From Peter Wu via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9144 [PATCH] Update TLS Ciphers
Add more TLS cipher suites (SEED, AES-GCM, ECC) - cipher suites from `RFC 5246 - TLS 1.2` - cipher suites 150-155 are taken from: RFC 4162 - SEED for TLS - cipher suites 156-167 are taken from: RFC 5288 - AES-GCM Cipher suites - cipher suites 49153-49177 are taken from: RFC 4492 - ECC for TLS - cipher suites 49195-49202 are taken from RFC 5289 - ECC with SHA256/384 and AES GCM svn path=/trunk/; revision=52049
This commit is contained in:
parent
9ac2566d0a
commit
219d17145f
|
@ -1752,6 +1752,7 @@ static const gchar *ciphers[]={
|
|||
"AES256",
|
||||
"CAMELLIA128",
|
||||
"CAMELLIA256",
|
||||
"SEED",
|
||||
"*UNKNOWN*"
|
||||
};
|
||||
|
||||
|
@ -1831,6 +1832,24 @@ static SslCipherSuite cipher_suites[]={
|
|||
{139,KEX_PSK,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC},
|
||||
{140,KEX_PSK,SIG_RSA,ENC_AES,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC},
|
||||
{141,KEX_PSK,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC},
|
||||
{150,KEX_RSA,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_RSA_WITH_SEED_CBC_SHA */
|
||||
{151,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_DSS_WITH_SEED_CBC_SHA */
|
||||
{152,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_RSA_WITH_SEED_CBC_SHA */
|
||||
{153,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_DHE_DSS_WITH_SEED_CBC_SHA */
|
||||
{154,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_DHE_RSA_WITH_SEED_CBC_SHA */
|
||||
{155,KEX_DH,SIG_NONE,ENC_SEED,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_anon_WITH_SEED_CBC_SHA */
|
||||
{156,KEX_RSA,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_RSA_WITH_AES_128_GCM_SHA256 */
|
||||
{157,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_RSA_WITH_AES_256_GCM_SHA384 */
|
||||
{158,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */
|
||||
{159,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 */
|
||||
{160,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_RSA_WITH_AES_128_GCM_SHA256 */
|
||||
{161,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_RSA_WITH_AES_256_GCM_SHA384 */
|
||||
{162,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 */
|
||||
{163,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 */
|
||||
{164,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_DSS_WITH_AES_128_GCM_SHA256 */
|
||||
{165,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_DSS_WITH_AES_256_GCM_SHA384 */
|
||||
{166,KEX_DH,SIG_NONE,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_anon_WITH_AES_128_GCM_SHA256 */
|
||||
{167,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */
|
||||
{186,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
|
||||
{187,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 */
|
||||
{188,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
|
||||
|
@ -1843,7 +1862,31 @@ static SslCipherSuite cipher_suites[]={
|
|||
{195,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 */
|
||||
{196,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
|
||||
{197,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 */
|
||||
{49153,KEX_DH,SIG_DSS,ENC_NULL,1,0,0,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDH_ECDSA_WITH_NULL_SHA */
|
||||
{49154,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA */
|
||||
{49155,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA */
|
||||
{49156,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA */
|
||||
{49157,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA */
|
||||
{49158,KEX_DH,SIG_DSS,ENC_NULL,1,0,0,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */
|
||||
{49159,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA */
|
||||
{49160,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */
|
||||
{49161,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA */
|
||||
{49162,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA */
|
||||
{49163,KEX_DH,SIG_RSA,ENC_NULL,1,0,0,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDH_RSA_WITH_NULL_SHA */
|
||||
{49164,KEX_DH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDH_RSA_WITH_RC4_128_SHA */
|
||||
{49165,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA */
|
||||
{49166,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA */
|
||||
{49167,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */
|
||||
{49168,KEX_DH,SIG_RSA,ENC_NULL,1,0,0,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDHE_RSA_WITH_NULL_SHA */
|
||||
{49169,KEX_DH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDHE_RSA_WITH_RC4_128_SHA */
|
||||
{49170,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */
|
||||
{49171,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA */
|
||||
{49172,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */
|
||||
{49173,KEX_DH,SIG_NONE,ENC_NULL,1,0,0,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDH_anon_WITH_NULL_SHA */
|
||||
{49174,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_STREAM}, /* TLS_ECDH_anon_WITH_RC4_128_SHA */
|
||||
{49175,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA */
|
||||
{49176,KEX_DH,SIG_NONE,ENC_AES,16,128,128,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_anon_WITH_AES_128_CBC_SHA */
|
||||
{49177,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_anon_WITH_AES_256_CBC_SHA */
|
||||
{49187,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 */
|
||||
{49188,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 */
|
||||
{49189,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 */
|
||||
|
@ -1852,6 +1895,14 @@ static SslCipherSuite cipher_suites[]={
|
|||
{49192,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 */
|
||||
{49193,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 */
|
||||
{49194,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 */
|
||||
{49195,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 */
|
||||
{49196,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 */
|
||||
{49197,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 */
|
||||
{49198,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 */
|
||||
{49199,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */
|
||||
{49200,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 */
|
||||
{49201,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256,32,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 */
|
||||
{49202,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0, SSL_CIPHER_MODE_CBC}, /* TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 */
|
||||
{-1, 0,0,0,0,0,0,0,0,0, 0}
|
||||
};
|
||||
|
||||
|
|
|
@ -280,7 +280,8 @@ typedef struct _SslDecoder {
|
|||
#define ENC_AES256 0x36
|
||||
#define ENC_CAMELLIA128 0x37
|
||||
#define ENC_CAMELLIA256 0x38
|
||||
#define ENC_NULL 0x39
|
||||
#define ENC_SEED 0x39
|
||||
#define ENC_NULL 0x3A
|
||||
|
||||
#define DIG_MD5 0x40
|
||||
#define DIG_SHA 0x41
|
||||
|
|
Loading…
Reference in New Issue