aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-04-04 21:15:27 -0400
committerJack Lloyd <[email protected]>2016-04-04 21:15:27 -0400
commit6a902a886c5b71ac16f2d957b5bdd319ab6eae0b (patch)
tree51031d94f225bce4d7cb9582aac6aad8dea3e5b0 /src
parentc4faa7f938b4a70b691666d11b7baf53b4a305a3 (diff)
Update OCB ciphersuites to follow new nonce scheme from -04 draft
Diffstat (limited to 'src')
-rw-r--r--src/lib/tls/tls_suite_info.cpp74
-rwxr-xr-xsrc/scripts/tls_suite_info.py28
2 files changed, 51 insertions, 51 deletions
diff --git a/src/lib/tls/tls_suite_info.cpp b/src/lib/tls/tls_suite_info.cpp
index 84e2a30a8..0d08710e8 100644
--- a/src/lib/tls/tls_suite_info.cpp
+++ b/src/lib/tls/tls_suite_info.cpp
@@ -3,7 +3,7 @@
*
* This file was automatically generated from the IANA assignments
* (tls-parameters.txt hash fe280cb8b13bfdd306a975ab39fda238f77ae3bc)
-* by ./src/scripts/tls_suite_info.py on 2016-03-23
+* by ./src/scripts/tls_suite_info.py on 2016-04-04
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -165,18 +165,18 @@ std::vector<u16bit> Ciphersuite::all_known_ciphersuite_ids()
0xCCAB,
0xCCAC,
0xCCAD,
- 0xFFF0,
- 0xFFF1,
- 0xFFF2,
- 0xFFF3,
- 0xFFF4,
- 0xFFF5,
- 0xFFF6,
- 0xFFF7,
- 0xFFF8,
- 0xFFF9,
- 0xFFFA,
- 0xFFFB,
+ 0xFFC0,
+ 0xFFC1,
+ 0xFFC2,
+ 0xFFC3,
+ 0xFFC4,
+ 0xFFC5,
+ 0xFFC6,
+ 0xFFC7,
+ 0xFFC8,
+ 0xFFC9,
+ 0xFFCA,
+ 0xFFCB,
};
}
@@ -628,41 +628,41 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xCCAD: // DHE_PSK_WITH_CHACHA20_POLY1305_SHA256
return Ciphersuite(0xCCAD, "", "DHE_PSK", "ChaCha20Poly1305", 32, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF0: // ECDHE_RSA_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF0, "RSA", "ECDH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC0: // DHE_RSA_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFC0, "RSA", "DH", "AES-128/OCB(12)", 16, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF1: // ECDHE_RSA_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF1, "RSA", "ECDH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC1: // DHE_RSA_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFC1, "RSA", "DH", "AES-256/OCB(12)", 32, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF2: // ECDHE_ECDSA_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF2, "ECDSA", "ECDH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC2: // ECDHE_RSA_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFC2, "RSA", "ECDH", "AES-128/OCB(12)", 16, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF3: // ECDHE_ECDSA_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF3, "ECDSA", "ECDH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC3: // ECDHE_RSA_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFC3, "RSA", "ECDH", "AES-256/OCB(12)", 32, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF4: // DHE_RSA_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF4, "RSA", "DH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC4: // ECDHE_ECDSA_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFC4, "ECDSA", "ECDH", "AES-128/OCB(12)", 16, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF5: // DHE_RSA_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF5, "RSA", "DH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC5: // ECDHE_ECDSA_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFC5, "ECDSA", "ECDH", "AES-256/OCB(12)", 32, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF6: // PSK_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF6, "", "PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC6: // PSK_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFC6, "", "PSK", "AES-128/OCB(12)", 16, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF7: // PSK_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF7, "", "PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC7: // PSK_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFC7, "", "PSK", "AES-256/OCB(12)", 32, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF8: // ECDHE_PSK_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF8, "", "ECDHE_PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC8: // DHE_PSK_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFC8, "", "DHE_PSK", "AES-128/OCB(12)", 16, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFF9: // ECDHE_PSK_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF9, "", "ECDHE_PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFC9: // DHE_PSK_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFC9, "", "DHE_PSK", "AES-256/OCB(12)", 32, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFFA: // DHE_PSK_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFFA, "", "DHE_PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFCA: // ECDHE_PSK_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFCA, "", "ECDHE_PSK", "AES-128/OCB(12)", 16, 12, 0, "AEAD", 0, "SHA-256");
- case 0xFFFB: // DHE_PSK_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFFB, "", "DHE_PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xFFCB: // ECDHE_PSK_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFCB, "", "ECDHE_PSK", "AES-256/OCB(12)", 32, 12, 0, "AEAD", 0, "SHA-256");
}
diff --git a/src/scripts/tls_suite_info.py b/src/scripts/tls_suite_info.py
index 2bff5ad34..6424341d2 100755
--- a/src/scripts/tls_suite_info.py
+++ b/src/scripts/tls_suite_info.py
@@ -138,7 +138,7 @@ def to_ciphersuite_info(code, name):
elif mode == 'OCB':
return 'Ciphersuite(0x%s, "%s", "%s", "%s", %d, %d, %d, "AEAD", %d, "%s")' % (
- code, sig_algo, kex_algo, cipher_algo, cipher_keylen, 4, 0, 0, mac_algo)
+ code, sig_algo, kex_algo, cipher_algo, cipher_keylen, 12, 0, 0, mac_algo)
else:
iv_bytes_from_hs = 4
@@ -240,19 +240,19 @@ def main(args = None):
# Expermental things
if options.with_ocb:
- define_custom_ciphersuite('ECDHE_RSA_WITH_AES_128_OCB_SHA256', 'FFF0')
- define_custom_ciphersuite('ECDHE_RSA_WITH_AES_256_OCB_SHA256', 'FFF1')
- define_custom_ciphersuite('ECDHE_ECDSA_WITH_AES_128_OCB_SHA256', 'FFF2')
- define_custom_ciphersuite('ECDHE_ECDSA_WITH_AES_256_OCB_SHA256', 'FFF3')
- define_custom_ciphersuite('DHE_RSA_WITH_AES_128_OCB_SHA256', 'FFF4')
- define_custom_ciphersuite('DHE_RSA_WITH_AES_256_OCB_SHA256', 'FFF5')
-
- define_custom_ciphersuite('PSK_WITH_AES_128_OCB_SHA256', 'FFF6')
- define_custom_ciphersuite('PSK_WITH_AES_256_OCB_SHA256', 'FFF7')
- define_custom_ciphersuite('ECDHE_PSK_WITH_AES_128_OCB_SHA256', 'FFF8')
- define_custom_ciphersuite('ECDHE_PSK_WITH_AES_256_OCB_SHA256', 'FFF9')
- define_custom_ciphersuite('DHE_PSK_WITH_AES_128_OCB_SHA256', 'FFFA')
- define_custom_ciphersuite('DHE_PSK_WITH_AES_256_OCB_SHA256', 'FFFB')
+ define_custom_ciphersuite('DHE_RSA_WITH_AES_128_OCB_SHA256', 'FFC0')
+ define_custom_ciphersuite('DHE_RSA_WITH_AES_256_OCB_SHA256', 'FFC1')
+ define_custom_ciphersuite('ECDHE_RSA_WITH_AES_128_OCB_SHA256', 'FFC2')
+ define_custom_ciphersuite('ECDHE_RSA_WITH_AES_256_OCB_SHA256', 'FFC3')
+ define_custom_ciphersuite('ECDHE_ECDSA_WITH_AES_128_OCB_SHA256', 'FFC4')
+ define_custom_ciphersuite('ECDHE_ECDSA_WITH_AES_256_OCB_SHA256', 'FFC5')
+
+ define_custom_ciphersuite('PSK_WITH_AES_128_OCB_SHA256', 'FFC6')
+ define_custom_ciphersuite('PSK_WITH_AES_256_OCB_SHA256', 'FFC7')
+ define_custom_ciphersuite('DHE_PSK_WITH_AES_128_OCB_SHA256', 'FFC8')
+ define_custom_ciphersuite('DHE_PSK_WITH_AES_256_OCB_SHA256', 'FFC9')
+ define_custom_ciphersuite('ECDHE_PSK_WITH_AES_128_OCB_SHA256', 'FFCA')
+ define_custom_ciphersuite('ECDHE_PSK_WITH_AES_256_OCB_SHA256', 'FFCB')
if options.with_eax:
define_custom_ciphersuite('ECDHE_ECDSA_WITH_AES_128_EAX_SHA256', 'FF90')