summaryrefslogtreecommitdiff
path: root/security/nss/lib/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/ssl')
-rw-r--r--security/nss/lib/ssl/ssl3con.c28
-rw-r--r--security/nss/lib/ssl/ssl3ecc.c6
-rw-r--r--security/nss/lib/ssl/sslenum.c8
-rw-r--r--security/nss/lib/ssl/sslimpl.h2
-rw-r--r--security/nss/lib/ssl/sslinfo.c9
-rw-r--r--security/nss/lib/ssl/sslproto.h12
6 files changed, 64 insertions, 1 deletions
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index 92ba47a01e..ae641e28ef 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -98,6 +98,10 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
{ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is out of order to work around
* bug 946147.
*/
@@ -123,6 +127,8 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
{ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
@@ -151,6 +157,8 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
/* RSA */
{ TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
@@ -297,6 +305,14 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] =
cipher_camellia_256, ssl_mac_sha, kea_dhe_dss, ssl_hash_none },
{ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
cipher_camellia_256, ssl_mac_sha, kea_dhe_rsa, ssl_hash_none },
+ { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
+ cipher_camellia_256_gcm, ssl_mac_aead, kea_dhe_rsa, ssl_hash_sha384},
+ { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+ cipher_camellia_128_gcm, ssl_mac_aead, kea_dhe_rsa, ssl_hash_sha256},
+ { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
+ cipher_camellia_256_gcm, ssl_mac_aead, kea_rsa, ssl_hash_sha384},
+ { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+ cipher_camellia_128_gcm, ssl_mac_aead, kea_rsa, ssl_hash_sha256},
{ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, ssl_mac_aead, kea_dhe_rsa, ssl_hash_sha256 },
{ TLS_RSA_WITH_AES_128_GCM_SHA256, cipher_aes_128_gcm, ssl_mac_aead, kea_rsa, ssl_hash_sha256 },
@@ -308,6 +324,10 @@ static const ssl3CipherSuiteDef cipher_suite_defs[] =
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, cipher_aes_256, ssl_hmac_sha384, kea_ecdhe_ecdsa, ssl_hash_sha384 },
{ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, cipher_aes_256, ssl_hmac_sha384, kea_ecdhe_rsa, ssl_hash_sha384 },
+ { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, cipher_camellia_256_gcm, ssl_mac_aead, kea_ecdhe_ecdsa, ssl_hash_sha384},
+ { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, cipher_camellia_256_gcm, ssl_mac_aead, kea_ecdhe_rsa, ssl_hash_sha384},
+ { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, cipher_camellia_128_gcm, ssl_mac_aead, kea_ecdhe_ecdsa, ssl_hash_sha256},
+ { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, cipher_camellia_128_gcm, ssl_mac_aead, kea_ecdhe_rsa, ssl_hash_sha256},
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, cipher_camellia_256, ssl_hmac_sha384, kea_ecdhe_ecdsa, ssl_hash_sha384 },
{ TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, cipher_camellia_256, ssl_hmac_sha384, kea_ecdhe_rsa, ssl_hash_sha384 },
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, cipher_camellia_128, ssl_hmac_sha256, kea_ecdhe_ecdsa, ssl_hash_sha256 },
@@ -600,6 +620,14 @@ ssl3_CipherSuiteAllowedForVersionRange(ssl3CipherSuite cipherSuite,
case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+ case TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+ case TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+ case TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+ case TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+ case TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+ case TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+ case TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+ case TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
return vrange->max >= SSL_LIBRARY_VERSION_TLS_1_2 &&
vrange->min < SSL_LIBRARY_VERSION_TLS_1_3;
diff --git a/security/nss/lib/ssl/ssl3ecc.c b/security/nss/lib/ssl/ssl3ecc.c
index eac20ab3ec..0c85e7e35e 100644
--- a/security/nss/lib/ssl/ssl3ecc.c
+++ b/security/nss/lib/ssl/ssl3ecc.c
@@ -763,21 +763,25 @@ static const ssl3CipherSuite ssl_all_ec_suites[] = {
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_ECDSA_WITH_NULL_SHA,
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA,
@@ -804,12 +808,14 @@ static const ssl3CipherSuite ssl_dhe_suites[] = {
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
diff --git a/security/nss/lib/ssl/sslenum.c b/security/nss/lib/ssl/sslenum.c
index 56df461a71..41b8a8634d 100644
--- a/security/nss/lib/ssl/sslenum.c
+++ b/security/nss/lib/ssl/sslenum.c
@@ -65,6 +65,10 @@ const PRUint16 SSL_ImplementedCiphers[] = {
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
+ TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
+ TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147.
