Add CECPQ1 TLS ciphersuites

Tested against BoringSSL (as client + server) and google.com (as client). Fix a stupid crashing bug in NewHope's BoringSSL mode. Remove unneeded error return from curve25519_donna - always returned 0. Default policy prefers ChaChaPoly1305 over GCM and CECPQ1 over ECDH/DH, which means the default no-extra-configuration ciphersuite (for Botan client speaking to Botan server) is a ciphersuite which is both implemented in constant time on all platforms and (hopefully) provides post quantum security. Good Things.
author: Jack Lloyd <[email protected]> 2016-11-16 12:05:34 -0500
committer: Jack Lloyd <[email protected]> 2016-11-17 13:56:25 -0500
commit: 74cf1686b727d9b41781df66f3f74d63b9c5cfe2 (patch)
tree: c5127473f7676763202cf79837bd4328c903a21d /doc
parent: 97df0c27b878d77799353ccc9eda9705b1ec1fa4 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/manual/tls.rst b/doc/manual/tls.rst
index 24dc5093a..973b8ff0f 100644
--- a/doc/manual/tls.rst
+++ b/doc/manual/tls.rst
@@ -522,7 +522,7 @@ policy settings from a file.
 
      Cipher names without an explicit mode refers to CBC+HMAC ciphersuites.
 
-     Default value: "AES-256/GCM", "AES-128/GCM", "ChaCha20Poly1305",
+     Default value: "ChaCha20Poly1305", "AES-256/GCM", "AES-128/GCM",
      "AES-256/CCM", "AES-128/CCM", "AES-256", "AES-128"
 
      Also allowed: "AES-256/CCM(8)", "AES-128/CCM(8)",
@@ -567,7 +567,7 @@ policy settings from a file.
      Returns the list of key exchange methods we are willing to use,
      in order of preference.
 
-     Default: "ECDH", "DH"
+     Default: "CECPQ1", "ECDH", "DH"
 
      Also allowed: "RSA", "SRP_SHA", "ECDHE_PSK", "DHE_PSK", "PSK"
author	Jack Lloyd <[email protected]>	2016-11-16 12:05:34 -0500
committer	Jack Lloyd <[email protected]>	2016-11-17 13:56:25 -0500
commit	74cf1686b727d9b41781df66f3f74d63b9c5cfe2 (patch)
tree	c5127473f7676763202cf79837bd4328c903a21d /doc
parent	97df0c27b878d77799353ccc9eda9705b1ec1fa4 (diff)