summary refs log tree commit diff
path: root/crypto
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2016-01-17 11:09:28 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2016-01-17 11:09:28 +0700
commitfa9f5ab48d57aed55b34027b7bf6d8a36320e94d (patch)
tree0ad0393cfb99f7fb308c08c26d5a13ff13d130d7 /crypto
parentcounter needs to based on maxlen(p) as tag done on J0 (diff)
downloadBouncyCastle.NET-ed25519-fa9f5ab48d57aed55b34027b7bf6d8a36320e94d.tar.xz
Remove expired draft-josefsson-salsa20-tls stuff
Diffstat (limited to 'crypto')
-rw-r--r--crypto/src/crypto/tls/CipherSuite.cs20
-rw-r--r--crypto/src/crypto/tls/DefaultTlsCipherFactory.cs16
-rw-r--r--crypto/src/crypto/tls/EncryptionAlgorithm.cs6
-rw-r--r--crypto/src/crypto/tls/TlsDHUtilities.cs8
-rw-r--r--crypto/src/crypto/tls/TlsEccUtilities.cs10
-rw-r--r--crypto/src/crypto/tls/TlsStreamCipher.cs12
-rw-r--r--crypto/src/crypto/tls/TlsUtilities.cs56
-rw-r--r--crypto/test/src/crypto/tls/test/MockDtlsServer.cs4
-rw-r--r--crypto/test/src/crypto/tls/test/MockTlsServer.cs4
9 files changed, 1 insertions, 135 deletions
diff --git a/crypto/src/crypto/tls/CipherSuite.cs b/crypto/src/crypto/tls/CipherSuite.cs
index 5ec36aee8..e285643d4 100644
--- a/crypto/src/crypto/tls/CipherSuite.cs
+++ b/crypto/src/crypto/tls/CipherSuite.cs
@@ -338,26 +338,6 @@ namespace Org.BouncyCastle.Crypto.Tls
         public const int TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC15;
 
         /*
-         * draft-josefsson-salsa20-tls-04
-         */
-        public const int TLS_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE410;
-        public const int TLS_RSA_WITH_SALSA20_SHA1 = 0xE411;
-        public const int TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE412;
-        public const int TLS_ECDHE_RSA_WITH_SALSA20_SHA1 = 0xE413;
-        public const int TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE414;
-        public const int TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1 = 0xE415;
-        public const int TLS_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE416;
-        public const int TLS_PSK_WITH_SALSA20_SHA1 = 0xE417;
-        public const int TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE418;
-        public const int TLS_ECDHE_PSK_WITH_SALSA20_SHA1 = 0xE419;
-        public const int TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE41A;
-        public const int TLS_RSA_PSK_WITH_SALSA20_SHA1 = 0xE41B;
-        public const int TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE41C;
-        public const int TLS_DHE_PSK_WITH_SALSA20_SHA1 = 0xE41D;
-        public const int TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE41E;
-        public const int TLS_DHE_RSA_WITH_SALSA20_SHA1 = 0xE41F;
-
-        /*
          * draft-ietf-tls-downgrade-scsv-00
          */
         public const int TLS_FALLBACK_SCSV = 0x5600;
diff --git a/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs b/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs
index 7c4213c25..f8222ea9f 100644
--- a/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs
+++ b/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs
@@ -51,14 +51,10 @@ namespace Org.BouncyCastle.Crypto.Tls
             case EncryptionAlgorithm.CAMELLIA_256_GCM:
                 // NOTE: Ignores macAlgorithm
                 return CreateCipher_Camellia_Gcm(context, 32, 16);
-            case EncryptionAlgorithm.ESTREAM_SALSA20:
-                return CreateSalsa20Cipher(context, 12, 32, macAlgorithm);
             case EncryptionAlgorithm.NULL:
                 return CreateNullCipher(context, macAlgorithm);
             case EncryptionAlgorithm.RC4_128:
                 return CreateRC4Cipher(context, 16, macAlgorithm);
-            case EncryptionAlgorithm.SALSA20:
-                return CreateSalsa20Cipher(context, 20, 32, macAlgorithm);
             case EncryptionAlgorithm.SEED_CBC:
                 return CreateSeedCipher(context, macAlgorithm);
             default:
@@ -130,13 +126,6 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /// <exception cref="IOException"></exception>
-        protected virtual TlsStreamCipher CreateSalsa20Cipher(TlsContext context, int rounds, int cipherKeySize, int macAlgorithm)
-        {
-            return new TlsStreamCipher(context, CreateSalsa20StreamCipher(rounds), CreateSalsa20StreamCipher(rounds),
-                CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), cipherKeySize, true);
-        }
-
-        /// <exception cref="IOException"></exception>
         protected virtual TlsBlockCipher CreateSeedCipher(TlsContext context, int macAlgorithm)
         {
             return new TlsBlockCipher(context, CreateSeedBlockCipher(), CreateSeedBlockCipher(),
@@ -190,11 +179,6 @@ namespace Org.BouncyCastle.Crypto.Tls
             return new RC4Engine();
         }
 
-        protected virtual IStreamCipher CreateSalsa20StreamCipher(int rounds)
-        {
-            return new Salsa20Engine(rounds);
-        }
-
         protected virtual IBlockCipher CreateSeedBlockCipher()
         {
             return new CbcBlockCipher(new SeedEngine());
diff --git a/crypto/src/crypto/tls/EncryptionAlgorithm.cs b/crypto/src/crypto/tls/EncryptionAlgorithm.cs
index 05d1c5d7a..35650927c 100644
--- a/crypto/src/crypto/tls/EncryptionAlgorithm.cs
+++ b/crypto/src/crypto/tls/EncryptionAlgorithm.cs
@@ -56,12 +56,6 @@ namespace Org.BouncyCastle.Crypto.Tls
         public const int CAMELLIA_256_GCM = 20;
 
         /*
-         * draft-josefsson-salsa20-tls-04 
-         */
-        public const int ESTREAM_SALSA20 = 100;
-        public const int SALSA20 = 101;
-
-        /*
          * draft-agl-tls-chacha20poly1305-04
          */
         public const int AEAD_CHACHA20_POLY1305 = 102;
diff --git a/crypto/src/crypto/tls/TlsDHUtilities.cs b/crypto/src/crypto/tls/TlsDHUtilities.cs
index 727587135..3d0dea99c 100644
--- a/crypto/src/crypto/tls/TlsDHUtilities.cs
+++ b/crypto/src/crypto/tls/TlsDHUtilities.cs
@@ -373,14 +373,6 @@ namespace Org.BouncyCastle.Crypto.Tls
              */
             case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
 
-            /*
-             * draft-josefsson-salsa20-tls-04
-             */
-            case CipherSuite.TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_DHE_PSK_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_DHE_RSA_WITH_SALSA20_SHA1:
-
                 return true;
 
             default:
diff --git a/crypto/src/crypto/tls/TlsEccUtilities.cs b/crypto/src/crypto/tls/TlsEccUtilities.cs
index d0d794d0e..49e868ab9 100644
--- a/crypto/src/crypto/tls/TlsEccUtilities.cs
+++ b/crypto/src/crypto/tls/TlsEccUtilities.cs
@@ -259,16 +259,6 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
             case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
 
-            /*
-             * draft-josefsson-salsa20-tls-04 
-             */
-            case CipherSuite.TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_PSK_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_RSA_WITH_SALSA20_SHA1:
-
                 return true;
 
             default:
diff --git a/crypto/src/crypto/tls/TlsStreamCipher.cs b/crypto/src/crypto/tls/TlsStreamCipher.cs
index 45f2a9a70..555442e9a 100644
--- a/crypto/src/crypto/tls/TlsStreamCipher.cs
+++ b/crypto/src/crypto/tls/TlsStreamCipher.cs
@@ -97,12 +97,6 @@ namespace Org.BouncyCastle.Crypto.Tls
 
         public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len)
         {
-            /*
-             * draft-josefsson-salsa20-tls-04 2.1 Note that Salsa20 requires a 64-bit nonce. That
-             * nonce is updated on the encryption of every TLS record, and is set to be the 64-bit TLS
-             * record sequence number. In case of DTLS the 64-bit nonce is formed as the concatenation
-             * of the 16-bit epoch with the 48-bit sequence number.
-             */
             if (usesNonce)
             {
                 UpdateIV(encryptCipher, true, seqNo);
@@ -121,12 +115,6 @@ namespace Org.BouncyCastle.Crypto.Tls
         /// <exception cref="IOException"></exception>
         public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len)
         {
-            /*
-             * draft-josefsson-salsa20-tls-04 2.1 Note that Salsa20 requires a 64-bit nonce. That
-             * nonce is updated on the encryption of every TLS record, and is set to be the 64-bit TLS
-             * record sequence number. In case of DTLS the 64-bit nonce is formed as the concatenation
-             * of the 16-bit epoch with the 48-bit sequence number.
-             */
             if (usesNonce)
             {
                 UpdateIV(decryptCipher, false, seqNo);
diff --git a/crypto/src/crypto/tls/TlsUtilities.cs b/crypto/src/crypto/tls/TlsUtilities.cs
index 7d1d488d7..7ed66d9a4 100644
--- a/crypto/src/crypto/tls/TlsUtilities.cs
+++ b/crypto/src/crypto/tls/TlsUtilities.cs
@@ -1253,8 +1253,6 @@ namespace Org.BouncyCastle.Crypto.Tls
 
             case EncryptionAlgorithm.RC4_40:
             case EncryptionAlgorithm.RC4_128:
-            case EncryptionAlgorithm.ESTREAM_SALSA20:
-            case EncryptionAlgorithm.SALSA20:
                 return CipherType.stream;
 
             default:
@@ -1487,17 +1485,7 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
                 return EncryptionAlgorithm.CAMELLIA_256_GCM;
 
-            case CipherSuite.TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_PSK_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_RSA_WITH_ESTREAM_SALSA20_SHA1:
-                return EncryptionAlgorithm.ESTREAM_SALSA20;
-
-            case CipherSuite.TLS_RSA_WITH_NULL_MD5:
+                case CipherSuite.TLS_RSA_WITH_NULL_MD5:
                 return EncryptionAlgorithm.NULL;
 
             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
@@ -1540,16 +1528,6 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
                 return EncryptionAlgorithm.RC4_128;
 
-            case CipherSuite.TLS_DHE_PSK_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_DHE_RSA_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_PSK_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_ECDHE_RSA_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_PSK_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_RSA_PSK_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_RSA_WITH_SALSA20_SHA1:
-                return EncryptionAlgorithm.SALSA20;
-
             case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
             case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
             case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
@@ -1627,12 +1605,10 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-            case CipherSuite.TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
             case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_DHE_PSK_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
             case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
                 return KeyExchangeAlgorithm.DHE_PSK;
@@ -1655,8 +1631,6 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
             case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-            case CipherSuite.TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_DHE_RSA_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
                 return KeyExchangeAlgorithm.DHE_RSA;
 
@@ -1706,10 +1680,8 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
-            case CipherSuite.TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1:
                 return KeyExchangeAlgorithm.ECDHE_ECDSA;
 
             case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
@@ -1719,12 +1691,10 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
             case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
             case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-            case CipherSuite.TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
             case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_ECDHE_PSK_WITH_SALSA20_SHA1:
                 return KeyExchangeAlgorithm.ECDHE_PSK;
 
             case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
@@ -1739,10 +1709,8 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
             case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-            case CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
             case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_ECDHE_RSA_WITH_SALSA20_SHA1:
                 return KeyExchangeAlgorithm.ECDHE_RSA;
 
             case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
@@ -1760,12 +1728,10 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
             case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
             case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-            case CipherSuite.TLS_PSK_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_PSK_WITH_NULL_SHA:
             case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
             case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
             case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_PSK_WITH_SALSA20_SHA1:
                 return KeyExchangeAlgorithm.PSK;
 
             case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
@@ -1785,13 +1751,11 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-            case CipherSuite.TLS_RSA_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_RSA_WITH_NULL_MD5:
             case CipherSuite.TLS_RSA_WITH_NULL_SHA:
             case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
             case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
             case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_RSA_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
                 return KeyExchangeAlgorithm.RSA;
 
@@ -1806,12 +1770,10 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-            case CipherSuite.TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
             case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_RSA_PSK_WITH_SALSA20_SHA1:
                 return KeyExchangeAlgorithm.RSA_PSK;
 
             case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
@@ -1936,17 +1898,13 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
-            case CipherSuite.TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
             case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_DHE_PSK_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
-            case CipherSuite.TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1:
-            case CipherSuite.TLS_DHE_RSA_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
             case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
@@ -1961,47 +1919,35 @@ namespace Org.BouncyCastle.Crypto.Tls
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
-            case CipherSuite.TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
             case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
-            case CipherSuite.TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
             case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_ECDHE_PSK_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
-            case CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
             case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_ECDHE_RSA_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
             case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
             case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
-            case CipherSuite.TLS_PSK_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_PSK_WITH_NULL_SHA:
             case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_PSK_WITH_SALSA20_SHA1:
-            case CipherSuite.TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
             case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_RSA_PSK_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
             case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
-            case CipherSuite.TLS_RSA_WITH_ESTREAM_SALSA20_SHA1:
             case CipherSuite.TLS_RSA_WITH_NULL_SHA:
             case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
-            case CipherSuite.TLS_RSA_WITH_SALSA20_SHA1:
             case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
             case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
             case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
diff --git a/crypto/test/src/crypto/tls/test/MockDtlsServer.cs b/crypto/test/src/crypto/tls/test/MockDtlsServer.cs
index 19062181b..a7c5efdca 100644
--- a/crypto/test/src/crypto/tls/test/MockDtlsServer.cs
+++ b/crypto/test/src/crypto/tls/test/MockDtlsServer.cs
@@ -38,10 +38,6 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
                 new int[]
                 {
                     CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-                    CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1,
-                    CipherSuite.TLS_ECDHE_RSA_WITH_SALSA20_SHA1,
-                    CipherSuite.TLS_RSA_WITH_ESTREAM_SALSA20_SHA1,
-                    CipherSuite.TLS_RSA_WITH_SALSA20_SHA1,
                 });
         }
 
diff --git a/crypto/test/src/crypto/tls/test/MockTlsServer.cs b/crypto/test/src/crypto/tls/test/MockTlsServer.cs
index 8fce95d63..7f0bc29a9 100644
--- a/crypto/test/src/crypto/tls/test/MockTlsServer.cs
+++ b/crypto/test/src/crypto/tls/test/MockTlsServer.cs
@@ -38,10 +38,6 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
                 new int[]
                 {
                     CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-                    CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1,
-                    CipherSuite.TLS_ECDHE_RSA_WITH_SALSA20_SHA1,
-                    CipherSuite.TLS_RSA_WITH_ESTREAM_SALSA20_SHA1,
-                    CipherSuite.TLS_RSA_WITH_SALSA20_SHA1,
                 });
         }