Hello,
Considering that AES-192 seems to be very resistant against related key
attacks (http://eprint.iacr.org/2009/317) and the algorithm is already
available in the openssl code I am trying to expose the AES-192
ciphers.
Attached is a patch against 1.0.1u (adapted from the version I created
against RHEL "1.0.1e hobbled") that tries to accomplish this for plain
and EDH ciphers. Once I get this to work I will continue by adding the
EECDH ciphers.
The patch seems to work for most parts, except from exposing the
AES192-GCM ciphers. When the self test is run (make -C test apps tests)
it chokes with a client error:
ERROR in CLIENT
140069906728640:error:140740B5:SSL routines:SSL23_CLIENT_HELLO:no ciphers
available:s23_clnt.c:502:
TLSv1.2, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
Failed DHE-RSA-AES192-GCM-SHA384
make: *** [test_ssl] Error 1
The error occurs in ssl23_client_hello();
Note that the last hunk disables the testing of AES-192-GCM ciphers.
This is a hack to get the adapted RHEL srpm to build that should
eventually be removed. Time stamps on the files are also garbled as I
have not normalized the patch against a fresh tree yet. This is no
problem when applying it.
So my question is, could someone point me in the right direction on how
to expose the AES-192-GCM ciphers, i.e. what am I doing wrong that is
causing the client error?
Would the development team consider adding a patch exposing AES-192
ciphers in openssl once it's complete?
Thanks for your help.
Regards,
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
diff -pur openssl-1.0.1u.000/ssl/s3_lib.c openssl-1.0.1u/ssl/s3_lib.c
--- openssl-1.0.1u.000/ssl/s3_lib.c 2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/s3_lib.c 2017-01-09 01:25:22.608967809 +0100
@@ -948,7 +948,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
},
/* Cipher 30 */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
TLS1_CK_DH_DSS_WITH_AES_128_SHA,
SSL_kDHd,
@@ -963,7 +963,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
},
/* Cipher 31 */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
TLS1_CK_DH_RSA_WITH_AES_128_SHA,
SSL_kDHr,
@@ -1039,7 +1039,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
},
/* Cipher 36 */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
TLS1_CK_DH_DSS_WITH_AES_256_SHA,
SSL_kDHd,
@@ -1314,6 +1314,117 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
},
#endif /* OPENSSL_NO_CAMELLIA */
+/* AES-192 */
+ /* Cipher 47 */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_192_SHA,
+ TLS1_CK_RSA_WITH_AES_192_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES192,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+ /* Cipher 48 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_AES_192_SHA,
+ TLS1_CK_DH_DSS_WITH_AES_192_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES192,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+
+ /* Cipher 49 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_192_SHA,
+ TLS1_CK_DH_RSA_WITH_AES_192_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES192,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+
+ /* Cipher 4A */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_192_SHA,
+ TLS1_CK_DHE_DSS_WITH_AES_192_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES192,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+
+ /* Cipher 4B */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_192_SHA,
+ TLS1_CK_DHE_RSA_WITH_AES_192_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES192,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+
+ /* Cipher 4C */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_192_SHA,
+ TLS1_CK_ADH_WITH_AES_192_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES192,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+ /* Cipher 4D */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_192_SHA256,
+ TLS1_CK_RSA_WITH_AES_192_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES192,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+
#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
/* New TLS Export CipherSuites from expired ID */
# if 0
@@ -1941,7 +2052,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
/* Cipher A0 */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
SSL_kDHr,
@@ -1957,7 +2068,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
/* Cipher A1 */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
SSL_kDHr,
@@ -2005,7 +2116,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
/* Cipher A4 */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
SSL_kDHd,
@@ -2021,7 +2132,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
/* Cipher A5 */
{
- 0,
+ 0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
SSL_kDHd,
@@ -2067,6 +2178,183 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
},
+
+/* AES-192 */
+ /* Cipher A8 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_AES_192_SHA256,
+ TLS1_CK_DH_DSS_WITH_AES_192_SHA256,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES192,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+
+ /* Cipher A9 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_192_SHA256,
