@@ -70,6 +70,9 @@ enum CipherSuite {
70
70
TLS_AES_256_GCM_SHA384 (
71
71
0x1302 , true , "TLS_AES_256_GCM_SHA384" ,
72
72
ProtocolVersion .PROTOCOLS_OF_13 , B_AES_256_GCM_IV , H_SHA384 ),
73
+ TLS_CHACHA20_POLY1305_SHA256 (
74
+ 0x1303 , true , "TLS_CHACHA20_POLY1305_SHA256" ,
75
+ ProtocolVersion .PROTOCOLS_OF_13 , B_CC20_P1305 , H_SHA256 ),
73
76
74
77
// Suite B compliant cipher suites, see RFC 6460.
75
78
//
@@ -91,11 +94,22 @@ enum CipherSuite {
91
94
// not forward secret cipher suites.
92
95
//
93
96
97
+ // Not suite B, but we want it to position the suite early in the list
98
+ // of 1.2 suites.
99
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (
100
+ 0xCCA9 , true , "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256" , "" ,
101
+ ProtocolVersion .PROTOCOLS_OF_12 ,
102
+ K_ECDHE_ECDSA , B_CC20_P1305 , M_NULL , H_SHA256 ),
103
+
94
104
// AES_256(GCM)
95
105
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (
96
106
0xC030 , true , "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" , "" ,
97
107
ProtocolVersion .PROTOCOLS_OF_12 ,
98
108
K_ECDHE_RSA , B_AES_256_GCM , M_NULL , H_SHA384 ),
109
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (
110
+ 0xCCA8 , true , "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256" , "" ,
111
+ ProtocolVersion .PROTOCOLS_OF_12 ,
112
+ K_ECDHE_RSA , B_CC20_P1305 , M_NULL , H_SHA256 ),
99
113
TLS_RSA_WITH_AES_256_GCM_SHA384 (
100
114
0x009D , true , "TLS_RSA_WITH_AES_256_GCM_SHA384" , "" ,
101
115
ProtocolVersion .PROTOCOLS_OF_12 ,
@@ -112,6 +126,10 @@ enum CipherSuite {
112
126
0x009F , true , "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" , "" ,
113
127
ProtocolVersion .PROTOCOLS_OF_12 ,
114
128
K_DHE_RSA , B_AES_256_GCM , M_NULL , H_SHA384 ),
129
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (
130
+ 0xCCAA , true , "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256" , "" ,
131
+ ProtocolVersion .PROTOCOLS_OF_12 ,
132
+ K_DHE_RSA , B_CC20_P1305 , M_NULL , H_SHA256 ),
115
133
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (
116
134
0x00A3 , true , "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384" , "" ,
117
135
ProtocolVersion .PROTOCOLS_OF_12 ,
@@ -484,8 +502,6 @@ enum CipherSuite {
484
502
485
503
// Definition of the cipher suites that are not supported but the names
486
504
// are known.
487
- TLS_CHACHA20_POLY1305_SHA256 ( // TLS 1.3
488
- "TLS_CHACHA20_POLY1305_SHA256" , 0x1303 ),
489
505
TLS_AES_128_CCM_SHA256 ( // TLS 1.3
490
506
"TLS_AES_128_CCM_SHA256" , 0x1304 ),
491
507
TLS_AES_128_CCM_8_SHA256 ( // TLS 1.3
0 commit comments