Created
September 4, 2016 13:38
-
-
Save h-yamamo/27241d8d96966317adce6b83e6a3bdfd to your computer and use it in GitHub Desktop.
Support Camellia-GCM cipher suites (RFC 6367) for debian jessie-backports openssl package
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/openssl.ld 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/openssl.ld 2016-09-04 20:00:00.000000000 +0900 | |
@@ -4482,6 +4482,8 @@ | |
EVP_AEAD_CTX_cleanup; | |
EVP_AEAD_CTX_seal; | |
EVP_AEAD_CTX_open; | |
+ EVP_aead_camellia_128_gcm; | |
+ EVP_aead_camellia_256_gcm; | |
} OPENSSL_1.0.0; | |
OPENSSL_1.0.1d { | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/apps/speed.c 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/apps/speed.c 2016-09-04 20:00:00.000000000 +0900 | |
@@ -241,7 +241,7 @@ | |
static int do_multi(int multi); | |
# endif | |
-# define ALGOR_NUM 33 | |
+# define ALGOR_NUM 35 | |
# define SIZE_NUM 5 | |
# define RSA_NUM 4 | |
# define DSA_NUM 3 | |
@@ -257,7 +257,8 @@ | |
"camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc", | |
"evp", "sha256", "sha512", "whirlpool", | |
"aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash", | |
- "aes-128 gcm", "aes-256 gcm", "chacha20 poly1305" | |
+ "aes-128 gcm", "aes-256 gcm", "chacha20 poly1305", | |
+ "camellia-128 gcm", "camellia-256 gcm" | |
}; | |
static double results[ALGOR_NUM][SIZE_NUM]; | |
@@ -520,6 +521,8 @@ | |
# define D_AES_128_GCM 30 | |
# define D_AES_256_GCM 31 | |
# define D_CHACHA20_POLY1305 32 | |
+# define D_CAMELLIA_128_GCM 33 | |
+# define D_CAMELLIA_256_GCM 34 | |
double d = 0.0; | |
long c[ALGOR_NUM][SIZE_NUM]; | |
# define R_DSA_512 0 | |
@@ -887,6 +890,11 @@ | |
else if (strcmp(*argv, "camellia-256-cbc") == 0) | |
doit[D_CBC_256_CML] = 1; | |
else | |
+ if (strcmp(*argv, "camellia-128-gcm") == 0) | |
+ doit[D_CAMELLIA_128_GCM] = 1; | |
+ else if (strcmp(*argv, "camellia-256-gcm") == 0) | |
+ doit[D_CAMELLIA_256_GCM] = 1; | |
+ else | |
# endif | |
# ifndef OPENSSL_NO_RSA | |
# if 0 /* was: #ifdef RSAref */ | |
@@ -1150,7 +1158,8 @@ | |
# ifndef OPENSSL_NO_CAMELLIA | |
BIO_printf(bio_err, "\n"); | |
BIO_printf(bio_err, | |
- "camellia-128-cbc camellia-192-cbc camellia-256-cbc "); | |
+ "camellia-128-cbc camellia-192-cbc camellia-256-cbc\n"); | |
+ BIO_printf(bio_err, "camellia-128-gcm camellia-256-gcm "); | |
# endif | |
# ifndef OPENSSL_NO_RC4 | |
BIO_printf(bio_err, "rc4"); | |
@@ -1390,6 +1399,8 @@ | |
c[D_AES_128_GCM][0] = count; | |
c[D_AES_256_GCM][0] = count; | |
c[D_CHACHA20_POLY1305][0] = count; | |
+ c[D_CAMELLIA_128_GCM][0] = count; | |
+ c[D_CAMELLIA_256_GCM][0] = count; | |
for (i = 1; i < SIZE_NUM; i++) { | |
c[D_MD2][i] = c[D_MD2][0] * 4 * lengths[0] / lengths[i]; | |
@@ -1429,6 +1440,8 @@ | |
c[D_AES_128_GCM][i] = c[D_AES_128_GCM][i - 1] * l0 / l1; | |
c[D_AES_256_GCM][i] = c[D_AES_256_GCM][i - 1] * l0 / l1; | |
c[D_CHACHA20_POLY1305][i] = c[D_CHACHA20_POLY1305][i - 1] * l0 / l1; | |
+ c[D_CAMELLIA_128_GCM][i] = c[D_CAMELLIA_128_GCM][i - 1] * l0 / l1; | |
+ c[D_CAMELLIA_256_GCM][i] = c[D_CAMELLIA_256_GCM][i - 1] * l0 / l1; | |
} | |
# ifndef OPENSSL_NO_RSA | |
rsa_c[R_RSA_512][0] = count / 2000; | |
@@ -1958,6 +1971,59 @@ | |
print_result(D_CBC_256_CML, j, count, d); | |
} | |
} | |
+ { if (doit[D_CAMELLIA_128_GCM]) | |
+ { | |
+ const EVP_AEAD *aead = EVP_aead_camellia_128_gcm(); | |
+ const unsigned char *nonce = iv; | |
+ size_t out_len, nonce_len; | |
+ EVP_AEAD_CTX ctx; | |
+ | |
+ EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead), | |
+ EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); | |
+ nonce_len = EVP_AEAD_nonce_length(aead); | |
+ | |
+ for (j=0; j<SIZE_NUM; j++) | |
+ { | |
+ print_message(names[D_CAMELLIA_128_GCM], | |
+ c[D_CAMELLIA_128_GCM][j], lengths[j]); | |
+ Time_F(START); | |
+ for (count=0,run=1; COND(c[D_CAMELLIA_128_GCM][j]); count++) | |
+ if (!EVP_AEAD_CTX_seal(&ctx, buf, &out_len, BUFSIZE, | |
+ nonce, nonce_len, buf, lengths[j], | |
+ NULL, 0)) | |
+ exit(1); | |
+ d=Time_F(STOP); | |
+ print_result(D_CAMELLIA_128_GCM,j,count,d); | |
+ } | |
+ EVP_AEAD_CTX_cleanup(&ctx); | |
+ } | |
+ if (doit[D_CAMELLIA_256_GCM]) | |
+ { | |
+ const EVP_AEAD *aead = EVP_aead_camellia_256_gcm(); | |
+ const unsigned char *nonce = iv; | |
+ size_t out_len, nonce_len; | |
+ EVP_AEAD_CTX ctx; | |
+ | |
+ EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead), | |
+ EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); | |
+ nonce_len = EVP_AEAD_nonce_length(aead); | |
+ | |
+ for (j=0; j<SIZE_NUM; j++) | |
+ { | |
+ print_message(names[D_CAMELLIA_256_GCM], | |
+ c[D_CAMELLIA_256_GCM][j], lengths[j]); | |
+ Time_F(START); | |
+ for (count=0,run=1; COND(c[D_CAMELLIA_256_GCM][j]); count++) | |
+ if (!EVP_AEAD_CTX_seal(&ctx, buf, &out_len, BUFSIZE, | |
+ nonce, nonce_len, buf, lengths[j], | |
+ NULL, 0)) | |
+ exit(1); | |
+ d=Time_F(STOP); | |
+ print_result(D_CAMELLIA_256_GCM,j,count,d); | |
+ } | |
+ EVP_AEAD_CTX_cleanup(&ctx); | |
+ } | |
+ } | |
# endif | |
# ifndef OPENSSL_NO_IDEA | |
if (doit[D_CBC_IDEA]) { | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/crypto/evp/aeadtest.c 2016-04-17 15:00:00.000000000 +0900 | |
+++ b/crypto/evp/aeadtest.c 2016-04-23 22:00:00.000000000 +0900 | |
@@ -257,6 +257,24 @@ | |
return 0; | |
#endif | |
} | |
+ else if (strcmp(argv[1], "camellia-128-gcm") == 0) | |
+ { | |
+#ifndef OPENSSL_NO_CAMELLIA | |
+ aead = EVP_aead_camellia_128_gcm(); | |
+#else | |
+ fprintf(stderr, "No Camellia support. Skipping test.\n"); | |
+ return 0; | |
+#endif | |
+ } | |
+ else if (strcmp(argv[1], "camellia-256-gcm") == 0) | |
+ { | |
+#ifndef OPENSSL_NO_CAMELLIA | |
+ aead = EVP_aead_camellia_256_gcm(); | |
+#else | |
+ fprintf(stderr, "No Camellia support. Skipping test.\n"); | |
+ return 0; | |
+#endif | |
+ } | |
else | |
{ | |
fprintf(stderr, "Unknown AEAD: %s\n", argv[1]); | |
diff -u openssl-1.0.2h-1~bpo8+2 +camellia-gcm | |
--- a/crypto/evp/e_camellia.c 2016-05-03 13:44:42.000000000 +0000 | |
+++ b/crypto/evp/e_camellia.c 2016-09-04 20:00:00.000000000 +0900 | |
@@ -385,6 +385,200 @@ | |
BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0) | |
BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0) | |
BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0) | |
+ | |
+ | |
+static ctr128_f camellia_gcm_set_key(CAMELLIA_KEY *camellia_key, | |
+ GCM128_CONTEXT *gcm_ctx, | |
+ const unsigned char *key, size_t key_len) | |
+ { | |
+ Camellia_set_key(key, key_len*8, camellia_key); | |
+ CRYPTO_gcm128_init(gcm_ctx, camellia_key, (block128_f)Camellia_encrypt); | |
+#if 0 /* CAMELLIA_CTR_ASM */ | |
+ return (ctr128_f)func; | |
+#else | |
+ return NULL; | |
+#endif | |
+ } | |
+ | |
+#define EVP_AEAD_CAMELLIA_GCM_TAG_LEN 16 | |
+ | |
+struct aead_camellia_gcm_ctx { | |
+ union { double align; CAMELLIA_KEY ks; } ks; | |
+ GCM128_CONTEXT gcm; | |
+ ctr128_f ctr; | |
+ unsigned tag_len; | |
+}; | |
+ | |
+static int aead_camellia_gcm_init(EVP_AEAD_CTX *ctx, | |
+ const unsigned char *key, size_t key_len, size_t tag_len) | |
+ { | |
+ struct aead_camellia_gcm_ctx *gcm_ctx; | |
+ const size_t key_bits = key_len * 8; | |
+ | |
+ if (key_bits != 128 && key_bits != 256) | |
+ { | |
+ EVPerr(EVP_F_AEAD_CAMELLIA_GCM_INIT, EVP_R_BAD_KEY_LENGTH); | |
+ return 0; /* EVP_AEAD_CTX_init should catch this. */ | |
+ } | |
+ | |
+ if (tag_len == EVP_AEAD_DEFAULT_TAG_LENGTH) | |
+ tag_len = EVP_AEAD_CAMELLIA_GCM_TAG_LEN; | |
+ | |
+ if (tag_len > EVP_AEAD_CAMELLIA_GCM_TAG_LEN) | |
+ { | |
+ EVPerr(EVP_F_AEAD_CAMELLIA_GCM_INIT, EVP_R_TAG_TOO_LARGE); | |
+ return 0; | |
+ } | |
+ | |
+ gcm_ctx = OPENSSL_malloc(sizeof(struct aead_camellia_gcm_ctx)); | |
+ if (gcm_ctx == NULL) | |
+ return 0; | |
+ | |
+ gcm_ctx->ctr = camellia_gcm_set_key(&gcm_ctx->ks.ks, &gcm_ctx->gcm, | |
+ key, key_len); | |
+ gcm_ctx->tag_len = tag_len; | |
+ ctx->aead_state = gcm_ctx; | |
+ | |
+ return 1; | |
+ } | |
+ | |
+static void aead_camellia_gcm_cleanup(EVP_AEAD_CTX *ctx) | |
+ { | |
+ struct aead_camellia_gcm_ctx *gcm_ctx = ctx->aead_state; | |
+ OPENSSL_cleanse(gcm_ctx, sizeof(*gcm_ctx)); | |
+ OPENSSL_free(gcm_ctx); | |
+ } | |
+ | |
+static int aead_camellia_gcm_seal(const EVP_AEAD_CTX *ctx, | |
+ unsigned char *out, size_t *out_len, size_t max_out_len, | |
+ const unsigned char *nonce, size_t nonce_len, | |
+ const unsigned char *in, size_t in_len, | |
+ const unsigned char *ad, size_t ad_len) | |
+ { | |
+ size_t bulk = 0; | |
+ const struct aead_camellia_gcm_ctx *gcm_ctx = ctx->aead_state; | |
+ GCM128_CONTEXT gcm; | |
+ | |
+ if (max_out_len < in_len + gcm_ctx->tag_len) | |
+ { | |
+ EVPerr(EVP_F_AEAD_CAMELLIA_GCM_SEAL, EVP_R_BUFFER_TOO_SMALL); | |
+ return 0; | |
+ } | |
+ | |
+ memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm)); | |
+ CRYPTO_gcm128_setiv(&gcm, nonce, nonce_len); | |
+ | |
+ if (ad_len > 0 && CRYPTO_gcm128_aad(&gcm, ad, ad_len)) | |
+ return 0; | |
+ | |
+/** if (gcm_ctx->ctr) #if CAMELLIA_CTR_ASM | |
+ { | |
+ if (CRYPTO_gcm128_encrypt_ctr32(&gcm, in + bulk, out + bulk, | |
+ in_len - bulk, gcm_ctx->ctr)) | |
+ return 0; | |
+ } | |
+ else **/ | |
+ { | |
+ if (CRYPTO_gcm128_encrypt(&gcm, in + bulk, out + bulk, | |
+ in_len - bulk)) | |
+ return 0; | |
+ } | |
+ | |
+ CRYPTO_gcm128_tag(&gcm, out + in_len, gcm_ctx->tag_len); | |
+ *out_len = in_len + gcm_ctx->tag_len; | |
+ return 1; | |
+ } | |
+ | |
+static int aead_camellia_gcm_open(const EVP_AEAD_CTX *ctx, | |
+ unsigned char *out, size_t *out_len, size_t max_out_len, | |
+ const unsigned char *nonce, size_t nonce_len, | |
+ const unsigned char *in, size_t in_len, | |
+ const unsigned char *ad, size_t ad_len) | |
+ { | |
+ size_t bulk = 0; | |
+ const struct aead_camellia_gcm_ctx *gcm_ctx = ctx->aead_state; | |
+ unsigned char tag[EVP_AEAD_CAMELLIA_GCM_TAG_LEN]; | |
+ size_t plaintext_len; | |
+ GCM128_CONTEXT gcm; | |
+ | |
+ if (in_len < gcm_ctx->tag_len) | |
+ { | |
+ EVPerr(EVP_F_AEAD_CAMELLIA_GCM_OPEN, EVP_R_BAD_DECRYPT); | |
+ return 0; | |
+ } | |
+ | |
+ plaintext_len = in_len - gcm_ctx->tag_len; | |
+ | |
+ if (max_out_len < plaintext_len) | |
+ { | |
+ EVPerr(EVP_F_AEAD_CAMELLIA_GCM_OPEN, EVP_R_BUFFER_TOO_SMALL); | |
+ return 0; | |
+ } | |
+ | |
+ memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm)); | |
+ CRYPTO_gcm128_setiv(&gcm, nonce, nonce_len); | |
+ | |
+ if (CRYPTO_gcm128_aad(&gcm, ad, ad_len)) | |
+ return 0; | |
+ | |
+/** if (gcm_ctx->ctr) #if CAMELLIA_CTR_ASM | |
+ { | |
+ if (CRYPTO_gcm128_decrypt_ctr32(&gcm, in + bulk, out + bulk, | |
+ in_len-bulk-gcm_ctx->tag_len, | |
+ gcm_ctx->ctr)) | |
+ return 0; | |
+ } | |
+ else **/ | |
+ { | |
+ if (CRYPTO_gcm128_decrypt(&gcm, in + bulk, out + bulk, | |
+ in_len - bulk - gcm_ctx->tag_len)) | |
