Commit e2cac315 authored by Filippo Valsorda's avatar Filippo Valsorda

crypto/tls: add correct names for CHACHA20_POLY1305 cipher suite constants

The cipher suites were apparently renamed late in the standardization
process, and we picked up the legacy name. We can't remove the old
constants, but add correctly named ones.

Fixes #32061

Change-Id: I65ee25c12c10934391af88b76b18565da67453fa
Reviewed-on: https://go-review.googlesource.com/c/go/+/205068
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: default avatarAdam Langley <agl@golang.org>
parent 52a5bf4d
...@@ -405,7 +405,7 @@ func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13 { ...@@ -405,7 +405,7 @@ func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13 {
// A list of cipher suite IDs that are, or have been, implemented by this // A list of cipher suite IDs that are, or have been, implemented by this
// package. // package.
// //
// Taken from https://www.iana.org/assignments/tls-parameters/tls-parameters.xml // See https://www.iana.org/assignments/tls-parameters/tls-parameters.xml
const ( const (
// TLS 1.0 - 1.2 cipher suites. // TLS 1.0 - 1.2 cipher suites.
TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005 TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005
...@@ -428,8 +428,8 @@ const ( ...@@ -428,8 +428,8 @@ const (
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc030 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc030
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc02c TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc02c
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 uint16 = 0xcca8 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca8
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 uint16 = 0xcca9 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca9
// TLS 1.3 cipher suites. // TLS 1.3 cipher suites.
TLS_AES_128_GCM_SHA256 uint16 = 0x1301 TLS_AES_128_GCM_SHA256 uint16 = 0x1301
...@@ -439,4 +439,9 @@ const ( ...@@ -439,4 +439,9 @@ const (
// TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator // TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator
// that the client is doing version fallback. See RFC 7507. // that the client is doing version fallback. See RFC 7507.
TLS_FALLBACK_SCSV uint16 = 0x5600 TLS_FALLBACK_SCSV uint16 = 0x5600
// Legacy names for the corresponding cipher suites with the correct _SHA256
// suffix, retained for backward compatibility.
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
) )
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment