From 431d1660759ff6f7f89631374ec96fe1616c2ed9 Mon Sep 17 00:00:00 2001 From: Kazu Yamamoto Date: Wed, 18 Dec 2024 16:37:15 +0900 Subject: [PATCH] using offical cipher names --- tls/Network/TLS/Extra/Cipher.hs | 317 +++++++++++++++++++++++++------- tls/Network/TLS/QUIC.hs | 6 +- tls/test/HandshakeSpec.hs | 54 +++--- 3 files changed, 280 insertions(+), 97 deletions(-) diff --git a/tls/Network/TLS/Extra/Cipher.hs b/tls/Network/TLS/Extra/Cipher.hs index 19650a3a4..8d61da098 100644 --- a/tls/Network/TLS/Extra/Cipher.hs +++ b/tls/Network/TLS/Extra/Cipher.hs @@ -1,5 +1,5 @@ module Network.TLS.Extra.Cipher ( - -- * cipher suite + -- * Cipher suite ciphersuite_default, ciphersuite_default_det, ciphersuite_all, @@ -8,26 +8,65 @@ module Network.TLS.Extra.Cipher ( ciphersuite_strong_det, ciphersuite_dhe_rsa, - -- * individual ciphers + -- * Individual ciphers + + -- ** RFC 5288 + cipher_DHE_RSA_WITH_AES_128_GCM_SHA256, + cipher_DHE_RSA_WITH_AES_256_GCM_SHA384, + + -- ** RFC 8446 + cipher13_AES_128_GCM_SHA256, + cipher13_AES_256_GCM_SHA384, + cipher13_CHACHA20_POLY1305_SHA256, + cipher13_AES_128_CCM_SHA256, + cipher13_TLS_AES_128_CCM_8_SHA256, + + -- ** RFC 5289 + cipher_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + cipher_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + cipher_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + cipher_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + + -- ** RFC 7251 + cipher_ECDHE_ECDSA_WITH_AES_128_CCM, + cipher_ECDHE_ECDSA_WITH_AES_256_CCM, + cipher_ECDHE_ECDSA_WITH_AES_128_CCM_8, + cipher_ECDHE_ECDSA_WITH_AES_256_CCM_8, + + -- ** RFC 7905 + cipher_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + cipher_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, + cipher_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + + -- * Deprecated names + + -- ** RFC 5288 cipher_DHE_RSA_AES128GCM_SHA256, cipher_DHE_RSA_AES256GCM_SHA384, - cipher_DHE_RSA_CHACHA20POLY1305_SHA256, + + -- ** RFC 8446 + cipher_TLS13_AES128GCM_SHA256, + cipher_TLS13_AES256GCM_SHA384, + cipher_TLS13_CHACHA20POLY1305_SHA256, + cipher_TLS13_AES128CCM_SHA256, + cipher_TLS13_AES128CCM8_SHA256, + + -- ** RFC 5289 + cipher_ECDHE_ECDSA_AES128GCM_SHA256, + cipher_ECDHE_ECDSA_AES256GCM_SHA384, cipher_ECDHE_RSA_AES128GCM_SHA256, cipher_ECDHE_RSA_AES256GCM_SHA384, - cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256, + + -- ** RFC 7251 cipher_ECDHE_ECDSA_AES128CCM_SHA256, - cipher_ECDHE_ECDSA_AES128CCM8_SHA256, - cipher_ECDHE_ECDSA_AES128GCM_SHA256, cipher_ECDHE_ECDSA_AES256CCM_SHA256, + cipher_ECDHE_ECDSA_AES128CCM8_SHA256, cipher_ECDHE_ECDSA_AES256CCM8_SHA256, - cipher_ECDHE_ECDSA_AES256GCM_SHA384, + + -- ** RFC 7905 + cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256, cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256, - -- TLS 1.3 - cipher_TLS13_AES128GCM_SHA256, - cipher_TLS13_AES256GCM_SHA384, - cipher_TLS13_CHACHA20POLY1305_SHA256, - cipher_TLS13_AES128CCM_SHA256, - cipher_TLS13_AES128CCM8_SHA256, + cipher_DHE_RSA_CHACHA20POLY1305_SHA256, ) where import qualified Data.ByteString as B @@ -224,9 +263,9 @@ ciphersuite_all_det = ciphersuite_default_det ++ complement_all complement_all :: [Cipher] complement_all = - [ cipher_ECDHE_ECDSA_AES128CCM8_SHA256 - , cipher_ECDHE_ECDSA_AES256CCM8_SHA256 - , cipher_TLS13_AES128CCM8_SHA256 + [ cipher_ECDHE_ECDSA_WITH_AES_128_CCM_8 + , cipher_ECDHE_ECDSA_WITH_AES_256_CCM_8 + , cipher13_TLS_AES_128_CCM_8_SHA256 ] -- | The strongest ciphers supported. For ciphers with PFS, AEAD and SHA2, we @@ -248,30 +287,30 @@ sets_strong :: [CipherSet] sets_strong = [ -- If we have PFS + AEAD + SHA2, then allow AES128, else just 256 SetAead - [cipher_ECDHE_ECDSA_AES256GCM_SHA384] - [cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256] - [cipher_ECDHE_ECDSA_AES256CCM_SHA256] + [cipher_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384] + [cipher_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256] + [cipher_ECDHE_ECDSA_WITH_AES_256_CCM] , SetAead - [cipher_ECDHE_ECDSA_AES128GCM_SHA256] + [cipher_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] [] - [cipher_ECDHE_ECDSA_AES128CCM_SHA256] + [cipher_ECDHE_ECDSA_WITH_AES_128_CCM] , SetAead - [cipher_ECDHE_RSA_AES256GCM_SHA384] - [cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256] + [cipher_ECDHE_RSA_WITH_AES_256_GCM_SHA384] + [cipher_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256] [] , SetAead - [cipher_ECDHE_RSA_AES128GCM_SHA256] + [cipher_ECDHE_RSA_WITH_AES_128_GCM_SHA256] [] [] , -- TLS13 (listed at the end but version is negotiated first) SetAead - [cipher_TLS13_AES256GCM_SHA384] - [cipher_TLS13_CHACHA20POLY1305_SHA256] + [cipher13_AES_256_GCM_SHA384] + [cipher13_CHACHA20_POLY1305_SHA256] [] , SetAead - [cipher_TLS13_AES128GCM_SHA256] + [cipher13_AES_128_GCM_SHA256] [] - [cipher_TLS13_AES128CCM_SHA256] + [cipher13_AES_128_CCM_SHA256] ] -- | DHE-RSA cipher suite. This only includes ciphers bound specifically to @@ -280,9 +319,9 @@ sets_strong = -- @since 2.1.5 ciphersuite_dhe_rsa :: [Cipher] ciphersuite_dhe_rsa = - [ cipher_DHE_RSA_AES256GCM_SHA384 - , cipher_DHE_RSA_CHACHA20POLY1305_SHA256 - , cipher_DHE_RSA_AES128GCM_SHA256 + [ cipher_DHE_RSA_WITH_AES_256_GCM_SHA384 + , cipher_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + , cipher_DHE_RSA_WITH_AES_128_GCM_SHA256 ] ---------------------------------------------------------------- @@ -392,8 +431,9 @@ bulk_aes128ccm8_13 = bulk_aes128ccm8{bulkIVSize = 12, bulkExplicitIV = 0} ---------------------------------------------------------------- -- RFC 5288 -cipher_DHE_RSA_AES128GCM_SHA256 :: Cipher -cipher_DHE_RSA_AES128GCM_SHA256 = +-- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 +cipher_DHE_RSA_WITH_AES_128_GCM_SHA256 :: Cipher +cipher_DHE_RSA_WITH_AES_128_GCM_SHA256 = Cipher { cipherID = 0x009E , cipherName = "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" @@ -404,8 +444,16 @@ cipher_DHE_RSA_AES128GCM_SHA256 = , cipherMinVer = Just TLS12 -- RFC 5288 Sec 4 } -cipher_DHE_RSA_AES256GCM_SHA384 :: Cipher -cipher_DHE_RSA_AES256GCM_SHA384 = +{-# DEPRECATED + cipher_DHE_RSA_AES128GCM_SHA256 + "Use cipher_DHE_RSA_WITH_AES_128_GCM_SHA256 instead" + #-} +cipher_DHE_RSA_AES128GCM_SHA256 :: Cipher +cipher_DHE_RSA_AES128GCM_SHA256 = cipher_DHE_RSA_WITH_AES_128_GCM_SHA256 + +-- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 +cipher_DHE_RSA_WITH_AES_256_GCM_SHA384 :: Cipher +cipher_DHE_RSA_WITH_AES_256_GCM_SHA384 = Cipher { cipherID = 0x009F , cipherName = "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" @@ -416,11 +464,19 @@ cipher_DHE_RSA_AES256GCM_SHA384 = , cipherMinVer = Just TLS12 } +{-# DEPRECATED + cipher_DHE_RSA_AES256GCM_SHA384 + "Use cipher_DHE_RSA_WITH_AES_256_GCM_SHA384 instead" + #-} +cipher_DHE_RSA_AES256GCM_SHA384 :: Cipher +cipher_DHE_RSA_AES256GCM_SHA384 = cipher_DHE_RSA_WITH_AES_256_GCM_SHA384 + ---------------------------------------------------------------- -- RFC 8446 -cipher_TLS13_AES128GCM_SHA256 :: Cipher -cipher_TLS13_AES128GCM_SHA256 = +-- TLS_AES_128_GCM_SHA256 +cipher13_AES_128_GCM_SHA256 :: Cipher +cipher13_AES_128_GCM_SHA256 = Cipher { cipherID = 0x1301 , cipherName = "TLS_AES_128_GCM_SHA256" @@ -431,8 +487,16 @@ cipher_TLS13_AES128GCM_SHA256 = , cipherMinVer = Just TLS13 } -cipher_TLS13_AES256GCM_SHA384 :: Cipher -cipher_TLS13_AES256GCM_SHA384 = +cipher_TLS13_AES128GCM_SHA256 :: Cipher +cipher_TLS13_AES128GCM_SHA256 = cipher13_AES_128_GCM_SHA256 +{-# DEPRECATED + cipher_TLS13_AES128GCM_SHA256 + "Use cipher13_AES_128_GCM_SHA256 instead" + #-} + +-- TLS_AES_256_GCM_SHA384 +cipher13_AES_256_GCM_SHA384 :: Cipher +cipher13_AES_256_GCM_SHA384 = Cipher { cipherID = 0x1302 , cipherName = "TLS_AES_256_GCM_SHA384" @@ -443,8 +507,16 @@ cipher_TLS13_AES256GCM_SHA384 = , cipherMinVer = Just TLS13 } -cipher_TLS13_CHACHA20POLY1305_SHA256 :: Cipher -cipher_TLS13_CHACHA20POLY1305_SHA256 = +cipher_TLS13_AES256GCM_SHA384 :: Cipher +cipher_TLS13_AES256GCM_SHA384 = cipher13_AES_256_GCM_SHA384 +{-# DEPRECATED + cipher_TLS13_AES256GCM_SHA384 + "Use cipher13_AES_256_GCM_SHA384 instead" + #-} + +-- TLS_CHACHA20_POLY1305_SHA256 +cipher13_CHACHA20_POLY1305_SHA256 :: Cipher +cipher13_CHACHA20_POLY1305_SHA256 = Cipher { cipherID = 0x1303 , cipherName = "TLS_CHACHA20_POLY1305_SHA256" @@ -455,8 +527,16 @@ cipher_TLS13_CHACHA20POLY1305_SHA256 = , cipherMinVer = Just TLS13 } -cipher_TLS13_AES128CCM_SHA256 :: Cipher -cipher_TLS13_AES128CCM_SHA256 = +cipher_TLS13_CHACHA20POLY1305_SHA256 :: Cipher +cipher_TLS13_CHACHA20POLY1305_SHA256 = cipher13_CHACHA20_POLY1305_SHA256 +{-# DEPRECATED + cipher_TLS13_CHACHA20POLY1305_SHA256 + "Use cipher13_CHACHA20_POLY1305_SHA256 instead" + #-} + +-- TLS_AES_128_CCM_SHA256 +cipher13_AES_128_CCM_SHA256 :: Cipher +cipher13_AES_128_CCM_SHA256 = Cipher { cipherID = 0x1304 , cipherName = "TLS_AES_128_CCM_SHA256" @@ -467,8 +547,16 @@ cipher_TLS13_AES128CCM_SHA256 = , cipherMinVer = Just TLS13 } -cipher_TLS13_AES128CCM8_SHA256 :: Cipher -cipher_TLS13_AES128CCM8_SHA256 = +cipher_TLS13_AES128CCM_SHA256 :: Cipher +cipher_TLS13_AES128CCM_SHA256 = cipher13_AES_128_CCM_SHA256 +{-# DEPRECATED + cipher_TLS13_AES128CCM_SHA256 + "Use cipher13_AES_128_CCM_SHA256 instead" + #-} + +-- TLS_AES_128_CCM_8_SHA256 +cipher13_TLS_AES_128_CCM_8_SHA256 :: Cipher +cipher13_TLS_AES_128_CCM_8_SHA256 = Cipher { cipherID = 0x1305 , cipherName = "TLS_AES_128_CCM_8_SHA256" @@ -479,11 +567,19 @@ cipher_TLS13_AES128CCM8_SHA256 = , cipherMinVer = Just TLS13 } +cipher_TLS13_AES128CCM8_SHA256 :: Cipher +cipher_TLS13_AES128CCM8_SHA256 = cipher13_TLS_AES_128_CCM_8_SHA256 +{-# DEPRECATED + cipher_TLS13_AES128CCM8_SHA256 + "Use cipher13_TLS_AES_128_CCM_8_SHA256 instead" + #-} + ---------------------------------------------------------------- -- GCM: RFC 5289 -cipher_ECDHE_ECDSA_AES128GCM_SHA256 :: Cipher -cipher_ECDHE_ECDSA_AES128GCM_SHA256 = +-- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +cipher_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :: Cipher +cipher_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = Cipher { cipherID = 0xC02B , cipherName = "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" @@ -494,8 +590,16 @@ cipher_ECDHE_ECDSA_AES128GCM_SHA256 = , cipherMinVer = Just TLS12 -- RFC 5289 } -cipher_ECDHE_ECDSA_AES256GCM_SHA384 :: Cipher -cipher_ECDHE_ECDSA_AES256GCM_SHA384 = +cipher_ECDHE_ECDSA_AES128GCM_SHA256 :: Cipher +cipher_ECDHE_ECDSA_AES128GCM_SHA256 = cipher_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +{-# DEPRECATED + cipher_ECDHE_ECDSA_AES128GCM_SHA256 + "Use cipher_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 instead" + #-} + +-- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 +cipher_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :: Cipher +cipher_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = Cipher { cipherID = 0xC02C , cipherName = "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" @@ -506,8 +610,16 @@ cipher_ECDHE_ECDSA_AES256GCM_SHA384 = , cipherMinVer = Just TLS12 -- RFC 5289 } -cipher_ECDHE_RSA_AES128GCM_SHA256 :: Cipher -cipher_ECDHE_RSA_AES128GCM_SHA256 = +cipher_ECDHE_ECDSA_AES256GCM_SHA384 :: Cipher +cipher_ECDHE_ECDSA_AES256GCM_SHA384 = cipher_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 +{-# DEPRECATED + cipher_ECDHE_ECDSA_AES256GCM_SHA384 + "Use cipher_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 instead" + #-} + +-- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 +cipher_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :: Cipher +cipher_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = Cipher { cipherID = 0xC02F , cipherName = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" @@ -518,8 +630,16 @@ cipher_ECDHE_RSA_AES128GCM_SHA256 = , cipherMinVer = Just TLS12 -- RFC 5288 Sec 4 } -cipher_ECDHE_RSA_AES256GCM_SHA384 :: Cipher -cipher_ECDHE_RSA_AES256GCM_SHA384 = +cipher_ECDHE_RSA_AES128GCM_SHA256 :: Cipher +cipher_ECDHE_RSA_AES128GCM_SHA256 = cipher_ECDHE_RSA_WITH_AES_128_GCM_SHA256 +{-# DEPRECATED + cipher_ECDHE_RSA_AES128GCM_SHA256 + "Use cipher_ECDHE_RSA_WITH_AES_128_GCM_SHA256 instead" + #-} + +-- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 +cipher_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :: Cipher +cipher_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = Cipher { cipherID = 0xC030 , cipherName = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" @@ -530,11 +650,19 @@ cipher_ECDHE_RSA_AES256GCM_SHA384 = , cipherMinVer = Just TLS12 -- RFC 5289 } +cipher_ECDHE_RSA_AES256GCM_SHA384 :: Cipher +cipher_ECDHE_RSA_AES256GCM_SHA384 = cipher_ECDHE_RSA_WITH_AES_256_GCM_SHA384 +{-# DEPRECATED + cipher_ECDHE_RSA_AES256GCM_SHA384 + "Use cipher_ECDHE_RSA_WITH_AES_256_GCM_SHA384 instead" + #-} + ---------------------------------------------------------------- -- CCM/ECC: RFC 7251 -cipher_ECDHE_ECDSA_AES128CCM_SHA256 :: Cipher -cipher_ECDHE_ECDSA_AES128CCM_SHA256 = +-- TLS_ECDHE_ECDSA_WITH_AES_128_CCM +cipher_ECDHE_ECDSA_WITH_AES_128_CCM :: Cipher +cipher_ECDHE_ECDSA_WITH_AES_128_CCM = Cipher { cipherID = 0xC0AC , cipherName = "TLS_ECDHE_ECDSA_WITH_AES_128_CCM" @@ -545,8 +673,16 @@ cipher_ECDHE_ECDSA_AES128CCM_SHA256 = , cipherMinVer = Just TLS12 -- RFC 7251 } -cipher_ECDHE_ECDSA_AES256CCM_SHA256 :: Cipher -cipher_ECDHE_ECDSA_AES256CCM_SHA256 = +cipher_ECDHE_ECDSA_AES128CCM_SHA256 :: Cipher +cipher_ECDHE_ECDSA_AES128CCM_SHA256 = cipher_ECDHE_ECDSA_WITH_AES_128_CCM +{-# DEPRECATED + cipher_ECDHE_ECDSA_AES128CCM_SHA256 + "User cipher_ECDHE_ECDSA_WITH_AES_128_CCM instead" + #-} + +-- TLS_ECDHE_ECDSA_WITH_AES_256_CCM +cipher_ECDHE_ECDSA_WITH_AES_256_CCM :: Cipher +cipher_ECDHE_ECDSA_WITH_AES_256_CCM = Cipher { cipherID = 0xC0AD , cipherName = "TLS_ECDHE_ECDSA_WITH_AES_256_CCM" @@ -557,8 +693,16 @@ cipher_ECDHE_ECDSA_AES256CCM_SHA256 = , cipherMinVer = Just TLS12 -- RFC 7251 } -cipher_ECDHE_ECDSA_AES128CCM8_SHA256 :: Cipher -cipher_ECDHE_ECDSA_AES128CCM8_SHA256 = +cipher_ECDHE_ECDSA_AES256CCM_SHA256 :: Cipher +cipher_ECDHE_ECDSA_AES256CCM_SHA256 = cipher_ECDHE_ECDSA_WITH_AES_256_CCM +{-# DEPRECATED + cipher_ECDHE_ECDSA_AES256CCM_SHA256 + "Use cipher_ECDHE_ECDSA_WITH_AES_256_CCM instead" + #-} + +-- TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 +cipher_ECDHE_ECDSA_WITH_AES_128_CCM_8 :: Cipher +cipher_ECDHE_ECDSA_WITH_AES_128_CCM_8 = Cipher { cipherID = 0xC0AE , cipherName = "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8" @@ -569,8 +713,16 @@ cipher_ECDHE_ECDSA_AES128CCM8_SHA256 = , cipherMinVer = Just TLS12 -- RFC 7251 } -cipher_ECDHE_ECDSA_AES256CCM8_SHA256 :: Cipher -cipher_ECDHE_ECDSA_AES256CCM8_SHA256 = +cipher_ECDHE_ECDSA_AES128CCM8_SHA256 :: Cipher +cipher_ECDHE_ECDSA_AES128CCM8_SHA256 = cipher_ECDHE_ECDSA_WITH_AES_128_CCM_8 +{-# DEPRECATED + cipher_ECDHE_ECDSA_AES128CCM8_SHA256 + "Use cipher_ECDHE_ECDSA_WITH_AES_128_CCM_8 instead" + #-} + +-- TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 +cipher_ECDHE_ECDSA_WITH_AES_256_CCM_8 :: Cipher +cipher_ECDHE_ECDSA_WITH_AES_256_CCM_8 = Cipher { cipherID = 0xC0AF , cipherName = "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8" @@ -581,11 +733,19 @@ cipher_ECDHE_ECDSA_AES256CCM8_SHA256 = , cipherMinVer = Just TLS12 -- RFC 7251 } +cipher_ECDHE_ECDSA_AES256CCM8_SHA256 :: Cipher +cipher_ECDHE_ECDSA_AES256CCM8_SHA256 = cipher_ECDHE_ECDSA_WITH_AES_256_CCM_8 +{-# DEPRECATED + cipher_ECDHE_ECDSA_AES256CCM8_SHA256 + "Use cipher_ECDHE_ECDSA_WITH_AES_256_CCM_8 instead" + #-} + ---------------------------------------------------------------- -- RFC 7905 -cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256 :: Cipher -cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256 = +-- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 +cipher_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :: Cipher +cipher_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = Cipher { cipherID = 0xCCA8 , cipherName = "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256" @@ -596,8 +756,16 @@ cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256 = , cipherMinVer = Just TLS12 } -cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256 :: Cipher -cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256 = +cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256 :: Cipher +cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256 = cipher_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 +{-# DEPRECATED + cipher_ECDHE_RSA_CHACHA20POLY1305_SHA256 + "Use cipher_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 instead" + #-} + +-- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 +cipher_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 :: Cipher +cipher_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = Cipher { cipherID = 0xCCA9 , cipherName = "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256" @@ -608,8 +776,16 @@ cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256 = , cipherMinVer = Just TLS12 } -cipher_DHE_RSA_CHACHA20POLY1305_SHA256 :: Cipher -cipher_DHE_RSA_CHACHA20POLY1305_SHA256 = +cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256 :: Cipher +cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256 = cipher_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 +{-# DEPRECATED + cipher_ECDHE_ECDSA_CHACHA20POLY1305_SHA256 + "Use cipher_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 instead" + #-} + +-- TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 +cipher_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :: Cipher +cipher_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = Cipher { cipherID = 0xCCAA , cipherName = "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256" @@ -619,3 +795,10 @@ cipher_DHE_RSA_CHACHA20POLY1305_SHA256 = , cipherKeyExchange = CipherKeyExchange_DHE_RSA , cipherMinVer = Just TLS12 } + +cipher_DHE_RSA_CHACHA20POLY1305_SHA256 :: Cipher +cipher_DHE_RSA_CHACHA20POLY1305_SHA256 = cipher_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 +{-# DEPRECATED + cipher_DHE_RSA_CHACHA20POLY1305_SHA256 + "Use cipher_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 instead" + #-} diff --git a/tls/Network/TLS/QUIC.hs b/tls/Network/TLS/QUIC.hs index 75a7873be..cd22fed02 100644 --- a/tls/Network/TLS/QUIC.hs +++ b/tls/Network/TLS/QUIC.hs @@ -246,9 +246,9 @@ defaultSupported = def { supportedVersions = [TLS13] , supportedCiphers = - [ cipher_TLS13_AES256GCM_SHA384 - , cipher_TLS13_AES128GCM_SHA256 - , cipher_TLS13_AES128CCM_SHA256 + [ cipher13_AES_256_GCM_SHA384 + , cipher13_AES_128_GCM_SHA256 + , cipher13_AES_128_CCM_SHA256 ] , supportedGroups = [X25519, X448, P256, P384, P521] } diff --git a/tls/test/HandshakeSpec.hs b/tls/test/HandshakeSpec.hs index 89fd5e5a2..c5eccb752 100644 --- a/tls/test/HandshakeSpec.hs +++ b/tls/test/HandshakeSpec.hs @@ -128,9 +128,9 @@ handshake_hashsignatures (clientHashSigs, serverHashSigs) = do tls13 <- generate arbitrary let version = if tls13 then TLS13 else TLS12 ciphers = - [ cipher_ECDHE_RSA_AES256GCM_SHA384 - , cipher_ECDHE_ECDSA_AES256GCM_SHA384 - , cipher_TLS13_AES128GCM_SHA256 + [ cipher_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + , cipher_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + , cipher13_AES_128_GCM_SHA256 ] (clientParam, serverParam) <- generate $ @@ -232,7 +232,7 @@ handshake_ec :: SG -> IO () handshake_ec (SG sigGroups) = do let versions = [TLS12] ciphers = - [ cipher_ECDHE_ECDSA_AES256GCM_SHA384 + [ cipher_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ] hashSignatures = [ (HashSHA256, SignatureECDSA) @@ -285,15 +285,15 @@ instance Arbitrary OC where arbitrary = OC <$> sublistOf otherCiphers <*> sublistOf otherCiphers where otherCiphers = - [ cipher_ECDHE_RSA_AES256GCM_SHA384 - , cipher_ECDHE_RSA_AES128GCM_SHA256 + [ cipher_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + , cipher_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ] handshake_cert_fallback_cipher :: OC -> IO () handshake_cert_fallback_cipher (OC clientCiphers serverCiphers) = do let clientVersions = [TLS12] serverVersions = [TLS12] - commonCiphers = [cipher_ECDHE_RSA_AES128GCM_SHA256] + commonCiphers = [cipher_ECDHE_RSA_WITH_AES_128_GCM_SHA256] hashSignatures = [(HashSHA256, SignatureRSA), (HashSHA1, SignatureDSA)] chainRef <- newIORef Nothing (clientParam, serverParam) <- @@ -341,9 +341,9 @@ handshake_cert_fallback_hs (OHS clientHS serverHS) = do tls13 <- generate arbitrary let versions = if tls13 then [TLS13] else [TLS12] ciphers = - [ cipher_ECDHE_RSA_AES128GCM_SHA256 - , cipher_ECDHE_ECDSA_AES128GCM_SHA256 - , cipher_TLS13_AES128GCM_SHA256 + [ cipher_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + , cipher_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + , cipher13_AES_128_GCM_SHA256 ] commonHS = [ (HashSHA256, SignatureRSA) @@ -674,12 +674,12 @@ handshake13_full :: CSP13 -> IO () handshake13_full (CSP13 (cli, srv)) = do let cliSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [X25519] } svrSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [X25519] } params = @@ -692,12 +692,12 @@ handshake13_hrr :: CSP13 -> IO () handshake13_hrr (CSP13 (cli, srv)) = do let cliSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [P256, X25519] } svrSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [X25519] } params = @@ -710,12 +710,12 @@ handshake13_psk :: CSP13 -> IO () handshake13_psk (CSP13 (cli, srv)) = do let cliSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [P256, X25519] } svrSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [X25519] } params0 = @@ -741,12 +741,12 @@ handshake13_psk_ticket :: CSP13 -> IO () handshake13_psk_ticket (CSP13 (cli, srv)) = do let cliSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [P256, X25519] } svrSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [X25519] } params0 = @@ -774,14 +774,14 @@ handshake13_psk_fallback (CSP13 (cli, srv)) = do let cliSupported = def { supportedCiphers = - [ cipher_TLS13_AES128GCM_SHA256 - , cipher_TLS13_AES128CCM_SHA256 + [ cipher13_AES_128_GCM_SHA256 + , cipher13_AES_128_CCM_SHA256 ] , supportedGroups = [P256, X25519] } svrSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [X25519] } params0 = @@ -805,7 +805,7 @@ handshake13_psk_fallback (CSP13 (cli, srv)) = do srv2' = srv2{serverSupported = svrSupported'} svrSupported' = def - { supportedCiphers = [cipher_TLS13_AES128CCM_SHA256] + { supportedCiphers = [cipher13_AES_128_CCM_SHA256] , supportedGroups = [P256] } @@ -815,12 +815,12 @@ handshake13_0rtt :: CSP13 -> IO () handshake13_0rtt (CSP13 (cli, srv)) = do let cliSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [P256, X25519] } svrSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [X25519] } cliHooks = @@ -868,12 +868,12 @@ handshake13_0rtt_fallback (CSP13 (cli, srv)) = do group0 <- generate $ elements [P256, X25519] let cliSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [P256, X25519] } svrSupported = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [group0] } params = @@ -902,7 +902,7 @@ handshake13_0rtt_fallback (CSP13 (cli, srv)) = do let (pc, ps) = setPairParamsSessionResuming sessionParams params0 svrSupported1 = def - { supportedCiphers = [cipher_TLS13_AES128GCM_SHA256] + { supportedCiphers = [cipher13_AES_128_GCM_SHA256] , supportedGroups = [group1] } params1 =