+ return 0; | |
+ } | |
+ | |
+ CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len); | |
+ if (CRYPTO_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) | |
+ { | |
+ EVPerr(EVP_F_AEAD_CAMELLIA_GCM_OPEN, EVP_R_BAD_DECRYPT); | |
+ return 0; | |
+ } | |
+ | |
+ *out_len = plaintext_len; | |
+ return 1; | |
+ } | |
+ | |
+static const EVP_AEAD aead_camellia_128_gcm = { | |
+ 16, /* key len */ | |
+ 12, /* nonce len */ | |
+ EVP_AEAD_CAMELLIA_GCM_TAG_LEN, /* overhead */ | |
+ EVP_AEAD_CAMELLIA_GCM_TAG_LEN, /* max tag length */ | |
+ | |
+ aead_camellia_gcm_init, | |
+ aead_camellia_gcm_cleanup, | |
+ aead_camellia_gcm_seal, | |
+ aead_camellia_gcm_open, | |
+}; | |
+ | |
+static const EVP_AEAD aead_camellia_256_gcm = { | |
+ 32, /* key len */ | |
+ 12, /* nonce len */ | |
+ EVP_AEAD_CAMELLIA_GCM_TAG_LEN, /* overhead */ | |
+ EVP_AEAD_CAMELLIA_GCM_TAG_LEN, /* max tag length */ | |
+ | |
+ aead_camellia_gcm_init, | |
+ aead_camellia_gcm_cleanup, | |
+ aead_camellia_gcm_seal, | |
+ aead_camellia_gcm_open, | |
+}; | |
+ | |
+const EVP_AEAD *EVP_aead_camellia_128_gcm() | |
+ { | |
+ return &aead_camellia_128_gcm; | |
+ } | |
+ | |
+const EVP_AEAD *EVP_aead_camellia_256_gcm() | |
+ { | |
+ return &aead_camellia_256_gcm; | |
+ } | |
#else | |
# ifdef PEDANTIC | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/crypto/evp/evp.h 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/crypto/evp/evp.h 2016-09-04 20:00:00.000000000 +0900 | |
@@ -1382,6 +1382,11 @@ | |
const EVP_AEAD *EVP_aead_aes_256_gcm(void); | |
# endif | |
+# ifndef OPENSSL_NO_CAMELLIA | |
+const EVP_AEAD *EVP_aead_camellia_128_gcm(void); | |
+const EVP_AEAD *EVP_aead_camellia_256_gcm(void); | |
+# endif | |
+ | |
# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) | |
/* EVP_aead_chacha20_poly1305 is ChaCha20 with a Poly1305 authenticator. */ | |
const EVP_AEAD *EVP_aead_chacha20_poly1305(void); | |
@@ -1501,6 +1506,9 @@ | |
# define EVP_F_AEAD_AES_GCM_INIT 187 | |
# define EVP_F_AEAD_AES_GCM_OPEN 188 | |
# define EVP_F_AEAD_AES_GCM_SEAL 189 | |
+# define EVP_F_AEAD_CAMELLIA_GCM_INIT 195 | |
+# define EVP_F_AEAD_CAMELLIA_GCM_OPEN 196 | |
+# define EVP_F_AEAD_CAMELLIA_GCM_SEAL 197 | |
# define EVP_F_AEAD_CHACHA20_POLY1305_INIT 192 | |
# define EVP_F_AEAD_CHACHA20_POLY1305_OPEN 193 | |
# define EVP_F_AEAD_CHACHA20_POLY1305_SEAL 194 | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/crypto/evp/evp_err.c 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/crypto/evp/evp_err.c 2016-09-04 20:00:00.000000000 +0900 | |
@@ -73,6 +73,9 @@ | |
{ERR_FUNC(EVP_F_AEAD_AES_GCM_INIT), "AEAD_AES_GCM_INIT"}, | |
{ERR_FUNC(EVP_F_AEAD_AES_GCM_OPEN), "AEAD_AES_GCM_OPEN"}, | |
{ERR_FUNC(EVP_F_AEAD_AES_GCM_SEAL), "AEAD_AES_GCM_SEAL"}, | |
+ {ERR_FUNC(EVP_F_AEAD_CAMELLIA_GCM_INIT), "AEAD_CAMELLIA_GCM_INIT"}, | |
+ {ERR_FUNC(EVP_F_AEAD_CAMELLIA_GCM_OPEN), "AEAD_CAMELLIA_GCM_OPEN"}, | |
+ {ERR_FUNC(EVP_F_AEAD_CAMELLIA_GCM_SEAL), "AEAD_CAMELLIA_GCM_SEAL"}, | |
{ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_INIT), | |
"AEAD_CHACHA20_POLY1305_INIT"}, | |
{ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_OPEN), | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/ssl/s3_lib.c 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/ssl/s3_lib.c 2016-09-04 20:00:00.000000000 +0900 | |
@@ -2893,6 +2893,154 @@ | |
#endif /* OPENSSL_NO_ECDH */ | |
+#ifndef OPENSSL_NO_CAMELLIA | |
+ /* GCM-Based Cipher Suites from RFC 6367 */ | |
+# if 0 /* change 0 to 1 if you need RSA and DHE suites. */ | |
+ /* Cipher C07A */ | |
