diff options
| author | Stefan Bühler <stbuehler@web.de> | 2013-08-18 21:47:16 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-08-25 01:32:51 +0300 |
| commit | 16433446ccdc7b7f70d541639a95abfd5cc0fa99 (patch) | |
| tree | e42567af4750eff1f3d6eb6a4daa9998165d4f01 | |
| parent | 0c382d457fa3d7af102798c2c6cb90919349675d (diff) | |
| download | gnutls-16433446ccdc7b7f70d541639a95abfd5cc0fa99.tar.gz | |
add some RC4-128-SHA1 ciphersuites based on ECDH(E) key exchanges
| -rw-r--r-- | lib/algorithms/ciphersuites.c | 20 | ||||
| -rw-r--r-- | tests/priorities.c | 2 |
2 files changed, 21 insertions, 1 deletions
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index d0a6597754..99edc49e87 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -178,18 +178,21 @@ typedef struct #define GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1 { 0xC0, 0x17 } #define GNUTLS_ECDH_ANON_AES_128_CBC_SHA1 { 0xC0, 0x18 } #define GNUTLS_ECDH_ANON_AES_256_CBC_SHA1 { 0xC0, 0x19 } +#define GNUTLS_ECDH_ANON_ARCFOUR_128_SHA1 { 0xC0, 0x16 } /* ECC-RSA */ #define GNUTLS_ECDHE_RSA_NULL_SHA1 { 0xC0, 0x10 } #define GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x12 } #define GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 { 0xC0, 0x13 } #define GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 { 0xC0, 0x14 } +#define GNUTLS_ECDHE_RSA_ARCFOUR_128_SHA1 { 0xC0, 0x11 } /* ECC-ECDSA */ #define GNUTLS_ECDHE_ECDSA_NULL_SHA1 { 0xC0, 0x06 } #define GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x08 } #define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 { 0xC0, 0x09 } #define GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 { 0xC0, 0x0A } +#define GNUTLS_ECDHE_ECDSA_ARCFOUR_128_SHA1 { 0xC0, 0x07 } /* ECC with SHA2 */ #define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 {0xC0,0x23} @@ -211,6 +214,7 @@ typedef struct #define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1 { 0xC0, 0x36 } #define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256 { 0xC0, 0x37 } #define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384 { 0xC0, 0x38 } +#define GNUTLS_ECDHE_PSK_ARCFOUR_128_SHA1 { 0xC0, 0x33 } #define GNUTLS_ECDHE_PSK_NULL_SHA256 { 0xC0, 0x3A } #define GNUTLS_ECDHE_PSK_NULL_SHA384 { 0xC0, 0x3B } @@ -411,6 +415,10 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_DTLS_VERSION_MIN), + ENTRY (GNUTLS_ECDHE_RSA_ARCFOUR_128_SHA1, + GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ECDHE_RSA, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_UNKNOWN), /* ECDHE-ECDSA */ ENTRY (GNUTLS_ECDHE_ECDSA_NULL_SHA1, GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_ECDSA, @@ -428,6 +436,10 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_DTLS_VERSION_MIN), + ENTRY (GNUTLS_ECDHE_ECDSA_ARCFOUR_128_SHA1, + GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ECDHE_ECDSA, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_UNKNOWN), /* More ECC */ ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256, @@ -516,6 +528,10 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK, GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), + ENTRY (GNUTLS_ECDHE_PSK_ARCFOUR_128_SHA1, + GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ECDHE_PSK, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_UNKNOWN), ENTRY (GNUTLS_ECDHE_PSK_NULL_SHA256, GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK, GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, @@ -687,6 +703,10 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_ECDH, GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_DTLS_VERSION_MIN), + ENTRY (GNUTLS_ECDH_ANON_ARCFOUR_128_SHA1, + GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ANON_ECDH, + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_UNKNOWN), #endif #ifdef ENABLE_SRP /* SRP */ diff --git a/tests/priorities.c b/tests/priorities.c index cdf69baf40..1b3068b2df 100644 --- a/tests/priorities.c +++ b/tests/priorities.c @@ -94,7 +94,7 @@ for (i=0;i<ret;i++) void doit (void) { -const int normal = 40; +const int normal = 42; const int null = 5; const int sec128 = 32; |