Add CECPQ1 TLS ciphersuites

Tested against BoringSSL (as client + server) and google.com (as client). Fix a stupid crashing bug in NewHope's BoringSSL mode. Remove unneeded error return from curve25519_donna - always returned 0. Default policy prefers ChaChaPoly1305 over GCM and CECPQ1 over ECDH/DH, which means the default no-extra-configuration ciphersuite (for Botan client speaking to Botan server) is a ciphersuite which is both implemented in constant time on all platforms and (hopefully) provides post quantum security. Good Things.
author: Jack Lloyd <[email protected]> 2016-11-16 12:05:34 -0500
committer: Jack Lloyd <[email protected]> 2016-11-17 13:56:25 -0500
commit: 74cf1686b727d9b41781df66f3f74d63b9c5cfe2 (patch)
tree: c5127473f7676763202cf79837bd4328c903a21d /src/lib/tls/tls_policy.cpp
parent: 97df0c27b878d77799353ccc9eda9705b1ec1fa4 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp
index c7c285716..1bb0951bb 100644
--- a/src/lib/tls/tls_policy.cpp
+++ b/src/lib/tls/tls_policy.cpp
@@ -21,9 +21,9 @@ std::vector<std::string> Policy::allowed_ciphers() const
    return {
       //"AES-256/OCB(12)",
       //"AES-128/OCB(12)",
+      "ChaCha20Poly1305",
       "AES-256/GCM",
       "AES-128/GCM",
-      "ChaCha20Poly1305",
       "AES-256/CCM",
       "AES-128/CCM",
       //"AES-256/CCM(8)",
@@ -71,6 +71,7 @@ std::vector<std::string> Policy::allowed_key_exchange_methods() const
       //"ECDHE_PSK",
       //"DHE_PSK",
       //"PSK",
+      "CECPQ1",
       "ECDH",
       "DH",
       //"RSA",
author	Jack Lloyd <[email protected]>	2016-11-16 12:05:34 -0500
committer	Jack Lloyd <[email protected]>	2016-11-17 13:56:25 -0500
commit	74cf1686b727d9b41781df66f3f74d63b9c5cfe2 (patch)
tree	c5127473f7676763202cf79837bd4328c903a21d /src/lib/tls/tls_policy.cpp
parent	97df0c27b878d77799353ccc9eda9705b1ec1fa4 (diff)