diff options
| author | Jose <jose@zeroc.com> | 2019-01-15 12:00:51 +0100 |
|---|---|---|
| committer | Jose <jose@zeroc.com> | 2019-01-15 12:00:51 +0100 |
| commit | 8249fd248844bc45ff5088f12268b09bf4a8a851 (patch) | |
| tree | 6812f2d95e1773a91f61a80b75d282d0c23c213b /cpp/src/IceSSL/SecureTransportEngine.cpp | |
| parent | Revert "Enable tracing for allTests.py to investigate iOS failures" (diff) | |
| download | ice-8249fd248844bc45ff5088f12268b09bf4a8a851.tar.bz2 ice-8249fd248844bc45ff5088f12268b09bf4a8a851.tar.xz ice-8249fd248844bc45ff5088f12268b09bf4a8a851.zip | |
IceSSL TLSv1.3 preliminary support
Diffstat (limited to 'cpp/src/IceSSL/SecureTransportEngine.cpp')
| -rw-r--r-- | cpp/src/IceSSL/SecureTransportEngine.cpp | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/cpp/src/IceSSL/SecureTransportEngine.cpp b/cpp/src/IceSSL/SecureTransportEngine.cpp index 80f28129bf7..a3304676bfe 100644 --- a/cpp/src/IceSSL/SecureTransportEngine.cpp +++ b/cpp/src/IceSSL/SecureTransportEngine.cpp @@ -129,7 +129,7 @@ CiphersHelper::initialize() _ciphers["RSA_EXPORT_WITH_RC4_40_MD5"] = SSL_RSA_EXPORT_WITH_RC4_40_MD5; _ciphers["RSA_WITH_RC4_128_MD5"] = SSL_RSA_WITH_RC4_128_MD5; _ciphers["RSA_WITH_RC4_128_SHA"] = SSL_RSA_WITH_RC4_128_SHA; - _ciphers["RSA_EXPORT_WITH_RC2_CBC_40_MD5"] = SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5; + _ciphers["RSA_EXPORT_WITH_RC2_CBC_40_MD5"] = SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5; _ciphers["RSA_WITH_IDEA_CBC_SHA"] = SSL_RSA_WITH_IDEA_CBC_SHA; _ciphers["RSA_EXPORT_WITH_DES40_CBC_SHA"] = SSL_RSA_EXPORT_WITH_DES40_CBC_SHA; _ciphers["RSA_WITH_DES_CBC_SHA"] = SSL_RSA_WITH_DES_CBC_SHA; @@ -341,6 +341,16 @@ CiphersHelper::initialize() _ciphers["RSA_WITH_DES_CBC_MD5"] = SSL_RSA_WITH_DES_CBC_MD5; _ciphers["RSA_WITH_3DES_EDE_CBC_MD5"] = SSL_RSA_WITH_3DES_EDE_CBC_MD5; _ciphers["NO_SUCH_CIPHERSUITE"] = SSL_NO_SUCH_CIPHERSUITE; + + // + // TLS 1.3 standard cipher suites + // + _ciphers["TLS_AES_128_GCM_SHA256"] = TLS_AES_128_GCM_SHA256; + _ciphers["TLS_AES_256_GCM_SHA384"] = TLS_AES_256_GCM_SHA384; + _ciphers["TLS_CHACHA20_POLY1305_SHA256"] = TLS_CHACHA20_POLY1305_SHA256; + _ciphers["TLS_AES_128_CCM_SHA256"] = TLS_AES_128_CCM_SHA256; + _ciphers["TLS_AES_128_CCM_8_SHA256"] = TLS_AES_128_CCM_8_SHA256; + } } @@ -741,6 +751,21 @@ CiphersHelper::cipherName(SSLCipherSuite cipher) return "RSA_WITH_DES_CBC_MD5"; case SSL_RSA_WITH_3DES_EDE_CBC_MD5: return "RSA_WITH_3DES_EDE_CBC_MD5"; + + // + //TLS 1.3 standard cipher suites + // + case TLS_AES_128_GCM_SHA256: + return "TLS_AES_128_GCM_SHA256"; + case TLS_AES_256_GCM_SHA384: + return "TLS_AES_256_GCM_SHA384"; + case TLS_CHACHA20_POLY1305_SHA256: + return "TLS_CHACHA20_POLY1305_SHA256"; + case TLS_AES_128_CCM_SHA256: + return "TLS_AES_128_CCM_SHA256"; + case TLS_AES_128_CCM_8_SHA256: + return "TLS_AES_128_CCM_8_SHA256"; + default: return ""; } @@ -772,6 +797,10 @@ parseProtocol(const string& p) { return kTLSProtocol12; } + else if(prot == "TLS1_3" || prot == "TLSV1_3") + { + return kTLSProtocol13; + } else { throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unrecognized protocol `" + p + "'"); |