]> git.ipfire.org Git - thirdparty/openssl.git/blame_incremental - ssl/s3_lib.c
projects / thirdparty / openssl.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Replace some usage of SSLerr with SSLfatal()
[thirdparty/openssl.git] / ssl / s3_lib.c
... / ...
CommitLineData
1/*
2 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4 * Copyright 2005 Nokia. All rights reserved.
5 *
6 * Licensed under the OpenSSL license (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
10 */
11
12#include <stdio.h>
13#include <openssl/objects.h>
14#include "internal/nelem.h"
15#include "ssl_locl.h"
16#include <openssl/md5.h>
17#include <openssl/dh.h>
18#include <openssl/rand.h>
19#include "internal/cryptlib.h"
20
21#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
22#define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs)
23
24/* TLSv1.3 downgrade protection sentinel values */
25const unsigned char tls11downgrade[] = {
26 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
27};
28const unsigned char tls12downgrade[] = {
29 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
30};
31
32/*
33 * The list of available ciphers, mostly organized into the following
34 * groups:
35 * Always there
36 * EC
37 * PSK
38 * SRP (within that: RSA EC PSK)
39 * Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
40 * Weak ciphers
41 */
42static SSL_CIPHER ssl3_ciphers[] = {
43 {
44 1,
45 SSL3_TXT_RSA_NULL_MD5,
46 SSL3_RFC_RSA_NULL_MD5,
47 SSL3_CK_RSA_NULL_MD5,
48 SSL_kRSA,
49 SSL_aRSA,
50 SSL_eNULL,
51 SSL_MD5,
52 SSL3_VERSION, TLS1_2_VERSION,
53 DTLS1_BAD_VER, DTLS1_2_VERSION,
54 SSL_STRONG_NONE,
55 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56 0,
57 0,
58 },
59 {
60 1,
61 SSL3_TXT_RSA_NULL_SHA,
62 SSL3_RFC_RSA_NULL_SHA,
63 SSL3_CK_RSA_NULL_SHA,
64 SSL_kRSA,
65 SSL_aRSA,
66 SSL_eNULL,
67 SSL_SHA1,
68 SSL3_VERSION, TLS1_2_VERSION,
69 DTLS1_BAD_VER, DTLS1_2_VERSION,
70 SSL_STRONG_NONE | SSL_FIPS,
71 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
72 0,
73 0,
74 },
75#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
76 {
77 1,
78 SSL3_TXT_RSA_DES_192_CBC3_SHA,
79 SSL3_RFC_RSA_DES_192_CBC3_SHA,
80 SSL3_CK_RSA_DES_192_CBC3_SHA,
81 SSL_kRSA,
82 SSL_aRSA,
83 SSL_3DES,
84 SSL_SHA1,
85 SSL3_VERSION, TLS1_2_VERSION,
86 DTLS1_BAD_VER, DTLS1_2_VERSION,
87 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
88 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
89 112,
90 168,
91 },
92 {
93 1,
94 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
95 SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
96 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
97 SSL_kDHE,
98 SSL_aDSS,
99 SSL_3DES,
100 SSL_SHA1,
101 SSL3_VERSION, TLS1_2_VERSION,
102 DTLS1_BAD_VER, DTLS1_2_VERSION,
103 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
104 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
105 112,
106 168,
107 },
108 {
109 1,
110 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
111 SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
112 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
113 SSL_kDHE,
114 SSL_aRSA,
115 SSL_3DES,
116 SSL_SHA1,
117 SSL3_VERSION, TLS1_2_VERSION,
118 DTLS1_BAD_VER, DTLS1_2_VERSION,
119 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
120 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
121 112,
122 168,
123 },
124 {
125 1,
126 SSL3_TXT_ADH_DES_192_CBC_SHA,
127 SSL3_RFC_ADH_DES_192_CBC_SHA,
128 SSL3_CK_ADH_DES_192_CBC_SHA,
129 SSL_kDHE,
130 SSL_aNULL,
131 SSL_3DES,
132 SSL_SHA1,
133 SSL3_VERSION, TLS1_2_VERSION,
134 DTLS1_BAD_VER, DTLS1_2_VERSION,
135 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
136 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
137 112,
138 168,
139 },
140#endif
141 {
142 1,
143 TLS1_TXT_RSA_WITH_AES_128_SHA,
144 TLS1_RFC_RSA_WITH_AES_128_SHA,
145 TLS1_CK_RSA_WITH_AES_128_SHA,
146 SSL_kRSA,
147 SSL_aRSA,
148 SSL_AES128,
149 SSL_SHA1,
150 SSL3_VERSION, TLS1_2_VERSION,
151 DTLS1_BAD_VER, DTLS1_2_VERSION,
152 SSL_HIGH | SSL_FIPS,
153 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
154 128,
155 128,
156 },
157 {
158 1,
159 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
160 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
161 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
162 SSL_kDHE,
163 SSL_aDSS,
164 SSL_AES128,
165 SSL_SHA1,
166 SSL3_VERSION, TLS1_2_VERSION,
167 DTLS1_BAD_VER, DTLS1_2_VERSION,
168 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
169 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
170 128,
171 128,
172 },
173 {
174 1,
175 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
176 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
177 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
178 SSL_kDHE,
179 SSL_aRSA,
180 SSL_AES128,
181 SSL_SHA1,
182 SSL3_VERSION, TLS1_2_VERSION,
183 DTLS1_BAD_VER, DTLS1_2_VERSION,
184 SSL_HIGH | SSL_FIPS,
185 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
186 128,
187 128,
188 },
189 {
190 1,
191 TLS1_TXT_ADH_WITH_AES_128_SHA,
192 TLS1_RFC_ADH_WITH_AES_128_SHA,
193 TLS1_CK_ADH_WITH_AES_128_SHA,
194 SSL_kDHE,
195 SSL_aNULL,
196 SSL_AES128,
197 SSL_SHA1,
198 SSL3_VERSION, TLS1_2_VERSION,
199 DTLS1_BAD_VER, DTLS1_2_VERSION,
200 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
201 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
202 128,
203 128,
204 },
205 {
206 1,
207 TLS1_TXT_RSA_WITH_AES_256_SHA,
208 TLS1_RFC_RSA_WITH_AES_256_SHA,
209 TLS1_CK_RSA_WITH_AES_256_SHA,
210 SSL_kRSA,
211 SSL_aRSA,
212 SSL_AES256,
213 SSL_SHA1,
214 SSL3_VERSION, TLS1_2_VERSION,
215 DTLS1_BAD_VER, DTLS1_2_VERSION,
216 SSL_HIGH | SSL_FIPS,
217 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
218 256,
219 256,
220 },
221 {
222 1,
223 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
224 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
225 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
226 SSL_kDHE,
227 SSL_aDSS,
228 SSL_AES256,
229 SSL_SHA1,
230 SSL3_VERSION, TLS1_2_VERSION,
231 DTLS1_BAD_VER, DTLS1_2_VERSION,
232 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
233 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
234 256,
235 256,
236 },
237 {
238 1,
239 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
240 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
241 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
242 SSL_kDHE,
243 SSL_aRSA,
244 SSL_AES256,
245 SSL_SHA1,
246 SSL3_VERSION, TLS1_2_VERSION,
247 DTLS1_BAD_VER, DTLS1_2_VERSION,
248 SSL_HIGH | SSL_FIPS,
249 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
250 256,
251 256,
252 },
253 {
254 1,
255 TLS1_TXT_ADH_WITH_AES_256_SHA,
256 TLS1_RFC_ADH_WITH_AES_256_SHA,
257 TLS1_CK_ADH_WITH_AES_256_SHA,
258 SSL_kDHE,
259 SSL_aNULL,
260 SSL_AES256,
261 SSL_SHA1,
262 SSL3_VERSION, TLS1_2_VERSION,
263 DTLS1_BAD_VER, DTLS1_2_VERSION,
264 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
265 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
266 256,
267 256,
268 },
269 {
270 1,
271 TLS1_TXT_RSA_WITH_NULL_SHA256,
272 TLS1_RFC_RSA_WITH_NULL_SHA256,
273 TLS1_CK_RSA_WITH_NULL_SHA256,
274 SSL_kRSA,
275 SSL_aRSA,
276 SSL_eNULL,
277 SSL_SHA256,
278 TLS1_2_VERSION, TLS1_2_VERSION,
279 DTLS1_2_VERSION, DTLS1_2_VERSION,
280 SSL_STRONG_NONE | SSL_FIPS,
281 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
282 0,
283 0,
284 },
285 {
286 1,
287 TLS1_TXT_RSA_WITH_AES_128_SHA256,
288 TLS1_RFC_RSA_WITH_AES_128_SHA256,
289 TLS1_CK_RSA_WITH_AES_128_SHA256,
290 SSL_kRSA,
291 SSL_aRSA,
292 SSL_AES128,
293 SSL_SHA256,
294 TLS1_2_VERSION, TLS1_2_VERSION,
295 DTLS1_2_VERSION, DTLS1_2_VERSION,
296 SSL_HIGH | SSL_FIPS,
297 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
298 128,
299 128,
300 },
301 {
302 1,
303 TLS1_TXT_RSA_WITH_AES_256_SHA256,
304 TLS1_RFC_RSA_WITH_AES_256_SHA256,
305 TLS1_CK_RSA_WITH_AES_256_SHA256,
306 SSL_kRSA,
307 SSL_aRSA,
308 SSL_AES256,
309 SSL_SHA256,
310 TLS1_2_VERSION, TLS1_2_VERSION,
311 DTLS1_2_VERSION, DTLS1_2_VERSION,
312 SSL_HIGH | SSL_FIPS,
313 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
314 256,
315 256,
316 },
317 {
318 1,
319 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
320 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
321 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
322 SSL_kDHE,
323 SSL_aDSS,
324 SSL_AES128,
325 SSL_SHA256,
326 TLS1_2_VERSION, TLS1_2_VERSION,
327 DTLS1_2_VERSION, DTLS1_2_VERSION,
328 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
329 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
330 128,
331 128,
332 },
333 {
334 1,
335 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
336 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
337 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
338 SSL_kDHE,
339 SSL_aRSA,
340 SSL_AES128,
341 SSL_SHA256,
342 TLS1_2_VERSION, TLS1_2_VERSION,
343 DTLS1_2_VERSION, DTLS1_2_VERSION,
344 SSL_HIGH | SSL_FIPS,
345 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
346 128,
347 128,
348 },
349 {
350 1,
351 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
352 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
353 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
354 SSL_kDHE,
355 SSL_aDSS,
356 SSL_AES256,
357 SSL_SHA256,
358 TLS1_2_VERSION, TLS1_2_VERSION,
359 DTLS1_2_VERSION, DTLS1_2_VERSION,
360 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
361 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
362 256,
363 256,
364 },
365 {
366 1,
367 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
368 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
369 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
370 SSL_kDHE,
371 SSL_aRSA,
372 SSL_AES256,
373 SSL_SHA256,
374 TLS1_2_VERSION, TLS1_2_VERSION,
375 DTLS1_2_VERSION, DTLS1_2_VERSION,
376 SSL_HIGH | SSL_FIPS,
377 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
378 256,
379 256,
380 },
381 {
382 1,
383 TLS1_TXT_ADH_WITH_AES_128_SHA256,
384 TLS1_RFC_ADH_WITH_AES_128_SHA256,
385 TLS1_CK_ADH_WITH_AES_128_SHA256,
386 SSL_kDHE,
387 SSL_aNULL,
388 SSL_AES128,
389 SSL_SHA256,
390 TLS1_2_VERSION, TLS1_2_VERSION,
391 DTLS1_2_VERSION, DTLS1_2_VERSION,
392 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
393 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
394 128,
395 128,
396 },
397 {
398 1,
399 TLS1_TXT_ADH_WITH_AES_256_SHA256,
400 TLS1_RFC_ADH_WITH_AES_256_SHA256,
401 TLS1_CK_ADH_WITH_AES_256_SHA256,
402 SSL_kDHE,
403 SSL_aNULL,
404 SSL_AES256,
405 SSL_SHA256,
406 TLS1_2_VERSION, TLS1_2_VERSION,
407 DTLS1_2_VERSION, DTLS1_2_VERSION,
408 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
409 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
410 256,
411 256,
412 },
413 {
414 1,
415 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
416 TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
417 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
418 SSL_kRSA,
419 SSL_aRSA,
420 SSL_AES128GCM,
421 SSL_AEAD,
422 TLS1_2_VERSION, TLS1_2_VERSION,
423 DTLS1_2_VERSION, DTLS1_2_VERSION,
424 SSL_HIGH | SSL_FIPS,
425 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
426 128,
427 128,
428 },
429 {
430 1,
431 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
432 TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
433 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
434 SSL_kRSA,
435 SSL_aRSA,
436 SSL_AES256GCM,
437 SSL_AEAD,
438 TLS1_2_VERSION, TLS1_2_VERSION,
439 DTLS1_2_VERSION, DTLS1_2_VERSION,
440 SSL_HIGH | SSL_FIPS,
441 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
442 256,
443 256,
444 },
445 {
446 1,
447 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
448 TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
449 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
450 SSL_kDHE,
451 SSL_aRSA,
452 SSL_AES128GCM,
453 SSL_AEAD,
454 TLS1_2_VERSION, TLS1_2_VERSION,
455 DTLS1_2_VERSION, DTLS1_2_VERSION,
456 SSL_HIGH | SSL_FIPS,
457 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
458 128,
459 128,
460 },
461 {
462 1,
463 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
464 TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
465 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
466 SSL_kDHE,
467 SSL_aRSA,
468 SSL_AES256GCM,
469 SSL_AEAD,
470 TLS1_2_VERSION, TLS1_2_VERSION,
471 DTLS1_2_VERSION, DTLS1_2_VERSION,
472 SSL_HIGH | SSL_FIPS,
473 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
474 256,
475 256,
476 },
477 {
478 1,
479 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
480 TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
481 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
482 SSL_kDHE,
483 SSL_aDSS,
484 SSL_AES128GCM,
485 SSL_AEAD,
486 TLS1_2_VERSION, TLS1_2_VERSION,
487 DTLS1_2_VERSION, DTLS1_2_VERSION,
488 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
489 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
490 128,
491 128,
492 },
493 {
494 1,
495 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
496 TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
497 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
498 SSL_kDHE,
499 SSL_aDSS,
500 SSL_AES256GCM,
501 SSL_AEAD,
502 TLS1_2_VERSION, TLS1_2_VERSION,
503 DTLS1_2_VERSION, DTLS1_2_VERSION,
504 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
505 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
506 256,
507 256,
508 },
509 {
510 1,
511 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
512 TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
513 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
514 SSL_kDHE,
515 SSL_aNULL,
516 SSL_AES128GCM,
517 SSL_AEAD,
518 TLS1_2_VERSION, TLS1_2_VERSION,
519 DTLS1_2_VERSION, DTLS1_2_VERSION,
520 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
521 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
522 128,
523 128,
524 },
525 {
526 1,
527 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
528 TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
529 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
530 SSL_kDHE,
531 SSL_aNULL,
532 SSL_AES256GCM,
533 SSL_AEAD,
534 TLS1_2_VERSION, TLS1_2_VERSION,
535 DTLS1_2_VERSION, DTLS1_2_VERSION,
536 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
537 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
538 256,
539 256,
540 },
541 {
542 1,
543 TLS1_TXT_RSA_WITH_AES_128_CCM,
544 TLS1_RFC_RSA_WITH_AES_128_CCM,
545 TLS1_CK_RSA_WITH_AES_128_CCM,
546 SSL_kRSA,
547 SSL_aRSA,
548 SSL_AES128CCM,
549 SSL_AEAD,
550 TLS1_2_VERSION, TLS1_2_VERSION,
551 DTLS1_2_VERSION, DTLS1_2_VERSION,
552 SSL_NOT_DEFAULT | SSL_HIGH,
553 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
554 128,
555 128,
556 },
557 {
558 1,
559 TLS1_TXT_RSA_WITH_AES_256_CCM,
560 TLS1_RFC_RSA_WITH_AES_256_CCM,
561 TLS1_CK_RSA_WITH_AES_256_CCM,
562 SSL_kRSA,
563 SSL_aRSA,
564 SSL_AES256CCM,
565 SSL_AEAD,
566 TLS1_2_VERSION, TLS1_2_VERSION,
567 DTLS1_2_VERSION, DTLS1_2_VERSION,
568 SSL_NOT_DEFAULT | SSL_HIGH,
569 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
570 256,
571 256,
572 },
573 {
574 1,
575 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
576 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
577 TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
578 SSL_kDHE,
579 SSL_aRSA,
580 SSL_AES128CCM,
581 SSL_AEAD,
582 TLS1_2_VERSION, TLS1_2_VERSION,
583 DTLS1_2_VERSION, DTLS1_2_VERSION,
584 SSL_NOT_DEFAULT | SSL_HIGH,
585 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
586 128,
587 128,
588 },
589 {
590 1,
591 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
592 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
593 TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
594 SSL_kDHE,
595 SSL_aRSA,
596 SSL_AES256CCM,
597 SSL_AEAD,
598 TLS1_2_VERSION, TLS1_2_VERSION,
599 DTLS1_2_VERSION, DTLS1_2_VERSION,
600 SSL_NOT_DEFAULT | SSL_HIGH,
601 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
602 256,
603 256,
604 },
605 {
606 1,
607 TLS1_TXT_RSA_WITH_AES_128_CCM_8,
608 TLS1_RFC_RSA_WITH_AES_128_CCM_8,
609 TLS1_CK_RSA_WITH_AES_128_CCM_8,
610 SSL_kRSA,
611 SSL_aRSA,
612 SSL_AES128CCM8,
613 SSL_AEAD,
614 TLS1_2_VERSION, TLS1_2_VERSION,
615 DTLS1_2_VERSION, DTLS1_2_VERSION,
616 SSL_NOT_DEFAULT | SSL_HIGH,
617 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
618 128,
619 128,
620 },
621 {
622 1,
623 TLS1_TXT_RSA_WITH_AES_256_CCM_8,
624 TLS1_RFC_RSA_WITH_AES_256_CCM_8,
625 TLS1_CK_RSA_WITH_AES_256_CCM_8,
626 SSL_kRSA,
627 SSL_aRSA,
628 SSL_AES256CCM8,
629 SSL_AEAD,
630 TLS1_2_VERSION, TLS1_2_VERSION,
631 DTLS1_2_VERSION, DTLS1_2_VERSION,
632 SSL_NOT_DEFAULT | SSL_HIGH,
633 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
634 256,
635 256,
636 },
637 {
638 1,
639 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
640 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
641 TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
642 SSL_kDHE,
643 SSL_aRSA,
644 SSL_AES128CCM8,
645 SSL_AEAD,
646 TLS1_2_VERSION, TLS1_2_VERSION,
647 DTLS1_2_VERSION, DTLS1_2_VERSION,
648 SSL_NOT_DEFAULT | SSL_HIGH,
649 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
650 128,
651 128,
652 },
653 {
654 1,
655 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
656 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
657 TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
658 SSL_kDHE,
659 SSL_aRSA,
660 SSL_AES256CCM8,
661 SSL_AEAD,
662 TLS1_2_VERSION, TLS1_2_VERSION,
663 DTLS1_2_VERSION, DTLS1_2_VERSION,
664 SSL_NOT_DEFAULT | SSL_HIGH,
665 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
666 256,
667 256,
668 },
669 {
670 1,
671 TLS1_TXT_PSK_WITH_AES_128_CCM,
672 TLS1_RFC_PSK_WITH_AES_128_CCM,
673 TLS1_CK_PSK_WITH_AES_128_CCM,
674 SSL_kPSK,
675 SSL_aPSK,
676 SSL_AES128CCM,
677 SSL_AEAD,
678 TLS1_2_VERSION, TLS1_2_VERSION,
679 DTLS1_2_VERSION, DTLS1_2_VERSION,
680 SSL_NOT_DEFAULT | SSL_HIGH,
681 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
682 128,
683 128,
684 },
685 {
686 1,
687 TLS1_TXT_PSK_WITH_AES_256_CCM,
688 TLS1_RFC_PSK_WITH_AES_256_CCM,
689 TLS1_CK_PSK_WITH_AES_256_CCM,
690 SSL_kPSK,
691 SSL_aPSK,
692 SSL_AES256CCM,
693 SSL_AEAD,
694 TLS1_2_VERSION, TLS1_2_VERSION,
695 DTLS1_2_VERSION, DTLS1_2_VERSION,
696 SSL_NOT_DEFAULT | SSL_HIGH,
697 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
698 256,
699 256,
700 },
701 {
702 1,
703 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
704 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
705 TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
706 SSL_kDHEPSK,
707 SSL_aPSK,
708 SSL_AES128CCM,
709 SSL_AEAD,
710 TLS1_2_VERSION, TLS1_2_VERSION,
711 DTLS1_2_VERSION, DTLS1_2_VERSION,
712 SSL_NOT_DEFAULT | SSL_HIGH,
713 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
714 128,
715 128,
716 },
717 {
718 1,
719 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
720 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
721 TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
722 SSL_kDHEPSK,
723 SSL_aPSK,
724 SSL_AES256CCM,
725 SSL_AEAD,
726 TLS1_2_VERSION, TLS1_2_VERSION,
727 DTLS1_2_VERSION, DTLS1_2_VERSION,
728 SSL_NOT_DEFAULT | SSL_HIGH,
729 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
730 256,
731 256,
732 },
733 {
734 1,
735 TLS1_TXT_PSK_WITH_AES_128_CCM_8,
736 TLS1_RFC_PSK_WITH_AES_128_CCM_8,
737 TLS1_CK_PSK_WITH_AES_128_CCM_8,
738 SSL_kPSK,
739 SSL_aPSK,
740 SSL_AES128CCM8,
741 SSL_AEAD,
742 TLS1_2_VERSION, TLS1_2_VERSION,
743 DTLS1_2_VERSION, DTLS1_2_VERSION,
744 SSL_NOT_DEFAULT | SSL_HIGH,
745 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
746 128,
747 128,
748 },
749 {
750 1,
751 TLS1_TXT_PSK_WITH_AES_256_CCM_8,
752 TLS1_RFC_PSK_WITH_AES_256_CCM_8,
753 TLS1_CK_PSK_WITH_AES_256_CCM_8,
754 SSL_kPSK,
755 SSL_aPSK,
756 SSL_AES256CCM8,
757 SSL_AEAD,
758 TLS1_2_VERSION, TLS1_2_VERSION,
759 DTLS1_2_VERSION, DTLS1_2_VERSION,
760 SSL_NOT_DEFAULT | SSL_HIGH,
761 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
762 256,
763 256,
764 },
765 {
766 1,
767 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
768 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
769 TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
770 SSL_kDHEPSK,
771 SSL_aPSK,
772 SSL_AES128CCM8,
773 SSL_AEAD,
774 TLS1_2_VERSION, TLS1_2_VERSION,
775 DTLS1_2_VERSION, DTLS1_2_VERSION,
776 SSL_NOT_DEFAULT | SSL_HIGH,
777 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
778 128,
779 128,
780 },
781 {
782 1,
783 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
784 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
785 TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
786 SSL_kDHEPSK,
787 SSL_aPSK,
788 SSL_AES256CCM8,
789 SSL_AEAD,
790 TLS1_2_VERSION, TLS1_2_VERSION,
791 DTLS1_2_VERSION, DTLS1_2_VERSION,
792 SSL_NOT_DEFAULT | SSL_HIGH,
793 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
794 256,
795 256,
796 },
797 {
798 1,
799 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
800 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
801 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
802 SSL_kECDHE,
803 SSL_aECDSA,
804 SSL_AES128CCM,
805 SSL_AEAD,
806 TLS1_2_VERSION, TLS1_2_VERSION,
807 DTLS1_2_VERSION, DTLS1_2_VERSION,
808 SSL_NOT_DEFAULT | SSL_HIGH,
809 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
810 128,
811 128,
812 },
813 {
814 1,
815 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
816 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
817 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
818 SSL_kECDHE,
819 SSL_aECDSA,
820 SSL_AES256CCM,
821 SSL_AEAD,
822 TLS1_2_VERSION, TLS1_2_VERSION,
823 DTLS1_2_VERSION, DTLS1_2_VERSION,
824 SSL_NOT_DEFAULT | SSL_HIGH,
825 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
826 256,
827 256,
828 },
829 {
830 1,
831 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
832 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
833 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
834 SSL_kECDHE,
835 SSL_aECDSA,
836 SSL_AES128CCM8,
837 SSL_AEAD,
838 TLS1_2_VERSION, TLS1_2_VERSION,
839 DTLS1_2_VERSION, DTLS1_2_VERSION,
840 SSL_NOT_DEFAULT | SSL_HIGH,
841 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
842 128,
843 128,
844 },
845 {
846 1,
847 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
848 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
849 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
850 SSL_kECDHE,
851 SSL_aECDSA,
852 SSL_AES256CCM8,
853 SSL_AEAD,
854 TLS1_2_VERSION, TLS1_2_VERSION,
855 DTLS1_2_VERSION, DTLS1_2_VERSION,
856 SSL_NOT_DEFAULT | SSL_HIGH,
857 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
858 256,
859 256,
860 },
861 {
862 1,
863 TLS1_3_TXT_AES_128_GCM_SHA256,
864 TLS1_3_RFC_AES_128_GCM_SHA256,
865 TLS1_3_CK_AES_128_GCM_SHA256,
866 0, 0,
867 SSL_AES128GCM,
868 SSL_AEAD,
869 TLS1_3_VERSION, TLS1_3_VERSION,
870 SSL_kANY,
871 SSL_aANY,
872 SSL_HIGH,
873 SSL_HANDSHAKE_MAC_SHA256,
874 128,
875 128,
876 },
877 {
878 1,
879 TLS1_3_TXT_AES_256_GCM_SHA384,
880 TLS1_3_RFC_AES_256_GCM_SHA384,
881 TLS1_3_CK_AES_256_GCM_SHA384,
882 SSL_kANY,
883 SSL_aANY,
884 SSL_AES256GCM,
885 SSL_AEAD,
886 TLS1_3_VERSION, TLS1_3_VERSION,
887 0, 0,
888 SSL_HIGH,
889 SSL_HANDSHAKE_MAC_SHA384,
890 256,
891 256,
892 },
893#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
894 {
895 1,
896 TLS1_3_TXT_CHACHA20_POLY1305_SHA256,
897 TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
898 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
899 SSL_kANY,
900 SSL_aANY,
901 SSL_CHACHA20POLY1305,
902 SSL_AEAD,
903 TLS1_3_VERSION, TLS1_3_VERSION,
904 0, 0,
905 SSL_HIGH,
906 SSL_HANDSHAKE_MAC_SHA256,
907 256,
908 256,
909 },
910#endif
911 {
912 1,
913 TLS1_3_TXT_AES_128_CCM_SHA256,
914 TLS1_3_RFC_AES_128_CCM_SHA256,
915 TLS1_3_CK_AES_128_CCM_SHA256,
916 SSL_kANY,
917 SSL_aANY,
918 SSL_AES128CCM,
919 SSL_AEAD,
920 TLS1_3_VERSION, TLS1_3_VERSION,
921 0, 0,
922 SSL_NOT_DEFAULT | SSL_HIGH,
923 SSL_HANDSHAKE_MAC_SHA256,
924 128,
925 128,
926 },
927 {
928 1,
929 TLS1_3_TXT_AES_128_CCM_8_SHA256,
