]> git.ipfire.org Git - thirdparty/openssl.git/blame - ssl/s3_lib.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ccm8 support
[thirdparty/openssl.git] / ssl / s3_lib.c
CommitLineData
d02b48c6 1/* ssl/s3_lib.c */
58964a49 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6
RE		 3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
0f113f3e 8 *
d02b48c6
RE		 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e 15 *
d02b48c6
RE		 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
0f113f3e 22 *
d02b48c6
RE		 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
0f113f3e 37 * 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6
RE		 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e 40 *
d02b48c6
RE		 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
0f113f3e 52 *
d02b48c6
RE		 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
5a4fbc69 58/* ====================================================================
52b8dad8 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
5a4fbc69
BM		 60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
0f113f3e 66 * notice, this list of conditions and the following disclaimer.
5a4fbc69
BM		 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
ea262260
BM		 111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 *
0f113f3e 114 * Portions of the attached software ("Contribution") are developed by
ea262260
BM		 115 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116 *
117 * The Contribution is licensed pursuant to the OpenSSL open source
118 * license provided above.
119 *
ea262260
BM		 120 * ECC cipher suite support in OpenSSL originally written by
121 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122 *
123 */
ddac1974
NL		 124/* ====================================================================
125 * Copyright 2005 Nokia. All rights reserved.
126 *
127 * The portions of the attached software ("Contribution") is developed by
128 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129 * license.
130 *
131 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133 * support (see RFC 4279) to OpenSSL.
134 *
135 * No patent licenses or other rights except those expressly stated in
136 * the OpenSSL open source license shall be deemed granted or received
137 * expressly, by implication, estoppel, or otherwise.
138 *
139 * No assurances are provided by Nokia that the Contribution does not
140 * infringe the patent or other intellectual property rights of any third
141 * party or that the license provides you with all the necessary rights
142 * to make use of the Contribution.
143 *
144 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148 * OTHERWISE.
149 */
d02b48c6
RE		 150
151#include <stdio.h>
ec577822 152#include <openssl/objects.h>
d02b48c6 153#include "ssl_locl.h"
dbad1690 154#include <openssl/md5.h>
3eeaab4b 155#ifndef OPENSSL_NO_DH
0f113f3e 156# include <openssl/dh.h>
3eeaab4b 157#endif
a3680c8f 158#include <openssl/rand.h>
d02b48c6 159
b6eb9827 160#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
d02b48c6 161
6e119bb0 162/* list of available SSLv3 ciphers (sorted by id) */
0f113f3e 163OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
52b8dad8 164
d02b48c6
RE		 165/* The RSA ciphers */
166/* Cipher 01 */
0f113f3e
MC		 167 {
168 1,
169 SSL3_TXT_RSA_NULL_MD5,
170 SSL3_CK_RSA_NULL_MD5,
171 SSL_kRSA,
172 SSL_aRSA,
173 SSL_eNULL,
174 SSL_MD5,
175 SSL_SSLV3,
176 SSL_NOT_EXP | SSL_STRONG_NONE,
177 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
178 0,
179 0,
180 },
52b8dad8 181
d02b48c6 182/* Cipher 02 */
0f113f3e
MC		 183 {
184 1,
185 SSL3_TXT_RSA_NULL_SHA,
186 SSL3_CK_RSA_NULL_SHA,
187 SSL_kRSA,
188 SSL_aRSA,
189 SSL_eNULL,
190 SSL_SHA1,
191 SSL_SSLV3,
192 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
193 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
194 0,
195 0,
196 },
52b8dad8 197
d02b48c6 198/* Cipher 03 */
0f113f3e
MC		 199 {
200 1,
201 SSL3_TXT_RSA_RC4_40_MD5,
202 SSL3_CK_RSA_RC4_40_MD5,
203 SSL_kRSA,
204 SSL_aRSA,
205 SSL_RC4,
206 SSL_MD5,
207 SSL_SSLV3,
208 SSL_EXPORT | SSL_EXP40,
209 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
210 40,
211 128,
212 },
52b8dad8 213
d02b48c6 214/* Cipher 04 */
0f113f3e
MC		 215 {
216 1,
217 SSL3_TXT_RSA_RC4_128_MD5,
218 SSL3_CK_RSA_RC4_128_MD5,
219 SSL_kRSA,
220 SSL_aRSA,
221 SSL_RC4,
222 SSL_MD5,
223 SSL_SSLV3,
224 SSL_NOT_EXP | SSL_MEDIUM,
225 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
226 128,
227 128,
228 },
52b8dad8 229
d02b48c6 230/* Cipher 05 */
0f113f3e
MC		 231 {
232 1,
233 SSL3_TXT_RSA_RC4_128_SHA,
234 SSL3_CK_RSA_RC4_128_SHA,
235 SSL_kRSA,
236 SSL_aRSA,
237 SSL_RC4,
238 SSL_SHA1,
239 SSL_SSLV3,
240 SSL_NOT_EXP | SSL_MEDIUM,
241 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
242 128,
243 128,
244 },
52b8dad8 245
d02b48c6 246/* Cipher 06 */
0f113f3e
MC		 247 {
248 1,
249 SSL3_TXT_RSA_RC2_40_MD5,
250 SSL3_CK_RSA_RC2_40_MD5,
251 SSL_kRSA,
252 SSL_aRSA,
253 SSL_RC2,
254 SSL_MD5,
255 SSL_SSLV3,
256 SSL_EXPORT | SSL_EXP40,
257 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
258 40,
259 128,
260 },
52b8dad8 261
d02b48c6 262/* Cipher 07 */
5fdf0666 263#ifndef OPENSSL_NO_IDEA
0f113f3e
MC		 264 {
265 1,
266 SSL3_TXT_RSA_IDEA_128_SHA,
267 SSL3_CK_RSA_IDEA_128_SHA,
268 SSL_kRSA,
269 SSL_aRSA,
270 SSL_IDEA,
271 SSL_SHA1,
272 SSL_SSLV3,
273 SSL_NOT_EXP | SSL_MEDIUM,
274 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
275 128,
276 128,
277 },
5fdf0666 278#endif
52b8dad8 279
d02b48c6 280/* Cipher 08 */
0f113f3e
MC		 281 {
282 1,
283 SSL3_TXT_RSA_DES_40_CBC_SHA,
284 SSL3_CK_RSA_DES_40_CBC_SHA,
285 SSL_kRSA,
286 SSL_aRSA,
287 SSL_DES,
288 SSL_SHA1,
289 SSL_SSLV3,
290 SSL_EXPORT | SSL_EXP40,
291 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
292 40,
293 56,
294 },
52b8dad8 295
d02b48c6 296/* Cipher 09 */
0f113f3e
MC		 297 {
298 1,
299 SSL3_TXT_RSA_DES_64_CBC_SHA,
300 SSL3_CK_RSA_DES_64_CBC_SHA,
301 SSL_kRSA,
302 SSL_aRSA,
303 SSL_DES,
304 SSL_SHA1,
305 SSL_SSLV3,
306 SSL_NOT_EXP | SSL_LOW,
307 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
308 56,
309 56,
310 },
52b8dad8 311
d02b48c6 312/* Cipher 0A */
0f113f3e
MC		 313 {
314 1,
315 SSL3_TXT_RSA_DES_192_CBC3_SHA,
316 SSL3_CK_RSA_DES_192_CBC3_SHA,
317 SSL_kRSA,
318 SSL_aRSA,
319 SSL_3DES,
320 SSL_SHA1,
321 SSL_SSLV3,
322 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
323 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
324 112,
325 168,
326 },
52b8dad8 327
6e119bb0 328/* The DH ciphers */
d02b48c6 329/* Cipher 0B */
0f113f3e 330 {
13f8eb47 331 0,
0f113f3e
MC		 332 SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
333 SSL3_CK_DH_DSS_DES_40_CBC_SHA,
334 SSL_kDHd,
335 SSL_aDH,
336 SSL_DES,
337 SSL_SHA1,
338 SSL_SSLV3,
339 SSL_EXPORT | SSL_EXP40,
340 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
341 40,
342 56,
343 },
52b8dad8 344
d02b48c6 345/* Cipher 0C */
0f113f3e
MC		 346 {
347 1,
348 SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
349 SSL3_CK_DH_DSS_DES_64_CBC_SHA,
350 SSL_kDHd,
351 SSL_aDH,
352 SSL_DES,
353 SSL_SHA1,
354 SSL_SSLV3,
355 SSL_NOT_EXP | SSL_LOW,
356 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
357 56,
358 56,
359 },
52b8dad8 360
d02b48c6 361/* Cipher 0D */
0f113f3e
MC		 362 {
363 1,
364 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
365 SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
366 SSL_kDHd,
367 SSL_aDH,
368 SSL_3DES,
369 SSL_SHA1,
370 SSL_SSLV3,
371 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
372 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
373 112,
374 168,
375 },
52b8dad8 376
d02b48c6 377/* Cipher 0E */
0f113f3e 378 {
13f8eb47 379 0,
0f113f3e
MC		 380 SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
381 SSL3_CK_DH_RSA_DES_40_CBC_SHA,
382 SSL_kDHr,
383 SSL_aDH,
384 SSL_DES,
385 SSL_SHA1,
386 SSL_SSLV3,
387 SSL_EXPORT | SSL_EXP40,
388 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
389 40,
390 56,
391 },
52b8dad8 392
d02b48c6 393/* Cipher 0F */
0f113f3e
MC		 394 {
395 1,
396 SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
397 SSL3_CK_DH_RSA_DES_64_CBC_SHA,
398 SSL_kDHr,
399 SSL_aDH,
400 SSL_DES,
401 SSL_SHA1,
402 SSL_SSLV3,
403 SSL_NOT_EXP | SSL_LOW,
404 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
405 56,
406 56,
407 },
52b8dad8 408
d02b48c6 409/* Cipher 10 */
0f113f3e
MC		 410 {
411 1,
412 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
413 SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
414 SSL_kDHr,
415 SSL_aDH,
416 SSL_3DES,
417 SSL_SHA1,
418 SSL_SSLV3,
419 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
420 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
421 112,
422 168,
423 },
d02b48c6
RE		 424
425/* The Ephemeral DH ciphers */
426/* Cipher 11 */
0f113f3e
MC		 427 {
428 1,
429 SSL3_TXT_DHE_DSS_DES_40_CBC_SHA,
430 SSL3_CK_DHE_DSS_DES_40_CBC_SHA,
431 SSL_kDHE,
432 SSL_aDSS,
433 SSL_DES,
434 SSL_SHA1,
435 SSL_SSLV3,
436 SSL_EXPORT | SSL_EXP40,
437 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
438 40,
439 56,
440 },
52b8dad8 441
d02b48c6 442/* Cipher 12 */
0f113f3e
MC		 443 {
444 1,
445 SSL3_TXT_DHE_DSS_DES_64_CBC_SHA,
446 SSL3_CK_DHE_DSS_DES_64_CBC_SHA,
447 SSL_kDHE,
448 SSL_aDSS,
449 SSL_DES,
450 SSL_SHA1,
451 SSL_SSLV3,
452 SSL_NOT_EXP | SSL_LOW,
453 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
454 56,
455 56,
456 },
52b8dad8 457
d02b48c6 458/* Cipher 13 */
0f113f3e
MC		 459 {
460 1,
461 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
462 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
463 SSL_kDHE,
464 SSL_aDSS,
465 SSL_3DES,
466 SSL_SHA1,
467 SSL_SSLV3,
468 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
469 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
470 112,
471 168,
472 },
52b8dad8 473
d02b48c6 474/* Cipher 14 */
0f113f3e
MC		 475 {
476 1,
477 SSL3_TXT_DHE_RSA_DES_40_CBC_SHA,
478 SSL3_CK_DHE_RSA_DES_40_CBC_SHA,
479 SSL_kDHE,
480 SSL_aRSA,
481 SSL_DES,
482 SSL_SHA1,
483 SSL_SSLV3,
484 SSL_EXPORT | SSL_EXP40,
485 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
486 40,
487 56,
488 },
52b8dad8 489
d02b48c6 490/* Cipher 15 */
0f113f3e
MC		 491 {
492 1,
493 SSL3_TXT_DHE_RSA_DES_64_CBC_SHA,
494 SSL3_CK_DHE_RSA_DES_64_CBC_SHA,
495 SSL_kDHE,
496 SSL_aRSA,
497 SSL_DES,
498 SSL_SHA1,
499 SSL_SSLV3,
500 SSL_NOT_EXP | SSL_LOW,
501 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
502 56,
503 56,
504 },
52b8dad8 505
d02b48c6 506/* Cipher 16 */
0f113f3e
MC		 507 {
508 1,
509 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
510 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
511 SSL_kDHE,
512 SSL_aRSA,
513 SSL_3DES,
514 SSL_SHA1,
515 SSL_SSLV3,
516 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
517 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
518 112,
519 168,
520 },
52b8dad8 521
6e119bb0 522/* Cipher 17 */
0f113f3e
MC		 523 {
524 1,
525 SSL3_TXT_ADH_RC4_40_MD5,
526 SSL3_CK_ADH_RC4_40_MD5,
527 SSL_kDHE,
528 SSL_aNULL,
529 SSL_RC4,
530 SSL_MD5,
531 SSL_SSLV3,
532 SSL_EXPORT | SSL_EXP40,
533 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
534 40,
535 128,
536 },
52b8dad8 537
6e119bb0 538/* Cipher 18 */
0f113f3e
MC		 539 {
540 1,
541 SSL3_TXT_ADH_RC4_128_MD5,
542 SSL3_CK_ADH_RC4_128_MD5,
543 SSL_kDHE,
544 SSL_aNULL,
545 SSL_RC4,
546 SSL_MD5,
547 SSL_SSLV3,
548 SSL_NOT_EXP | SSL_MEDIUM,
549 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
550 128,
551 128,
552 },
52b8dad8 553
6e119bb0 554/* Cipher 19 */
0f113f3e
MC		 555 {
556 1,
557 SSL3_TXT_ADH_DES_40_CBC_SHA,
558 SSL3_CK_ADH_DES_40_CBC_SHA,
559 SSL_kDHE,
560 SSL_aNULL,
561 SSL_DES,
562 SSL_SHA1,
563 SSL_SSLV3,
564 SSL_EXPORT | SSL_EXP40,
565 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
566 40,
567 128,
568 },
52b8dad8 569
6e119bb0 570/* Cipher 1A */
0f113f3e
MC		 571 {
572 1,
573 SSL3_TXT_ADH_DES_64_CBC_SHA,
574 SSL3_CK_ADH_DES_64_CBC_SHA,
575 SSL_kDHE,
576 SSL_aNULL,
577 SSL_DES,
578 SSL_SHA1,
579 SSL_SSLV3,
580 SSL_NOT_EXP | SSL_LOW,
581 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
582 56,
583 56,
584 },
52b8dad8 585
6e119bb0 586/* Cipher 1B */
0f113f3e
MC		 587 {
588 1,
589 SSL3_TXT_ADH_DES_192_CBC_SHA,
590 SSL3_CK_ADH_DES_192_CBC_SHA,
591 SSL_kDHE,
592 SSL_aNULL,
593 SSL_3DES,
594 SSL_SHA1,
595 SSL_SSLV3,
596 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
597 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
598 112,
599 168,
600 },
5516fcc0
DSH		 601#ifndef OPENSSL_NO_PSK
602 /* Cipher 2C */
603 {
604 1,
605 TLS1_TXT_PSK_WITH_NULL_SHA,
606 TLS1_CK_PSK_WITH_NULL_SHA,
607 SSL_kPSK,
608 SSL_aPSK,
609 SSL_eNULL,
610 SSL_SHA1,
611 SSL_TLSV1,
612 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
613 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
614 0,
615 0,
616 },
617 /* Cipher 2D */
618 {
619 1,
620 TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
621 TLS1_CK_DHE_PSK_WITH_NULL_SHA,
622 SSL_kDHEPSK,
623 SSL_aPSK,
624 SSL_eNULL,
625 SSL_SHA1,
626 SSL_TLSV1,
627 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
628 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
629 0,
630 0,
631 },
632 /* Cipher 2E */
633 {
634 1,
635 TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
636 TLS1_CK_RSA_PSK_WITH_NULL_SHA,
637 SSL_kRSAPSK,
638 SSL_aRSA,
639 SSL_eNULL,
640 SSL_SHA1,
641 SSL_TLSV1,
642 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
643 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
644 0,
645 0,
646 },
647#endif
d02b48c6 648
89bbe14c 649/* New AES ciphersuites */
6e119bb0 650/* Cipher 2F */
0f113f3e
MC		 651 {
652 1,
653 TLS1_TXT_RSA_WITH_AES_128_SHA,
654 TLS1_CK_RSA_WITH_AES_128_SHA,
655 SSL_kRSA,
656 SSL_aRSA,
657 SSL_AES128,
658 SSL_SHA1,
659 SSL_TLSV1,
660 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
661 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
662 128,
663 128,
664 },
6e119bb0 665/* Cipher 30 */
0f113f3e
MC		 666 {
667 1,
668 TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
669 TLS1_CK_DH_DSS_WITH_AES_128_SHA,
670 SSL_kDHd,
671 SSL_aDH,
672 SSL_AES128,
673 SSL_SHA1,
674 SSL_TLSV1,
675 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
676 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
677 128,
678 128,
679 },
6e119bb0 680/* Cipher 31 */
0f113f3e
MC		 681 {
682 1,
683 TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
684 TLS1_CK_DH_RSA_WITH_AES_128_SHA,
685 SSL_kDHr,
686 SSL_aDH,
687 SSL_AES128,
688 SSL_SHA1,
689 SSL_TLSV1,
690 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
691 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
692 128,
693 128,
694 },
6e119bb0 695/* Cipher 32 */
0f113f3e
MC		 696 {
697 1,
698 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
699 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
700 SSL_kDHE,
701 SSL_aDSS,
702 SSL_AES128,
703 SSL_SHA1,
704 SSL_TLSV1,
705 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
706 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
707 128,
708 128,
709 },
6e119bb0 710/* Cipher 33 */
0f113f3e
MC		 711 {
712 1,
713 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
714 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
715 SSL_kDHE,
716 SSL_aRSA,
717 SSL_AES128,
718 SSL_SHA1,
719 SSL_TLSV1,
720 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
721 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
722 128,
723 128,
724 },
6e119bb0 725/* Cipher 34 */
0f113f3e
MC		 726 {
727 1,
728 TLS1_TXT_ADH_WITH_AES_128_SHA,
729 TLS1_CK_ADH_WITH_AES_128_SHA,
730 SSL_kDHE,
731 SSL_aNULL,
732 SSL_AES128,
733 SSL_SHA1,
734 SSL_TLSV1,
735 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
736 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
737 128,
738 128,
739 },
deb2c1a1 740
6e119bb0 741/* Cipher 35 */
0f113f3e
MC		 742 {
743 1,
744 TLS1_TXT_RSA_WITH_AES_256_SHA,
745 TLS1_CK_RSA_WITH_AES_256_SHA,
746 SSL_kRSA,
747 SSL_aRSA,
748 SSL_AES256,
749 SSL_SHA1,
750 SSL_TLSV1,
751 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
752 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
753 256,
754 256,
755 },
6e119bb0 756/* Cipher 36 */
0f113f3e
MC		 757 {
758 1,
759 TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
760 TLS1_CK_DH_DSS_WITH_AES_256_SHA,
761 SSL_kDHd,
762 SSL_aDH,
763 SSL_AES256,
764 SSL_SHA1,
765 SSL_TLSV1,
766 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
767 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
768 256,
769 256,
770 },
52b8dad8 771
6e119bb0 772/* Cipher 37 */
0f113f3e
MC		 773 {
774 1,
775 TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
776 TLS1_CK_DH_RSA_WITH_AES_256_SHA,
777 SSL_kDHr,
778 SSL_aDH,
779 SSL_AES256,
780 SSL_SHA1,
781 SSL_TLSV1,
782 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
783 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
784 256,
785 256,
786 },
52b8dad8 787
6e119bb0 788/* Cipher 38 */
0f113f3e
MC		 789 {
790 1,
791 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
792 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
793 SSL_kDHE,
794 SSL_aDSS,
795 SSL_AES256,
796 SSL_SHA1,
797 SSL_TLSV1,
798 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
799 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
800 256,
801 256,
802 },
52b8dad8 803
6e119bb0 804/* Cipher 39 */
0f113f3e
MC		 805 {
806 1,
807 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
808 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
809 SSL_kDHE,
810 SSL_aRSA,
811 SSL_AES256,
812 SSL_SHA1,
813 SSL_TLSV1,
814 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
815 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
816 256,
817 256,
818 },
819
820 /* Cipher 3A */
821 {
822 1,
823 TLS1_TXT_ADH_WITH_AES_256_SHA,
824 TLS1_CK_ADH_WITH_AES_256_SHA,
825 SSL_kDHE,
826 SSL_aNULL,
827 SSL_AES256,
828 SSL_SHA1,
829 SSL_TLSV1,
830 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
831 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
832 256,
833 256,
834 },
835
836 /* TLS v1.2 ciphersuites */
837 /* Cipher 3B */
838 {
839 1,
840 TLS1_TXT_RSA_WITH_NULL_SHA256,
841 TLS1_CK_RSA_WITH_NULL_SHA256,
842 SSL_kRSA,
843 SSL_aRSA,
844 SSL_eNULL,
845 SSL_SHA256,
846 SSL_TLSV1_2,
847 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
848 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
849 0,
850 0,
851 },
852
853 /* Cipher 3C */
854 {
855 1,
856 TLS1_TXT_RSA_WITH_AES_128_SHA256,
857 TLS1_CK_RSA_WITH_AES_128_SHA256,
858 SSL_kRSA,
859 SSL_aRSA,
860 SSL_AES128,
861 SSL_SHA256,
862 SSL_TLSV1_2,
863 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
864 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
865 128,
866 128,
867 },
868
869 /* Cipher 3D */
870 {
871 1,
872 TLS1_TXT_RSA_WITH_AES_256_SHA256,
873 TLS1_CK_RSA_WITH_AES_256_SHA256,
874 SSL_kRSA,
875 SSL_aRSA,
876 SSL_AES256,
877 SSL_SHA256,
878 SSL_TLSV1_2,
879 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
880 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
881 256,
882 256,
883 },
884
885 /* Cipher 3E */
886 {
887 1,
888 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
889 TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
890 SSL_kDHd,
891 SSL_aDH,
892 SSL_AES128,
893 SSL_SHA256,
894 SSL_TLSV1_2,
895 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
896 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
897 128,
898 128,
899 },
900
901 /* Cipher 3F */
902 {
903 1,
904 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
905 TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
906 SSL_kDHr,
907 SSL_aDH,
908 SSL_AES128,
909 SSL_SHA256,
910 SSL_TLSV1_2,
911 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
912 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
913 128,
914 128,
915 },
916
917 /* Cipher 40 */
918 {
919 1,
920 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
921 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
922 SSL_kDHE,
923 SSL_aDSS,
924 SSL_AES128,
925 SSL_SHA256,
926 SSL_TLSV1_2,
927 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
928 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
929 128,
930 128,
931 },
7409d7ad 932
f3dea9a5 933#ifndef OPENSSL_NO_CAMELLIA
0f113f3e
MC		 934 /* Camellia ciphersuites from RFC4132 (128-bit portion) */
935
936 /* Cipher 41 */
937 {
938 1,
939 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
940 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
941 SSL_kRSA,
942 SSL_aRSA,
943 SSL_CAMELLIA128,
944 SSL_SHA1,
945 SSL_TLSV1,
946 SSL_NOT_EXP | SSL_HIGH,
947 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
948 128,
949 128,
950 },
951
952 /* Cipher 42 */
953 {
954 1,
955 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
956 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
957 SSL_kDHd,
958 SSL_aDH,
959 SSL_CAMELLIA128,
960 SSL_SHA1,
961 SSL_TLSV1,
962 SSL_NOT_EXP | SSL_HIGH,
963 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
964 128,
965 128,
966 },
967
968 /* Cipher 43 */
969 {
970 1,
971 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
972 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
973 SSL_kDHr,
974 SSL_aDH,
975 SSL_CAMELLIA128,
976 SSL_SHA1,
977 SSL_TLSV1,
978 SSL_NOT_EXP | SSL_HIGH,
979 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
980 128,
981 128,
982 },
983
984 /* Cipher 44 */
985 {
986 1,
987 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
988 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
989 SSL_kDHE,
990 SSL_aDSS,
991 SSL_CAMELLIA128,
992 SSL_SHA1,
993 SSL_TLSV1,
994 SSL_NOT_EXP | SSL_HIGH,
995 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
996 128,
997 128,
998 },
999
1000 /* Cipher 45 */
1001 {
1002 1,
1003 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1004 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1005 SSL_kDHE,
1006 SSL_aRSA,
1007 SSL_CAMELLIA128,
1008 SSL_SHA1,
1009 SSL_TLSV1,
1010 SSL_NOT_EXP | SSL_HIGH,
1011 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1012 128,
1013 128,
1014 },
1015
1016 /* Cipher 46 */
1017 {
1018 1,
1019 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
1020 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
1021 SSL_kDHE,
1022 SSL_aNULL,
1023 SSL_CAMELLIA128,
1024 SSL_SHA1,
1025 SSL_TLSV1,
1026 SSL_NOT_EXP | SSL_HIGH,
1027 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1028 128,
1029 128,
1030 },
1031#endif /* OPENSSL_NO_CAMELLIA */
f3dea9a5 1032
0f113f3e
MC		 1033 /* TLS v1.2 ciphersuites */
1034 /* Cipher 67 */
1035 {
1036 1,
1037 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
1038 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
1039 SSL_kDHE,
1040 SSL_aRSA,
1041 SSL_AES128,
1042 SSL_SHA256,
1043 SSL_TLSV1_2,
1044 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1045 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1046 128,
1047 128,
1048 },
1049
1050 /* Cipher 68 */
1051 {
1052 1,
1053 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
1054 TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
1055 SSL_kDHd,
1056 SSL_aDH,
1057 SSL_AES256,
1058 SSL_SHA256,
1059 SSL_TLSV1_2,
1060 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1061 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1062 256,
1063 256,
1064 },
1065
1066 /* Cipher 69 */
1067 {
1068 1,
1069 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
1070 TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
1071 SSL_kDHr,
1072 SSL_aDH,
1073 SSL_AES256,
1074 SSL_SHA256,
1075 SSL_TLSV1_2,
1076 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1077 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1078 256,
1079 256,
1080 },
1081
1082 /* Cipher 6A */
1083 {
1084 1,
1085 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
1086 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
1087 SSL_kDHE,
1088 SSL_aDSS,
1089 SSL_AES256,
1090 SSL_SHA256,
1091 SSL_TLSV1_2,
1092 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1093 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1094 256,
1095 256,
1096 },
1097
1098 /* Cipher 6B */
1099 {
1100 1,
1101 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
1102 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
1103 SSL_kDHE,
1104 SSL_aRSA,
1105 SSL_AES256,
1106 SSL_SHA256,
1107 SSL_TLSV1_2,
1108 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1109 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1110 256,
1111 256,
1112 },
1113
1114 /* Cipher 6C */
1115 {
1116 1,
1117 TLS1_TXT_ADH_WITH_AES_128_SHA256,
1118 TLS1_CK_ADH_WITH_AES_128_SHA256,
1119 SSL_kDHE,
1120 SSL_aNULL,
1121 SSL_AES128,
1122 SSL_SHA256,
1123 SSL_TLSV1_2,
1124 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1125 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1126 128,
1127 128,
1128 },
1129
1130 /* Cipher 6D */
1131 {
1132 1,
1133 TLS1_TXT_ADH_WITH_AES_256_SHA256,
1134 TLS1_CK_ADH_WITH_AES_256_SHA256,
1135 SSL_kDHE,
1136 SSL_aNULL,
1137 SSL_AES256,
1138 SSL_SHA256,
1139 SSL_TLSV1_2,
1140 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1141 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1142 256,
1143 256,
1144 },
1145
1146 /* GOST Ciphersuites */
1147
0f113f3e
MC		 1148 {
1149 1,
1150 "GOST2001-GOST89-GOST89",
1151 0x3000081,
1152 SSL_kGOST,
1153 SSL_aGOST01,
1154 SSL_eGOST2814789CNT,
1155 SSL_GOST89MAC,
1156 SSL_TLSV1,
1157 SSL_NOT_EXP | SSL_HIGH,
1158 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
1159 256,
ade44dcb
RS		 1160 256
1161 },
0f113f3e
MC		 1162 {
1163 1,
1164 "GOST2001-NULL-GOST94",
1165 0x3000083,
1166 SSL_kGOST,
1167 SSL_aGOST01,
1168 SSL_eNULL,
1169 SSL_GOST94,
1170 SSL_TLSV1,
1171 SSL_NOT_EXP | SSL_STRONG_NONE,
1172 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
1173 0,
ade44dcb
RS		 1174 0
1175 },
f3dea9a5
BM		 1176
1177#ifndef OPENSSL_NO_CAMELLIA
0f113f3e
MC		 1178 /* Camellia ciphersuites from RFC4132 (256-bit portion) */
1179
1180 /* Cipher 84 */
1181 {
1182 1,
1183 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
1184 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
1185 SSL_kRSA,
1186 SSL_aRSA,
1187 SSL_CAMELLIA256,
1188 SSL_SHA1,
1189 SSL_TLSV1,
1190 SSL_NOT_EXP | SSL_HIGH,
1191 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1192 256,
1193 256,
1194 },
1195 /* Cipher 85 */
1196 {
1197 1,
1198 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1199 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1200 SSL_kDHd,
1201 SSL_aDH,
1202 SSL_CAMELLIA256,
1203 SSL_SHA1,
1204 SSL_TLSV1,
1205 SSL_NOT_EXP | SSL_HIGH,
1206 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1207 256,
1208 256,
1209 },
1210
1211 /* Cipher 86 */
1212 {
1213 1,
1214 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1215 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1216 SSL_kDHr,
1217 SSL_aDH,
1218 SSL_CAMELLIA256,
1219 SSL_SHA1,
1220 SSL_TLSV1,
1221 SSL_NOT_EXP | SSL_HIGH,
1222 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1223 256,
1224 256,
1225 },
1226
1227 /* Cipher 87 */
1228 {
1229 1,
1230 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1231 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1232 SSL_kDHE,
1233 SSL_aDSS,
1234 SSL_CAMELLIA256,
1235 SSL_SHA1,
1236 SSL_TLSV1,
1237 SSL_NOT_EXP | SSL_HIGH,
1238 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1239 256,
1240 256,
1241 },
1242
1243 /* Cipher 88 */
1244 {
1245 1,
1246 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1247 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1248 SSL_kDHE,
1249 SSL_aRSA,
1250 SSL_CAMELLIA256,
1251 SSL_SHA1,
1252 SSL_TLSV1,
1253 SSL_NOT_EXP | SSL_HIGH,
1254 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1255 256,
1256 256,
1257 },
1258
1259 /* Cipher 89 */
1260 {
1261 1,
1262 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
1263 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
1264 SSL_kDHE,
1265 SSL_aNULL,
1266 SSL_CAMELLIA256,
1267 SSL_SHA1,
1268 SSL_TLSV1,
1269 SSL_NOT_EXP | SSL_HIGH,
1270 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1271 256,
1272 256,
1273 },
1274#endif /* OPENSSL_NO_CAMELLIA */
f3dea9a5 1275
ddac1974 1276#ifndef OPENSSL_NO_PSK
ea6114c6 1277 /* PSK ciphersuites from RFC 4279 */
0f113f3e
MC		 1278 /* Cipher 8A */
1279 {
1280 1,
1281 TLS1_TXT_PSK_WITH_RC4_128_SHA,
1282 TLS1_CK_PSK_WITH_RC4_128_SHA,
1283 SSL_kPSK,
1284 SSL_aPSK,
1285 SSL_RC4,
1286 SSL_SHA1,
1287 SSL_TLSV1,
1288 SSL_NOT_EXP | SSL_MEDIUM,
1289 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1290 128,
1291 128,
1292 },
1293
1294 /* Cipher 8B */
1295 {
1296 1,
1297 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1298 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1299 SSL_kPSK,
1300 SSL_aPSK,
1301 SSL_3DES,
1302 SSL_SHA1,
1303 SSL_TLSV1,
1304 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1305 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1306 112,
1307 168,
1308 },
1309
1310 /* Cipher 8C */
1311 {
1312 1,
1313 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1314 TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1315 SSL_kPSK,
1316 SSL_aPSK,
1317 SSL_AES128,
1318 SSL_SHA1,
1319 SSL_TLSV1,
1320 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1321 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1322 128,
1323 128,
1324 },
1325
1326 /* Cipher 8D */
1327 {
1328 1,
1329 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1330 TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1331 SSL_kPSK,
1332 SSL_aPSK,
1333 SSL_AES256,
1334 SSL_SHA1,
1335 SSL_TLSV1,
1336 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1337 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1338 256,
1339 256,
1340 },
ea6114c6
DSH		 1341
1342 /* Cipher 8E */
1343 {
1344 1,
1345 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
1346 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
1347 SSL_kDHEPSK,
1348 SSL_aPSK,
1349 SSL_RC4,
1350 SSL_SHA1,
1351 SSL_TLSV1,
1352 SSL_NOT_EXP | SSL_MEDIUM,
1353 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1354 128,
1355 128,
1356 },
1357
1358 /* Cipher 8F */
1359 {
1360 1,
1361 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1362 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1363 SSL_kDHEPSK,
1364 SSL_aPSK,
1365 SSL_3DES,
1366 SSL_SHA1,
1367 SSL_TLSV1,
1368 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1369 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1370 112,
1371 168,
1372 },
1373
1374 /* Cipher 90 */
1375 {
1376 1,
1377 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
1378 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1379 SSL_kDHEPSK,
1380 SSL_aPSK,
1381 SSL_AES128,
1382 SSL_SHA1,
1383 SSL_TLSV1,
1384 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1385 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1386 128,
1387 128,
1388 },
1389
1390 /* Cipher 91 */
1391 {
1392 1,
1393 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
1394 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1395 SSL_kDHEPSK,
1396 SSL_aPSK,
1397 SSL_AES256,
1398 SSL_SHA1,
1399 SSL_TLSV1,
1400 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1401 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1402 256,
1403 256,
1404 },
1405
1406 /* Cipher 92 */
1407 {
1408 1,
1409 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
1410 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
1411 SSL_kRSAPSK,
1412 SSL_aRSA,
1413 SSL_RC4,
1414 SSL_SHA1,
1415 SSL_TLSV1,
1416 SSL_NOT_EXP | SSL_MEDIUM,
1417 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1418 128,
1419 128,
1420 },
1421
1422 /* Cipher 93 */
1423 {
1424 1,
1425 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1426 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1427 SSL_kRSAPSK,
1428 SSL_aRSA,
1429 SSL_3DES,
1430 SSL_SHA1,
1431 SSL_TLSV1,
1432 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1433 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1434 112,
1435 168,
1436 },
1437
1438 /* Cipher 94 */
1439 {
1440 1,
1441 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
1442 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1443 SSL_kRSAPSK,
1444 SSL_aRSA,
1445 SSL_AES128,
1446 SSL_SHA1,
1447 SSL_TLSV1,
1448 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1449 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1450 128,
1451 128,
1452 },
1453
1454 /* Cipher 95 */
1455 {
1456 1,
1457 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1458 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1459 SSL_kRSAPSK,
1460 SSL_aRSA,
1461 SSL_AES256,
1462 SSL_SHA1,
1463 SSL_TLSV1,
1464 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1465 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1466 256,
1467 256,
1468 },
0f113f3e 1469#endif /* OPENSSL_NO_PSK */
89bbe14c 1470
96afc1cf 1471#ifndef OPENSSL_NO_SEED
0f113f3e
MC		 1472 /* SEED ciphersuites from RFC4162 */
1473
1474 /* Cipher 96 */
1475 {
1476 1,
1477 TLS1_TXT_RSA_WITH_SEED_SHA,
1478 TLS1_CK_RSA_WITH_SEED_SHA,
1479 SSL_kRSA,
1480 SSL_aRSA,
1481 SSL_SEED,
1482 SSL_SHA1,
1483 SSL_TLSV1,
1484 SSL_NOT_EXP | SSL_MEDIUM,
1485 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1486 128,
1487 128,
1488 },
1489
1490 /* Cipher 97 */
1491 {
1492 1,
1493 TLS1_TXT_DH_DSS_WITH_SEED_SHA,
1494 TLS1_CK_DH_DSS_WITH_SEED_SHA,
1495 SSL_kDHd,
1496 SSL_aDH,
1497 SSL_SEED,
1498 SSL_SHA1,
1499 SSL_TLSV1,
1500 SSL_NOT_EXP | SSL_MEDIUM,
1501 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1502 128,
1503 128,
1504 },
1505
1506 /* Cipher 98 */
1507 {
1508 1,
1509 TLS1_TXT_DH_RSA_WITH_SEED_SHA,
1510 TLS1_CK_DH_RSA_WITH_SEED_SHA,
1511 SSL_kDHr,
1512 SSL_aDH,
1513 SSL_SEED,
1514 SSL_SHA1,
1515 SSL_TLSV1,
1516 SSL_NOT_EXP | SSL_MEDIUM,
1517 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1518 128,
1519 128,
1520 },
1521
1522 /* Cipher 99 */
1523 {
1524 1,
1525 TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
1526 TLS1_CK_DHE_DSS_WITH_SEED_SHA,
1527 SSL_kDHE,
1528 SSL_aDSS,
1529 SSL_SEED,
1530 SSL_SHA1,
1531 SSL_TLSV1,
1532 SSL_NOT_EXP | SSL_MEDIUM,
1533 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1534 128,
1535 128,
1536 },
1537
1538 /* Cipher 9A */
1539 {
1540 1,
1541 TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
1542 TLS1_CK_DHE_RSA_WITH_SEED_SHA,
1543 SSL_kDHE,
1544 SSL_aRSA,
1545 SSL_SEED,
1546 SSL_SHA1,
1547 SSL_TLSV1,
1548 SSL_NOT_EXP | SSL_MEDIUM,
1549 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1550 128,
1551 128,
1552 },
1553
1554 /* Cipher 9B */
1555 {
1556 1,
1557 TLS1_TXT_ADH_WITH_SEED_SHA,
1558 TLS1_CK_ADH_WITH_SEED_SHA,
1559 SSL_kDHE,
1560 SSL_aNULL,
1561 SSL_SEED,
1562 SSL_SHA1,
1563 SSL_TLSV1,
1564 SSL_NOT_EXP | SSL_MEDIUM,
1565 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1566 128,
1567 128,
1568 },
1569
1570#endif /* OPENSSL_NO_SEED */
1571
1572 /* GCM ciphersuites from RFC5288 */
1573
1574 /* Cipher 9C */
1575 {
1576 1,
1577 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1578 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1579 SSL_kRSA,
1580 SSL_aRSA,
1581 SSL_AES128GCM,
1582 SSL_AEAD,
1583 SSL_TLSV1_2,
1584 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1585 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1586 128,
1587 128,
1588 },
1589
1590 /* Cipher 9D */
1591 {
1592 1,
1593 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1594 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1595 SSL_kRSA,
1596 SSL_aRSA,
1597 SSL_AES256GCM,
1598 SSL_AEAD,
1599 SSL_TLSV1_2,
1600 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1601 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1602 256,
1603 256,
1604 },
1605
1606 /* Cipher 9E */
1607 {
1608 1,
1609 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1610 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1611 SSL_kDHE,
1612 SSL_aRSA,
1613 SSL_AES128GCM,
1614 SSL_AEAD,
1615 SSL_TLSV1_2,
1616 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1617 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1618 128,
1619 128,
1620 },
1621
1622 /* Cipher 9F */
1623 {
1624 1,
1625 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1626 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1627 SSL_kDHE,
1628 SSL_aRSA,
1629 SSL_AES256GCM,
1630 SSL_AEAD,
1631 SSL_TLSV1_2,
1632 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1633 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1634 256,
1635 256,
1636 },
1637
1638 /* Cipher A0 */
1639 {
1640 1,
1641 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
1642 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
1643 SSL_kDHr,
1644 SSL_aDH,
1645 SSL_AES128GCM,
1646 SSL_AEAD,
1647 SSL_TLSV1_2,
1648 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1649 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1650 128,
1651 128,
1652 },
1653
1654 /* Cipher A1 */
1655 {
1656 1,
1657 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
1658 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
1659 SSL_kDHr,
1660 SSL_aDH,
1661 SSL_AES256GCM,
1662 SSL_AEAD,
1663 SSL_TLSV1_2,
1664 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1665 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1666 256,
1667 256,
1668 },
1669
1670 /* Cipher A2 */
1671 {
1672 1,
1673 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1674 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1675 SSL_kDHE,
1676 SSL_aDSS,
1677 SSL_AES128GCM,
1678 SSL_AEAD,
1679 SSL_TLSV1_2,
1680 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1681 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1682 128,
1683 128,
1684 },
1685
1686 /* Cipher A3 */
1687 {
1688 1,
1689 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1690 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1691 SSL_kDHE,
1692 SSL_aDSS,
1693 SSL_AES256GCM,
1694 SSL_AEAD,
1695 SSL_TLSV1_2,
1696 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1697 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1698 256,
1699 256,
1700 },
1701
1702 /* Cipher A4 */
1703 {
1704 1,
1705 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
1706 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
1707 SSL_kDHd,
1708 SSL_aDH,
1709 SSL_AES128GCM,
1710 SSL_AEAD,
1711 SSL_TLSV1_2,
1712 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1713 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1714 128,
1715 128,
1716 },
1717
1718 /* Cipher A5 */
1719 {
1720 1,
1721 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
1722 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
1723 SSL_kDHd,
1724 SSL_aDH,
1725 SSL_AES256GCM,
1726 SSL_AEAD,
1727 SSL_TLSV1_2,
1728 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1729 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1730 256,
1731 256,
1732 },
1733
1734 /* Cipher A6 */
1735 {
1736 1,
1737 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
1738 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
1739 SSL_kDHE,
1740 SSL_aNULL,
1741 SSL_AES128GCM,
1742 SSL_AEAD,
1743 SSL_TLSV1_2,
1744 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1745 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1746 128,
1747 128,
1748 },
1749
1750 /* Cipher A7 */
1751 {
1752 1,
1753 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
1754 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
1755 SSL_kDHE,
1756 SSL_aNULL,
1757 SSL_AES256GCM,
1758 SSL_AEAD,
1759 SSL_TLSV1_2,
1760 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1761 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1762 256,
1763 256,
1764 },
547dba74 1765#ifndef OPENSSL_NO_PSK
ea6114c6
DSH		 1766 /* PSK ciphersuites from RFC5487 */
1767
547dba74
DSH		 1768 /* Cipher A8 */
1769 {
1770 1,
1771 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1772 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1773 SSL_kPSK,
1774 SSL_aPSK,
1775 SSL_AES128GCM,
1776 SSL_AEAD,
1777 SSL_TLSV1_2,
1778 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1779 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1780 128,
1781 128,
1782 },
1783
1784 /* Cipher A9 */
1785 {
1786 1,
1787 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1788 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1789 SSL_kPSK,
1790 SSL_aPSK,
1791 SSL_AES256GCM,
1792 SSL_AEAD,
1793 SSL_TLSV1_2,
1794 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1795 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1796 256,
1797 256,
1798 },
1799
ea6114c6
DSH		 1800 /* Cipher AA */
1801 {
1802 1,
1803 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1804 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1805 SSL_kDHEPSK,
1806 SSL_aPSK,
1807 SSL_AES128GCM,
1808 SSL_AEAD,
1809 SSL_TLSV1_2,
1810 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1811 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1812 128,
1813 128,
1814 },
1815
1816 /* Cipher AB */
1817 {
1818 1,
1819 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1820 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1821 SSL_kDHEPSK,
1822 SSL_aPSK,
1823 SSL_AES256GCM,
1824 SSL_AEAD,
1825 SSL_TLSV1_2,
1826 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1827 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1828 256,
1829 256,
1830 },
1831
1832 /* Cipher AC */
1833 {
1834 1,
1835 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1836 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1837 SSL_kRSAPSK,
1838 SSL_aRSA,
1839 SSL_AES128GCM,
1840 SSL_AEAD,
1841 SSL_TLSV1_2,
1842 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1843 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1844 128,
1845 128,
1846 },
1847
1848 /* Cipher AD */
1849 {
1850 1,
1851 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1852 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1853 SSL_kRSAPSK,
1854 SSL_aRSA,
1855 SSL_AES256GCM,
1856 SSL_AEAD,
1857 SSL_TLSV1_2,
1858 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1859 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1860 256,
1861 256,
1862 },
1863
1864 /* Cipher AE */
1865 {
1866 1,
1867 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1868 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1869 SSL_kPSK,
1870 SSL_aPSK,
1871 SSL_AES128,
1872 SSL_SHA256,
1873 SSL_TLSV1,
1874 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1875 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1876 128,
1877 128,
1878 },
1879
1880 /* Cipher AF */
1881 {
1882 1,
1883 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1884 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1885 SSL_kPSK,
1886 SSL_aPSK,
1887 SSL_AES256,
1888 SSL_SHA384,
1889 SSL_TLSV1,
1890 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1891 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1892 256,
1893 256,
1894 },
1895
1896 /* Cipher B0 */
1897 {
1898 1,
1899 TLS1_TXT_PSK_WITH_NULL_SHA256,
1900 TLS1_CK_PSK_WITH_NULL_SHA256,
1901 SSL_kPSK,
1902 SSL_aPSK,
1903 SSL_eNULL,
1904 SSL_SHA256,
1905 SSL_TLSV1,
1906 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
1907 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1908 0,
1909 0,
1910 },
1911
1912 /* Cipher B1 */
1913 {
1914 1,
1915 TLS1_TXT_PSK_WITH_NULL_SHA384,
1916 TLS1_CK_PSK_WITH_NULL_SHA384,
1917 SSL_kPSK,
1918 SSL_aPSK,
1919 SSL_eNULL,
1920 SSL_SHA384,
1921 SSL_TLSV1,
1922 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
1923 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1924 0,
1925 0,
1926 },
1927
1928 /* Cipher B2 */
1929 {
1930 1,
1931 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1932 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1933 SSL_kDHEPSK,
1934 SSL_aPSK,
1935 SSL_AES128,
1936 SSL_SHA256,
1937 SSL_TLSV1,
1938 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1939 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1940 128,
1941 128,
1942 },
1943
1944 /* Cipher B3 */
1945 {
1946 1,
1947 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1948 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1949 SSL_kDHEPSK,
1950 SSL_aPSK,
1951 SSL_AES256,
1952 SSL_SHA384,
1953 SSL_TLSV1,
1954 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
1955 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1956 256,
1957 256,
1958 },
1959
1960 /* Cipher B4 */
1961 {
1962 1,
1963 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1964 TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1965 SSL_kDHEPSK,
1966 SSL_aPSK,
1967 SSL_eNULL,
1968 SSL_SHA256,
1969 SSL_TLSV1,
1970 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
1971 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1972 0,
1973 0,
1974 },
1975
1976 /* Cipher B5 */
1977 {
1978 1,
1979 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1980 TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1981 SSL_kDHEPSK,
1982 SSL_aPSK,
1983 SSL_eNULL,
1984 SSL_SHA384,
1985 SSL_TLSV1,
1986 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
1987 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1988 0,
1989 0,
1990 },
1991
1992 /* Cipher B6 */
1993 {
1994 1,
1995 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1996 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1997 SSL_kRSAPSK,
1998 SSL_aRSA,
1999 SSL_AES128,
2000 SSL_SHA256,
2001 SSL_TLSV1,
2002 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2003 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2004 128,
2005 128,
2006 },
2007
2008 /* Cipher B7 */
2009 {
2010 1,
2011 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
2012 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
2013 SSL_kRSAPSK,
2014 SSL_aRSA,
2015 SSL_AES256,
2016 SSL_SHA384,
2017 SSL_TLSV1,
2018 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2019 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2020 256,
2021 256,
2022 },
2023
2024 /* Cipher B8 */
2025 {
2026 1,
2027 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
2028 TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
2029 SSL_kRSAPSK,
2030 SSL_aRSA,
2031 SSL_eNULL,
2032 SSL_SHA256,
2033 SSL_TLSV1,
2034 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
2035 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2036 0,
2037 0,
2038 },
2039
2040 /* Cipher B9 */
2041 {
2042 1,
2043 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
2044 TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
2045 SSL_kRSAPSK,
2046 SSL_aRSA,
2047 SSL_eNULL,
2048 SSL_SHA384,
2049 SSL_TLSV1,
2050 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
2051 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2052 0,
2053 0,
2054 },
2055#endif /* OPENSSL_NO_PSK */
28dd49fa 2056
e6332489 2057#ifndef OPENSSL_NO_CAMELLIA
0f113f3e
MC		 2058 /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
2059
2060 /* Cipher BA */
2061 {
2062 1,
2063 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2064 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2065 SSL_kRSA,
2066 SSL_aRSA,
2067 SSL_CAMELLIA128,
2068 SSL_SHA256,
2069 SSL_TLSV1_2,
2070 SSL_NOT_EXP | SSL_HIGH,
2071 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2072 128,
2073 128,
2074 },
2075
2076 /* Cipher BB */
2077 {
2078 1,
2079 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2080 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2081 SSL_kDHd,
2082 SSL_aDH,
2083 SSL_CAMELLIA128,
2084 SSL_SHA256,
2085 SSL_TLSV1_2,
2086 SSL_NOT_EXP | SSL_HIGH,
2087 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2088 128,
2089 128,
2090 },
2091
2092 /* Cipher BC */
2093 {
2094 1,
2095 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2096 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2097 SSL_kDHr,
2098 SSL_aDH,
2099 SSL_CAMELLIA128,
2100 SSL_SHA256,
2101 SSL_TLSV1_2,
2102 SSL_NOT_EXP | SSL_HIGH,
2103 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2104 128,
2105 128,
2106 },
2107
2108 /* Cipher BD */
2109 {
2110 1,
2111 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2112 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2113 SSL_kEDH,
2114 SSL_aDSS,
2115 SSL_CAMELLIA128,
2116 SSL_SHA256,
2117 SSL_TLSV1_2,
2118 SSL_NOT_EXP | SSL_HIGH,
2119 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2120 128,
2121 128,
2122 },
2123
2124 /* Cipher BE */
2125 {
2126 1,
2127 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2128 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2129 SSL_kEDH,
2130 SSL_aRSA,
2131 SSL_CAMELLIA128,
2132 SSL_SHA256,
2133 SSL_TLSV1_2,
2134 SSL_NOT_EXP | SSL_HIGH,
2135 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2136 128,
2137 128,
2138 },
2139
2140 /* Cipher BF */
2141 {
2142 1,
2143 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2144 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2145 SSL_kEDH,
2146 SSL_aNULL,
2147 SSL_CAMELLIA128,
2148 SSL_SHA256,
2149 SSL_TLSV1_2,
2150 SSL_NOT_EXP | SSL_HIGH,
2151 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2152 128,
2153 128,
2154 },
2155
2156 /* Cipher C0 */
2157 {
2158 1,
2159 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2160 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2161 SSL_kRSA,
2162 SSL_aRSA,
2163 SSL_CAMELLIA256,
2164 SSL_SHA256,
2165 SSL_TLSV1_2,
2166 SSL_NOT_EXP | SSL_HIGH,
2167 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2168 256,
2169 256,
2170 },
2171
2172 /* Cipher C1 */
2173 {
2174 1,
2175 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2176 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2177 SSL_kDHd,
2178 SSL_aDH,
2179 SSL_CAMELLIA256,
2180 SSL_SHA256,
2181 SSL_TLSV1_2,
2182 SSL_NOT_EXP | SSL_HIGH,
2183 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2184 256,
2185 256,
2186 },
2187
2188 /* Cipher C2 */
2189 {
2190 1,
2191 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2192 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2193 SSL_kDHr,
2194 SSL_aDH,
2195 SSL_CAMELLIA256,
2196 SSL_SHA256,
2197 SSL_TLSV1_2,
2198 SSL_NOT_EXP | SSL_HIGH,
2199 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2200 256,
2201 256,
2202 },
2203
2204 /* Cipher C3 */
2205 {
2206 1,
2207 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2208 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2209 SSL_kEDH,
2210 SSL_aDSS,
2211 SSL_CAMELLIA256,
2212 SSL_SHA256,
2213 SSL_TLSV1_2,
2214 SSL_NOT_EXP | SSL_HIGH,
2215 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2216 256,
2217 256,
2218 },
2219
2220 /* Cipher C4 */
2221 {
2222 1,
2223 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2224 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2225 SSL_kEDH,
2226 SSL_aRSA,
2227 SSL_CAMELLIA256,
2228 SSL_SHA256,
2229 SSL_TLSV1_2,
2230 SSL_NOT_EXP | SSL_HIGH,
2231 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2232 256,
2233 256,
2234 },
2235
2236 /* Cipher C5 */
2237 {
2238 1,
2239 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2240 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2241 SSL_kEDH,
2242 SSL_aNULL,
2243 SSL_CAMELLIA256,
2244 SSL_SHA256,
2245 SSL_TLSV1_2,
2246 SSL_NOT_EXP | SSL_HIGH,
2247 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2248 256,
2249 256,
2250 },
e6332489
P		 2251#endif
2252
6b43bbf0
DSH		 2253#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
2254 /* Cipher FF */
2255 {
2256 1,
2257 "SCSV",
2258 SSL3_CK_SCSV,
2259 0,
2260 0,
2261 0,
2262 0,
2263 0,
2264 0,
2265 0,
2266 0,
2267 0},
2268#endif
2269
10bf4fc2 2270#ifndef OPENSSL_NO_EC
0f113f3e
MC		 2271 /* Cipher C001 */
2272 {
2273 1,
2274 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
2275 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
2276 SSL_kECDHe,
2277 SSL_aECDH,
2278 SSL_eNULL,
2279 SSL_SHA1,
2280 SSL_TLSV1,
2281 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
2282 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2283 0,
2284 0,
2285 },
2286
2287 /* Cipher C002 */
2288 {
2289 1,
2290 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
2291 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
2292 SSL_kECDHe,
2293 SSL_aECDH,
2294 SSL_RC4,
2295 SSL_SHA1,
2296 SSL_TLSV1,
2297 SSL_NOT_EXP | SSL_MEDIUM,
2298 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2299 128,
2300 128,
2301 },
2302
2303 /* Cipher C003 */
2304 {
2305 1,
2306 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2307 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2308 SSL_kECDHe,
2309 SSL_aECDH,
2310 SSL_3DES,
2311 SSL_SHA1,
2312 SSL_TLSV1,
2313 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2314 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2315 112,
2316 168,
2317 },
2318
2319 /* Cipher C004 */
2320 {
2321 1,
2322 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2323 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2324 SSL_kECDHe,
2325 SSL_aECDH,
2326 SSL_AES128,
2327 SSL_SHA1,
2328 SSL_TLSV1,
2329 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2330 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2331 128,
2332 128,
2333 },
2334
2335 /* Cipher C005 */
2336 {
2337 1,
2338 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2339 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2340 SSL_kECDHe,
2341 SSL_aECDH,
2342 SSL_AES256,
2343 SSL_SHA1,
2344 SSL_TLSV1,
2345 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2346 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2347 256,
2348 256,
2349 },
2350
2351 /* Cipher C006 */
2352 {
2353 1,
2354 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
2355 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
2356 SSL_kECDHE,
2357 SSL_aECDSA,
2358 SSL_eNULL,
2359 SSL_SHA1,
2360 SSL_TLSV1,
2361 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
2362 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2363 0,
2364 0,
2365 },
2366
2367 /* Cipher C007 */
2368 {
2369 1,
2370 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2371 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2372 SSL_kECDHE,
2373 SSL_aECDSA,
2374 SSL_RC4,
2375 SSL_SHA1,
2376 SSL_TLSV1,
2377 SSL_NOT_EXP | SSL_MEDIUM,
2378 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2379 128,
2380 128,
2381 },
2382
2383 /* Cipher C008 */
2384 {
2385 1,
2386 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2387 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2388 SSL_kECDHE,
2389 SSL_aECDSA,
2390 SSL_3DES,
2391 SSL_SHA1,
2392 SSL_TLSV1,
2393 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2394 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2395 112,
2396 168,
2397 },
2398
2399 /* Cipher C009 */
2400 {
2401 1,
2402 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2403 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2404 SSL_kECDHE,
2405 SSL_aECDSA,
2406 SSL_AES128,
2407 SSL_SHA1,
2408 SSL_TLSV1,
2409 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2410 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2411 128,
2412 128,
2413 },
2414
2415 /* Cipher C00A */
2416 {
2417 1,
2418 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2419 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2420 SSL_kECDHE,
2421 SSL_aECDSA,
2422 SSL_AES256,
2423 SSL_SHA1,
2424 SSL_TLSV1,
2425 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2426 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2427 256,
2428 256,
2429 },
2430
2431 /* Cipher C00B */
2432 {
2433 1,
2434 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
2435 TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
2436 SSL_kECDHr,
2437 SSL_aECDH,
2438 SSL_eNULL,
2439 SSL_SHA1,
2440 SSL_TLSV1,
2441 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
2442 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2443 0,
2444 0,
2445 },
2446
2447 /* Cipher C00C */
2448 {
2449 1,
2450 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
2451 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
2452 SSL_kECDHr,
2453 SSL_aECDH,
2454 SSL_RC4,
2455 SSL_SHA1,
2456 SSL_TLSV1,
2457 SSL_NOT_EXP | SSL_MEDIUM,
2458 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2459 128,
2460 128,
2461 },
2462
2463 /* Cipher C00D */
2464 {
2465 1,
2466 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2467 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2468 SSL_kECDHr,
2469 SSL_aECDH,
2470 SSL_3DES,
2471 SSL_SHA1,
2472 SSL_TLSV1,
2473 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2474 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2475 112,
2476 168,
2477 },
2478
2479 /* Cipher C00E */
2480 {
2481 1,
2482 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
2483 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
2484 SSL_kECDHr,
2485 SSL_aECDH,
2486 SSL_AES128,
2487 SSL_SHA1,
2488 SSL_TLSV1,
2489 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2490 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2491 128,
2492 128,
2493 },
2494
2495 /* Cipher C00F */
2496 {
2497 1,
2498 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
2499 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
2500 SSL_kECDHr,
2501 SSL_aECDH,
2502 SSL_AES256,
2503 SSL_SHA1,
2504 SSL_TLSV1,
2505 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2506 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2507 256,
2508 256,
2509 },
2510
2511 /* Cipher C010 */
2512 {
2513 1,
2514 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
2515 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
2516 SSL_kECDHE,
2517 SSL_aRSA,
2518 SSL_eNULL,
2519 SSL_SHA1,
2520 SSL_TLSV1,
2521 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
2522 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2523 0,
2524 0,
2525 },
2526
2527 /* Cipher C011 */
2528 {
2529 1,
2530 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2531 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2532 SSL_kECDHE,
2533 SSL_aRSA,
2534 SSL_RC4,
2535 SSL_SHA1,
2536 SSL_TLSV1,
2537 SSL_NOT_EXP | SSL_MEDIUM,
2538 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2539 128,
2540 128,
2541 },
2542
2543 /* Cipher C012 */
2544 {
2545 1,
2546 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2547 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2548 SSL_kECDHE,
2549 SSL_aRSA,
2550 SSL_3DES,
2551 SSL_SHA1,
2552 SSL_TLSV1,
2553 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2554 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2555 112,
2556 168,
2557 },
2558
2559 /* Cipher C013 */
2560 {
2561 1,
2562 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2563 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2564 SSL_kECDHE,
2565 SSL_aRSA,
2566 SSL_AES128,
2567 SSL_SHA1,
2568 SSL_TLSV1,
2569 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2570 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2571 128,
2572 128,
2573 },
2574
2575 /* Cipher C014 */
2576 {
2577 1,
2578 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2579 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2580 SSL_kECDHE,
2581 SSL_aRSA,
2582 SSL_AES256,
2583 SSL_SHA1,
2584 SSL_TLSV1,
2585 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2586 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2587 256,
2588 256,
2589 },
2590
2591 /* Cipher C015 */
2592 {
2593 1,
2594 TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
2595 TLS1_CK_ECDH_anon_WITH_NULL_SHA,
2596 SSL_kECDHE,
2597 SSL_aNULL,
2598 SSL_eNULL,
2599 SSL_SHA1,
2600 SSL_TLSV1,
2601 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
2602 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2603 0,
2604 0,
2605 },
2606
2607 /* Cipher C016 */
2608 {
2609 1,
2610 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2611 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2612 SSL_kECDHE,
2613 SSL_aNULL,
2614 SSL_RC4,
2615 SSL_SHA1,
2616 SSL_TLSV1,
2617 SSL_NOT_EXP | SSL_MEDIUM,
2618 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2619 128,
2620 128,
2621 },
2622
2623 /* Cipher C017 */
2624 {
2625 1,
2626 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
2627 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
2628 SSL_kECDHE,
2629 SSL_aNULL,
2630 SSL_3DES,
2631 SSL_SHA1,
2632 SSL_TLSV1,
2633 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2634 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2635 112,
2636 168,
2637 },
2638
2639 /* Cipher C018 */
2640 {
2641 1,
2642 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
2643 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
2644 SSL_kECDHE,
2645 SSL_aNULL,
2646 SSL_AES128,
2647 SSL_SHA1,
2648 SSL_TLSV1,
2649 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2650 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2651 128,
2652 128,
2653 },
2654
2655 /* Cipher C019 */
2656 {
2657 1,
2658 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
2659 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
2660 SSL_kECDHE,
2661 SSL_aNULL,
2662 SSL_AES256,
2663 SSL_SHA1,
2664 SSL_TLSV1,
2665 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2666 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2667 256,
2668 256,
2669 },
10bf4fc2 2670#endif /* OPENSSL_NO_EC */
6e119bb0 2671
edc032b5 2672#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 2673 /* Cipher C01A */
2674 {
2675 1,
2676 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2677 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2678 SSL_kSRP,
2679 SSL_aSRP,
2680 SSL_3DES,
2681 SSL_SHA1,
2682 SSL_TLSV1,
2683 SSL_NOT_EXP | SSL_HIGH,
2684 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2685 112,
2686 168,
2687 },
2688
2689 /* Cipher C01B */
2690 {
2691 1,
2692 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2693 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2694 SSL_kSRP,
2695 SSL_aRSA,
2696 SSL_3DES,
2697 SSL_SHA1,
2698 SSL_TLSV1,
2699 SSL_NOT_EXP | SSL_HIGH,
2700 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2701 112,
2702 168,
2703 },
2704
2705 /* Cipher C01C */
2706 {
2707 1,
2708 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2709 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2710 SSL_kSRP,
2711 SSL_aDSS,
2712 SSL_3DES,
2713 SSL_SHA1,
2714 SSL_TLSV1,
2715 SSL_NOT_EXP | SSL_HIGH,
2716 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2717 112,
2718 168,
2719 },
2720
2721 /* Cipher C01D */
2722 {
2723 1,
2724 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
2725 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
2726 SSL_kSRP,
2727 SSL_aSRP,
2728 SSL_AES128,
2729 SSL_SHA1,
2730 SSL_TLSV1,
2731 SSL_NOT_EXP | SSL_HIGH,
2732 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2733 128,
2734 128,
2735 },
2736
2737 /* Cipher C01E */
2738 {
2739 1,
2740 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2741 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2742 SSL_kSRP,
2743 SSL_aRSA,
2744 SSL_AES128,
2745 SSL_SHA1,
2746 SSL_TLSV1,
2747 SSL_NOT_EXP | SSL_HIGH,
2748 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2749 128,
2750 128,
2751 },
2752
2753 /* Cipher C01F */
2754 {
2755 1,
2756 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2757 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2758 SSL_kSRP,
2759 SSL_aDSS,
2760 SSL_AES128,
2761 SSL_SHA1,
2762 SSL_TLSV1,
2763 SSL_NOT_EXP | SSL_HIGH,
2764 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2765 128,
2766 128,
2767 },
2768
2769 /* Cipher C020 */
2770 {
2771 1,
2772 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
2773 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
2774 SSL_kSRP,
2775 SSL_aSRP,
2776 SSL_AES256,
2777 SSL_SHA1,
2778 SSL_TLSV1,
2779 SSL_NOT_EXP | SSL_HIGH,
2780 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2781 256,
2782 256,
2783 },
2784
2785 /* Cipher C021 */
2786 {
2787 1,
2788 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2789 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2790 SSL_kSRP,
2791 SSL_aRSA,
2792 SSL_AES256,
2793 SSL_SHA1,
2794 SSL_TLSV1,
2795 SSL_NOT_EXP | SSL_HIGH,
2796 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2797 256,
2798 256,
2799 },
2800
2801 /* Cipher C022 */
2802 {
2803 1,
2804 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2805 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2806 SSL_kSRP,
2807 SSL_aDSS,
2808 SSL_AES256,
2809 SSL_SHA1,
2810 SSL_TLSV1,
2811 SSL_NOT_EXP | SSL_HIGH,
2812 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2813 256,
2814 256,
2815 },
2816#endif /* OPENSSL_NO_SRP */
10bf4fc2 2817#ifndef OPENSSL_NO_EC
d09677ac 2818
0f113f3e
MC		 2819 /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
2820
2821 /* Cipher C023 */
2822 {
2823 1,
2824 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
2825 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
2826 SSL_kECDHE,
2827 SSL_aECDSA,
2828 SSL_AES128,
2829 SSL_SHA256,
2830 SSL_TLSV1_2,
2831 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2832 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2833 128,
2834 128,
2835 },
2836
2837 /* Cipher C024 */
2838 {
2839 1,
2840 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
2841 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
2842 SSL_kECDHE,
2843 SSL_aECDSA,
2844 SSL_AES256,
2845 SSL_SHA384,
2846 SSL_TLSV1_2,
2847 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2848 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2849 256,
2850 256,
2851 },
2852
2853 /* Cipher C025 */
2854 {
2855 1,
2856 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
2857 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
2858 SSL_kECDHe,
2859 SSL_aECDH,
2860 SSL_AES128,
2861 SSL_SHA256,
2862 SSL_TLSV1_2,
2863 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2864 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2865 128,
2866 128,
2867 },
2868
2869 /* Cipher C026 */
2870 {
2871 1,
2872 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
2873 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
2874 SSL_kECDHe,
2875 SSL_aECDH,
2876 SSL_AES256,
2877 SSL_SHA384,
2878 SSL_TLSV1_2,
2879 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2880 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2881 256,
2882 256,
2883 },
2884
2885 /* Cipher C027 */
2886 {
2887 1,
2888 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
2889 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
2890 SSL_kECDHE,
2891 SSL_aRSA,
2892 SSL_AES128,
2893 SSL_SHA256,
2894 SSL_TLSV1_2,
2895 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2896 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2897 128,
2898 128,
2899 },
2900
2901 /* Cipher C028 */
2902 {
2903 1,
2904 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
2905 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
2906 SSL_kECDHE,
2907 SSL_aRSA,
2908 SSL_AES256,
2909 SSL_SHA384,
2910 SSL_TLSV1_2,
2911 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2912 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2913 256,
2914 256,
2915 },
2916
2917 /* Cipher C029 */
2918 {
2919 1,
2920 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
2921 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
2922 SSL_kECDHr,
2923 SSL_aECDH,
2924 SSL_AES128,
2925 SSL_SHA256,
2926 SSL_TLSV1_2,
2927 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2928 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2929 128,
2930 128,
2931 },
2932
2933 /* Cipher C02A */
2934 {
2935 1,
2936 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
2937 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
2938 SSL_kECDHr,
2939 SSL_aECDH,
2940 SSL_AES256,
2941 SSL_SHA384,
2942 SSL_TLSV1_2,
2943 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2944 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2945 256,
2946 256,
2947 },
2948
2949 /* GCM based TLS v1.2 ciphersuites from RFC5289 */
2950
2951 /* Cipher C02B */
2952 {
2953 1,
2954 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2955 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2956 SSL_kECDHE,
2957 SSL_aECDSA,
2958 SSL_AES128GCM,
2959 SSL_AEAD,
2960 SSL_TLSV1_2,
2961 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2962 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2963 128,
2964 128,
2965 },
2966
2967 /* Cipher C02C */
2968 {
2969 1,
2970 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2971 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2972 SSL_kECDHE,
2973 SSL_aECDSA,
2974 SSL_AES256GCM,
2975 SSL_AEAD,
2976 SSL_TLSV1_2,
2977 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2978 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2979 256,
2980 256,
2981 },
2982
2983 /* Cipher C02D */
2984 {
2985 1,
2986 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2987 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2988 SSL_kECDHe,
2989 SSL_aECDH,
2990 SSL_AES128GCM,
2991 SSL_AEAD,
2992 SSL_TLSV1_2,
2993 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
2994 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2995 128,
2996 128,
2997 },
2998
2999 /* Cipher C02E */
3000 {
3001 1,
3002 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
3003 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
3004 SSL_kECDHe,
3005 SSL_aECDH,
3006 SSL_AES256GCM,
3007 SSL_AEAD,
3008 SSL_TLSV1_2,
3009 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3010 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3011 256,
3012 256,
3013 },
3014
3015 /* Cipher C02F */
3016 {
3017 1,
3018 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
3019 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
3020 SSL_kECDHE,
3021 SSL_aRSA,
3022 SSL_AES128GCM,
3023 SSL_AEAD,
3024 SSL_TLSV1_2,
3025 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3026 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3027 128,
3028 128,
3029 },
3030
3031 /* Cipher C030 */
3032 {
3033 1,
3034 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
3035 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
3036 SSL_kECDHE,
3037 SSL_aRSA,
3038 SSL_AES256GCM,
3039 SSL_AEAD,
3040 SSL_TLSV1_2,
3041 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3042 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3043 256,
3044 256,
3045 },
3046
3047 /* Cipher C031 */
3048 {
3049 1,
3050 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
3051 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
3052 SSL_kECDHr,
3053 SSL_aECDH,
3054 SSL_AES128GCM,
3055 SSL_AEAD,
3056 SSL_TLSV1_2,
3057 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3058 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3059 128,
3060 128,
3061 },
3062
3063 /* Cipher C032 */
3064 {
3065 1,
3066 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
3067 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
3068 SSL_kECDHr,
3069 SSL_aECDH,
3070 SSL_AES256GCM,
3071 SSL_AEAD,
3072 SSL_TLSV1_2,
3073 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3074 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3075 256,
3076 256,
3077 },
3078
ea6114c6
DSH		 3079 /* PSK ciphersuites from RFC 5489 */
3080 /* Cipher C033 */
3081 {
3082 1,
3083 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
3084 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
3085 SSL_kECDHEPSK,
3086 SSL_aPSK,
3087 SSL_RC4,
3088 SSL_SHA1,
3089 SSL_TLSV1,
3090 SSL_NOT_EXP | SSL_MEDIUM,
3091 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3092 128,
3093 128,
3094 },
3095
3096 /* Cipher C034 */
3097 {
3098 1,
3099 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
3100 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
3101 SSL_kECDHEPSK,
3102 SSL_aPSK,
3103 SSL_3DES,
3104 SSL_SHA1,
3105 SSL_TLSV1,
3106 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3107 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3108 112,
3109 168,
3110 },
3111
3112 /* Cipher C035 */
3113 {
3114 1,
3115 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
3116 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
3117 SSL_kECDHEPSK,
3118 SSL_aPSK,
3119 SSL_AES128,
3120 SSL_SHA1,
3121 SSL_TLSV1,
3122 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3123 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3124 128,
3125 128,
3126 },
3127
3128 /* Cipher C036 */
3129 {
3130 1,
3131 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
3132 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
3133 SSL_kECDHEPSK,
3134 SSL_aPSK,
3135 SSL_AES256,
3136 SSL_SHA1,
3137 SSL_TLSV1,
3138 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3139 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3140 256,
3141 256,
3142 },
3143
3144 /* Cipher C037 */
3145 {
3146 1,
3147 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
3148 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
3149 SSL_kECDHEPSK,
3150 SSL_aPSK,
3151 SSL_AES128,
3152 SSL_SHA256,
3153 SSL_TLSV1,
3154 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3155 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3156 128,
3157 128,
3158 },
3159
3160 /* Cipher C038 */
3161 {
3162 1,
3163 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
3164 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
3165 SSL_kECDHEPSK,
3166 SSL_aPSK,
3167 SSL_AES256,
3168 SSL_SHA384,
3169 SSL_TLSV1,
3170 SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
3171 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3172 256,
3173 256,
3174 },
3175
3176 /* Cipher C039 */
3177 {
3178 1,
3179 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
3180 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
3181 SSL_kECDHEPSK,
3182 SSL_aPSK,
3183 SSL_eNULL,
3184 SSL_SHA1,
3185 SSL_TLSV1,
3186 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
3187 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3188 0,
3189 0,
3190 },
3191
3192 /* Cipher C03A */
3193 {
3194 1,
3195 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
3196 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
3197 SSL_kECDHEPSK,
3198 SSL_aPSK,
3199 SSL_eNULL,
3200 SSL_SHA256,
3201 SSL_TLSV1,
3202 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
3203 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3204 0,
3205 0,
3206 },
3207
3208 /* Cipher C03B */
3209 {
3210 1,
3211 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
3212 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
3213 SSL_kECDHEPSK,
3214 SSL_aPSK,
3215 SSL_eNULL,
3216 SSL_SHA384,
3217 SSL_TLSV1,
3218 SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
3219 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3220 0,
3221 0,
3222 },
3223
0f113f3e
MC		 3224# ifndef OPENSSL_NO_CAMELLIA
3225 { /* Cipher C072 */
3226 1,
3227 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
3228 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
3229 SSL_kECDHE,
3230 SSL_aECDSA,
3231 SSL_CAMELLIA128,
3232 SSL_SHA256,
3233 SSL_TLSV1_2,
3234 SSL_NOT_EXP | SSL_HIGH,
3235 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3236 128,
3237 128},
3238
3239 { /* Cipher C073 */
3240 1,
3241 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
3242 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
3243 SSL_kECDHE,
3244 SSL_aECDSA,
3245 SSL_CAMELLIA256,
3246 SSL_SHA384,
3247 SSL_TLSV1_2,
3248 SSL_NOT_EXP | SSL_HIGH,
3249 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3250 256,
3251 256},
3252
3253 { /* Cipher C074 */
3254 1,
3255 TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
3256 TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
3257 SSL_kECDHe,
3258 SSL_aECDH,
3259 SSL_CAMELLIA128,
3260 SSL_SHA256,
3261 SSL_TLSV1_2,
3262 SSL_NOT_EXP | SSL_HIGH,
3263 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3264 128,
3265 128},
3266
3267 { /* Cipher C075 */
3268 1,
3269 TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
3270 TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
3271 SSL_kECDHe,
3272 SSL_aECDH,
3273 SSL_CAMELLIA256,
3274 SSL_SHA384,
3275 SSL_TLSV1_2,
3276 SSL_NOT_EXP | SSL_HIGH,
3277 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3278 256,
3279 256},
3280
3281 { /* Cipher C076 */
3282 1,
3283 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
3284 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
3285 SSL_kECDHE,
3286 SSL_aRSA,
3287 SSL_CAMELLIA128,
3288 SSL_SHA256,
3289 SSL_TLSV1_2,
3290 SSL_NOT_EXP | SSL_HIGH,
3291 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3292 128,
3293 128},
3294
3295 { /* Cipher C077 */
3296 1,
3297 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
3298 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
3299 SSL_kECDHE,
3300 SSL_aRSA,
3301 SSL_CAMELLIA256,
3302 SSL_SHA384,
3303 SSL_TLSV1_2,
3304 SSL_NOT_EXP | SSL_HIGH,
3305 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3306 256,
3307 256},
3308
3309 { /* Cipher C078 */
3310 1,
3311 TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
3312 TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
3313 SSL_kECDHr,
3314 SSL_aECDH,
3315 SSL_CAMELLIA128,
3316 SSL_SHA256,
3317 SSL_TLSV1_2,
3318 SSL_NOT_EXP | SSL_HIGH,
3319 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3320 128,
3321 128},
3322
3323 { /* Cipher C079 */
3324 1,
3325 TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
3326 TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
3327 SSL_kECDHr,
3328 SSL_aECDH,
3329 SSL_CAMELLIA256,
3330 SSL_SHA384,
3331 SSL_TLSV1_2,
3332 SSL_NOT_EXP | SSL_HIGH,
3333 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3334 256,
3335 256},
3336# endif /* OPENSSL_NO_CAMELLIA */
10bf4fc2 3337#endif /* OPENSSL_NO_EC */
edc032b5 3338
69a3a9f5
DSH		 3339#if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_PSK)
3340 { /* Cipher C094 */
3341 1,
3342 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
3343 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
3344 SSL_kPSK,
3345 SSL_aPSK,
3346 SSL_CAMELLIA128,
3347 SSL_SHA256,
3348 SSL_TLSV1,
3349 SSL_NOT_EXP | SSL_HIGH,
3350 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3351 128,
3352 128},
3353
3354 { /* Cipher C095 */
3355 1,
3356 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
3357 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
3358 SSL_kPSK,
3359 SSL_aPSK,
3360 SSL_CAMELLIA256,
3361 SSL_SHA384,
3362 SSL_TLSV1,
3363 SSL_NOT_EXP | SSL_HIGH,
3364 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3365 256,
3366 256},
3367
3368 { /* Cipher C096 */
3369 1,
3370 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
3371 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
3372 SSL_kDHEPSK,
3373 SSL_aPSK,
3374 SSL_CAMELLIA128,
3375 SSL_SHA256,
3376 SSL_TLSV1,
3377 SSL_NOT_EXP | SSL_HIGH,
3378 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3379 128,
3380 128},
3381
3382 { /* Cipher C097 */
3383 1,
3384 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
3385 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
3386 SSL_kDHEPSK,
3387 SSL_aPSK,
3388 SSL_CAMELLIA256,
3389 SSL_SHA384,
3390 SSL_TLSV1,
3391 SSL_NOT_EXP | SSL_HIGH,
3392 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3393 256,
3394 256},
3395
3396 { /* Cipher C098 */
3397 1,
3398 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
3399 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
3400 SSL_kRSAPSK,
3401 SSL_aRSA,
3402 SSL_CAMELLIA128,
3403 SSL_SHA256,
3404 SSL_TLSV1,
3405 SSL_NOT_EXP | SSL_HIGH,
3406 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3407 128,
3408 128},
3409
3410 { /* Cipher C099 */
3411 1,
3412 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
3413 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
3414 SSL_kRSAPSK,
3415 SSL_aRSA,
3416 SSL_CAMELLIA256,
3417 SSL_SHA384,
3418 SSL_TLSV1,
3419 SSL_NOT_EXP | SSL_HIGH,
3420 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3421 256,
3422 256},
3423
3424 { /* Cipher C09A */
3425 1,
3426 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
3427 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
3428 SSL_kECDHEPSK,
3429 SSL_aPSK,
3430 SSL_CAMELLIA128,
3431 SSL_SHA256,
3432 SSL_TLSV1,
3433 SSL_NOT_EXP | SSL_HIGH,
3434 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
3435 128,
3436 128},
3437
3438 { /* Cipher C09B */
3439 1,
3440 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
3441 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
3442 SSL_kECDHEPSK,
3443 SSL_aPSK,
3444 SSL_CAMELLIA256,
3445 SSL_SHA384,
3446 SSL_TLSV1,
3447 SSL_NOT_EXP | SSL_HIGH,
3448 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3449 256,
3450 256},
3451#endif
3452
d02b48c6 3453/* end of list */
0f113f3e
MC		 3454};
3455
3456const SSL3_ENC_METHOD SSLv3_enc_data = {
3457 ssl3_enc,
3458 n_ssl3_mac,
3459 ssl3_setup_key_block,
3460 ssl3_generate_master_secret,
3461 ssl3_change_cipher_state,
3462 ssl3_final_finish_mac,
3463 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
3464 ssl3_cert_verify_mac,
3465 SSL3_MD_CLIENT_FINISHED_CONST, 4,
3466 SSL3_MD_SERVER_FINISHED_CONST, 4,
3467 ssl3_alert_code,
3468 (int (*)(SSL *, unsigned char *, size_t, const char *,
3469 size_t, const unsigned char *, size_t,
3470 int use_context))ssl_undefined_function,
3471 0,
3472 SSL3_HM_HEADER_LENGTH,
3473 ssl3_set_handshake_header,
3474 ssl3_handshake_write
3475};
58964a49 3476
f3b656b2 3477long ssl3_default_timeout(void)
0f113f3e
MC		 3478{
3479 /*
3480 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
3481 * http, the cache would over fill
3482 */
3483 return (60 * 60 * 2);
3484}
d02b48c6 3485
6b691a5c 3486int ssl3_num_ciphers(void)
0f113f3e
MC		 3487{
3488 return (SSL3_NUM_CIPHERS);
3489}
d02b48c6 3490
babb3798 3491const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
0f113f3e
MC		 3492{
3493 if (u < SSL3_NUM_CIPHERS)
3494 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
3495 else
3496 return (NULL);
3497}
d02b48c6 3498
77d514c5 3499int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
0f113f3e
MC		 3500{
3501 unsigned char *p = (unsigned char *)s->init_buf->data;
3502 *(p++) = htype;
3503 l2n3(len, p);
3504 s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
3505 s->init_off = 0;
77d514c5
MC		 3506
3507 return 1;
0f113f3e 3508}
173e72e6
DSH		 3509
3510int ssl3_handshake_write(SSL *s)
0f113f3e
MC		 3511{
3512 return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3513}
173e72e6 3514
6b691a5c 3515int ssl3_new(SSL *s)
0f113f3e
MC		 3516{
3517 SSL3_STATE *s3;
d02b48c6 3518
b4faea50 3519 if ((s3 = OPENSSL_malloc(sizeof(*s3))) == NULL)
0f113f3e 3520 goto err;
b4faea50 3521 memset(s3, 0, sizeof(*s3));
0f113f3e 3522 s->s3 = s3;
258f8721 3523
edc032b5 3524#ifndef OPENSSL_NO_SRP
61986d32 3525 if (!SSL_SRP_CTX_init(s))
69f68237 3526 goto err;
edc032b5 3527#endif
0f113f3e
MC		 3528 s->method->ssl_clear(s);
3529 return (1);
3530 err:
3531 return (0);
3532}
d02b48c6 3533
6b691a5c 3534void ssl3_free(SSL *s)
0f113f3e
MC		 3535{
3536 if (s == NULL)
3537 return;
e03ddfae 3538
0f113f3e 3539 ssl3_cleanup_key_block(s);
8d92c1f8
DSH		 3540
3541#ifndef OPENSSL_NO_RSA
3542 RSA_free(s->s3->peer_rsa_tmp);
3543#endif
bc36ee62 3544#ifndef OPENSSL_NO_DH
d6407083 3545 DH_free(s->s3->tmp.dh);
8d92c1f8 3546 DH_free(s->s3->peer_dh_tmp);
d02b48c6 3547#endif
10bf4fc2 3548#ifndef OPENSSL_NO_EC
8fdc3734 3549 EC_KEY_free(s->s3->tmp.ecdh);
8d92c1f8 3550 EC_KEY_free(s->s3->peer_ecdh_tmp);
ea262260
BM		 3551#endif
3552
222561fe 3553 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
76106e60
DSH		 3554 OPENSSL_free(s->s3->tmp.ciphers_raw);
3555 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3556 OPENSSL_free(s->s3->tmp.peer_sigalgs);
85fb6fda 3557 ssl3_free_digest_list(s);
25aaa98a 3558 OPENSSL_free(s->s3->alpn_selected);
6f017a8f 3559
edc032b5 3560#ifndef OPENSSL_NO_SRP
0f113f3e 3561 SSL_SRP_CTX_free(s);
edc032b5 3562#endif
b4faea50 3563 OPENSSL_clear_free(s->s3, sizeof(*s->s3));
0f113f3e
MC		 3564 s->s3 = NULL;
3565}
d02b48c6 3566
6b691a5c 3567void ssl3_clear(SSL *s)
0f113f3e 3568{
0f113f3e 3569 int init_extra;
d02b48c6 3570
0f113f3e 3571 ssl3_cleanup_key_block(s);
222561fe 3572 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
76106e60
DSH		 3573 OPENSSL_free(s->s3->tmp.ciphers_raw);
3574 s->s3->tmp.ciphers_raw = NULL;
3575 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3576 s->s3->tmp.pms = NULL;
3577 OPENSSL_free(s->s3->tmp.peer_sigalgs);
3578 s->s3->tmp.peer_sigalgs = NULL;
d02b48c6 3579
8d92c1f8
DSH		 3580#ifndef OPENSSL_NO_RSA
3581 RSA_free(s->s3->peer_rsa_tmp);
3582 s->s3->peer_rsa_tmp = NULL;
3583#endif
3584
bc36ee62 3585#ifndef OPENSSL_NO_DH
d6407083
RS		 3586 DH_free(s->s3->tmp.dh);
3587 s->s3->tmp.dh = NULL;
8d92c1f8
DSH		 3588 DH_free(s->s3->peer_dh_tmp);
3589 s->s3->peer_dh_tmp = NULL;
a2a01589 3590#endif
10bf4fc2 3591#ifndef OPENSSL_NO_EC
8fdc3734
RS		 3592 EC_KEY_free(s->s3->tmp.ecdh);
3593 s->s3->tmp.ecdh = NULL;
8d92c1f8
DSH		 3594 EC_KEY_free(s->s3->peer_ecdh_tmp);
3595 s->s3->peer_ecdh_tmp = NULL;
0f113f3e 3596 s->s3->is_probably_safari = 0;
e481f9b9 3597#endif /* !OPENSSL_NO_EC */
0f113f3e 3598
0f113f3e 3599 init_extra = s->s3->init_extra;
85fb6fda 3600 ssl3_free_digest_list(s);
e481f9b9 3601
0f113f3e 3602 if (s->s3->alpn_selected) {
bc9567cd 3603 OPENSSL_free(s->s3->alpn_selected);
0f113f3e
MC		 3604 s->s3->alpn_selected = NULL;
3605 }
e481f9b9 3606
b4faea50 3607 memset(s->s3, 0, sizeof(*s->s3));
0f113f3e
MC		 3608 s->s3->init_extra = init_extra;
3609
3610 ssl_free_wbio_buffer(s);
3611
0f113f3e
MC		 3612 s->s3->renegotiate = 0;
3613 s->s3->total_renegotiations = 0;
3614 s->s3->num_renegotiations = 0;
3615 s->s3->in_read_app_data = 0;
3616 s->version = SSL3_VERSION;
ee2ffc27 3617
e481f9b9 3618#if !defined(OPENSSL_NO_NEXTPROTONEG)
b548a1f1
RS		 3619 OPENSSL_free(s->next_proto_negotiated);
3620 s->next_proto_negotiated = NULL;
3621 s->next_proto_negotiated_len = 0;
ee2ffc27 3622#endif
0f113f3e 3623}
d02b48c6 3624
edc032b5 3625#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 3626static char *srp_password_from_info_cb(SSL *s, void *arg)
3627{
3628 return BUF_strdup(s->srp_ctx.info);
3629}
edc032b5
BL		 3630#endif
3631
0f113f3e
MC		 3632static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p,
3633 size_t len);
9f27b1ee 3634
a661b653 3635long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
0f113f3e
MC		 3636{
3637 int ret = 0;
58964a49 3638
0f113f3e
MC		 3639 switch (cmd) {
3640 case SSL_CTRL_GET_SESSION_REUSED:
3641 ret = s->hit;
3642 break;
3643 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3644 break;
3645 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3646 ret = s->s3->num_renegotiations;
3647 break;
3648 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3649 ret = s->s3->num_renegotiations;
3650 s->s3->num_renegotiations = 0;
3651 break;
3652 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3653 ret = s->s3->total_renegotiations;
3654 break;
3655 case SSL_CTRL_GET_FLAGS:
3656 ret = (int)(s->s3->flags);
3657 break;
bc36ee62 3658#ifndef OPENSSL_NO_RSA
0f113f3e
MC		 3659 case SSL_CTRL_NEED_TMP_RSA:
3660 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
3661 ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3662 (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
3663 (512 / 8))))
3664 ret = 1;
3665 break;
3666 case SSL_CTRL_SET_TMP_RSA:
3667 {
3668 RSA *rsa = (RSA *)parg;
3669 if (rsa == NULL) {
3670 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3671 return (ret);
3672 }
3673 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
3674 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
3675 return (ret);
3676 }
d6407083 3677 RSA_free(s->cert->rsa_tmp);
0f113f3e
MC		 3678 s->cert->rsa_tmp = rsa;
3679 ret = 1;
3680 }
3681 break;
3682 case SSL_CTRL_SET_TMP_RSA_CB:
3683 {
3684 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3685 return (ret);
3686 }
15d21c2d 3687#endif
bc36ee62 3688#ifndef OPENSSL_NO_DH
0f113f3e
MC		 3689 case SSL_CTRL_SET_TMP_DH:
3690 {
3691 DH *dh = (DH *)parg;
3692 if (dh == NULL) {
3693 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3694 return (ret);
3695 }
3696 if (!ssl_security(s, SSL_SECOP_TMP_DH,
3697 DH_security_bits(dh), 0, dh)) {
3698 SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3699 return (ret);
3700 }
3701 if ((dh = DHparams_dup(dh)) == NULL) {
3702 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3703 return (ret);
3704 }
3705 if (!(s->options & SSL_OP_SINGLE_DH_USE)) {
3706 if (!DH_generate_key(dh)) {
3707 DH_free(dh);
3708 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3709 return (ret);
3710 }
3711 }
d6407083 3712 DH_free(s->cert->dh_tmp);
0f113f3e
MC		 3713 s->cert->dh_tmp = dh;
3714 ret = 1;
3715 }
3716 break;
3717 case SSL_CTRL_SET_TMP_DH_CB:
3718 {
3719 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3720 return (ret);
3721 }
0f113f3e
MC		 3722 case SSL_CTRL_SET_DH_AUTO:
3723 s->cert->dh_tmp_auto = larg;
3724 return 1;
d3442bc7 3725#endif
10bf4fc2 3726#ifndef OPENSSL_NO_EC
0f113f3e
MC		 3727 case SSL_CTRL_SET_TMP_ECDH:
3728 {
3729 EC_KEY *ecdh = NULL;
3730
3731 if (parg == NULL) {
3732 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3733 return (ret);
3734 }
3735 if (!EC_KEY_up_ref((EC_KEY *)parg)) {
3736 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
3737 return (ret);
3738 }
3739 ecdh = (EC_KEY *)parg;
3740 if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
3741 if (!EC_KEY_generate_key(ecdh)) {
3742 EC_KEY_free(ecdh);
3743 SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
3744 return (ret);
3745 }
3746 }
8fdc3734 3747 EC_KEY_free(s->cert->ecdh_tmp);
0f113f3e
MC		 3748 s->cert->ecdh_tmp = ecdh;
3749 ret = 1;
3750 }
3751 break;
3752 case SSL_CTRL_SET_TMP_ECDH_CB:
3753 {
3754 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3755 return (ret);
3756 }
10bf4fc2 3757#endif /* !OPENSSL_NO_EC */
0f113f3e
MC		 3758 case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3759 if (larg == TLSEXT_NAMETYPE_host_name) {
b548a1f1 3760 OPENSSL_free(s->tlsext_hostname);
0f113f3e
MC		 3761 s->tlsext_hostname = NULL;
3762
3763 ret = 1;
3764 if (parg == NULL)
3765 break;
3766 if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
3767 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3768 return 0;
3769 }
3770 if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) {
3771 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3772 return 0;
3773 }
3774 } else {
3775 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3776 return 0;
3777 }
3778 break;
3779 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3780 s->tlsext_debug_arg = parg;
3781 ret = 1;
3782 break;
3783
0f113f3e
MC		 3784 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3785 s->tlsext_status_type = larg;
3786 ret = 1;
3787 break;
3788
3789 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3790 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
3791 ret = 1;
3792 break;
3793
3794 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3795 s->tlsext_ocsp_exts = parg;
3796 ret = 1;
3797 break;
3798
3799 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3800 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
3801 ret = 1;
3802 break;
3803
3804 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3805 s->tlsext_ocsp_ids = parg;
3806 ret = 1;
3807 break;
3808
3809 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3810 *(unsigned char **)parg = s->tlsext_ocsp_resp;
3811 return s->tlsext_ocsp_resplen;
3812
3813 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
b548a1f1 3814 OPENSSL_free(s->tlsext_ocsp_resp);
0f113f3e
MC		 3815 s->tlsext_ocsp_resp = parg;
3816 s->tlsext_ocsp_resplen = larg;
3817 ret = 1;
3818 break;
3819
e481f9b9 3820#ifndef OPENSSL_NO_HEARTBEATS
0f113f3e
MC		 3821 case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
3822 if (SSL_IS_DTLS(s))
3823 ret = dtls1_heartbeat(s);
3824 else
3825 ret = tls1_heartbeat(s);
3826 break;
3827
3828 case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
3829 ret = s->tlsext_hb_pending;
3830 break;
3831
3832 case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
3833 if (larg)
3834 s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3835 else
3836 s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3837 ret = 1;
3838 break;
e481f9b9 3839#endif
0f113f3e
MC		 3840
3841 case SSL_CTRL_CHAIN:
3842 if (larg)
3843 return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
3844 else
3845 return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);
3846
3847 case SSL_CTRL_CHAIN_CERT:
3848 if (larg)
3849 return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
3850 else
3851 return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);
3852
3853 case SSL_CTRL_GET_CHAIN_CERTS:
3854 *(STACK_OF(X509) **)parg = s->cert->key->chain;
3855 break;
3856
3857 case SSL_CTRL_SELECT_CURRENT_CERT:
3858 return ssl_cert_select_current(s->cert, (X509 *)parg);
3859
3860 case SSL_CTRL_SET_CURRENT_CERT:
3861 if (larg == SSL_CERT_SET_SERVER) {
3862 CERT_PKEY *cpk;
3863 const SSL_CIPHER *cipher;
3864 if (!s->server)
3865 return 0;
3866 cipher = s->s3->tmp.new_cipher;
3867 if (!cipher)
3868 return 0;
3869 /*
3870 * No certificate for unauthenticated ciphersuites or using SRP
3871 * authentication
3872 */
3873 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3874 return 2;
3875 cpk = ssl_get_server_send_pkey(s);
3876 if (!cpk)
3877 return 0;
3878 s->cert->key = cpk;
3879 return 1;
3880 }
3881 return ssl_cert_set_current(s->cert, larg);
0f78819c 3882
14536c8c 3883#ifndef OPENSSL_NO_EC
0f113f3e
MC		 3884 case SSL_CTRL_GET_CURVES:
3885 {
3886 unsigned char *clist;
3887 size_t clistlen;
3888 if (!s->session)
3889 return 0;
3890 clist = s->session->tlsext_ellipticcurvelist;
3891 clistlen = s->session->tlsext_ellipticcurvelist_length / 2;
3892 if (parg) {
3893 size_t i;
3894 int *cptr = parg;
3895 unsigned int cid, nid;
3896 for (i = 0; i < clistlen; i++) {
3897 n2s(clist, cid);
3898 nid = tls1_ec_curve_id2nid(cid);
3899 if (nid != 0)
3900 cptr[i] = nid;
3901 else
3902 cptr[i] = TLSEXT_nid_unknown | cid;
3903 }
3904 }
3905 return (int)clistlen;
3906 }
3907
3908 case SSL_CTRL_SET_CURVES:
3909 return tls1_set_curves(&s->tlsext_ellipticcurvelist,
3910 &s->tlsext_ellipticcurvelist_length,
3911 parg, larg);
3912
3913 case SSL_CTRL_SET_CURVES_LIST:
3914 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist,
3915 &s->tlsext_ellipticcurvelist_length,
3916 parg);
3917
3918 case SSL_CTRL_GET_SHARED_CURVE:
3919 return tls1_shared_curve(s, larg);
3920
10bf4fc2 3921# ifndef OPENSSL_NO_EC
0f113f3e
MC		 3922 case SSL_CTRL_SET_ECDH_AUTO:
3923 s->cert->ecdh_tmp_auto = larg;
3924 return 1;
3925# endif
14536c8c 3926#endif
0f113f3e
MC		 3927 case SSL_CTRL_SET_SIGALGS:
3928 return tls1_set_sigalgs(s->cert, parg, larg, 0);
3929
3930 case SSL_CTRL_SET_SIGALGS_LIST:
3931 return tls1_set_sigalgs_list(s->cert, parg, 0);
3932
3933 case SSL_CTRL_SET_CLIENT_SIGALGS:
3934 return tls1_set_sigalgs(s->cert, parg, larg, 1);
3935
3936 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3937 return tls1_set_sigalgs_list(s->cert, parg, 1);
3938
3939 case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3940 {
3941 const unsigned char **pctype = parg;
3942 if (s->server || !s->s3->tmp.cert_req)
3943 return 0;
3944 if (s->cert->ctypes) {
3945 if (pctype)
3946 *pctype = s->cert->ctypes;
3947 return (int)s->cert->ctype_num;
3948 }
3949 if (pctype)
3950 *pctype = (unsigned char *)s->s3->tmp.ctype;
3951 return s->s3->tmp.ctype_num;
3952 }
3953
3954 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3955 if (!s->server)
3956 return 0;
3957 return ssl3_set_req_cert_type(s->cert, parg, larg);
3958
3959 case SSL_CTRL_BUILD_CERT_CHAIN:
3960 return ssl_build_cert_chain(s, NULL, larg);
3961
3962 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3963 return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
3964
3965 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3966 return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
3967
3968 case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3969 if (SSL_USE_SIGALGS(s)) {
389ebcec 3970 if (s->session) {
0f113f3e 3971 const EVP_MD *sig;
d376e57d 3972 sig = s->s3->tmp.peer_md;
0f113f3e
MC		 3973 if (sig) {
3974 *(int *)parg = EVP_MD_type(sig);
3975 return 1;
3976 }
3977 }
3978 return 0;
3979 }
3980 /* Might want to do something here for other versions */
3981 else
3982 return 0;
3983
3984 case SSL_CTRL_GET_SERVER_TMP_KEY:
389ebcec 3985 if (s->server || !s->session)
0f113f3e
MC		 3986 return 0;
3987 else {
0f113f3e
MC		 3988 EVP_PKEY *ptmp;
3989 int rv = 0;
10bf4fc2 3990#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC)
8d92c1f8 3991 if (!s->s3->peer_rsa_tmp && !s->s3->peer_dh_tmp && !s->s3->peer_ecdh_tmp)
0f113f3e 3992 return 0;
14536c8c 3993#endif
0f113f3e
MC		 3994 ptmp = EVP_PKEY_new();
3995 if (!ptmp)
3996 return 0;
33a8de69 3997#ifndef OPENSSL_NO_RSA
8d92c1f8
DSH		 3998 else if (s->s3->peer_rsa_tmp)
3999 rv = EVP_PKEY_set1_RSA(ptmp, s->s3->peer_rsa_tmp);
33a8de69
DSH		 4000#endif
4001#ifndef OPENSSL_NO_DH
8d92c1f8
DSH		 4002 else if (s->s3->peer_dh_tmp)
4003 rv = EVP_PKEY_set1_DH(ptmp, s->s3->peer_dh_tmp);
33a8de69 4004#endif
10bf4fc2 4005#ifndef OPENSSL_NO_EC
8d92c1f8
DSH		 4006 else if (s->s3->peer_ecdh_tmp)
4007 rv = EVP_PKEY_set1_EC_KEY(ptmp, s->s3->peer_ecdh_tmp);
33a8de69 4008#endif
0f113f3e
MC		 4009 if (rv) {
4010 *(EVP_PKEY **)parg = ptmp;
4011 return 1;
4012 }
4013 EVP_PKEY_free(ptmp);
4014 return 0;
4015 }
14536c8c 4016#ifndef OPENSSL_NO_EC
0f113f3e
MC		 4017 case SSL_CTRL_GET_EC_POINT_FORMATS:
4018 {
4019 SSL_SESSION *sess = s->session;
4020 const unsigned char **pformat = parg;
4021 if (!sess || !sess->tlsext_ecpointformatlist)
4022 return 0;
4023 *pformat = sess->tlsext_ecpointformatlist;
4024 return (int)sess->tlsext_ecpointformatlist_length;
4025 }
14536c8c 4026#endif
cf6da053 4027
0f113f3e
MC		 4028 case SSL_CTRL_CHECK_PROTO_VERSION:
4029 /*
4030 * For library-internal use; checks that the current protocol is the
4031 * highest enabled version (according to s->ctx->method, as version
4032 * negotiation may have changed s->method).
4033 */
4034 if (s->version == s->ctx->method->version)
4035 return 1;
4036 /*
4037 * Apparently we're using a version-flexible SSL_METHOD (not at its
4038 * highest protocol version).
4039 */
32ec4153 4040 if (s->ctx->method->version == TLS_method()->version) {
cf6da053 4041#if TLS_MAX_VERSION != TLS1_2_VERSION
32ec4153 4042# error Code needs update for TLS_method() support beyond TLS1_2_VERSION.
cf6da053 4043#endif
0f113f3e
MC		 4044 if (!(s->options & SSL_OP_NO_TLSv1_2))
4045 return s->version == TLS1_2_VERSION;
4046 if (!(s->options & SSL_OP_NO_TLSv1_1))
4047 return s->version == TLS1_1_VERSION;
4048 if (!(s->options & SSL_OP_NO_TLSv1))
4049 return s->version == TLS1_VERSION;
4050 if (!(s->options & SSL_OP_NO_SSLv3))
4051 return s->version == SSL3_VERSION;
4052 }
4053 return 0; /* Unexpected state; fail closed. */
4054
4055 default:
4056 break;
4057 }
4058 return (ret);
4059}
4060
4061long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
4062{
4063 int ret = 0;
d3442bc7 4064
0f113f3e 4065 switch (cmd) {
bc36ee62 4066#ifndef OPENSSL_NO_RSA
0f113f3e
MC		 4067 case SSL_CTRL_SET_TMP_RSA_CB:
4068 {
4069 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
4070 }
4071 break;
d3442bc7 4072#endif
bc36ee62 4073#ifndef OPENSSL_NO_DH
0f113f3e
MC		 4074 case SSL_CTRL_SET_TMP_DH_CB:
4075 {
4076 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
4077 }
4078 break;
ea262260 4079#endif
10bf4fc2 4080#ifndef OPENSSL_NO_EC
0f113f3e
MC		 4081 case SSL_CTRL_SET_TMP_ECDH_CB:
4082 {
4083 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
4084 }
4085 break;
6434abbf 4086#endif
0f113f3e
MC		 4087 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
4088 s->tlsext_debug_cb = (void (*)(SSL *, int, int,
4089 unsigned char *, int, void *))fp;
4090 break;
e481f9b9 4091
0f113f3e
MC		 4092 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
4093 {
4094 s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4095 }
4096 break;
4097 default:
4098 break;
4099 }
4100 return (ret);
4101}
d02b48c6 4102
a661b653 4103long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
0f113f3e
MC		 4104{
4105 CERT *cert;
d02b48c6 4106
0f113f3e 4107 cert = ctx->cert;
d02b48c6 4108
0f113f3e 4109 switch (cmd) {
bc36ee62 4110#ifndef OPENSSL_NO_RSA
0f113f3e
MC		 4111 case SSL_CTRL_NEED_TMP_RSA:
4112 if ((cert->rsa_tmp == NULL) &&
4113 ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
4114 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
4115 (512 / 8)))
4116 )
4117 return (1);
4118 else
4119 return (0);
4120 /* break; */
4121 case SSL_CTRL_SET_TMP_RSA:
4122 {
4123 RSA *rsa;
4124 int i;
4125
4126 rsa = (RSA *)parg;
4127 i = 1;
4128 if (rsa == NULL)
4129 i = 0;
4130 else {
4131 if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
4132 i = 0;
4133 }
4134 if (!i) {
4135 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB);
4136 return (0);
4137 } else {
d6407083 4138 RSA_free(cert->rsa_tmp);
0f113f3e
MC		 4139 cert->rsa_tmp = rsa;
4140 return (1);
4141 }
4142 }
4143 /* break; */
4144 case SSL_CTRL_SET_TMP_RSA_CB:
4145 {
4146 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
4147 return (0);
4148 }
d02b48c6 4149#endif
bc36ee62 4150#ifndef OPENSSL_NO_DH
0f113f3e
MC		 4151 case SSL_CTRL_SET_TMP_DH:
4152 {
4153 DH *new = NULL, *dh;
4154
4155 dh = (DH *)parg;
4156 if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
4157 DH_security_bits(dh), 0, dh)) {
4158 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
4159 return 0;
4160 }
4161 if ((new = DHparams_dup(dh)) == NULL) {
4162 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
4163 return 0;
4164 }
4165 if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
4166 if (!DH_generate_key(new)) {
4167 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
4168 DH_free(new);
4169 return 0;
4170 }
4171 }
d6407083 4172 DH_free(cert->dh_tmp);
0f113f3e
MC		 4173 cert->dh_tmp = new;
4174 return 1;
4175 }
4176 /*
4177 * break;
4178 */
4179 case SSL_CTRL_SET_TMP_DH_CB:
4180 {
4181 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
4182 return (0);
4183 }
0f113f3e
MC		 4184 case SSL_CTRL_SET_DH_AUTO:
4185 ctx->cert->dh_tmp_auto = larg;
4186 return 1;
d02b48c6 4187#endif
10bf4fc2 4188#ifndef OPENSSL_NO_EC
0f113f3e
MC		 4189 case SSL_CTRL_SET_TMP_ECDH:
4190 {
4191 EC_KEY *ecdh = NULL;
4192
4193 if (parg == NULL) {
4194 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
4195 return 0;
4196 }
4197 ecdh = EC_KEY_dup((EC_KEY *)parg);
4198 if (ecdh == NULL) {
4199 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB);
4200 return 0;
4201 }
4202 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
4203 if (!EC_KEY_generate_key(ecdh)) {
4204 EC_KEY_free(ecdh);
4205 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
4206 return 0;
4207 }
4208 }
4209
8fdc3734 4210 EC_KEY_free(cert->ecdh_tmp);
0f113f3e
MC		 4211 cert->ecdh_tmp = ecdh;
4212 return 1;
4213 }
4214 /* break; */
4215 case SSL_CTRL_SET_TMP_ECDH_CB:
4216 {
4217 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
4218 return (0);
4219 }
10bf4fc2 4220#endif /* !OPENSSL_NO_EC */
0f113f3e
MC		 4221 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
4222 ctx->tlsext_servername_arg = parg;
4223 break;
4224 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
4225 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
4226 {
4227 unsigned char *keys = parg;
4228 if (!keys)
4229 return 48;
4230 if (larg != 48) {
4231 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
4232 return 0;
4233 }
4234 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
4235 memcpy(ctx->tlsext_tick_key_name, keys, 16);
4236 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
4237 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
4238 } else {
4239 memcpy(keys, ctx->tlsext_tick_key_name, 16);
4240 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
4241 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
4242 }
4243 return 1;
4244 }
4245
0f113f3e
MC		 4246 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
4247 ctx->tlsext_status_arg = parg;
4248 return 1;
0f113f3e 4249
e481f9b9 4250#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 4251 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
4252 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
b548a1f1 4253 OPENSSL_free(ctx->srp_ctx.login);
0f113f3e
MC		 4254 ctx->srp_ctx.login = NULL;
4255 if (parg == NULL)
4256 break;
4257 if (strlen((const char *)parg) > 255
4258 || strlen((const char *)parg) < 1) {
4259 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
4260 return 0;
4261 }
4262 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
4263 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
4264 return 0;
4265 }
4266 break;
4267 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
4268 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
4269 srp_password_from_info_cb;
4270 ctx->srp_ctx.info = parg;
4271 break;
4272 case SSL_CTRL_SET_SRP_ARG:
4273 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4274 ctx->srp_ctx.SRP_cb_arg = parg;
4275 break;
4276
4277 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
4278 ctx->srp_ctx.strength = larg;
4279 break;
e481f9b9 4280#endif
0f113f3e 4281
e481f9b9 4282#ifndef OPENSSL_NO_EC
0f113f3e
MC		 4283 case SSL_CTRL_SET_CURVES:
4284 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
4285 &ctx->tlsext_ellipticcurvelist_length,
4286 parg, larg);
4287
4288 case SSL_CTRL_SET_CURVES_LIST:
4289 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
4290 &ctx->tlsext_ellipticcurvelist_length,
4291 parg);
0f113f3e
MC		 4292 case SSL_CTRL_SET_ECDH_AUTO:
4293 ctx->cert->ecdh_tmp_auto = larg;
4294 return 1;
e481f9b9 4295#endif
0f113f3e
MC		 4296 case SSL_CTRL_SET_SIGALGS:
4297 return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
4298
4299 case SSL_CTRL_SET_SIGALGS_LIST:
4300 return tls1_set_sigalgs_list(ctx->cert, parg, 0);
4301
4302 case SSL_CTRL_SET_CLIENT_SIGALGS:
4303 return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
4304
4305 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
4306 return tls1_set_sigalgs_list(ctx->cert, parg, 1);
4307
4308 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
4309 return ssl3_set_req_cert_type(ctx->cert, parg, larg);
4310
4311 case SSL_CTRL_BUILD_CERT_CHAIN:
4312 return ssl_build_cert_chain(NULL, ctx, larg);
4313
4314 case SSL_CTRL_SET_VERIFY_CERT_STORE:
4315 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
4316
4317 case SSL_CTRL_SET_CHAIN_CERT_STORE:
4318 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
4319
0f113f3e
MC		 4320 /* A Thawte special :-) */
4321 case SSL_CTRL_EXTRA_CHAIN_CERT:
4322 if (ctx->extra_certs == NULL) {
4323 if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
4324 return (0);
4325 }
4326 sk_X509_push(ctx->extra_certs, (X509 *)parg);
4327 break;
4328
4329 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
4330 if (ctx->extra_certs == NULL && larg == 0)
4331 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
4332 else
4333 *(STACK_OF(X509) **)parg = ctx->extra_certs;
4334 break;
4335
4336 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
222561fe
RS		 4337 sk_X509_pop_free(ctx->extra_certs, X509_free);
4338 ctx->extra_certs = NULL;
0f113f3e
MC		 4339 break;
4340
4341 case SSL_CTRL_CHAIN:
4342 if (larg)
4343 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
4344 else
4345 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
4346
4347 case SSL_CTRL_CHAIN_CERT:
4348 if (larg)
4349 return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
4350 else
4351 return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
4352
4353 case SSL_CTRL_GET_CHAIN_CERTS:
4354 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
4355 break;
4356
4357 case SSL_CTRL_SELECT_CURRENT_CERT:
4358 return ssl_cert_select_current(ctx->cert, (X509 *)parg);
4359
4360 case SSL_CTRL_SET_CURRENT_CERT:
4361 return ssl_cert_set_current(ctx->cert, larg);
4362
4363 default:
4364 return (0);
4365 }
4366 return (1);
4367}
4368
4369long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
4370{
4371 CERT *cert;
4372
4373 cert = ctx->cert;
4374
4375 switch (cmd) {
bc36ee62 4376#ifndef OPENSSL_NO_RSA
0f113f3e
MC		 4377 case SSL_CTRL_SET_TMP_RSA_CB:
4378 {
4379 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
4380 }
4381 break;
d3442bc7 4382#endif
bc36ee62 4383#ifndef OPENSSL_NO_DH
0f113f3e
MC		 4384 case SSL_CTRL_SET_TMP_DH_CB:
4385 {
4386 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
4387 }
4388 break;
ea262260 4389#endif
10bf4fc2 4390#ifndef OPENSSL_NO_EC
0f113f3e
MC		 4391 case SSL_CTRL_SET_TMP_ECDH_CB:
4392 {
4393 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
4394 }
4395 break;
ed3883d2 4396#endif
0f113f3e
MC		 4397 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
4398 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
4399 break;
4400
0f113f3e
MC		 4401 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
4402 ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
4403 break;
4404
4405 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
4406 ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *,
4407 unsigned char *,
4408 EVP_CIPHER_CTX *,
4409 HMAC_CTX *, int))fp;
4410 break;
4411
e481f9b9 4412#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 4413 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
4414 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4415 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
4416 break;
4417 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
4418 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4419 ctx->srp_ctx.TLS_ext_srp_username_callback =
4420 (int (*)(SSL *, int *, void *))fp;
4421 break;
4422 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
4423 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4424 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
4425 (char *(*)(SSL *, void *))fp;
4426 break;
761772d7 4427#endif
0f113f3e
MC		 4428 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
4429 {
4430 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4431 }
4432 break;
4433 default:
4434 return (0);
4435 }
4436 return (1);
4437}
761772d7 4438
0f113f3e
MC		 4439/*
4440 * This function needs to check if the ciphers required are actually
4441 * available
4442 */
babb3798 4443const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
0f113f3e
MC		 4444{
4445 SSL_CIPHER c;
4446 const SSL_CIPHER *cp;
4447 unsigned long id;
4448
4449 id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
4450 c.id = id;
4451 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
7409d7ad 4452#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
0f113f3e
MC		 4453 if (cp == NULL)
4454 fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
7409d7ad 4455#endif
0f113f3e
MC		 4456 return cp;
4457}
d02b48c6 4458
6b691a5c 4459int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
0f113f3e
MC		 4460{
4461 long l;
4462
4463 if (p != NULL) {
4464 l = c->id;
4465 if ((l & 0xff000000) != 0x03000000)
4466 return (0);
4467 p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
4468 p[1] = ((unsigned char)(l)) & 0xFF;
4469 }
4470 return (2);
4471}
d02b48c6 4472
836f9960 4473SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
0f113f3e
MC		 4474 STACK_OF(SSL_CIPHER) *srvr)
4475{
4476 SSL_CIPHER *c, *ret = NULL;
4477 STACK_OF(SSL_CIPHER) *prio, *allow;
4478 int i, ii, ok;
0f113f3e 4479 unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
d02b48c6 4480
0f113f3e 4481 /* Let's see which ciphers we can support */
d02b48c6 4482
836f9960 4483#if 0
0f113f3e
MC		 4484 /*
4485 * Do not set the compare functions, because this may lead to a
4486 * reordering by "id". We want to keep the original ordering. We may pay
4487 * a price in performance during sk_SSL_CIPHER_find(), but would have to
4488 * pay with the price of sk_SSL_CIPHER_dup().
4489 */
4490 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
4491 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
836f9960 4492#endif
d02b48c6 4493
f415fa32 4494#ifdef CIPHER_DEBUG
0f113f3e
MC		 4495 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
4496 (void *)srvr);
4497 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
4498 c = sk_SSL_CIPHER_value(srvr, i);
4499 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4500 }
4501 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
4502 (void *)clnt);
4503 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
4504 c = sk_SSL_CIPHER_value(clnt, i);
4505 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4506 }
f415fa32
BL		 4507#endif
4508
0f113f3e
MC		 4509 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
4510 prio = srvr;
4511 allow = clnt;
4512 } else {
4513 prio = clnt;
4514 allow = srvr;
4515 }
4516
4517 tls1_set_cert_validity(s);
4518
4519 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
4520 c = sk_SSL_CIPHER_value(prio, i);
4521
4522 /* Skip TLS v1.2 only ciphersuites if not supported */
4523 if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s))
4524 continue;
4525
6383d316 4526 ssl_set_masks(s, c);
4d69f9e6
DSH		 4527 mask_k = s->s3->tmp.mask_k;
4528 mask_a = s->s3->tmp.mask_a;
4529 emask_k = s->s3->tmp.export_mask_k;
4530 emask_a = s->s3->tmp.export_mask_a;
edc032b5 4531#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 4532 if (s->srp_ctx.srp_Mask & SSL_kSRP) {
4533 mask_k |= SSL_kSRP;
4534 emask_k |= SSL_kSRP;
4535 mask_a |= SSL_aSRP;
4536 emask_a |= SSL_aSRP;
4537 }
edc032b5 4538#endif
0f113f3e 4539
0f113f3e
MC		 4540 alg_k = c->algorithm_mkey;
4541 alg_a = c->algorithm_auth;
52b8dad8 4542
ddac1974 4543#ifndef OPENSSL_NO_PSK
0f113f3e 4544 /* with PSK there must be server callback set */
fe5eef3a 4545 if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
0f113f3e
MC		 4546 continue;
4547#endif /* OPENSSL_NO_PSK */
4548
4549 if (SSL_C_IS_EXPORT(c)) {
4550 ok = (alg_k & emask_k) && (alg_a & emask_a);
d02b48c6 4551#ifdef CIPHER_DEBUG
0f113f3e
MC		 4552 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",
4553 ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name);
d02b48c6 4554#endif
0f113f3e
MC		 4555 } else {
4556 ok = (alg_k & mask_k) && (alg_a & mask_a);
d02b48c6 4557#ifdef CIPHER_DEBUG
0f113f3e
MC		 4558 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
4559 alg_a, mask_k, mask_a, (void *)c, c->name);
d02b48c6 4560#endif
0f113f3e 4561 }
d02b48c6 4562
0f113f3e 4563# ifndef OPENSSL_NO_EC
0f113f3e
MC		 4564 /*
4565 * if we are considering an ECC cipher suite that uses an ephemeral
4566 * EC key check it
4567 */
4568 if (alg_k & SSL_kECDHE)
4569 ok = ok && tls1_check_ec_tmp_key(s, c->id);
0f113f3e 4570# endif /* OPENSSL_NO_EC */
0f113f3e
MC		 4571
4572 if (!ok)
4573 continue;
4574 ii = sk_SSL_CIPHER_find(allow, c);
4575 if (ii >= 0) {
4576 /* Check security callback permits this cipher */
4577 if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
4578 c->strength_bits, 0, c))
4579 continue;
e481f9b9 4580#if !defined(OPENSSL_NO_EC)
0f113f3e
MC		 4581 if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
4582 && s->s3->is_probably_safari) {
4583 if (!ret)
4584 ret = sk_SSL_CIPHER_value(allow, ii);
4585 continue;
4586 }
d89cd382 4587#endif
0f113f3e
MC		 4588 ret = sk_SSL_CIPHER_value(allow, ii);
4589 break;
4590 }
4591 }
4592 return (ret);
4593}
d02b48c6 4594
6b691a5c 4595int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
0f113f3e
MC		 4596{
4597 int ret = 0;
4598 int nostrict = 1;
4599 unsigned long alg_k, alg_a = 0;
4600
4601 /* If we have custom certificate types set, use them */
4602 if (s->cert->ctypes) {
4603 memcpy(p, s->cert->ctypes, s->cert->ctype_num);
4604 return (int)s->cert->ctype_num;
4605 }
4606 /* Get mask of algorithms disabled by signature list */
4607 ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
4608 if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)
4609 nostrict = 0;
4610
4611 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
d02b48c6 4612
caa97ef1 4613#ifndef OPENSSL_NO_GOST
0f113f3e
MC		 4614 if (s->version >= TLS1_VERSION) {
4615 if (alg_k & SSL_kGOST) {
0f113f3e
MC		 4616 p[ret++] = TLS_CT_GOST01_SIGN;
4617 return (ret);
4618 }
4619 }
caa97ef1
DSH		 4620#endif
4621
bc36ee62 4622#ifndef OPENSSL_NO_DH
0f113f3e
MC		 4623 if (alg_k & (SSL_kDHr | SSL_kDHE)) {
4624# ifndef OPENSSL_NO_RSA
4625 /*
4626 * Since this refers to a certificate signed with an RSA algorithm,
4627 * only check for rsa signing in strict mode.
4628 */
4629 if (nostrict || !(alg_a & SSL_aRSA))
4630 p[ret++] = SSL3_CT_RSA_FIXED_DH;
4631# endif
4632# ifndef OPENSSL_NO_DSA
4633 if (nostrict || !(alg_a & SSL_aDSS))
4634 p[ret++] = SSL3_CT_DSS_FIXED_DH;
4635# endif
4636 }
4637 if ((s->version == SSL3_VERSION) &&
4638 (alg_k & (SSL_kDHE | SSL_kDHd | SSL_kDHr))) {
4639# ifndef OPENSSL_NO_RSA
4640 p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
4641# endif
4642# ifndef OPENSSL_NO_DSA
4643 p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH;
4644# endif
4645 }
4646#endif /* !OPENSSL_NO_DH */
bc36ee62 4647#ifndef OPENSSL_NO_RSA
0f113f3e
MC		 4648 if (!(alg_a & SSL_aRSA))
4649 p[ret++] = SSL3_CT_RSA_SIGN;
d02b48c6 4650#endif
bc36ee62 4651#ifndef OPENSSL_NO_DSA
0f113f3e
MC		 4652 if (!(alg_a & SSL_aDSS))
4653 p[ret++] = SSL3_CT_DSS_SIGN;
dfeab068 4654#endif
10bf4fc2 4655#ifndef OPENSSL_NO_EC
0f113f3e
MC		 4656 if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
4657 if (nostrict || !(alg_a & SSL_aRSA))
4658 p[ret++] = TLS_CT_RSA_FIXED_ECDH;
4659 if (nostrict || !(alg_a & SSL_aECDSA))
4660 p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
4661 }
0f113f3e
MC		 4662 /*
4663 * ECDSA certs can be used with RSA cipher suites as well so we don't
4664 * need to check for SSL_kECDH or SSL_kECDHE
4665 */
4666 if (s->version >= TLS1_VERSION) {
4667 if (!(alg_a & SSL_aECDSA))
4668 p[ret++] = TLS_CT_ECDSA_SIGN;
4669 }
4670#endif
4671 return (ret);
4672}
d02b48c6 4673
9f27b1ee 4674static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
0f113f3e 4675{
b548a1f1
RS		 4676 OPENSSL_free(c->ctypes);
4677 c->ctypes = NULL;
0f113f3e
MC		 4678 if (!p || !len)
4679 return 1;
4680 if (len > 0xff)
4681 return 0;
4682 c->ctypes = OPENSSL_malloc(len);
4683 if (!c->ctypes)
4684 return 0;
4685 memcpy(c->ctypes, p, len);
4686 c->ctype_num = len;
4687 return 1;
4688}
9f27b1ee 4689
6b691a5c 4690int ssl3_shutdown(SSL *s)
0f113f3e
MC		 4691{
4692 int ret;
4693
4694 /*
4695 * Don't do anything much if we have not done the handshake or we don't
4696 * want to send messages :-)
4697 */
4698 if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
4699 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
4700 return (1);
4701 }
4702
4703 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
4704 s->shutdown |= SSL_SENT_SHUTDOWN;
0f113f3e 4705 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
0f113f3e
MC		 4706 /*
4707 * our shutdown alert has been sent now, and if it still needs to be
4708 * written, s->s3->alert_dispatch will be true
4709 */
4710 if (s->s3->alert_dispatch)
4711 return (-1); /* return WANT_WRITE */
4712 } else if (s->s3->alert_dispatch) {
4713 /* resend it if not sent */
0f113f3e
MC		 4714 ret = s->method->ssl_dispatch_alert(s);
4715 if (ret == -1) {
4716 /*
4717 * we only get to return -1 here the 2nd/Nth invocation, we must
4718 * have already signalled return 0 upon a previous invoation,
4719 * return WANT_WRITE
4720 */
4721 return (ret);
4722 }
0f113f3e
MC		 4723 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4724 /*
4725 * If we are waiting for a close from our peer, we are closed
4726 */
657da85e 4727 s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0);
0f113f3e
MC		 4728 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4729 return (-1); /* return WANT_READ */
4730 }
4731 }
4732
4733 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
4734 !s->s3->alert_dispatch)
4735 return (1);
4736 else
4737 return (0);
4738}
d02b48c6 4739
61f5b6f3 4740int ssl3_write(SSL *s, const void *buf, int len)
0f113f3e 4741{
0f113f3e
MC		 4742 clear_sys_error();
4743 if (s->s3->renegotiate)
4744 ssl3_renegotiate_check(s);
4745
57787ac8 4746 return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
0f113f3e 4747 buf, len);
0f113f3e 4748}
d02b48c6 4749
5a4fbc69 4750static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
0f113f3e
MC		 4751{
4752 int ret;
4753
4754 clear_sys_error();
4755 if (s->s3->renegotiate)
4756 ssl3_renegotiate_check(s);
4757 s->s3->in_read_app_data = 1;
4758 ret =
657da85e 4759 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
0f113f3e
MC		 4760 peek);
4761 if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
4762 /*
4763 * ssl3_read_bytes decided to call s->handshake_func, which called
4764 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4765 * actually found application data and thinks that application data
4766 * makes sense here; so disable handshake processing and try to read
4767 * application data again.
4768 */
4769 s->in_handshake++;
4770 ret =
657da85e
MC		 4771 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
4772 len, peek);
0f113f3e
MC		 4773 s->in_handshake--;
4774 } else
4775 s->s3->in_read_app_data = 0;
4776
4777 return (ret);
4778}
d02b48c6 4779
5a4fbc69 4780int ssl3_read(SSL *s, void *buf, int len)
0f113f3e
MC		 4781{
4782 return ssl3_read_internal(s, buf, len, 0);
4783}
d02b48c6 4784
e34cfcf7 4785int ssl3_peek(SSL *s, void *buf, int len)
0f113f3e
MC		 4786{
4787 return ssl3_read_internal(s, buf, len, 1);
4788}
d02b48c6 4789
6b691a5c 4790int ssl3_renegotiate(SSL *s)
0f113f3e
MC		 4791{
4792 if (s->handshake_func == NULL)
4793 return (1);
d02b48c6 4794
0f113f3e
MC		 4795 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
4796 return (0);
d02b48c6 4797
0f113f3e
MC		 4798 s->s3->renegotiate = 1;
4799 return (1);
4800}
d02b48c6 4801
6b691a5c 4802int ssl3_renegotiate_check(SSL *s)
0f113f3e
MC		 4803{
4804 int ret = 0;
4805
4806 if (s->s3->renegotiate) {
f161995e
MC		 4807 if (!RECORD_LAYER_read_pending(&s->rlayer)
4808 && !RECORD_LAYER_write_pending(&s->rlayer)
db9a32e7 4809 && !SSL_in_init(s)) {
0f113f3e
MC		 4810 /*
4811 * if we are the server, and we have sent a 'RENEGOTIATE'
4812 * message, we need to go to SSL_ST_ACCEPT.
4813 */
4814 /* SSL_ST_ACCEPT */
4815 s->state = SSL_ST_RENEGOTIATE;
4816 s->s3->renegotiate = 0;
4817 s->s3->num_renegotiations++;
4818 s->s3->total_renegotiations++;
4819 ret = 1;
4820 }
4821 }
4822 return (ret);
4823}
4824
58964a49 4825/*
0f113f3e
MC		 4826 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4827 * handshake macs if required.
12053a81
DSH		 4828 *
4829 * If PSK and using SHA384 for TLS < 1.2 switch to default.
7409d7ad
DSH		 4830 */
4831long ssl_get_algorithm2(SSL *s)
0f113f3e
MC		 4832{
4833 long alg2 = s->s3->tmp.new_cipher->algorithm2;
12053a81
DSH		 4834 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4835 if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4836 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4837 } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4838 if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4839 return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4840 }
0f113f3e
MC		 4841 return alg2;
4842}
a3680c8f
MC		 4843
4844/*
4845 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4846 * failure, 1 on success.
4847 */
4848int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
4849{
4850 int send_time = 0;
4851
4852 if (len < 4)
4853 return 0;
4854 if (server)
4855 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4856 else
4857 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4858 if (send_time) {
4859 unsigned long Time = (unsigned long)time(NULL);
4860 unsigned char *p = result;
4861 l2n(Time, p);
4862 return RAND_bytes(p, len - 4);
4863 } else
4864 return RAND_bytes(result, len);
4865}
57b272b0
DSH		 4866
4867int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
4868 int free_pms)
4869{
8a0a12e5
DSH		 4870#ifndef OPENSSL_NO_PSK
4871 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4872 if (alg_k & SSL_PSK) {
4873 unsigned char *pskpms, *t;
4874 size_t psklen = s->s3->tmp.psklen;
4875 size_t pskpmslen;
4876
4877 /* create PSK premaster_secret */
4878
4879 /* For plain PSK "other_secret" is psklen zeroes */
4880 if (alg_k & SSL_kPSK)
4881 pmslen = psklen;
4882
4883 pskpmslen = 4 + pmslen + psklen;
4884 pskpms = OPENSSL_malloc(pskpmslen);
a784665e
DSH		 4885 if (pskpms == NULL) {
4886 s->session->master_key_length = 0;
4887 goto err;
4888 }
8a0a12e5
DSH		 4889 t = pskpms;
4890 s2n(pmslen, t);
4891 if (alg_k & SSL_kPSK)
4892 memset(t, 0, pmslen);
4893 else
4894 memcpy(t, pms, pmslen);
4895 t += pmslen;
4896 s2n(psklen, t);
4897 memcpy(t, s->s3->tmp.psk, psklen);
4898
4899 OPENSSL_clear_free(s->s3->tmp.psk, psklen);
4900 s->s3->tmp.psk = NULL;
4901 s->session->master_key_length =
4902 s->method->ssl3_enc->generate_master_secret(s,
4903 s->session->master_key,
4904 pskpms, pskpmslen);
4905 OPENSSL_clear_free(pskpms, pskpmslen);
4906 } else
4907#endif
4908 s->session->master_key_length =
4909 s->method->ssl3_enc->generate_master_secret(s,
4910 s->session->master_key,
4911 pms, pmslen);
a784665e
DSH		 4912
4913 err:
8a0a12e5
DSH		 4914 if (pms) {
4915 if (free_pms)
4916 OPENSSL_clear_free(pms, pmslen);
4917 else
4918 OPENSSL_cleanse(pms, pmslen);
4919 }
57b272b0
DSH		 4920 if (s->server == 0)
4921 s->s3->tmp.pms = NULL;
4922 return s->session->master_key_length >= 0;
4923}
A mirror of the official openssl repository