+ TLS1_CK_DH_RSA_WITH_AES_192_SHA256,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES192,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+
+ /* Cipher AA */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_192_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_192_SHA256,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES192,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+
+ /* Cipher AB */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_192_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_192_SHA256,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES192,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+
+ /* Cipher AC */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_192_SHA256,
+ TLS1_CK_ADH_WITH_AES_192_SHA256,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES192,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+ 192,
+ 192,
+ },
+ /* Cipher AD */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_192_GCM_SHA384,
+ TLS1_CK_RSA_WITH_AES_192_GCM_SHA384,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES192GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 192,
+ 192,
+ },
+
+ /* Cipher AE */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_192_GCM_SHA384,
+ TLS1_CK_DHE_RSA_WITH_AES_192_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_AES192GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 192,
+ 192,
+ },
+
+ /* Cipher AF */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_AES_192_GCM_SHA384,
+ TLS1_CK_DH_RSA_WITH_AES_192_GCM_SHA384,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_AES192GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 192,
+ 192,
+ },
+
+ /* Cipher B0 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_192_GCM_SHA384,
+ TLS1_CK_DHE_DSS_WITH_AES_192_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_AES192GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 192,
+ 192,
+ },
+
+ /* Cipher B1 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_AES_192_GCM_SHA384,
+ TLS1_CK_DH_DSS_WITH_AES_192_GCM_SHA384,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_AES192GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 192,
+ 192,
+ },
+
+ /* Cipher B2 */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_192_GCM_SHA384,
+ TLS1_CK_ADH_WITH_AES_192_GCM_SHA384,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_AES192GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+ 192,
+ 192,
+ },
+
#ifndef OPENSSL_NO_ECDH
/* Cipher C001 */
{
diff -pur openssl-1.0.1u.000/ssl/ssl_ciph.c openssl-1.0.1u/ssl/ssl_ciph.c
--- openssl-1.0.1u.000/ssl/ssl_ciph.c 2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/ssl_ciph.c 2017-01-09 01:48:00.640502823 +0100
@@ -164,11 +164,13 @@
#define SSL_ENC_SEED_IDX 11
#define SSL_ENC_AES128GCM_IDX 12
#define SSL_ENC_AES256GCM_IDX 13
-#define SSL_ENC_NUM_IDX 14
+#define SSL_ENC_AES192_IDX 14
+#define SSL_ENC_AES192GCM_IDX 15
+#define SSL_ENC_NUM_IDX 16
static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL
+ NULL, NULL, NULL, NULL
};
#define SSL_COMP_NULL_IDX 0
@@ -305,10 +307,11 @@ static const SSL_CIPHER cipher_aliases[]
{0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
{0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0,
0},
+ {0, SSL_TXT_AES192, 0, 0, 0, SSL_AES192 | SSL_AES192GCM, 0, 0, 0, 0, 0, 0},
{0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0,
0},
{0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0},
- {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0,
+ {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES192GCM | SSL_AES256GCM, 0, 0, 0, 0,
0, 0},
{0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
{0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
@@ -396,6 +399,8 @@ void ssl_load_ciphers(void)
#endif
ssl_cipher_methods[SSL_ENC_AES128_IDX] =
EVP_get_cipherbyname(SN_aes_128_cbc);
+ ssl_cipher_methods[SSL_ENC_AES192_IDX]=
+ EVP_get_cipherbyname(SN_aes_192_cbc);
ssl_cipher_methods[SSL_ENC_AES256_IDX] =
EVP_get_cipherbyname(SN_aes_256_cbc);
ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] =
@@ -408,6 +413,8 @@ void ssl_load_ciphers(void)
ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
EVP_get_cipherbyname(SN_aes_128_gcm);
+ ssl_cipher_methods[SSL_ENC_AES192GCM_IDX] =
+ EVP_get_cipherbyname(SN_aes_192_gcm);
ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
EVP_get_cipherbyname(SN_aes_256_gcm);
@@ -540,6 +547,9 @@ int ssl_cipher_get_evp(const SSL_SESSION
case SSL_AES128:
i = SSL_ENC_AES128_IDX;
break;
+ case SSL_AES192:
+ i=SSL_ENC_AES192_IDX;
+ break;
case SSL_AES256:
i = SSL_ENC_AES256_IDX;
break;
@@ -558,6 +568,9 @@ int ssl_cipher_get_evp(const SSL_SESSION
case SSL_AES128GCM:
i = SSL_ENC_AES128GCM_IDX;
break;
+ case SSL_AES192GCM:
+ i=SSL_ENC_AES192GCM_IDX;
+ break;
case SSL_AES256GCM:
i = SSL_ENC_AES256GCM_IDX;
break;
@@ -636,6 +649,10 @@ int ssl_cipher_get_evp(const SSL_SESSION
c->algorithm_mac == SSL_SHA1 &&
(evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
*enc = evp, *md = NULL;
+ else if (c->algorithm_enc == SSL_AES192 &&
+ c->algorithm_mac == SSL_SHA1 &&
