diff options
| author | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2022-11-10 14:07:34 +0100 |
|---|---|---|
| committer | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2023-01-27 15:13:25 +0100 |
| commit | 9ce52c6749964105d7a44bb4dc3977dac266873d (patch) | |
| tree | 274ae733fb479b23ff062c3038156972a60d48f0 | |
| parent | 2fbe2d82368757bbbe1ce78c634a1d53d03e2fea (diff) | |
| download | gnutls-9ce52c6749964105d7a44bb4dc3977dac266873d.tar.gz | |
DTLS1_3: Add ciphersuites
enable TLS 1.3 ciphersuites for DTLS 1.3
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
| -rw-r--r-- | lib/algorithms/ciphersuites.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index 3676c09de5..8a585fde9d 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -41,8 +41,8 @@ { #name, name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, GNUTLS_TLS1_2, dtls_version, GNUTLS_DTLS1_2, GNUTLS_MAC_SHA256} #define ENTRY_PRF( name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, dtls_version, prf ) \ { #name, name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, GNUTLS_TLS1_2, dtls_version, GNUTLS_DTLS1_2, prf} -#define ENTRY_TLS13( name, canonical_name, block_algorithm, min_version, prf ) \ - { #name, name, canonical_name, block_algorithm, 0, GNUTLS_MAC_AEAD, min_version, GNUTLS_TLS1_3, GNUTLS_VERSION_UNKNOWN, GNUTLS_VERSION_UNKNOWN, prf} +#define ENTRY_TLS13( name, canonical_name, block_algorithm, min_version, dtls_version, prf ) \ + { #name, name, canonical_name, block_algorithm, 0, GNUTLS_MAC_AEAD, min_version, GNUTLS_TLS1_3, dtls_version, GNUTLS_DTLS1_3, prf} /* TLS 1.3 ciphersuites */ #define GNUTLS_AES_128_GCM_SHA256 { 0x13, 0x01 } @@ -351,26 +351,31 @@ static const gnutls_cipher_suite_entry_st cs_algorithms[] = { ENTRY_TLS13(GNUTLS_AES_128_GCM_SHA256, "TLS_AES_128_GCM_SHA256", GNUTLS_CIPHER_AES_128_GCM, GNUTLS_TLS1_3, + GNUTLS_DTLS1_3, GNUTLS_MAC_SHA256), ENTRY_TLS13(GNUTLS_AES_256_GCM_SHA384, "TLS_AES_256_GCM_SHA384", GNUTLS_CIPHER_AES_256_GCM, GNUTLS_TLS1_3, + GNUTLS_DTLS1_3, GNUTLS_MAC_SHA384), ENTRY_TLS13(GNUTLS_CHACHA20_POLY1305_SHA256, "TLS_CHACHA20_POLY1305_SHA256", GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_TLS1_3, + GNUTLS_DTLS1_3, GNUTLS_MAC_SHA256), ENTRY_TLS13(GNUTLS_AES_128_CCM_SHA256, "TLS_AES_128_CCM_SHA256", GNUTLS_CIPHER_AES_128_CCM, GNUTLS_TLS1_3, + GNUTLS_DTLS1_3, GNUTLS_MAC_SHA256), ENTRY_TLS13(GNUTLS_AES_128_CCM_8_SHA256, "TLS_AES_128_CCM_8_SHA256", GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_TLS1_3, + GNUTLS_DTLS1_3, GNUTLS_MAC_SHA256), /* RSA-NULL */ |