patches/0016-ecdhe_psk_part2.patch - platform/external/openssl - Git at Google

 From cf389e16d8dc49e97c0b13ea3a1c373c6f6f94bd Mon Sep 17 00:00:00 2001
 From: Adam Langley <agl@chromium.org>
 Date: Wed, 4 Jun 2014 10:59:32 -0700
 Subject: ECDHE-PSK_AES-CBC-SHA_cipher_suites

 Add ECDHE-PSK AES-CBC-SHA cipher suites from RFC 5489.
 Remove ECDHE-PSK AES-CBC-SHA2 cipher suites from RFC 5489 because
 they cannot be used with SSLv3 and there's no way to express that in
 OpenSSL's configuration.
 ---
  ssl/s3_lib.c | 25 ++++++++++++-------------
  ssl/tls1.h   | 14 ++++++++------
  2 files changed, 20 insertions(+), 19 deletions(-)

 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
 index f84da7f..e016fc8 100644
 --- a/ssl/s3_lib.c
 +++ b/ssl/s3_lib.c
 @@ -2828,35 +2828,34 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={

  #ifndef OPENSSL_NO_PSK
      /* ECDH PSK ciphersuites from RFC 5489 */
 -
 -	/* Cipher C037 */
 +	/* Cipher C035 */
  	{
  	1,
 -	TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
 -	TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
 +	TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
 +	TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
  	SSL_kEECDH,
  	SSL_aPSK,
  	SSL_AES128,
 -	SSL_SHA256,
 +	SSL_SHA1,
  	SSL_TLSV1,
 -	SSL_NOT_EXP|SSL_HIGH,
 -	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF_SHA256,
 +	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 +	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
  	128,
  	128,
  	},

 -	/* Cipher C038 */
 +	/* Cipher C036 */
  	{
  	1,
 -	TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
 -	TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
 +	TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
 +	TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
  	SSL_kEECDH,
  	SSL_aPSK,
  	SSL_AES256,
 -	SSL_SHA384,
 +	SSL_SHA1,
  	SSL_TLSV1,
 -	SSL_NOT_EXP|SSL_HIGH,
 -	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF_SHA384,
 +	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
 +	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
  	256,
  	256,
  	},
 diff --git a/ssl/tls1.h b/ssl/tls1.h
 index ec8948d..51d073d 100644
 --- a/ssl/tls1.h
 +++ b/ssl/tls1.h
 @@ -531,9 +531,11 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
  #define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256        0x0300C031
  #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384        0x0300C032

 -/* ECDHE PSK ciphersuites from RFC 5489 */
 -#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256    0x0300C037
 -#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384    0x0300C038
 +/* ECDHE PSK ciphersuites from RFC5489
 + * SHA-2 cipher suites are omitted because they cannot be used safely with
 + * SSLv3. */
 +#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA          0x0300C035
 +#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA          0x0300C036

  /* XXX
   * Inconsistency alert:
 @@ -686,9 +688,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
  #define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256       "ECDH-RSA-AES128-GCM-SHA256"
  #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384       "ECDH-RSA-AES256-GCM-SHA384"

 -/* ECDHE PSK ciphersuites from RFC 5489 */
 -#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256  "ECDHE-PSK-WITH-AES-128-CBC-SHA256"
 -#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384  "ECDHE-PSK-WITH-AES-256-CBC-SHA384"
 +/* ECDHE PSK ciphersuites from RFC5489 */
 +#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA         "ECDHE-PSK-AES128-CBC-SHA"
 +#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA         "ECDHE-PSK-AES256-CBC-SHA"

  #define TLS_CT_RSA_SIGN			1
  #define TLS_CT_DSS_SIGN			2
 --
 2.0.0.526.g5318336
	From cf389e16d8dc49e97c0b13ea3a1c373c6f6f94bd Mon Sep 17 00:00:00 2001
	From: Adam Langley <agl@chromium.org>
	Date: Wed, 4 Jun 2014 10:59:32 -0700
	Subject: ECDHE-PSK_AES-CBC-SHA_cipher_suites

	Add ECDHE-PSK AES-CBC-SHA cipher suites from RFC 5489.
	Remove ECDHE-PSK AES-CBC-SHA2 cipher suites from RFC 5489 because
	they cannot be used with SSLv3 and there's no way to express that in
	OpenSSL's configuration.
	---
	ssl/s3_lib.c \| 25 ++++++++++++-------------
	ssl/tls1.h \| 14 ++++++++------
	2 files changed, 20 insertions(+), 19 deletions(-)

	diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
	index f84da7f..e016fc8 100644
	--- a/ssl/s3_lib.c
	+++ b/ssl/s3_lib.c
	@@ -2828,35 +2828,34 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={

	#ifndef OPENSSL_NO_PSK
	/* ECDH PSK ciphersuites from RFC 5489 */
	-
	- /* Cipher C037 */
	+ /* Cipher C035 */
	{
	1,
	- TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
	- TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
	+ TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
	+ TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
	SSL_kEECDH,
	SSL_aPSK,
	SSL_AES128,
	- SSL_SHA256,
	+ SSL_SHA1,
	SSL_TLSV1,
	- SSL_NOT_EXP\|SSL_HIGH,
	- SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF_SHA256,
	+ SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
	+ SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
	128,
	128,
	},

	- /* Cipher C038 */
	+ /* Cipher C036 */
	{
	1,
	- TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
	- TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
	+ TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
	+ TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
	SSL_kEECDH,
	SSL_aPSK,
	SSL_AES256,
	- SSL_SHA384,
	+ SSL_SHA1,
	SSL_TLSV1,
	- SSL_NOT_EXP\|SSL_HIGH,
	- SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF_SHA384,
	+ SSL_NOT_EXP\|SSL_HIGH\|SSL_FIPS,
	+ SSL_HANDSHAKE_MAC_DEFAULT\|TLS1_PRF,
	256,
	256,
	},
	diff --git a/ssl/tls1.h b/ssl/tls1.h
	index ec8948d..51d073d 100644
	--- a/ssl/tls1.h
	+++ b/ssl/tls1.h
	@@ -531,9 +531,11 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
	#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
	#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032

	-/* ECDHE PSK ciphersuites from RFC 5489 */
	-#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0x0300C037
	-#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0x0300C038
	+/* ECDHE PSK ciphersuites from RFC5489
	+ * SHA-2 cipher suites are omitted because they cannot be used safely with
	+ * SSLv3. */
	+#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035
	+#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036

	/* XXX
	* Inconsistency alert:
	@@ -686,9 +688,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
	#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
	#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"

	-/* ECDHE PSK ciphersuites from RFC 5489 */
	-#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "ECDHE-PSK-WITH-AES-128-CBC-SHA256"
	-#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "ECDHE-PSK-WITH-AES-256-CBC-SHA384"
	+/* ECDHE PSK ciphersuites from RFC5489 */
	+#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA"
	+#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA"

	#define TLS_CT_RSA_SIGN 1
	#define TLS_CT_DSS_SIGN 2
	--
	2.0.0.526.g5318336