+ (evp=EVP_get_cipherbyname("AES-192-CBC-HMAC-SHA1")))
+ *enc = evp, *md = NULL;
else if (c->algorithm_enc == SSL_AES256 &&
c->algorithm_mac == SSL_SHA1 &&
(evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
@@ -762,11 +779,15 @@ static void ssl_cipher_get_disabled(unsi
*enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0;
*enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
*enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
+ *enc |= (ssl_cipher_methods[SSL_ENC_AES192_IDX] == NULL) ? SSL_AES192 : 0;
*enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
*enc |=
(ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] ==
NULL) ? SSL_AES128GCM : 0;
*enc |=
+ (ssl_cipher_methods[SSL_ENC_AES192GCM_IDX] ==
+ NULL) ? SSL_AES192GCM : 0;
+ *enc |=
(ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] ==
NULL) ? SSL_AES256GCM : 0;
*enc |=
@@ -1707,12 +1728,18 @@ char *SSL_CIPHER_description(const SSL_C
case SSL_AES128:
enc = "AES(128)";
break;
+ case SSL_AES192:
+ enc = "AES(192)";
+ break;
case SSL_AES256:
enc = "AES(256)";
break;
case SSL_AES128GCM:
enc = "AESGCM(128)";
break;
+ case SSL_AES192GCM:
+ enc = "AESGCM(192)";
+ break;
case SSL_AES256GCM:
enc = "AESGCM(256)";
break;
diff -pur openssl-1.0.1u.000/ssl/ssl.h openssl-1.0.1u/ssl/ssl.h
--- openssl-1.0.1u.000/ssl/ssl.h 2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/ssl.h 2017-01-09 01:29:06.213239326 +0100
@@ -287,6 +287,7 @@ extern "C" {
# define SSL_TXT_IDEA "IDEA"
# define SSL_TXT_SEED "SEED"
# define SSL_TXT_AES128 "AES128"
+# define SSL_TXT_AES192 "AES192"
# define SSL_TXT_AES256 "AES256"
# define SSL_TXT_AES "AES"
# define SSL_TXT_AES_GCM "AESGCM"
diff -pur openssl-1.0.1u.000/ssl/ssl_locl.h openssl-1.0.1u/ssl/ssl_locl.h
--- openssl-1.0.1u.000/ssl/ssl_locl.h 2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/ssl_locl.h 2017-01-09 02:09:28.063606617 +0100
@@ -353,8 +353,10 @@
# define SSL_SEED 0x00000800L
# define SSL_AES128GCM 0x00001000L
# define SSL_AES256GCM 0x00002000L
+# define SSL_AES192 0x00004000L
+# define SSL_AES192GCM 0x00008000L
-# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
+# define SSL_AES (SSL_AES128|SSL_AES192|SSL_AES256|SSL_AES128GCM|SSL_AES192GCM|SSL_AES256GCM)
# define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
/* Bits for algorithm_mac (symmetric authentication) */
diff -pur openssl-1.0.1u.000/ssl/tls1.h openssl-1.0.1u/ssl/tls1.h
--- openssl-1.0.1u.000/ssl/tls1.h 2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/ssl/tls1.h 2017-01-09 02:37:39.512719622 +0100
@@ -403,15 +403,15 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
/* AES ciphersuites from RFC3268 */
# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
-# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
-# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031 /* not implemented */
# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
# define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
# define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
-# define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
-# define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037 /* not implemented */
# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
# define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
@@ -420,8 +420,8 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
# define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
# define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
# define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
-# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
-# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F /* not implemented */
# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
/* Camellia ciphersuites from RFC4132 */
@@ -432,10 +432,19 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
+/* AES-192 */
+# define TLS1_CK_RSA_WITH_AES_192_SHA 0x03000047
+# define TLS1_CK_DH_DSS_WITH_AES_192_SHA 0x03000048 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_192_SHA 0x03000049 /* not implemented */
+# define TLS1_CK_DHE_DSS_WITH_AES_192_SHA 0x0300004A
+# define TLS1_CK_DHE_RSA_WITH_AES_192_SHA 0x0300004B
+# define TLS1_CK_ADH_WITH_AES_192_SHA 0x0300004C
+# define TLS1_CK_RSA_WITH_AES_192_SHA256 0x0300004D
+
/* TLS v1.2 ciphersuites */
# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
-# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
-# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069 /* not implemented */
# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
# define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
@@ -443,16 +452,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
/* Camellia ciphersuites from RFC4132 */
# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
-# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
-# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086 /* not implemented */
# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
/* SEED ciphersuites from RFC4162 */
# define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
-# define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
-# define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
+# define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098 /* not implemented */
# define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
# define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
# define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
@@ -462,15 +471,29 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
# define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
# define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
# define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
-# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
-# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
+# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0 /* not implemented */
+# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1 /* not implemented */
# define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
# define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
-# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
-# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
+# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4 /* not implemented */
+# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5 /* not implemented */
# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
+/* AES-192 */
+#define TLS1_CK_DH_DSS_WITH_AES_192_SHA256 0x030000A8 /* not implemented */
+#define TLS1_CK_DH_RSA_WITH_AES_192_SHA256 0x030000A9 /* not implemented */
+#define TLS1_CK_DHE_DSS_WITH_AES_192_SHA256 0x030000AA
+#define TLS1_CK_DHE_RSA_WITH_AES_192_SHA256 0x030000AB
+#define TLS1_CK_ADH_WITH_AES_192_SHA256 0x030000AC
+
+#define TLS1_CK_RSA_WITH_AES_192_GCM_SHA384 0x030000AD
+#define TLS1_CK_DHE_RSA_WITH_AES_192_GCM_SHA384 0x030000AE
+#define TLS1_CK_DH_RSA_WITH_AES_192_GCM_SHA384 0x030000AF /* not implemented */
+#define TLS1_CK_DHE_DSS_WITH_AES_192_GCM_SHA384 0x030000B0
+#define TLS1_CK_DH_DSS_WITH_AES_192_GCM_SHA384 0x030000B1 /* not implemented */
+#define TLS1_CK_ADH_WITH_AES_192_GCM_SHA384 0x030000B2
+
/*
* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
* draft 13
@@ -567,6 +590,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
# define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
+/* AES-192 */
+#define TLS1_TXT_RSA_WITH_AES_192_SHA "AES192-SHA"
+#define TLS1_TXT_DH_DSS_WITH_AES_192_SHA "DH-DSS-AES192-SHA"
+#define TLS1_TXT_DH_RSA_WITH_AES_192_SHA "DH-RSA-AES192-SHA"
+#define TLS1_TXT_DHE_DSS_WITH_AES_192_SHA "DHE-DSS-AES192-SHA"
+#define TLS1_TXT_DHE_RSA_WITH_AES_192_SHA "DHE-RSA-AES192-SHA"
+#define TLS1_TXT_ADH_WITH_AES_192_SHA "ADH-AES192-SHA"
+
/* ECC ciphersuites from RFC4492 */
# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
@@ -653,6 +684,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
# define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
# define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
+/* AES-192 */
+#define TLS1_TXT_RSA_WITH_AES_192_SHA256 "AES192-SHA256"
+#define TLS1_TXT_DH_DSS_WITH_AES_192_SHA256 "DH-DSS-AES192-SHA256"
+#define TLS1_TXT_DH_RSA_WITH_AES_192_SHA256 "DH-RSA-AES192-SHA256"
+#define TLS1_TXT_DHE_DSS_WITH_AES_192_SHA256 "DHE-DSS-AES192-SHA256"
+#define TLS1_TXT_DHE_RSA_WITH_AES_192_SHA256 "DHE-RSA-AES192-SHA256"
+#define TLS1_TXT_ADH_WITH_AES_192_SHA256 "ADH-AES192-SHA256"
+
/* TLS v1.2 GCM ciphersuites from RFC5288 */
# define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
# define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
@@ -667,6 +706,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_T
# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
+/* AES-192 */
+#define TLS1_TXT_RSA_WITH_AES_192_GCM_SHA384 "AES192-GCM-SHA384"
+#define TLS1_TXT_DHE_RSA_WITH_AES_192_GCM_SHA384 "DHE-RSA-AES192-GCM-SHA384"
+#define TLS1_TXT_DH_RSA_WITH_AES_192_GCM_SHA384 "DH-RSA-AES192-GCM-SHA384"
+#define TLS1_TXT_DHE_DSS_WITH_AES_192_GCM_SHA384 "DHE-DSS-AES192-GCM-SHA384"
+#define TLS1_TXT_DH_DSS_WITH_AES_192_GCM_SHA384 "DH-DSS-AES192-GCM-SHA384"
+#define TLS1_TXT_ADH_WITH_AES_192_GCM_SHA384 "ADH-AES192-GCM-SHA384"
+
/* ECDH HMAC based ciphersuites from RFC5289 */
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
diff -pur openssl-1.0.1u.000/test/testssl openssl-1.0.1u/test/testssl
--- openssl-1.0.1u.000/test/testssl 2016-09-22 12:29:27.000000000 +0200
+++ openssl-1.0.1u/test/testssl 2017-01-09 02:46:48.948896959 +0100
@@ -136,13 +136,13 @@ test_cipher() {
echo "Testing ciphersuites"
for protocol in TLSv1.2 SSLv3; do
echo "Testing ciphersuites for $protocol"
- for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+ for cipher in $(../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' ' | grep -v AES192-GCM); do
test_cipher $cipher $protocol
done
if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
echo "skipping RSA+DHE tests"
else
- for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+ for cipher in $(../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' ' | grep -v AES192-GCM); do
test_cipher $cipher $protocol
done
echo "testing connection with weak DH, expecting failure"
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
