ADH_WITH_AES_192_SHA                   "ADH-AES192-SHA"
+
 /* ECC ciphersuites from RFC4492 */
 # define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA               "ECDH-ECDSA-NULL-SHA"
 # define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA            "ECDH-ECDSA-RC4-SHA"
@@ -653,6 +684,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
 # define TLS1_TXT_ADH_WITH_AES_128_SHA256                "ADH-AES128-SHA256"
 # define TLS1_TXT_ADH_WITH_AES_256_SHA256                "ADH-AES256-SHA256"
 
+/* AES-192 */
+#define TLS1_TXT_RSA_WITH_AES_192_SHA256		"AES192-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_AES_192_SHA256		"DH-DSS-AES192-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_AES_192_SHA256		"DH-RSA-AES192-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_AES_192_SHA256		"DHE-DSS-AES192-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_AES_192_SHA256		"DHE-RSA-AES192-SHA256"
+#define TLS1_TXT_ADH_WITH_AES_192_SHA256		"ADH-AES192-SHA256"
+
 /* TLS v1.2 GCM ciphersuites from RFC5288 */
 # define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256            "AES128-GCM-SHA256"
 # define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384            "AES256-GCM-SHA384"
@@ -667,6 +706,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
 # define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256            "ADH-AES128-GCM-SHA256"
 # define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384            "ADH-AES256-GCM-SHA384"
 
+/* AES-192 */
+#define TLS1_TXT_RSA_WITH_AES_192_GCM_SHA384		"AES192-GCM-SHA384"
+#define TLS1_TXT_DHE_RSA_WITH_AES_192_GCM_SHA384	"DHE-RSA-AES192-GCM-SHA384"
+#define TLS1_TXT_DH_RSA_WITH_AES_192_GCM_SHA384		"DH-RSA-AES192-GCM-SHA384"
+#define TLS1_TXT_DHE_DSS_WITH_AES_192_GCM_SHA384	"DHE-DSS-AES192-GCM-SHA384"
+#define TLS1_TXT_DH_DSS_WITH_AES_192_GCM_SHA384		"DH-DSS-AES192-GCM-SHA384"
+#define TLS1_TXT_ADH_WITH_AES_192_GCM_SHA384		"ADH-AES192-GCM-SHA384"
+
 /* ECDH HMAC based ciphersuites from RFC5289 */
 
 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256    "ECDHE-ECDSA-AES128-SHA256"
diff -pur openssl-1.0.1u.000/test/testssl openssl-1.0.1u/test/testssl
--- openssl-1.0.1u.000/test/testssl	2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/test/testssl	2017-01-09 02:46:48.948896959 +0100
@@ -136,13 +136,13 @@ test_cipher() {
 echo "Testing ciphersuites"
 for protocol in TLSv1.2 SSLv3; do
   echo "Testing ciphersuites for $protocol"
-  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+  for cipher in $(../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' ' | grep -v AES192-GCM); do
     test_cipher $cipher $protocol
   done
   if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
     echo "skipping RSA+DHE tests"
   else
-    for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+    for cipher in $(../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' ' | grep -v AES192-GCM); do
       test_cipher $cipher $protocol
     done
     echo "testing connection with weak DH, expecting failure"
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to