Add CECPQ1 TLS ciphersuites

Tested against BoringSSL (as client + server) and google.com (as client). Fix a stupid crashing bug in NewHope's BoringSSL mode. Remove unneeded error return from curve25519_donna - always returned 0. Default policy prefers ChaChaPoly1305 over GCM and CECPQ1 over ECDH/DH, which means the default no-extra-configuration ciphersuite (for Botan client speaking to Botan server) is a ciphersuite which is both implemented in constant time on all platforms and (hopefully) provides post quantum security. Good Things.
author: Jack Lloyd <[email protected]> 2016-11-16 12:05:34 -0500
committer: Jack Lloyd <[email protected]> 2016-11-17 13:56:25 -0500
commit: 74cf1686b727d9b41781df66f3f74d63b9c5cfe2 (patch)
tree: c5127473f7676763202cf79837bd4328c903a21d /src/cli/speed.cpp
parent: 97df0c27b878d77799353ccc9eda9705b1ec1fa4 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/cli/speed.cpp b/src/cli/speed.cpp
index 47cdc03c0..6fac9411c 100644
--- a/src/cli/speed.cpp
+++ b/src/cli/speed.cpp
@@ -1246,7 +1246,7 @@ class Speed final : public Command
 
          while(sharedb_timer.under(msec))
             {
-            std::vector<uint8_t> send_a(NEWHOPE_SENDABYTES), send_b(NEWHOPE_SENDBBYTES);
+            std::vector<uint8_t> send_a(Botan::NEWHOPE_SENDABYTES), send_b(Botan::NEWHOPE_SENDBBYTES);
             std::vector<uint8_t> shared_a(32), shared_b(32);
 
             Botan::newhope_poly sk_a;
author	Jack Lloyd <[email protected]>	2016-11-16 12:05:34 -0500
committer	Jack Lloyd <[email protected]>	2016-11-17 13:56:25 -0500
commit	74cf1686b727d9b41781df66f3f74d63b9c5cfe2 (patch)
tree	c5127473f7676763202cf79837bd4328c903a21d /src/cli/speed.cpp
parent	97df0c27b878d77799353ccc9eda9705b1ec1fa4 (diff)