Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-04 21:56:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Declare ChaCha-Poly ciphersuites

Browse source 
Prefer them over AES-GCM as they have better performance and fewer side
channel considerations in software implementations.
This commit is contained in:
Manuel Pégourié-Gonnard 2018-06-14 11:11:15 +02:00
parent f57bf8b467
commit ce66d5e8e1
3 changed files with 91 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

12
tests/ssl-opt.sh
View file

@ -723,7 +723,7 @@ run_test "Default" \
"$P_CLI" \
0 \
-s "Protocol is TLSv1.2" \
-s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
-s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
-s "client hello v3, signature_algorithm ext: 6" \
-s "ECDHE curve: secp521r1" \
-S "error" \
@ -734,20 +734,14 @@ run_test "Default, DTLS" \
"$P_CLI dtls=1" \
0 \
-s "Protocol is DTLSv1.2" \
-s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"
-s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
# Test current time in ServerHello
requires_config_enabled MBEDTLS_HAVE_TIME
run_test "Default, ServerHello contains gmt_unix_time" \
run_test "ServerHello contains gmt_unix_time" \
"$P_SRV debug_level=3" \
"$P_CLI debug_level=3" \
0 \
-s "Protocol is TLSv1.2" \
-s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
-s "client hello v3, signature_algorithm ext: 6" \
-s "ECDHE curve: secp521r1" \
-S "error" \
-C "error" \
-f "check_server_hello_time" \
-F "check_server_hello_time"