am dfb3ba68: Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

* commit 'dfb3ba68fd0011cba7d8e4c1a46295099fef85bf':
  Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

5 files changed, 38 insertions, 1 deletions

diff --git a/src/include/openssl/tls1.h b/src/include/openssl/tls1.h
index 999a5ca..f2bee27 100644
--- a/src/include/openssl/tls1.h
+++ b/src/include/openssl/tls1.h
@@ -361,6 +361,10 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb(
 #define TLS1_CK_PSK_WITH_AES_128_CBC_SHA                0x0300008C
 #define TLS1_CK_PSK_WITH_AES_256_CBC_SHA                0x0300008D
 
+/* PSK ciphersuites from RFC 5489 */
+#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA          0x0300C035
+#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA          0x0300C036
+
 /* Additional TLS ciphersuites from expired Internet Draft
  * draft-ietf-tls-56-bit-ciphersuites-01.txt
  * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
@@ -580,6 +584,10 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb(
 #define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
 #define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
 
+/* PSK ciphersuites from RFC 5489 */
+#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA"
+#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA"
+
 /* SRP ciphersuite from RFC 5054 */
 #define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
 #define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
diff --git a/src/ssl/ssl_cipher.c b/src/ssl/ssl_cipher.c
index 2f1548a..8d03c9e 100644
--- a/src/ssl/ssl_cipher.c
+++ b/src/ssl/ssl_cipher.c
@@ -240,6 +240,8 @@ const SSL_CIPHER kCiphers[] = {
      SSL_HANDSHAKE_MAC_SHA256, 256, 256,
     },
 
+    /* PSK cipher suites. */
+
     /* Cipher 8A */
     {
      TLS1_TXT_PSK_WITH_RC4_128_SHA, TLS1_CK_PSK_WITH_RC4_128_SHA, SSL_kPSK,
@@ -261,7 +263,6 @@ const SSL_CIPHER kCiphers[] = {
      SSL_HANDSHAKE_MAC_DEFAULT, 256, 256,
     },
 
-
     /* GCM ciphersuites from RFC5288 */
 
     /* Cipher 9C */
@@ -429,6 +430,26 @@ const SSL_CIPHER kCiphers[] = {
      256, 256,
     },
 
+    /* ECDHE-PSK cipher suites. */
+
+    /* Cipher C035 */
+    {
+     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+     SSL_kECDHE, SSL_aPSK, SSL_AES128, SSL_SHA1, SSL_TLSV1, SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT, 128, 128,
+    },
+
+    /* Cipher C036 */
+    {
+     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+     SSL_kECDHE, SSL_aPSK, SSL_AES256, SSL_SHA1, SSL_TLSV1, SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT, 256, 256,
+    },
+
+    /* ChaCha20-Poly1305 cipher suites. */
+
 #if !defined(ANDROID)
     {
      TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
diff --git a/src/ssl/ssl_test.cc b/src/ssl/ssl_test.cc
index decf893..1c6e24a 100644
--- a/src/ssl/ssl_test.cc
+++ b/src/ssl/ssl_test.cc
@@ -502,6 +502,8 @@ static const CIPHER_RFC_NAME_TEST kCipherRFCNameTests[] = {
   { TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
     "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" },
   { TLS1_CK_PSK_WITH_RC4_128_SHA, "TLS_PSK_WITH_RC4_SHA" },
+  { TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+    "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA" },
   // These names are non-standard:
   { TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
     "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256" },
diff --git a/src/ssl/test/runner/cipher_suites.go b/src/ssl/test/runner/cipher_suites.go
index 162c0c0..70c7262 100644
--- a/src/ssl/test/runner/cipher_suites.go
+++ b/src/ssl/test/runner/cipher_suites.go
@@ -124,6 +124,8 @@ var cipherSuites = []*cipherSuite{
 	{TLS_PSK_WITH_RC4_128_SHA, 16, 20, 0, pskKA, suiteNoDTLS | suitePSK, cipherRC4, macSHA1, nil},
 	{TLS_PSK_WITH_AES_128_CBC_SHA, 16, 20, 16, pskKA, suitePSK, cipherAES, macSHA1, nil},
 	{TLS_PSK_WITH_AES_256_CBC_SHA, 32, 20, 16, pskKA, suitePSK, cipherAES, macSHA1, nil},
+	{TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdhePSKKA, suiteECDHE | suitePSK, cipherAES, macSHA1, nil},
+	{TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdhePSKKA, suiteECDHE | suitePSK, cipherAES, macSHA1, nil},
 }
 
 func cipherRC4(key, iv []byte, isRead bool) interface{} {
@@ -402,6 +404,8 @@ const (
 	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc02c
 	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   uint16 = 0xc02f
 	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   uint16 = 0xc030
+	TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA      uint16 = 0xc035
+	TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA      uint16 = 0xc036
 	fallbackSCSV                            uint16 = 0x5600
 )
 
diff --git a/src/ssl/test/runner/runner.go b/src/ssl/test/runner/runner.go
index f60d8ba..94c1d32 100644
--- a/src/ssl/test/runner/runner.go
+++ b/src/ssl/test/runner/runner.go
@@ -1625,6 +1625,8 @@ var testCipherSuites = []struct {
 	{"ECDHE-RSA-RC4-SHA", TLS_ECDHE_RSA_WITH_RC4_128_SHA},
 	{"PSK-AES128-CBC-SHA", TLS_PSK_WITH_AES_128_CBC_SHA},
 	{"PSK-AES256-CBC-SHA", TLS_PSK_WITH_AES_256_CBC_SHA},
+	{"ECDHE-PSK-AES128-CBC-SHA", TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA},
+	{"ECDHE-PSK-AES256-CBC-SHA", TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA},
 	{"PSK-RC4-SHA", TLS_PSK_WITH_RC4_128_SHA},
 	{"RC4-MD5", TLS_RSA_WITH_RC4_128_MD5},
 	{"RC4-SHA", TLS_RSA_WITH_RC4_128_SHA},