+ { | |
+ 1, | |
+ TLS1_TXT_RSA_WITH_CAMELLIA_128_GCM_SHA256, | |
+ TLS1_CK_RSA_WITH_CAMELLIA_128_GCM_SHA256, | |
+ SSL_kRSA, | |
+ SSL_aRSA, | |
+ SSL_CAMELLIA128GCM, | |
+ SSL_AEAD, | |
+ SSL_TLSV1_2, | |
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD| | |
+ FIXED_NONCE_LEN(4)| | |
+ SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, | |
+ 128, | |
+ 128, | |
+ }, | |
+ | |
+ /* Cipher C07B */ | |
+ { | |
+ 1, | |
+ TLS1_TXT_RSA_WITH_CAMELLIA_256_GCM_SHA384, | |
+ TLS1_CK_RSA_WITH_CAMELLIA_256_GCM_SHA384, | |
+ SSL_kRSA, | |
+ SSL_aRSA, | |
+ SSL_CAMELLIA256GCM, | |
+ SSL_AEAD, | |
+ SSL_TLSV1_2, | |
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD| | |
+ FIXED_NONCE_LEN(4)| | |
+ SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, | |
+ 256, | |
+ 256, | |
+ }, | |
+ | |
+ /* Cipher C07C */ | |
+ { | |
+ 1, | |
+ TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, | |
+ TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, | |
+ SSL_kEDH, | |
+ SSL_aRSA, | |
+ SSL_CAMELLIA128GCM, | |
+ SSL_AEAD, | |
+ SSL_TLSV1_2, | |
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD| | |
+ FIXED_NONCE_LEN(4)| | |
+ SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, | |
+ 128, | |
+ 128, | |
+ }, | |
+ | |
+ /* Cipher C07D */ | |
+ { | |
+ 1, | |
+ TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, | |
+ TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, | |
+ SSL_kEDH, | |
+ SSL_aRSA, | |
+ SSL_CAMELLIA256GCM, | |
+ SSL_AEAD, | |
+ SSL_TLSV1_2, | |
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD| | |
+ FIXED_NONCE_LEN(4)| | |
+ SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, | |
+ 256, | |
+ 256, | |
+ }, | |
+# endif | |
+ /* Cipher C086 */ | |
+ { | |
+ 1, | |
+ TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, | |
+ TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, | |
+ SSL_kEECDH, | |
+ SSL_aECDSA, | |
+ SSL_CAMELLIA128GCM, | |
+ SSL_AEAD, | |
+ SSL_TLSV1_2, | |
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD| | |
+ FIXED_NONCE_LEN(4)| | |
+ SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, | |
+ 128, | |
+ 128, | |
+ }, | |
+ | |
+ /* Cipher C087 */ | |
+ { | |
+ 1, | |
+ TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, | |
+ TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, | |
+ SSL_kEECDH, | |
+ SSL_aECDSA, | |
+ SSL_CAMELLIA256GCM, | |
+ SSL_AEAD, | |
+ SSL_TLSV1_2, | |
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD| | |
+ FIXED_NONCE_LEN(4)| | |
+ SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, | |
+ 256, | |
+ 256, | |
+ }, | |
+ | |
+ /* Cipher C08A */ | |
+ { | |
+ 1, | |
+ TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, | |
+ TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, | |
+ SSL_kEECDH, | |
+ SSL_aRSA, | |
+ SSL_CAMELLIA128GCM, | |
+ SSL_AEAD, | |
+ SSL_TLSV1_2, | |
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
+ SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD| | |
+ FIXED_NONCE_LEN(4)| | |
+ SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, | |
+ 128, | |
+ 128, | |
+ }, | |
+ | |
+ /* Cipher C08B */ | |
+ { | |
+ 1, | |
+ TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, | |
+ TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, | |
+ SSL_kEECDH, | |
+ SSL_aRSA, | |
+ SSL_CAMELLIA256GCM, | |
+ SSL_AEAD, | |
+ SSL_TLSV1_2, | |
+ SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, | |
+ SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD| | |
+ FIXED_NONCE_LEN(4)| | |
+ SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, | |