*/
@@ -90,6 +94,8 @@ const PRUint16 SSL_ImplementedCiphers[] = {
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+ TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
@@ -117,6 +123,8 @@ const PRUint16 SSL_ImplementedCiphers[] = {
TLS_RSA_WITH_AES_128_GCM_SHA256,
TLS_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+ TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h
index 1b3eeb2938..c5aaee83ba 100644
--- a/security/nss/lib/ssl/sslimpl.h
+++ b/security/nss/lib/ssl/sslimpl.h
@@ -236,7 +236,7 @@ typedef struct {
#endif
} ssl3CipherSuiteCfg;
-#define ssl_V3_SUITES_IMPLEMENTED 75
+#define ssl_V3_SUITES_IMPLEMENTED 83
#define MAX_DTLS_SRTP_CIPHER_SUITES 4
diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c
index 56afde8324..1818620ae7 100644
--- a/security/nss/lib/ssl/sslinfo.c
+++ b/security/nss/lib/ssl/sslinfo.c
@@ -249,16 +249,19 @@ static const SSLCipherSuiteInfo suiteInfo[] = {
{ 0, CS(RSA_WITH_AES_128_GCM_SHA256), S_RSA, K_RSA, C_AESGCM, B_128, M_AEAD_128, F_FIPS_STD, A_RSAD, ssl_hash_sha256 },
{ 0, CS(DHE_RSA_WITH_CHACHA20_POLY1305_SHA256), S_RSA, K_DHE, C_CHACHA20, B_256, M_AEAD_128, F_NFIPS_STD, A_RSAS, ssl_hash_sha256 },
+ { 0, CS(DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384), S_RSA, K_DHE, C_CAMELLIAGCM, B_256, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_sha384 },
{ 0, CS(DHE_RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_256, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_none },
{ 0, CS(DHE_DSS_WITH_CAMELLIA_256_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_256, M_SHA, F_NFIPS_STD, A_DSA, ssl_hash_none },
{ 0, CS(DHE_RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_DHE, C_AES, B_256, M_SHA256, F_FIPS_STD, A_RSAS, ssl_hash_sha256 },
{ 0, CS(DHE_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_DHE, C_AES, B_256, M_SHA, F_FIPS_STD, A_RSAS, ssl_hash_none },
{ 0, CS(DHE_DSS_WITH_AES_256_CBC_SHA), S_DSA, K_DHE, C_AES, B_256, M_SHA, F_FIPS_STD, A_DSA, ssl_hash_none },
{ 0, CS(DHE_DSS_WITH_AES_256_CBC_SHA256), S_DSA, K_DHE, C_AES, B_256, M_SHA256, F_FIPS_STD, A_DSA, ssl_hash_sha256 },
+ { 0, CS(RSA_WITH_CAMELLIA_256_GCM_SHA384), S_RSA, K_RSA, C_CAMELLIAGCM, B_256, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_sha384 },
{ 0, CS(RSA_WITH_CAMELLIA_256_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_256, M_SHA, F_NFIPS_STD, A_RSAD, ssl_hash_none },
{ 0, CS(RSA_WITH_AES_256_CBC_SHA256), S_RSA, K_RSA, C_AES, B_256, M_SHA256, F_FIPS_STD, A_RSAD, ssl_hash_sha256 },
{ 0, CS(RSA_WITH_AES_256_CBC_SHA), S_RSA, K_RSA, C_AES, B_256, M_SHA, F_FIPS_STD, A_RSAD, ssl_hash_none },
+ { 0, CS(DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256), S_RSA, K_DHE, C_CAMELLIAGCM, B_128, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_sha256 },
{ 0, CS(DHE_RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_DHE, C_CAMELLIA, B_128, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_none },
{ 0, CS(DHE_DSS_WITH_CAMELLIA_128_CBC_SHA), S_DSA, K_DHE, C_CAMELLIA, B_128, M_SHA, F_NFIPS_STD, A_DSA, ssl_hash_none },
{ 0, CS(DHE_DSS_WITH_RC4_128_SHA), S_DSA, K_DHE, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_DSA, ssl_hash_none },
@@ -269,6 +272,7 @@ static const SSLCipherSuiteInfo suiteInfo[] = {
