diff options
| author | Andreas Schultz <[email protected]> | 2017-07-23 20:42:44 +0200 |
|---|---|---|
| committer | Andreas Schultz <[email protected]> | 2017-07-23 20:42:44 +0200 |
| commit | 4cc859302a658032017314d9cfbb62f13b9a3efd (patch) | |
| tree | 16cda3b52d3f106add11eaf5420b45c3eabe4820 /lib/ssl/src/ssl_cipher.erl | |
| parent | 7c79233caa18a93952c2caa6ffc2ebca51707a41 (diff) | |
| download | otp-4cc859302a658032017314d9cfbb62f13b9a3efd.tar.gz otp-4cc859302a658032017314d9cfbb62f13b9a3efd.tar.bz2 otp-4cc859302a658032017314d9cfbb62f13b9a3efd.zip | |
add draft-mattsson-tls-ecdhe-psk-aead ECDHE-PSK with GCM ciphers
Add the GCM ciphers from draft-mattsson-tls-ecdhe-psk-aead and the
specification for the CCM cipher (but leave them commented out as
we don't support CCM yet).
Diffstat (limited to 'lib/ssl/src/ssl_cipher.erl')
| -rw-r--r-- | lib/ssl/src/ssl_cipher.erl | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index afb6e38710..e34c4938ae 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -373,6 +373,7 @@ psk_suites({3, N}) -> psk_suites(N) when N >= 3 -> [ + ?TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384, ?TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, ?TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, ?TLS_PSK_WITH_AES_256_GCM_SHA384, @@ -380,6 +381,7 @@ psk_suites(N) ?TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, ?TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, ?TLS_PSK_WITH_AES_256_CBC_SHA384, + ?TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256, ?TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, ?TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, ?TLS_PSK_WITH_AES_128_GCM_SHA256, @@ -638,6 +640,16 @@ suite_definition(?TLS_ECDHE_PSK_WITH_NULL_SHA256) -> suite_definition(?TLS_ECDHE_PSK_WITH_NULL_SHA384) -> {ecdhe_psk, null, sha384, default_prf}; +%%% ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites, draft-ietf-tls-ecdhe-psk-aead-05 + +suite_definition(?TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256) -> + {ecdhe_psk, aes_128_gcm, null, sha256}; +suite_definition(?TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384) -> + {ecdhe_psk, aes_256_gcm, null, sha384}; +%% suite_definition(?TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256) -> +%% {ecdhe_psk, aes_128_ccm, null, sha256}; +%% suite_definition(?TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256) -> +%% {ecdhe_psk, aes_256_ccm, null, sha256}; %%% SRP Cipher Suites RFC 5054 @@ -969,6 +981,17 @@ suite({ecdhe_psk, null, sha256}) -> suite({ecdhe_psk, null, sha384}) -> ?TLS_ECDHE_PSK_WITH_NULL_SHA384; +%%% ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites, draft-ietf-tls-ecdhe-psk-aead-05 + +suite({ecdhe_psk, aes_128_gcm, null, sha256}) -> + ?TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256; +suite({ecdhe_psk, aes_256_gcm, null, sha384}) -> + ?TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384; +%% suite({ecdhe_psk, aes_128_ccm, null, sha256}) -> +%% ?TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256; +%% suite({ecdhe_psk, aes_256_ccm, null, sha256}) -> +%% ?TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256; + %%% SRP Cipher Suites RFC 5054 suite({srp_anon, '3des_ede_cbc', sha}) -> |