+ 256, | |
+ 256, | |
+ }, | |
+#endif /* OPENSSL_NO_CAMELLIA */ | |
+ | |
#ifdef TEMP_GOST_TLS | |
/* Cipher FF00 */ | |
{ | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/ssl/ssl.h 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/ssl/ssl.h 2016-09-04 20:00:00.000000000 +0900 | |
@@ -297,6 +297,7 @@ | |
# define SSL_TXT_CAMELLIA128 "CAMELLIA128" | |
# define SSL_TXT_CAMELLIA256 "CAMELLIA256" | |
# define SSL_TXT_CAMELLIA "CAMELLIA" | |
+# define SSL_TXT_CAMELLIA_GCM "CAMELLIAGCM" | |
# define SSL_TXT_CHACHA20 "CHACHA20" | |
# define SSL_TXT_MD5 "MD5" | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/ssl/ssl_ciph.c 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/ssl/ssl_ciph.c 2016-09-04 20:00:00.000000000 +0900 | |
@@ -311,10 +311,14 @@ | |
{0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0}, | |
{0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0, | |
0, 0}, | |
- {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0}, | |
- {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0}, | |
+ {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA128GCM, 0, | |
+ 0, 0, 0, 0, 0}, | |
+ {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256 | SSL_CAMELLIA256GCM, 0, | |
+ 0, 0, 0, 0, 0}, | |
{0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0, | |
0, 0, 0}, | |
+ {0, SSL_TXT_CAMELLIA_GCM, 0, 0, 0, SSL_CAMELLIA128GCM | SSL_CAMELLIA256GCM, | |
+ 0, 0, 0, 0, 0, 0}, | |
{0, SSL_TXT_CHACHA20, 0, 0, 0, SSL_CHACHA20POLY1305, 0, 0, 0, 0, 0, 0}, | |
/* MAC aliases */ | |
@@ -555,6 +559,14 @@ | |
*aead = EVP_aead_aes_256_gcm(); | |
return 1; | |
#endif | |
+#ifndef OPENSSL_NO_CAMELLIA | |
+ case SSL_CAMELLIA128GCM: | |
+ *aead = EVP_aead_camellia_128_gcm(); | |
+ return 1; | |
+ case SSL_CAMELLIA256GCM: | |
+ *aead = EVP_aead_camellia_256_gcm(); | |
+ return 1; | |
+#endif | |
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) | |
case SSL_CHACHA20POLY1305: | |
if (c->id & 0x80) | |
@@ -1876,6 +1888,12 @@ | |
case SSL_CHACHA20POLY1305: | |
enc = "ChaCha20-Poly1305"; | |
break; | |
+ case SSL_CAMELLIA128GCM: | |
+ enc="CamelliaGCM(128)"; | |
+ break; | |
+ case SSL_CAMELLIA256GCM: | |
+ enc="CamelliaGCM(256)"; | |
+ break; | |
default: | |
enc = "unknown"; | |
break; | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/ssl/ssl_locl.h 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/ssl/ssl_locl.h 2016-09-04 20:00:00.000000000 +0900 | |
@@ -355,9 +355,12 @@ | |
# define SSL_AES128GCM 0x00001000L | |
# define SSL_AES256GCM 0x00002000L | |
# define SSL_CHACHA20POLY1305 0x00004000L | |
+# define SSL_CAMELLIA128GCM 0x00008000L | |
+# define SSL_CAMELLIA256GCM 0x00010000L | |
# define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM) | |
-# define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) | |
+# define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256| \ | |
+ SSL_CAMELLIA128GCM|SSL_CAMELLIA256GCM) | |
/* Bits for algorithm_mac (symmetric authentication) */ | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/ssl/tls1.h 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/ssl/tls1.h 2016-09-04 20:00:00.000000000 +0900 | |
@@ -563,6 +563,16 @@ | |
# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031 | |
# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032 | |
+/* Camellia GCM based ciphersuites from RFC6367 */ | |
+# define TLS1_CK_RSA_WITH_CAMELLIA_128_GCM_SHA256 0x0300C07A | |
+# define TLS1_CK_RSA_WITH_CAMELLIA_256_GCM_SHA384 0x0300C07B | |
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0x0300C07C | |
