diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-01-14 07:00:12 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-01-14 07:00:12 +0400 |
commit | 24dada944ea60faf2a564f39a728411f5e95e28e (patch) | |
tree | fb54c3f73a5b8ce16b5211a895c0ba6b320ff4df /core/src/main/java/org/bouncycastle/crypto/tls | |
parent | 812673be922b296aaef9f8a5d40b9ae66c0602e3 (diff) |
Add initial constants and lookups for draft-agl-tls-chacha20poly1305-04
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls')
6 files changed, 53 insertions, 8 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/CipherSuite.java b/core/src/main/java/org/bouncycastle/crypto/tls/CipherSuite.java index 505bb1a2..bb431000 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/CipherSuite.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/CipherSuite.java @@ -260,6 +260,13 @@ public class CipherSuite public static final int TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB; /* + * draft-agl-tls-chacha20poly1305-04 + */ + public static final int TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC13; + public static final int TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC14; + public static final int TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC15; + + /* * draft-josefsson-salsa20-tls-04 */ public static final int TLS_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE410; diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsCipherFactory.java b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsCipherFactory.java index d539c9b3..a327035a 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsCipherFactory.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsCipherFactory.java @@ -31,6 +31,9 @@ public class DefaultTlsCipherFactory { case EncryptionAlgorithm._3DES_EDE_CBC: return createDESedeCipher(context, macAlgorithm); + case EncryptionAlgorithm.AEAD_CHACHA20_POLY1305: + // NOTE: Ignores macAlgorithm + return createChaCha20Poly1305(context); case EncryptionAlgorithm.AES_128_CBC: return createAESCipher(context, 16, macAlgorithm); case EncryptionAlgorithm.AES_128_CCM: @@ -79,6 +82,20 @@ public class DefaultTlsCipherFactory createHMACDigest(macAlgorithm), createHMACDigest(macAlgorithm), cipherKeySize); } + protected TlsBlockCipher createCamelliaCipher(TlsContext context, int cipherKeySize, int macAlgorithm) + throws IOException + { + return new TlsBlockCipher(context, createCamelliaBlockCipher(), + createCamelliaBlockCipher(), createHMACDigest(macAlgorithm), + createHMACDigest(macAlgorithm), cipherKeySize); + } + + protected TlsAEADCipher createChaCha20Poly1305(TlsContext context) throws IOException + { + // TODO[draft-agl-tls-chacha20poly1305] + throw new TlsFatalAlert(AlertDescription.internal_error); + } + protected TlsAEADCipher createCipher_AES_CCM(TlsContext context, int cipherKeySize, int macSize) throws IOException { @@ -93,14 +110,6 @@ public class DefaultTlsCipherFactory createAEADBlockCipher_AES_GCM(), cipherKeySize, macSize); } - protected TlsBlockCipher createCamelliaCipher(TlsContext context, int cipherKeySize, int macAlgorithm) - throws IOException - { - return new TlsBlockCipher(context, createCamelliaBlockCipher(), - createCamelliaBlockCipher(), createHMACDigest(macAlgorithm), - createHMACDigest(macAlgorithm), cipherKeySize); - } - protected TlsBlockCipher createDESedeCipher(TlsContext context, int macAlgorithm) throws IOException { diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java index 4347058b..3d697be0 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java @@ -77,6 +77,7 @@ public abstract class DefaultTlsClient case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: case CipherSuite.TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1: case CipherSuite.TLS_DHE_RSA_WITH_SALSA20_SHA1: case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: @@ -111,6 +112,7 @@ public abstract class DefaultTlsClient case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: case CipherSuite.TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1: case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA: case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: @@ -124,6 +126,7 @@ public abstract class DefaultTlsClient case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: case CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1: case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA: @@ -179,6 +182,11 @@ public abstract class DefaultTlsClient case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA: return cipherFactory.createCipher(context, EncryptionAlgorithm._3DES_EDE_CBC, MACAlgorithm.hmac_sha1); + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + return cipherFactory.createCipher(context, EncryptionAlgorithm.AEAD_CHACHA20_POLY1305, MACAlgorithm._null); + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA: case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA: case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA: diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsServer.java b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsServer.java index 898d328c..f8908eb1 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsServer.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsServer.java @@ -83,6 +83,7 @@ public abstract class DefaultTlsServer case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: @@ -91,6 +92,7 @@ public abstract class DefaultTlsServer case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: case CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1: case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA: @@ -159,6 +161,7 @@ public abstract class DefaultTlsServer case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: case CipherSuite.TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1: case CipherSuite.TLS_DHE_RSA_WITH_SALSA20_SHA1: case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: @@ -193,6 +196,7 @@ public abstract class DefaultTlsServer case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: case CipherSuite.TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1: case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA: case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: @@ -206,6 +210,7 @@ public abstract class DefaultTlsServer case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: case CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1: case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA: @@ -259,6 +264,11 @@ public abstract class DefaultTlsServer case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA: return cipherFactory.createCipher(context, EncryptionAlgorithm._3DES_EDE_CBC, MACAlgorithm.hmac_sha1); + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + return cipherFactory.createCipher(context, EncryptionAlgorithm.AEAD_CHACHA20_POLY1305, MACAlgorithm._null); + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA: case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA: case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA: diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/EncryptionAlgorithm.java b/core/src/main/java/org/bouncycastle/crypto/tls/EncryptionAlgorithm.java index 83cb66de..be65bd3c 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/EncryptionAlgorithm.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/EncryptionAlgorithm.java @@ -53,4 +53,9 @@ public class EncryptionAlgorithm */ public static final int ESTREAM_SALSA20 = 100; public static final int SALSA20 = 101; + + /* + * draft-agl-tls-chacha20poly1305-04 + */ + public static final int AEAD_CHACHA20_POLY1305 = 102; } diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java index 8b2b0f8f..9cbe0032 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java @@ -253,6 +253,12 @@ public class TlsECCUtils case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA: /* + * draft-agl-tls-chacha20poly1305-04 + */ + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + + /* * draft-josefsson-salsa20-tls-04 */ case CipherSuite.TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1: |