diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/ssl/tls_magic.h | 3 | ||||
-rw-r--r-- | src/ssl/tls_policy.cpp | 3 | ||||
-rw-r--r-- | src/ssl/tls_suites.cpp | 18 |
3 files changed, 24 insertions, 0 deletions
diff --git a/src/ssl/tls_magic.h b/src/ssl/tls_magic.h index 25cd0986a..c167cc689 100644 --- a/src/ssl/tls_magic.h +++ b/src/ssl/tls_magic.h @@ -106,18 +106,21 @@ enum Ciphersuite_Code { TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035, TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C, TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D, + TLS_RSA_WITH_SEED_CBC_SHA = 0x0096, TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013, TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032, TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A, + TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099, TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033, TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B, + TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024, diff --git a/src/ssl/tls_policy.cpp b/src/ssl/tls_policy.cpp index 594f20ebb..57fcdb5cc 100644 --- a/src/ssl/tls_policy.cpp +++ b/src/ssl/tls_policy.cpp @@ -32,6 +32,7 @@ std::vector<u16bit> TLS_Policy::suite_list(bool use_rsa, suites.push_back(TLS_DHE_DSS_WITH_AES_256_CBC_SHA); suites.push_back(TLS_DHE_DSS_WITH_AES_128_CBC_SHA); suites.push_back(TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA); + suites.push_back(TLS_DHE_DSS_WITH_SEED_CBC_SHA); } if(use_edh_rsa) @@ -39,6 +40,7 @@ std::vector<u16bit> TLS_Policy::suite_list(bool use_rsa, suites.push_back(TLS_DHE_RSA_WITH_AES_256_CBC_SHA); suites.push_back(TLS_DHE_RSA_WITH_AES_128_CBC_SHA); suites.push_back(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA); + suites.push_back(TLS_DHE_RSA_WITH_SEED_CBC_SHA); } if(use_rsa) @@ -46,6 +48,7 @@ std::vector<u16bit> TLS_Policy::suite_list(bool use_rsa, suites.push_back(TLS_RSA_WITH_AES_256_CBC_SHA); suites.push_back(TLS_RSA_WITH_AES_128_CBC_SHA); suites.push_back(TLS_RSA_WITH_3DES_EDE_CBC_SHA); + suites.push_back(TLS_RSA_WITH_SEED_CBC_SHA); suites.push_back(TLS_RSA_WITH_RC4_128_SHA); suites.push_back(TLS_RSA_WITH_RC4_128_MD5); } diff --git a/src/ssl/tls_suites.cpp b/src/ssl/tls_suites.cpp index cf6bd45e5..3f0e76654 100644 --- a/src/ssl/tls_suites.cpp +++ b/src/ssl/tls_suites.cpp @@ -47,6 +47,12 @@ TLS_Ciphersuite_Algos lookup_ciphersuite(u16bit suite) TLS_ALGO_MAC_SHA1 | TLS_ALGO_CIPHER_AES256_CBC); + if(suite == TLS_RSA_WITH_SEED_CBC_SHA) + return TLS_Ciphersuite_Algos(TLS_ALGO_SIGNER_RSA | + TLS_ALGO_KEYEXCH_NOKEX | + TLS_ALGO_MAC_SHA1 | + TLS_ALGO_CIPHER_SEED_CBC); + if(suite == TLS_RSA_WITH_AES_128_CBC_SHA256) return TLS_Ciphersuite_Algos(TLS_ALGO_SIGNER_RSA | TLS_ALGO_KEYEXCH_NOKEX | @@ -71,6 +77,12 @@ TLS_Ciphersuite_Algos lookup_ciphersuite(u16bit suite) TLS_ALGO_MAC_SHA1 | TLS_ALGO_CIPHER_AES128_CBC); + if(suite == TLS_DHE_DSS_WITH_SEED_CBC_SHA) + return TLS_Ciphersuite_Algos(TLS_ALGO_SIGNER_DSA | + TLS_ALGO_KEYEXCH_DH | + TLS_ALGO_MAC_SHA1 | + TLS_ALGO_CIPHER_SEED_CBC); + if(suite == TLS_DHE_DSS_WITH_AES_256_CBC_SHA) return TLS_Ciphersuite_Algos(TLS_ALGO_SIGNER_DSA | TLS_ALGO_KEYEXCH_DH | @@ -101,6 +113,12 @@ TLS_Ciphersuite_Algos lookup_ciphersuite(u16bit suite) TLS_ALGO_MAC_SHA1 | TLS_ALGO_CIPHER_AES128_CBC); + if(suite == TLS_DHE_DSS_WITH_SEED_CBC_SHA) + return TLS_Ciphersuite_Algos(TLS_ALGO_SIGNER_RSA | + TLS_ALGO_KEYEXCH_DH | + TLS_ALGO_MAC_SHA1 | + TLS_ALGO_CIPHER_SEED_CBC); + if(suite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA) return TLS_Ciphersuite_Algos(TLS_ALGO_SIGNER_RSA | TLS_ALGO_KEYEXCH_DH | |