{ 0, CS(DHE_DSS_WITH_AES_128_CBC_SHA), S_DSA, K_DHE, C_AES, B_128, M_SHA, F_FIPS_STD, A_DSA, ssl_hash_none },
{ 0, CS(DHE_DSS_WITH_AES_128_CBC_SHA256), S_DSA, K_DHE, C_AES, B_128, M_SHA256, F_FIPS_STD, A_DSA, ssl_hash_sha256 },
{ 0, CS(RSA_WITH_SEED_CBC_SHA), S_RSA, K_RSA, C_SEED, B_128, M_SHA, F_FIPS_STD, A_RSAD, ssl_hash_none },
+ { 0, CS(RSA_WITH_CAMELLIA_128_GCM_SHA256), S_RSA, K_RSA, C_CAMELLIAGCM, B_128, M_SHA, F_NFIPS_STD, A_RSAS, ssl_hash_sha256 },
{ 0, CS(RSA_WITH_CAMELLIA_128_CBC_SHA), S_RSA, K_RSA, C_CAMELLIA, B_128, M_SHA, F_NFIPS_STD, A_RSAD, ssl_hash_none },
{ 0, CS(RSA_WITH_RC4_128_SHA), S_RSA, K_RSA, C_RC4, B_128, M_SHA, F_NFIPS_STD, A_RSAD, ssl_hash_none },
{ 0, CS(RSA_WITH_RC4_128_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5, F_NFIPS_STD, A_RSAD, ssl_hash_none },
@@ -326,6 +330,11 @@ static const SSLCipherSuiteInfo suiteInfo[] = {
{ 0, CS(ECDHE_RSA_WITH_AES_256_GCM_SHA384), S_RSA, K_ECDHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_RSAS, ssl_hash_sha384 },
{ 0, CS(ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384), S_RSA, K_ECDHE, C_CAMELLIA, B_256, M_SHA384, F_NFIPS_STD, A_RSAS, ssl_hash_sha384 },
+ { 0, CS(ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256), S_ECDSA, K_ECDHE, C_CAMELLIAGCM, B_128, M_AEAD_128, F_NFIPS_STD, A_ECDSA, ssl_hash_sha256 },
+ { 0, CS(ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256), S_RSA, K_ECDHE, C_CAMELLIAGCM, B_128, M_AEAD_128, F_NFIPS_STD, A_RSAS, ssl_hash_sha256 },
+ { 0, CS(ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384), S_ECDSA, K_ECDHE, C_CAMELLIAGCM, B_256, M_AEAD_128, F_NFIPS_STD, A_ECDSA, ssl_hash_sha384 },
+ { 0, CS(ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384), S_RSA, K_ECDHE, C_CAMELLIAGCM, B_256, M_AEAD_128, F_NFIPS_STD, A_RSAS, ssl_hash_sha384 },
+
{ 0, CS(DHE_DSS_WITH_AES_256_GCM_SHA384), S_DSA, K_DHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_DSA, ssl_hash_sha384 },
{ 0, CS(DHE_RSA_WITH_AES_256_GCM_SHA384), S_RSA, K_DHE, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_RSAS, ssl_hash_sha384 },
{ 0, CS(RSA_WITH_AES_256_GCM_SHA384), S_RSA, K_RSA, C_AESGCM, B_256, M_AEAD_128, F_FIPS_STD, A_RSAD, ssl_hash_sha384 },
diff --git a/security/nss/lib/ssl/sslproto.h b/security/nss/lib/ssl/sslproto.h
index ba5239b255..ddf73b3797 100644
--- a/security/nss/lib/ssl/sslproto.h
+++ b/security/nss/lib/ssl/sslproto.h
@@ -143,6 +143,11 @@
#define TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 0x00A2
#define TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 0x00A3
+#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
+#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
+#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
+#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
+
/* TLS "Signaling Cipher Suite Value" (SCSV). May be requested by client.
* Must NEVER be chosen by server. SSL 3.0 server acknowledges by sending
* back an empty Renegotiation Info (RI) server hello extension.
@@ -205,6 +210,13 @@
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077
+/* RFC 6367 2.2 GCM, ephemeral only */
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
+
+
/* draft-ietf-tls-chacha20-poly1305-04 */
#define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8
#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-15 04:49:53 +0000