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0x0300C07D | |
+# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0x0300C086 | |
+# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0x0300C087 | |
+# define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0x0300C08A | |
+# define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0x0300C08B | |
+ | |
# define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD 0x0300CC13 | |
# define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD 0x0300CC14 | |
# define TLS1_CK_DHE_RSA_CHACHA20_POLY1305_OLD 0x0300CC15 | |
@@ -720,6 +730,15 @@ | |
# define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256" | |
# define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384" | |
+# define TLS1_TXT_RSA_WITH_CAMELLIA_128_GCM_SHA256 "CAMELLIA128-GCM-SHA256" | |
+# define TLS1_TXT_RSA_WITH_CAMELLIA_256_GCM_SHA384 "CAMELLIA256-GCM-SHA384" | |
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 "DHE-RSA-CAMELLIA128-GCM-SHA256" | |
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 "DHE-RSA-CAMELLIA256-GCM-SHA384" | |
+# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 "ECDHE-ECDSA-CAMELLIA128-GCM-SHA256" | |
+# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 "ECDHE-ECDSA-CAMELLIA256-GCM-SHA384" | |
+# define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 "ECDHE-RSA-CAMELLIA128-GCM-SHA256" | |
+# define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 "ECDHE-RSA-CAMELLIA256-GCM-SHA384" | |
+ | |
# define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 "ECDHE-RSA-CHACHA20-POLY1305" | |
# define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 "ECDHE-ECDSA-CHACHA20-POLY1305" | |
# define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 "DHE-RSA-CHACHA20-POLY1305" | |
diff -u openssl-1.0.2h-1~bpo8+2+ore1 +camellia-gcm | |
--- a/test/Makefile 2016-09-04 00:00:00.000000000 +0900 | |
+++ b/test/Makefile 2016-09-04 20:00:00.000000000 +0900 | |
@@ -382,7 +382,8 @@ | |
../util/shlib_wrap.sh ./$(POLY1305TEST) | |
test_aead: $(AEADTEST)$(EXE_EXT) chacha20_poly1305_old_tests.txt \ | |
- chacha20_poly1305_tests.txt aes_128_gcm_tests.txt aes_256_gcm_tests.txt | |
+ chacha20_poly1305_tests.txt aes_128_gcm_tests.txt aes_256_gcm_tests.txt \ | |
+ camellia_128_gcm_tests.txt camellia_256_gcm_tests.txt | |
@echo "Test ChaCha20+Poly1305(rfc7539)" | |
../util/shlib_wrap.sh ./$(AEADTEST) chacha20-poly1305 \ | |
chacha20_poly1305_tests.txt | |
@@ -395,6 +396,12 @@ | |
@echo "Test AES-256-GCM" | |
../util/shlib_wrap.sh ./$(AEADTEST) aes-256-gcm \ | |
aes_256_gcm_tests.txt | |
+ @echo "Test Camellia-128-GCM" | |
+ ../util/shlib_wrap.sh ./$(AEADTEST) camellia-128-gcm \ | |
+ camellia_128_gcm_tests.txt | |
+ @echo "Test Camellia-256-GCM" | |
+ ../util/shlib_wrap.sh ./$(AEADTEST) camellia-256-gcm \ | |
+ camellia_256_gcm_tests.txt | |
lint: | |
lint -DLINT $(INCLUDES) $(SRC)>fluff | |
diff -uN 1.0.2h-1~bpo8+2 +camellia-gcm | |
--- /dev/null 1970-01-01 09:00:00.000000000 +0900 | |
+++ b/test/camellia_128_gcm_tests.txt 2016-02-03 01:33:12.000000000 +0900 | |
@@ -0,0 +1,49 @@ | |
+# Test vector from draft-kato-ipsec-camellia-gcm Section 4. | |
+ | |
+# Case 1 | |
+KEY: 00000000000000000000000000000000 | |
+NONCE: 000000000000000000000000 | |
+IN: "" | |
+AD: "" | |
+CT: "" | |
+TAG: f5574acc3148dfcb9015200631024df9 | |
+ | |
+# Case 2 | |
+KEY: 00000000000000000000000000000000 | |
+NONCE: 000000000000000000000000 | |
+IN: 00000000000000000000000000000000 | |
+AD: "" | |
+CT: defe3e0b5c54c94b4f2a0f5a46f6210d | |
