diff options
Diffstat (limited to 'src/include/openssl/tls1.h')
-rw-r--r-- | src/include/openssl/tls1.h | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/src/include/openssl/tls1.h b/src/include/openssl/tls1.h index 92210f6..92d2752 100644 --- a/src/include/openssl/tls1.h +++ b/src/include/openssl/tls1.h @@ -430,12 +430,14 @@ extern "C" { #define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD 0x0300CC13 #define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD 0x0300CC14 -/* TODO(davidben): Remove these once WebRTC is no longer using them, so they - * may point to the future RFC 7539 variant. */ +#define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0x0300CCA8 +#define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0x0300CCA9 +#define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0x0300CCAC + +/* TODO(davidben): Remove this. Historically, the CK names for CHACHA20_POLY1305 + * were missing 'WITH' and 'SHA256'. */ #define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305 \ - TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD -#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305 \ - TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD + TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 /* XXX * Inconsistency alert: @@ -597,14 +599,25 @@ extern "C" { #define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256" #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384" +/* For convenience, the old and new CHACHA20_POLY1305 ciphers have the same + * name. In cipher strings, both will be selected. This is temporary and will be + * removed when the pre-standard construction is removed. */ #define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD \ "ECDHE-RSA-CHACHA20-POLY1305" #define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD \ "ECDHE-ECDSA-CHACHA20-POLY1305" -/* TODO(davidben): Remove this once QUIC has switched to the '_OLD' name. */ +#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 \ + "ECDHE-RSA-CHACHA20-POLY1305" +#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 \ + "ECDHE-ECDSA-CHACHA20-POLY1305" +#define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 \ + "ECDHE-PSK-CHACHA20-POLY1305" + +/* TODO(davidben): Remove this. Historically, the TXT names for CHACHA20_POLY1305 + * were missing 'SHA256'. */ #define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 \ - TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD + TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 #define TLS_CT_RSA_SIGN 1 #define TLS_CT_DSS_SIGN 2 |