Implement Aria GCM/CCM Modes and TLS cipher suites
AEAD cipher mode implementation is based on that used for AES:
https://tools.ietf.org/html/rfc5116
TLS GCM cipher suites as specified in:
https://tools.ietf.org/html/rfc6209
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4287)
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index c9371af..8895388 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2945,6 +2945,266 @@
#endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
+#ifndef OPENSSL_NO_ARIA
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION, TLS1_2_VERSION,
+ DTLS1_2_VERSION, DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_ARIA */
};
/*