+TAG: f672b94d192266c7c8c8dbb427cc989a | |
+ | |
+# Case 3 | |
+KEY: feffe9928665731c6d6a8f9467308308 | |
+NONCE: cafebabefacedbaddecaf888 | |
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 | |
+AD: "" | |
+CT: d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815 | |
+TAG: 86e318012dd8329dc9dae6a170f61b24 | |
+ | |
+# Case 4 | |
+KEY: feffe9928665731c6d6a8f9467308308 | |
+NONCE: cafebabefacedbaddecaf888 | |
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 | |
+AD: feedfacedeadbeeffeedfacedeadbeefabaddad2 | |
+CT: d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606 | |
+TAG: 9f458869431576ea6a095456ec6b8101 | |
+ | |
+# Case 5 | |
+KEY: feffe9928665731c6d6a8f9467308308 | |
+NONCE: cafebabefacedbad | |
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 | |
+AD: feedfacedeadbeeffeedfacedeadbeefabaddad2 | |
+CT: 28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd | |
+TAG: e86f8f2e730c49d536f00fb5225d28b1 | |
+ | |
+# Case 6 | |
+KEY: feffe9928665731c6d6a8f9467308308 | |
+NONCE: 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b | |
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 | |
+AD: feedfacedeadbeeffeedfacedeadbeefabaddad2 | |
+CT: 2e582b8417c93f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647 | |
+TAG: ceae5569b2af8641572622731aed3e53 | |
diff -uN 1.0.2h-1~bpo8+2 +camellia-gcm | |
--- /dev/null 1970-01-01 09:00:00.000000000 +0900 | |
+++ b/test/camellia_256_gcm_tests.txt 2016-02-03 01:36:49.000000000 +0900 | |
@@ -0,0 +1,49 @@ | |
+# Test vector from draft-kato-ipsec-camellia-gcm Section 4. | |
+ | |
+# Case 13 | |
+KEY: 0000000000000000000000000000000000000000000000000000000000000000 | |
+NONCE: 000000000000000000000000 | |
+IN: "" | |
+AD: "" | |
+CT: "" | |
+TAG: 9cdb269b5d293bc5db9c55b057d9b591 | |
+ | |
+# Case 14 | |
+KEY: 0000000000000000000000000000000000000000000000000000000000000000 | |
+NONCE: 000000000000000000000000 | |
+IN: 00000000000000000000000000000000 | |
+AD: "" | |
+CT: 3d4b2cde666761ba5dfb305178e667fb | |
+TAG: 284b63bb143c40ce100fb4dea6bb617b | |
+ | |
+# Case 15 | |
+KEY: feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 | |
+NONCE: cafebabefacedbaddecaf888 | |
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255 | |
+AD: "" | |
+CT: ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092 | |
+TAG: c912686270a2b9966415fca3be75c468 | |
+ | |
+# Case 16 | |
+KEY: feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 | |
+NONCE: cafebabefacedbaddecaf888 | |
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 | |
+AD: feedfacedeadbeeffeedfacedeadbeefabaddad2 | |
+CT: ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77 | |
+TAG: 4e4b178d8fe26fdc95e2e7246dd94bec | |
+ | |
+# Case 17 | |
+KEY: feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 | |
+NONCE: cafebabefacedbad | |
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 | |
+AD: feedfacedeadbeeffeedfacedeadbeefabaddad2 | |
+CT: 6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652 | |
+TAG: e6472b8ebd331bfcc7c0fa63ce094461 | |
+ | |
+# Case 18 | |
+KEY: feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 | |
+NONCE: 9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b | |
+IN: d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39 | |
+AD: feedfacedeadbeeffeedfacedeadbeefabaddad2 | |
+CT: e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862 | |
+TAG: 5791883f822013f8bd136fc36fb9946b |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This patch requires the preceding chacha20poly1305.patch.
How to build packages: