Add new codepoints

This commit adds support for new codepoints as mentioned in drwetter#1207 and drwetter#2285.
dcooper16 · Mar 20, 2023 · 3dff9f4 · 3dff9f4
1 parent cb45177
commit 3dff9f4
Show file tree

Hide file tree

Showing 3 changed files with 219 additions and 78 deletions.
diff --git a/etc/curves.txt b/etc/curves.txt
@@ -28,4 +28,15 @@
 27, brainpoolP384r1, 
 28, brainpoolP512r1, 
 29, curve25519,
-30, curve448
+30, curve448,
+31, brainpoolP256r1tls13,
+32, brainpoolP384r1tls13,
+33, brainpoolP512r1tls13,
+34, GC256A,
+35, GC256B,
+36, GC256C,
+37, GC256D,
+38, GC512A,
+39, GC512B,
+40, GC512C,
+41, curveSM2
diff --git a/openssl-iana.mapping.html b/openssl-iana.mapping.html
@@ -224,6 +224,10 @@
 <tr><td> [0xbe]</td><td>     DHE-RSA-CAMELLIA128-SHA256</td><td> DH       </td><td>   Camellia  </td><td>  128          </td><td> TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256    </td></tr>
 <tr><td> [0xbf]</td><td>     ADH-CAMELLIA128-SHA256    </td><td> DH       </td><td>   Camellia  </td><td>  128          </td><td> TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256     </td></tr>
 
+<!-- RFC 8998 -->
+<tr><td> [0xc6]</td><td>          </td><td> ECDH     </td><td> SM4GCM    </td><td> 128           </td><td> TLS_SM4_GCM_SM3     </td></tr>
+<tr><td> [0xc7]</td><td>          </td><td> ECDH     </td><td> SM4CCM    </td><td> 128           </td><td> TLS_SM4_CCM_SM3     </td></tr>
+
 <!-- https://tools.ietf.org/html/rfc5746 -->
 <tr><td> [0x5600]</td><td>   TLS_FALLBACK_SCSV            </td><td>          </td><td>           </td><td>               </td><td> TLS_EMPTY_RENEGOTIATION_INFO_SCSV     </td></tr>
 
@@ -425,6 +429,21 @@
 <tr><td> [0xc0ae]</td><td>   ECDHE-ECDSA-AES128-CCM8      </td><td> ECDH     </td><td>   AESCCM  </td><td>  128          </td><td> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8  </td></tr>
 <tr><td> [0xc0af]</td><td>   ECDHE-ECDSA-AES256-CCM8      </td><td> ECDH     </td><td>   AESCCM  </td><td>  256          </td><td> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8  </td></tr>
 
+<!-- draft-camwinget-tls-ts13-macciphersuites -->
+<tr><td> [0xc0b4]</td><td>          </td><td> ECDH     </td><td>   Null    </td><td>  0            </td><td>  TLS_SHA256_SHA256   </td></tr>
+<tr><td> [0xc0b5]</td><td>          </td><td> ECDH     </td><td>   Null    </td><td>  0            </td><td>  TLS_SHA384_SHA384   </td></tr>
+
+<!-- draft-smyshlyaev-tls12-gost-suites -->
+<tr><td> [0xc100]</td><td>          </td><td> VKO GOST 34.10-2012    </td><td> Kuznyechik  </td><td>  256          </td><td> TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC </td></tr>
+<tr><td> [0xc101]</td><td>          </td><td> VKO GOST 34.10-2012    </td><td> Magma       </td><td>  256          </td><td> TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC </td></tr>
+<tr><td> [0xc102]</td><td>          </td><td> VKO GOST 34.10-2012    </td><td> GOST89      </td><td>  256          </td><td> TLS_GOSTR341112_256_WITH_28147_CNT_IMIT </td></tr>
+
+<!-- draft-smyshlyaev-tls13-gost-suites -->
+<tr><td> [0xc103]</td><td>          </td><td> ECDH                   </td><td> Kuznyechik  </td><td> 256           </td><td> TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L </td></tr>
+<tr><td> [0xc104]</td><td>          </td><td> ECDH                   </td><td> Magma       </td><td> 256           </td><td> TLS_GOSTR341112_256_WITH_MAGMA_MGM_L </td></tr>
+<tr><td> [0xc105]</td><td>          </td><td> ECDH                   </td><td> Kuznyechik  </td><td> 256           </td><td> TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S </td></tr>
+<tr><td> [0xc106]</td><td>          </td><td> ECDH                   </td><td> Magma       </td><td> 256           </td><td> TLS_GOSTR341112_256_WITH_MAGMA_MGM_S </td></tr>
+
 <!-- OLD CHACHA POLY CIPHERS, per agreement with Peter Mosmans we use the names like SSLlabs -->
 <tr><td> [0xcc13]</td><td>   ECDHE-RSA-CHACHA20-POLY1305-OLD  </td><td> ECDH     </td><td>   ChaCha20-Poly1305</td><td>    </td><td> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD</td></tr>
 <tr><td> [0xcc14]</td><td>   ECDHE-ECDSA-CHACHA20-POLY1305-OLD</td><td> ECDH     </td><td>   ChaCha20-Poly1305</td><td>    </td><td> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD</td></tr>
@@ -439,6 +458,12 @@
 <tr><td> [0xccad]</td><td>   DHE-PSK-CHACHA20-POLY1305    </td><td> DH/PSK   </td><td>   ChaCha20-Poly1305</td><td> 256 </td><td> TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256</td></tr>
 <tr><td> [0xccae]</td><td>   RSA-PSK-CHACHA20-POLY1305    </td><td> RSA/PSK  </td><td>   ChaCha20-Poly1305</td><td> 256 </td><td> TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256</td></tr>
 
+<!-- RFC 8442 -->
+<tr><td> [0xd001]</td><td>                                </td><td> PSK/ECDHE </td><td>  AESGCM  </td><td>  128    </td><td> TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256</td></tr>
+<tr><td> [0xd002]</td><td>                                </td><td> PSK/ECDHE </td><td>  AESGCM  </td><td>  256    </td><td> TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384</td></tr>
+<tr><td> [0xd003]</td><td>                                </td><td> PSK/ECDHE </td><td>  AESCCM8 </td><td>  128    </td><td> TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256</td></tr>
+<tr><td> [0xd005]</td><td>                                </td><td> PSK/ECDHE </td><td>  AESCCM  </td><td>  128    </td><td> TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256</td></tr>
+
 <tr><td> [0xff00]</td><td>   GOST-MD5                     </td><td> RSA      </td><td>   GOST89  </td><td>  256    </td><td>TLS_GOSTR341094_RSA_WITH_28147_CNT_MD5</td></tr>
 <tr><td> [0xff01]</td><td>   GOST-GOST94                  </td><td> RSA      </td><td>   GOST89  </td><td>  256    </td><td>TLS_RSA_WITH_28147_CNT_GOST94</td></tr>
 <tr><td> [0xff02]</td><td>   GOST-GOST89MAC               </td><td> RSA      </td><td>   GOST89  </td><td>  256    </td></tr>