On Mon, Jan 09, 2017 at 07:57:43PM +0100, Leonard den Ottolander wrote: > Considering that AES-192 seems to be very resistant against related key > attacks (http://eprint.iacr.org/2009/317) and the algorithm is already > available in the openssl code I am trying to expose the AES-192 > ciphers.
There are no AES-192 ciphersuites in the IANA TLS registry: http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4 so these cannot (interoperably) be used with TLS. > +/* AES-192 */ > + /* Cipher A8 */ > + { > + 0, /* not implemented (non-ephemeral DH) */ > + TLS1_TXT_DH_DSS_WITH_AES_192_SHA256, > + TLS1_CK_DH_DSS_WITH_AES_192_SHA256, That codepoint is: TLS_PSK_WITH_AES_128_GCM_SHA256 > + /* Cipher A9 */ > + { > + 0, /* not implemented (non-ephemeral DH) */ > + TLS1_TXT_DH_RSA_WITH_AES_192_SHA256, > + TLS1_CK_DH_RSA_WITH_AES_192_SHA256, That codepoint is: TLS_PSK_WITH_AES_256_GCM_SHA384 > + /* Cipher AA */ > + { > + 1, > + TLS1_TXT_DHE_DSS_WITH_AES_192_SHA256, > + TLS1_CK_DHE_DSS_WITH_AES_192_SHA256, Another conflict. > + /* Cipher AB */ > + { > + 1, > + TLS1_TXT_DHE_RSA_WITH_AES_192_SHA256, > + TLS1_CK_DHE_RSA_WITH_AES_192_SHA256, Another conflict... -- Viktor. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev