From dfb3ba68fd0011cba7d8e4c1a46295099fef85bf Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@google.com>
Date: Mon, 15 Jun 2015 13:52:15 -0700
Subject: Add ECDHE-PSK-AES{128,256}-SHA cipher suites.

If we're going to have PSK and use standard cipher suites, this might be
the best that we can do for the moment.

(This is a cherry-pick of BoringSSL's 85bc5601.)

(cherry picked from commit 0e6bb1c72014c26289d09f4deea9c25706be5824)

Bug: 21522548
Change-Id: Ic94c74a2b3ee2387f640efff510646d1836efbfb
---
 src/ssl/ssl_cipher.c | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

(limited to 'src/ssl/ssl_cipher.c')

diff --git a/src/ssl/ssl_cipher.c b/src/ssl/ssl_cipher.c
index 2f1548a..8d03c9e 100644
--- a/src/ssl/ssl_cipher.c
+++ b/src/ssl/ssl_cipher.c
@@ -240,6 +240,8 @@ const SSL_CIPHER kCiphers[] = {
      SSL_HANDSHAKE_MAC_SHA256, 256, 256,
     },
 
+    /* PSK cipher suites. */
+
     /* Cipher 8A */
     {
      TLS1_TXT_PSK_WITH_RC4_128_SHA, TLS1_CK_PSK_WITH_RC4_128_SHA, SSL_kPSK,
@@ -261,7 +263,6 @@ const SSL_CIPHER kCiphers[] = {
      SSL_HANDSHAKE_MAC_DEFAULT, 256, 256,
     },
 
-
     /* GCM ciphersuites from RFC5288 */
 
     /* Cipher 9C */
@@ -429,6 +430,26 @@ const SSL_CIPHER kCiphers[] = {
      256, 256,
     },
 
+    /* ECDHE-PSK cipher suites. */
+
+    /* Cipher C035 */
+    {
+     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+     SSL_kECDHE, SSL_aPSK, SSL_AES128, SSL_SHA1, SSL_TLSV1, SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT, 128, 128,
+    },
+
+    /* Cipher C036 */
+    {
+     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+     SSL_kECDHE, SSL_aPSK, SSL_AES256, SSL_SHA1, SSL_TLSV1, SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT, 256, 256,
+    },
+
+    /* ChaCha20-Poly1305 cipher suites. */
+
 #if !defined(ANDROID)
     {
      TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
-- 
cgit v1.1