930 TLS1_3_RFC_AES_128_CCM_8_SHA256,
931 TLS1_3_CK_AES_128_CCM_8_SHA256,
932 SSL_kANY,
933 SSL_aANY,
934 SSL_AES128CCM8,
935 SSL_AEAD,
936 TLS1_3_VERSION, TLS1_3_VERSION,
937 0, 0,
938 SSL_NOT_DEFAULT | SSL_HIGH,
939 SSL_HANDSHAKE_MAC_SHA256,
940 128,
941 128,
942 },
943
944#ifndef OPENSSL_NO_EC
945 {
946 1,
947 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
948 TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
949 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
950 SSL_kECDHE,
951 SSL_aECDSA,
952 SSL_eNULL,
953 SSL_SHA1,
954 TLS1_VERSION, TLS1_2_VERSION,
955 DTLS1_BAD_VER, DTLS1_2_VERSION,
956 SSL_STRONG_NONE | SSL_FIPS,
957 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
958 0,
959 0,
960 },
961# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
962 {
963 1,
964 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
965 TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
966 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
967 SSL_kECDHE,
968 SSL_aECDSA,
969 SSL_3DES,
970 SSL_SHA1,
971 TLS1_VERSION, TLS1_2_VERSION,
972 DTLS1_BAD_VER, DTLS1_2_VERSION,
973 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
974 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
975 112,
976 168,
977 },
978# endif
979 {
980 1,
981 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
982 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
983 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
984 SSL_kECDHE,
985 SSL_aECDSA,
986 SSL_AES128,
987 SSL_SHA1,
988 TLS1_VERSION, TLS1_2_VERSION,
989 DTLS1_BAD_VER, DTLS1_2_VERSION,
990 SSL_HIGH | SSL_FIPS,
991 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
992 128,
993 128,
994 },
995 {
996 1,
997 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
998 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
999 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1000 SSL_kECDHE,
1001 SSL_aECDSA,
1002 SSL_AES256,
1003 SSL_SHA1,
1004 TLS1_VERSION, TLS1_2_VERSION,
1005 DTLS1_BAD_VER, DTLS1_2_VERSION,
1006 SSL_HIGH | SSL_FIPS,
1007 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1008 256,
1009 256,
1010 },
1011 {
1012 1,
1013 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1014 TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
1015 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1016 SSL_kECDHE,
1017 SSL_aRSA,
1018 SSL_eNULL,
1019 SSL_SHA1,
1020 TLS1_VERSION, TLS1_2_VERSION,
1021 DTLS1_BAD_VER, DTLS1_2_VERSION,
1022 SSL_STRONG_NONE | SSL_FIPS,
1023 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1024 0,
1025 0,
1026 },
1027# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1028 {
1029 1,
1030 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1031 TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1032 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1033 SSL_kECDHE,
1034 SSL_aRSA,
1035 SSL_3DES,
1036 SSL_SHA1,
1037 TLS1_VERSION, TLS1_2_VERSION,
1038 DTLS1_BAD_VER, DTLS1_2_VERSION,
1039 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1040 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1041 112,
1042 168,
1043 },
1044# endif
1045 {
1046 1,
1047 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1048 TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1049 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1050 SSL_kECDHE,
1051 SSL_aRSA,
1052 SSL_AES128,
1053 SSL_SHA1,
1054 TLS1_VERSION, TLS1_2_VERSION,
1055 DTLS1_BAD_VER, DTLS1_2_VERSION,
1056 SSL_HIGH | SSL_FIPS,
1057 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1058 128,
1059 128,
1060 },
1061 {
1062 1,
1063 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1064 TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1065 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1066 SSL_kECDHE,
1067 SSL_aRSA,
1068 SSL_AES256,
1069 SSL_SHA1,
1070 TLS1_VERSION, TLS1_2_VERSION,
1071 DTLS1_BAD_VER, DTLS1_2_VERSION,
1072 SSL_HIGH | SSL_FIPS,
1073 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1074 256,
1075 256,
1076 },
1077 {
1078 1,
1079 TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1080 TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
1081 TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1082 SSL_kECDHE,
1083 SSL_aNULL,
1084 SSL_eNULL,
1085 SSL_SHA1,
1086 TLS1_VERSION, TLS1_2_VERSION,
1087 DTLS1_BAD_VER, DTLS1_2_VERSION,
1088 SSL_STRONG_NONE | SSL_FIPS,
1089 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1090 0,
1091 0,
1092 },
1093# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1094 {
1095 1,
1096 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1097 TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
1098 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1099 SSL_kECDHE,
1100 SSL_aNULL,
1101 SSL_3DES,
1102 SSL_SHA1,
1103 TLS1_VERSION, TLS1_2_VERSION,
1104 DTLS1_BAD_VER, DTLS1_2_VERSION,
1105 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1106 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1107 112,
1108 168,
1109 },
1110# endif
1111 {
1112 1,
1113 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1114 TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
1115 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1116 SSL_kECDHE,
1117 SSL_aNULL,
1118 SSL_AES128,
1119 SSL_SHA1,
1120 TLS1_VERSION, TLS1_2_VERSION,
1121 DTLS1_BAD_VER, DTLS1_2_VERSION,
1122 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1123 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1124 128,
1125 128,
1126 },
1127 {
1128 1,
1129 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1130 TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
1131 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1132 SSL_kECDHE,
1133 SSL_aNULL,
1134 SSL_AES256,
1135 SSL_SHA1,
1136 TLS1_VERSION, TLS1_2_VERSION,
1137 DTLS1_BAD_VER, DTLS1_2_VERSION,
1138 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1139 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1140 256,
1141 256,
1142 },
1143 {
1144 1,
1145 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1146 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
1147 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1148 SSL_kECDHE,
1149 SSL_aECDSA,
1150 SSL_AES128,
1151 SSL_SHA256,
1152 TLS1_2_VERSION, TLS1_2_VERSION,
1153 DTLS1_2_VERSION, DTLS1_2_VERSION,
1154 SSL_HIGH | SSL_FIPS,
1155 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1156 128,
1157 128,
1158 },
1159 {
1160 1,
1161 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1162 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
1163 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1164 SSL_kECDHE,
1165 SSL_aECDSA,
1166 SSL_AES256,
1167 SSL_SHA384,
1168 TLS1_2_VERSION, TLS1_2_VERSION,
1169 DTLS1_2_VERSION, DTLS1_2_VERSION,
1170 SSL_HIGH | SSL_FIPS,
1171 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1172 256,
1173 256,
1174 },
1175 {
1176 1,
1177 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1178 TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
1179 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1180 SSL_kECDHE,
1181 SSL_aRSA,
1182 SSL_AES128,
1183 SSL_SHA256,
1184 TLS1_2_VERSION, TLS1_2_VERSION,
1185 DTLS1_2_VERSION, DTLS1_2_VERSION,
1186 SSL_HIGH | SSL_FIPS,
1187 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1188 128,
1189 128,
1190 },
1191 {
1192 1,
1193 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
1194 TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
1195 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
1196 SSL_kECDHE,
1197 SSL_aRSA,
1198 SSL_AES256,
1199 SSL_SHA384,
1200 TLS1_2_VERSION, TLS1_2_VERSION,
1201 DTLS1_2_VERSION, DTLS1_2_VERSION,
1202 SSL_HIGH | SSL_FIPS,
1203 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1204 256,
1205 256,
1206 },
1207 {
1208 1,
1209 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1210 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1211 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1212 SSL_kECDHE,
1213 SSL_aECDSA,
1214 SSL_AES128GCM,
1215 SSL_AEAD,
1216 TLS1_2_VERSION, TLS1_2_VERSION,
1217 DTLS1_2_VERSION, DTLS1_2_VERSION,
1218 SSL_HIGH | SSL_FIPS,
1219 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1220 128,
1221 128,
1222 },
1223 {
1224 1,
1225 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1226 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1227 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1228 SSL_kECDHE,
1229 SSL_aECDSA,
1230 SSL_AES256GCM,
1231 SSL_AEAD,
1232 TLS1_2_VERSION, TLS1_2_VERSION,
1233 DTLS1_2_VERSION, DTLS1_2_VERSION,
1234 SSL_HIGH | SSL_FIPS,
1235 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1236 256,
1237 256,
1238 },
1239 {
1240 1,
1241 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1242 TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1243 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1244 SSL_kECDHE,
1245 SSL_aRSA,
1246 SSL_AES128GCM,
1247 SSL_AEAD,
1248 TLS1_2_VERSION, TLS1_2_VERSION,
1249 DTLS1_2_VERSION, DTLS1_2_VERSION,
1250 SSL_HIGH | SSL_FIPS,
1251 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1252 128,
1253 128,
1254 },
1255 {
1256 1,
1257 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1258 TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1259 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1260 SSL_kECDHE,
1261 SSL_aRSA,
1262 SSL_AES256GCM,
1263 SSL_AEAD,
1264 TLS1_2_VERSION, TLS1_2_VERSION,
1265 DTLS1_2_VERSION, DTLS1_2_VERSION,
1266 SSL_HIGH | SSL_FIPS,
1267 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1268 256,
1269 256,
1270 },
1271#endif /* OPENSSL_NO_EC */
1272
1273#ifndef OPENSSL_NO_PSK
1274 {
1275 1,
1276 TLS1_TXT_PSK_WITH_NULL_SHA,
1277 TLS1_RFC_PSK_WITH_NULL_SHA,
1278 TLS1_CK_PSK_WITH_NULL_SHA,
1279 SSL_kPSK,
1280 SSL_aPSK,
1281 SSL_eNULL,
1282 SSL_SHA1,
1283 SSL3_VERSION, TLS1_2_VERSION,
1284 DTLS1_BAD_VER, DTLS1_2_VERSION,
1285 SSL_STRONG_NONE | SSL_FIPS,
1286 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1287 0,
1288 0,
1289 },
1290 {
1291 1,
1292 TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
1293 TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
1294 TLS1_CK_DHE_PSK_WITH_NULL_SHA,
1295 SSL_kDHEPSK,
1296 SSL_aPSK,
1297 SSL_eNULL,
1298 SSL_SHA1,
1299 SSL3_VERSION, TLS1_2_VERSION,
1300 DTLS1_BAD_VER, DTLS1_2_VERSION,
1301 SSL_STRONG_NONE | SSL_FIPS,
1302 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1303 0,
1304 0,
1305 },
1306 {
1307 1,
1308 TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
1309 TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
1310 TLS1_CK_RSA_PSK_WITH_NULL_SHA,
1311 SSL_kRSAPSK,
1312 SSL_aRSA,
1313 SSL_eNULL,
1314 SSL_SHA1,
1315 SSL3_VERSION, TLS1_2_VERSION,
1316 DTLS1_BAD_VER, DTLS1_2_VERSION,
1317 SSL_STRONG_NONE | SSL_FIPS,
1318 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1319 0,
1320 0,
1321 },
1322# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1323 {
1324 1,
1325 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1326 TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
1327 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1328 SSL_kPSK,
1329 SSL_aPSK,
1330 SSL_3DES,
1331 SSL_SHA1,
1332 SSL3_VERSION, TLS1_2_VERSION,
1333 DTLS1_BAD_VER, DTLS1_2_VERSION,
1334 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1335 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1336 112,
1337 168,
1338 },
1339# endif
1340 {
1341 1,
1342 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1343 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
1344 TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1345 SSL_kPSK,
1346 SSL_aPSK,
1347 SSL_AES128,
1348 SSL_SHA1,
1349 SSL3_VERSION, TLS1_2_VERSION,
1350 DTLS1_BAD_VER, DTLS1_2_VERSION,
1351 SSL_HIGH | SSL_FIPS,
1352 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1353 128,
1354 128,
1355 },
1356 {
1357 1,
1358 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1359 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
1360 TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1361 SSL_kPSK,
1362 SSL_aPSK,
1363 SSL_AES256,
1364 SSL_SHA1,
1365 SSL3_VERSION, TLS1_2_VERSION,
1366 DTLS1_BAD_VER, DTLS1_2_VERSION,
1367 SSL_HIGH | SSL_FIPS,
1368 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1369 256,
1370 256,
1371 },
1372# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1373 {
1374 1,
1375 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1376 TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1377 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1378 SSL_kDHEPSK,
1379 SSL_aPSK,
1380 SSL_3DES,
1381 SSL_SHA1,
1382 SSL3_VERSION, TLS1_2_VERSION,
1383 DTLS1_BAD_VER, DTLS1_2_VERSION,
1384 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1385 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1386 112,
1387 168,
1388 },
1389# endif
1390 {
1391 1,
1392 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
1393 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
1394 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1395 SSL_kDHEPSK,
1396 SSL_aPSK,
1397 SSL_AES128,
1398 SSL_SHA1,
1399 SSL3_VERSION, TLS1_2_VERSION,
1400 DTLS1_BAD_VER, DTLS1_2_VERSION,
1401 SSL_HIGH | SSL_FIPS,
1402 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1403 128,
1404 128,
1405 },
1406 {
1407 1,
1408 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
1409 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
1410 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1411 SSL_kDHEPSK,
1412 SSL_aPSK,
1413 SSL_AES256,
1414 SSL_SHA1,
1415 SSL3_VERSION, TLS1_2_VERSION,
1416 DTLS1_BAD_VER, DTLS1_2_VERSION,
1417 SSL_HIGH | SSL_FIPS,
1418 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1419 256,
1420 256,
1421 },
1422# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1423 {
1424 1,
1425 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1426 TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1427 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1428 SSL_kRSAPSK,
1429 SSL_aRSA,
1430 SSL_3DES,
1431 SSL_SHA1,
1432 SSL3_VERSION, TLS1_2_VERSION,
1433 DTLS1_BAD_VER, DTLS1_2_VERSION,
1434 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1435 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1436 112,
1437 168,
1438 },
1439# endif
1440 {
1441 1,
1442 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
1443 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
1444 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1445 SSL_kRSAPSK,
1446 SSL_aRSA,
1447 SSL_AES128,
1448 SSL_SHA1,
1449 SSL3_VERSION, TLS1_2_VERSION,
1450 DTLS1_BAD_VER, DTLS1_2_VERSION,
1451 SSL_HIGH | SSL_FIPS,
1452 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1453 128,
1454 128,
1455 },
1456 {
1457 1,
1458 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1459 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
1460 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1461 SSL_kRSAPSK,
1462 SSL_aRSA,
1463 SSL_AES256,
1464 SSL_SHA1,
1465 SSL3_VERSION, TLS1_2_VERSION,
1466 DTLS1_BAD_VER, DTLS1_2_VERSION,
1467 SSL_HIGH | SSL_FIPS,
1468 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1469 256,
1470 256,
1471 },
1472 {
1473 1,
1474 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1475 TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
1476 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1477 SSL_kPSK,
1478 SSL_aPSK,
1479 SSL_AES128GCM,
1480 SSL_AEAD,
1481 TLS1_2_VERSION, TLS1_2_VERSION,
1482 DTLS1_2_VERSION, DTLS1_2_VERSION,
1483 SSL_HIGH | SSL_FIPS,
1484 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1485 128,
1486 128,
1487 },
1488 {
1489 1,
1490 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1491 TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
1492 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1493 SSL_kPSK,
1494 SSL_aPSK,
1495 SSL_AES256GCM,
1496 SSL_AEAD,
1497 TLS1_2_VERSION, TLS1_2_VERSION,
1498 DTLS1_2_VERSION, DTLS1_2_VERSION,
1499 SSL_HIGH | SSL_FIPS,
1500 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1501 256,
1502 256,
1503 },
1504 {
1505 1,
1506 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1507 TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
1508 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1509 SSL_kDHEPSK,
1510 SSL_aPSK,
1511 SSL_AES128GCM,
1512 SSL_AEAD,
1513 TLS1_2_VERSION, TLS1_2_VERSION,
1514 DTLS1_2_VERSION, DTLS1_2_VERSION,
1515 SSL_HIGH | SSL_FIPS,
1516 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1517 128,
1518 128,
1519 },
1520 {
1521 1,
1522 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1523 TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
1524 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1525 SSL_kDHEPSK,
1526 SSL_aPSK,
1527 SSL_AES256GCM,
1528 SSL_AEAD,
1529 TLS1_2_VERSION, TLS1_2_VERSION,
1530 DTLS1_2_VERSION, DTLS1_2_VERSION,
1531 SSL_HIGH | SSL_FIPS,
1532 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1533 256,
1534 256,
1535 },
1536 {
1537 1,
1538 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1539 TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
1540 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1541 SSL_kRSAPSK,
1542 SSL_aRSA,
1543 SSL_AES128GCM,
1544 SSL_AEAD,
1545 TLS1_2_VERSION, TLS1_2_VERSION,
1546 DTLS1_2_VERSION, DTLS1_2_VERSION,
1547 SSL_HIGH | SSL_FIPS,
1548 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1549 128,
1550 128,
1551 },
1552 {
1553 1,
1554 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1555 TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
1556 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1557 SSL_kRSAPSK,
1558 SSL_aRSA,
1559 SSL_AES256GCM,
1560 SSL_AEAD,
1561 TLS1_2_VERSION, TLS1_2_VERSION,
1562 DTLS1_2_VERSION, DTLS1_2_VERSION,
1563 SSL_HIGH | SSL_FIPS,
1564 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1565 256,
1566 256,
1567 },
1568 {
1569 1,
1570 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1571 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
1572 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1573 SSL_kPSK,
1574 SSL_aPSK,
1575 SSL_AES128,
1576 SSL_SHA256,
1577 TLS1_VERSION, TLS1_2_VERSION,
1578 DTLS1_BAD_VER, DTLS1_2_VERSION,
1579 SSL_HIGH | SSL_FIPS,
1580 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1581 128,
1582 128,
1583 },
1584 {
1585 1,
1586 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1587 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
1588 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1589 SSL_kPSK,
1590 SSL_aPSK,
1591 SSL_AES256,
1592 SSL_SHA384,
1593 TLS1_VERSION, TLS1_2_VERSION,
1594 DTLS1_BAD_VER, DTLS1_2_VERSION,
1595 SSL_HIGH | SSL_FIPS,
1596 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1597 256,
1598 256,
1599 },
1600 {
1601 1,
1602 TLS1_TXT_PSK_WITH_NULL_SHA256,
1603 TLS1_RFC_PSK_WITH_NULL_SHA256,
1604 TLS1_CK_PSK_WITH_NULL_SHA256,
1605 SSL_kPSK,
1606 SSL_aPSK,
1607 SSL_eNULL,
1608 SSL_SHA256,
1609 TLS1_VERSION, TLS1_2_VERSION,
1610 DTLS1_BAD_VER, DTLS1_2_VERSION,
1611 SSL_STRONG_NONE | SSL_FIPS,
1612 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1613 0,
1614 0,
1615 },
1616 {
1617 1,
1618 TLS1_TXT_PSK_WITH_NULL_SHA384,
1619 TLS1_RFC_PSK_WITH_NULL_SHA384,
1620 TLS1_CK_PSK_WITH_NULL_SHA384,
1621 SSL_kPSK,
1622 SSL_aPSK,
1623 SSL_eNULL,
1624 SSL_SHA384,
1625 TLS1_VERSION, TLS1_2_VERSION,
1626 DTLS1_BAD_VER, DTLS1_2_VERSION,
1627 SSL_STRONG_NONE | SSL_FIPS,
1628 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1629 0,
1630 0,
1631 },
1632 {
1633 1,
1634 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1635 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
1636 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1637 SSL_kDHEPSK,
1638 SSL_aPSK,
1639 SSL_AES128,
1640 SSL_SHA256,
1641 TLS1_VERSION, TLS1_2_VERSION,
1642 DTLS1_BAD_VER, DTLS1_2_VERSION,
1643 SSL_HIGH | SSL_FIPS,
1644 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1645 128,
1646 128,
1647 },
1648 {
1649 1,
1650 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1651 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
1652 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1653 SSL_kDHEPSK,
1654 SSL_aPSK,
1655 SSL_AES256,
1656 SSL_SHA384,
1657 TLS1_VERSION, TLS1_2_VERSION,
1658 DTLS1_BAD_VER, DTLS1_2_VERSION,
1659 SSL_HIGH | SSL_FIPS,
1660 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1661 256,
1662 256,
1663 },
1664 {
1665 1,
1666 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1667 TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
1668 TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1669 SSL_kDHEPSK,
1670 SSL_aPSK,
1671 SSL_eNULL,
1672 SSL_SHA256,
1673 TLS1_VERSION, TLS1_2_VERSION,
1674 DTLS1_BAD_VER, DTLS1_2_VERSION,
1675 SSL_STRONG_NONE | SSL_FIPS,
1676 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1677 0,
1678 0,
1679 },
1680 {
1681 1,
1682 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1683 TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
1684 TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1685 SSL_kDHEPSK,
1686 SSL_aPSK,
1687 SSL_eNULL,
1688 SSL_SHA384,
1689 TLS1_VERSION, TLS1_2_VERSION,
1690 DTLS1_BAD_VER, DTLS1_2_VERSION,
1691 SSL_STRONG_NONE | SSL_FIPS,
1692 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1693 0,
1694 0,
1695 },
1696 {
1697 1,
1698 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1699 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
1700 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1701 SSL_kRSAPSK,
1702 SSL_aRSA,
1703 SSL_AES128,
1704 SSL_SHA256,
1705 TLS1_VERSION, TLS1_2_VERSION,
1706 DTLS1_BAD_VER, DTLS1_2_VERSION,
1707 SSL_HIGH | SSL_FIPS,
1708 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1709 128,
1710 128,
1711 },
1712 {
1713 1,
1714 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
1715 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
1716 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1717 SSL_kRSAPSK,
1718 SSL_aRSA,
1719 SSL_AES256,
1720 SSL_SHA384,
1721 TLS1_VERSION, TLS1_2_VERSION,
1722 DTLS1_BAD_VER, DTLS1_2_VERSION,
1723 SSL_HIGH | SSL_FIPS,
1724 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1725 256,
1726 256,
1727 },
1728 {
1729 1,
1730 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
1731 TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
1732 TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1733 SSL_kRSAPSK,
1734 SSL_aRSA,
1735 SSL_eNULL,
1736 SSL_SHA256,
1737 TLS1_VERSION, TLS1_2_VERSION,
1738 DTLS1_BAD_VER, DTLS1_2_VERSION,
1739 SSL_STRONG_NONE | SSL_FIPS,
1740 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1741 0,
1742 0,
1743 },
1744 {
1745 1,
1746 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
1747 TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
1748 TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1749 SSL_kRSAPSK,
1750 SSL_aRSA,
1751 SSL_eNULL,
1752 SSL_SHA384,
1753 TLS1_VERSION, TLS1_2_VERSION,
1754 DTLS1_BAD_VER, DTLS1_2_VERSION,
1755 SSL_STRONG_NONE | SSL_FIPS,
1756 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1757 0,
1758 0,
1759 },
1760# ifndef OPENSSL_NO_EC
1761# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1762 {
1763 1,
1764 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1765 TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1766 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1767 SSL_kECDHEPSK,
1768 SSL_aPSK,
1769 SSL_3DES,
1770 SSL_SHA1,
1771 TLS1_VERSION, TLS1_2_VERSION,
1772 DTLS1_BAD_VER, DTLS1_2_VERSION,
1773 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1774 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1775 112,
1776 168,
1777 },
1778# endif
1779 {
1780 1,
1781 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1782 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1783 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1784 SSL_kECDHEPSK,
1785 SSL_aPSK,
1786 SSL_AES128,
1787 SSL_SHA1,
1788 TLS1_VERSION, TLS1_2_VERSION,
1789 DTLS1_BAD_VER, DTLS1_2_VERSION,
1790 SSL_HIGH | SSL_FIPS,
1791 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1792 128,
1793 128,
1794 },
1795 {
1796 1,
1797 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1798 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1799 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1800 SSL_kECDHEPSK,
1801 SSL_aPSK,
1802 SSL_AES256,
1803 SSL_SHA1,
1804 TLS1_VERSION, TLS1_2_VERSION,
1805 DTLS1_BAD_VER, DTLS1_2_VERSION,
1806 SSL_HIGH | SSL_FIPS,
1807 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1808 256,
1809 256,
1810 },
1811 {
1812 1,
1813 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1814 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1815 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1816 SSL_kECDHEPSK,
1817 SSL_aPSK,
1818 SSL_AES128,
1819 SSL_SHA256,
1820 TLS1_VERSION, TLS1_2_VERSION,
1821 DTLS1_BAD_VER, DTLS1_2_VERSION,
1822 SSL_HIGH | SSL_FIPS,
1823 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1824 128,
1825 128,
1826 },
1827 {
1828 1,
1829 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1830 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1831 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1832 SSL_kECDHEPSK,
1833 SSL_aPSK,
1834 SSL_AES256,
1835 SSL_SHA384,
1836 TLS1_VERSION, TLS1_2_VERSION,
1837 DTLS1_BAD_VER, DTLS1_2_VERSION,
1838 SSL_HIGH | SSL_FIPS,
1839 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1840 256,
1841 256,
1842 },
1843 {
1844 1,
1845 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
1846 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
1847 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
1848 SSL_kECDHEPSK,
1849 SSL_aPSK,
1850 SSL_eNULL,
1851 SSL_SHA1,
1852 TLS1_VERSION, TLS1_2_VERSION,
1853 DTLS1_BAD_VER, DTLS1_2_VERSION,
1854 SSL_STRONG_NONE | SSL_FIPS,
1855 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1856 0,
1857 0,
1858 },
1859 {
1860 1,
1861 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
1862 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
1863 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
1864 SSL_kECDHEPSK,
1865 SSL_aPSK,
1866 SSL_eNULL,
1867 SSL_SHA256,
1868 TLS1_VERSION, TLS1_2_VERSION,
1869 DTLS1_BAD_VER, DTLS1_2_VERSION,
1870 SSL_STRONG_NONE | SSL_FIPS,
1871 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1872 0,
1873 0,
1874 },
1875 {
1876 1,
1877 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
1878 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
1879 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
1880 SSL_kECDHEPSK,
1881 SSL_aPSK,
1882 SSL_eNULL,
1883 SSL_SHA384,
1884 TLS1_VERSION, TLS1_2_VERSION,
1885 DTLS1_BAD_VER, DTLS1_2_VERSION,
1886 SSL_STRONG_NONE | SSL_FIPS,
1887 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1888 0,
1889 0,
1890 },
1891# endif /* OPENSSL_NO_EC */
1892#endif /* OPENSSL_NO_PSK */
1893
1894#ifndef OPENSSL_NO_SRP
1895# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1896 {
1897 1,
1898 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1899 TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1900 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1901 SSL_kSRP,
1902 SSL_aSRP,
1903 SSL_3DES,
1904 SSL_SHA1,
1905 SSL3_VERSION, TLS1_2_VERSION,
1906 DTLS1_BAD_VER, DTLS1_2_VERSION,
1907 SSL_NOT_DEFAULT | SSL_MEDIUM,
1908 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1909 112,
1910 168,
1911 },
1912 {
1913 1,
1914 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1915 TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1916 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1917 SSL_kSRP,
1918 SSL_aRSA,
1919 SSL_3DES,
1920 SSL_SHA1,
1921 SSL3_VERSION, TLS1_2_VERSION,
1922 DTLS1_BAD_VER, DTLS1_2_VERSION,
1923 SSL_NOT_DEFAULT | SSL_MEDIUM,
1924 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1925 112,
1926 168,
1927 },
1928 {
1929 1,
1930 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1931 TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1932 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1933 SSL_kSRP,
1934 SSL_aDSS,
1935 SSL_3DES,
1936 SSL_SHA1,
1937 SSL3_VERSION, TLS1_2_VERSION,
1938 DTLS1_BAD_VER, DTLS1_2_VERSION,
1939 SSL_NOT_DEFAULT | SSL_MEDIUM,
1940 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1941 112,
1942 168,
1943 },
1944# endif
1945 {
1946 1,
1947 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
1948 TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
1949 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1950 SSL_kSRP,
1951 SSL_aSRP,
1952 SSL_AES128,
1953 SSL_SHA1,
1954 SSL3_VERSION, TLS1_2_VERSION,
1955 DTLS1_BAD_VER, DTLS1_2_VERSION,
1956 SSL_HIGH,
1957 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1958 128,
1959 128,
1960 },
1961 {
1962 1,
1963 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1964 TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1965 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1966 SSL_kSRP,
1967 SSL_aRSA,
1968 SSL_AES128,
1969 SSL_SHA1,
1970 SSL3_VERSION, TLS1_2_VERSION,
1971 DTLS1_BAD_VER, DTLS1_2_VERSION,
1972 SSL_HIGH,
1973 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1974 128,
1975 128,
1976 },
1977 {
1978 1,
1979 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1980 TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1981 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1982 SSL_kSRP,
1983 SSL_aDSS,
1984 SSL_AES128,
1985 SSL_SHA1,
1986 SSL3_VERSION, TLS1_2_VERSION,
1987 DTLS1_BAD_VER, DTLS1_2_VERSION,
1988 SSL_NOT_DEFAULT | SSL_HIGH,
1989 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1990 128,
1991 128,
1992 },
1993 {
1994 1,
1995 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
1996 TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
1997 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
1998 SSL_kSRP,
1999 SSL_aSRP,
2000 SSL_AES256,
2001 SSL_SHA1,
2002 SSL3_VERSION, TLS1_2_VERSION,
2003 DTLS1_BAD_VER, DTLS1_2_VERSION,
2004 SSL_HIGH,
2005 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2006 256,
2007 256,
2008 },
2009 {
2010 1,
2011 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2012 TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2013 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2014 SSL_kSRP,
2015 SSL_aRSA,
2016 SSL_AES256,
2017 SSL_SHA1,
2018 SSL3_VERSION, TLS1_2_VERSION,
2019 DTLS1_BAD_VER, DTLS1_2_VERSION,
2020 SSL_HIGH,
2021 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2022 256,
2023 256,
2024 },
2025 {
2026 1,
2027 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2028 TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2029 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2030 SSL_kSRP,
2031 SSL_aDSS,
2032 SSL_AES256,
2033 SSL_SHA1,
2034 SSL3_VERSION, TLS1_2_VERSION,
2035 DTLS1_BAD_VER, DTLS1_2_VERSION,
2036 SSL_NOT_DEFAULT | SSL_HIGH,
2037 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2038 256,
2039 256,
2040 },
2041#endif /* OPENSSL_NO_SRP */
2042
2043#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2044# ifndef OPENSSL_NO_RSA
2045 {
2046 1,
2047 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
2048 TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
2049 TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
2050 SSL_kDHE,
2051 SSL_aRSA,
2052 SSL_CHACHA20POLY1305,
2053 SSL_AEAD,
2054 TLS1_2_VERSION, TLS1_2_VERSION,
2055 DTLS1_2_VERSION, DTLS1_2_VERSION,
2056 SSL_HIGH,
2057 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2058 256,
2059 256,
2060 },
2061# endif /* OPENSSL_NO_RSA */
2062
2063# ifndef OPENSSL_NO_EC
2064 {
2065 1,
2066 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2067 TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2068 TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2069 SSL_kECDHE,
2070 SSL_aRSA,
2071 SSL_CHACHA20POLY1305,
2072 SSL_AEAD,
2073 TLS1_2_VERSION, TLS1_2_VERSION,
2074 DTLS1_2_VERSION, DTLS1_2_VERSION,
2075 SSL_HIGH,
2076 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2077 256,
2078 256,
2079 },
2080 {
2081 1,
2082 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2083 TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2084 TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2085 SSL_kECDHE,
2086 SSL_aECDSA,
2087 SSL_CHACHA20POLY1305,
2088 SSL_AEAD,
2089 TLS1_2_VERSION, TLS1_2_VERSION,
2090 DTLS1_2_VERSION, DTLS1_2_VERSION,
2091 SSL_HIGH,
2092 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2093 256,
2094 256,
2095 },
2096# endif /* OPENSSL_NO_EC */
2097
2098# ifndef OPENSSL_NO_PSK
2099 {
2100 1,
2101 TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
2102 TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
2103 TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2104 SSL_kPSK,
2105 SSL_aPSK,
2106 SSL_CHACHA20POLY1305,
2107 SSL_AEAD,
2108 TLS1_2_VERSION, TLS1_2_VERSION,
2109 DTLS1_2_VERSION, DTLS1_2_VERSION,
2110 SSL_HIGH,
2111 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2112 256,
2113 256,
2114 },
2115 {
2116 1,
2117 TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2118 TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2119 TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2120 SSL_kECDHEPSK,
2121 SSL_aPSK,
2122 SSL_CHACHA20POLY1305,
2123 SSL_AEAD,
2124 TLS1_2_VERSION, TLS1_2_VERSION,
2125 DTLS1_2_VERSION, DTLS1_2_VERSION,
2126 SSL_HIGH,
2127 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2128 256,
2129 256,
2130 },
2131 {
2132 1,
2133 TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
2134 TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
2135 TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2136 SSL_kDHEPSK,
2137 SSL_aPSK,
2138 SSL_CHACHA20POLY1305,
2139 SSL_AEAD,
2140 TLS1_2_VERSION, TLS1_2_VERSION,
2141 DTLS1_2_VERSION, DTLS1_2_VERSION,
2142 SSL_HIGH,
2143 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2144 256,
2145 256,
2146 },
2147 {
2148 1,
2149 TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
2150 TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
2151 TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2152 SSL_kRSAPSK,
2153 SSL_aRSA,
2154 SSL_CHACHA20POLY1305,
2155 SSL_AEAD,
2156 TLS1_2_VERSION, TLS1_2_VERSION,
2157 DTLS1_2_VERSION, DTLS1_2_VERSION,
2158 SSL_HIGH,
2159 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2160 256,
2161 256,
2162 },
2163# endif /* OPENSSL_NO_PSK */
2164#endif /* !defined(OPENSSL_NO_CHACHA) &&
2165 * !defined(OPENSSL_NO_POLY1305) */
2166
2167#ifndef OPENSSL_NO_CAMELLIA
2168 {
2169 1,
2170 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2171 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2172 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2173 SSL_kRSA,
2174 SSL_aRSA,
2175 SSL_CAMELLIA128,
2176 SSL_SHA256,
2177 TLS1_2_VERSION, TLS1_2_VERSION,
2178 DTLS1_2_VERSION, DTLS1_2_VERSION,
2179 SSL_NOT_DEFAULT | SSL_HIGH,
2180 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2181 128,
2182 128,
2183 },
2184 {
2185 1,
2186 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2187 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2188 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2189 SSL_kEDH,
2190 SSL_aDSS,
2191 SSL_CAMELLIA128,
2192 SSL_SHA256,
2193 TLS1_2_VERSION, TLS1_2_VERSION,
2194 DTLS1_2_VERSION, DTLS1_2_VERSION,
2195 SSL_NOT_DEFAULT | SSL_HIGH,
2196 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2197 128,
2198 128,
2199 },
2200 {
2201 1,
2202 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2203 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2204 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2205 SSL_kEDH,
2206 SSL_aRSA,
2207 SSL_CAMELLIA128,
2208 SSL_SHA256,
2209 TLS1_2_VERSION, TLS1_2_VERSION,
2210 DTLS1_2_VERSION, DTLS1_2_VERSION,
2211 SSL_NOT_DEFAULT | SSL_HIGH,
2212 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2213 128,
2214 128,
2215 },
2216 {
2217 1,
2218 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2219 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2220 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2221 SSL_kEDH,
2222 SSL_aNULL,
2223 SSL_CAMELLIA128,
2224 SSL_SHA256,
2225 TLS1_2_VERSION, TLS1_2_VERSION,
2226 DTLS1_2_VERSION, DTLS1_2_VERSION,
2227 SSL_NOT_DEFAULT | SSL_HIGH,
2228 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2229 128,
2230 128,
2231 },
2232 {
2233 1,
2234 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2235 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2236 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2237 SSL_kRSA,
2238 SSL_aRSA,
2239 SSL_CAMELLIA256,
2240 SSL_SHA256,
2241 TLS1_2_VERSION, TLS1_2_VERSION,
2242 DTLS1_2_VERSION, DTLS1_2_VERSION,
2243 SSL_NOT_DEFAULT | SSL_HIGH,
2244 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2245 256,
2246 256,
2247 },
2248 {
2249 1,
2250 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2251 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2252 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2253 SSL_kEDH,
2254 SSL_aDSS,
2255 SSL_CAMELLIA256,
2256 SSL_SHA256,
2257 TLS1_2_VERSION, TLS1_2_VERSION,
2258 DTLS1_2_VERSION, DTLS1_2_VERSION,
2259 SSL_NOT_DEFAULT | SSL_HIGH,
2260 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2261 256,
2262 256,
2263 },
2264 {
2265 1,
2266 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2267 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2268 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2269 SSL_kEDH,
2270 SSL_aRSA,
2271 SSL_CAMELLIA256,
2272 SSL_SHA256,
2273 TLS1_2_VERSION, TLS1_2_VERSION,
2274 DTLS1_2_VERSION, DTLS1_2_VERSION,
2275 SSL_NOT_DEFAULT | SSL_HIGH,
2276 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2277 256,
2278 256,
2279 },
2280 {
2281 1,
2282 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2283 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2284 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2285 SSL_kEDH,
2286 SSL_aNULL,
2287 SSL_CAMELLIA256,
2288 SSL_SHA256,
2289 TLS1_2_VERSION, TLS1_2_VERSION,
2290 DTLS1_2_VERSION, DTLS1_2_VERSION,
2291 SSL_NOT_DEFAULT | SSL_HIGH,
2292 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2293 256,
2294 256,
2295 },
2296 {
2297 1,
2298 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
2299 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
2300 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
2301 SSL_kRSA,
2302 SSL_aRSA,
2303 SSL_CAMELLIA256,
2304 SSL_SHA1,
2305 SSL3_VERSION, TLS1_2_VERSION,
2306 DTLS1_BAD_VER, DTLS1_2_VERSION,
2307 SSL_NOT_DEFAULT | SSL_HIGH,
2308 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2309 256,
2310 256,
2311 },
2312 {
2313 1,
2314 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2315 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2316 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2317 SSL_kDHE,
2318 SSL_aDSS,
2319 SSL_CAMELLIA256,
2320 SSL_SHA1,
2321 SSL3_VERSION, TLS1_2_VERSION,
2322 DTLS1_BAD_VER, DTLS1_2_VERSION,
2323 SSL_NOT_DEFAULT | SSL_HIGH,
2324 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2325 256,
2326 256,
2327 },
2328 {
2329 1,
2330 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2331 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2332 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2333 SSL_kDHE,
2334 SSL_aRSA,
2335 SSL_CAMELLIA256,
2336 SSL_SHA1,
2337 SSL3_VERSION, TLS1_2_VERSION,
2338 DTLS1_BAD_VER, DTLS1_2_VERSION,
2339 SSL_NOT_DEFAULT | SSL_HIGH,
2340 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2341 256,
2342 256,
2343 },
2344 {
2345 1,
2346 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
2347 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
2348 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
2349 SSL_kDHE,
2350 SSL_aNULL,
2351 SSL_CAMELLIA256,
2352 SSL_SHA1,
2353 SSL3_VERSION, TLS1_2_VERSION,
2354 DTLS1_BAD_VER, DTLS1_2_VERSION,
2355 SSL_NOT_DEFAULT | SSL_HIGH,
2356 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2357 256,
2358 256,
2359 },
2360 {
2361 1,
2362 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
2363 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
2364 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
2365 SSL_kRSA,
2366 SSL_aRSA,
2367 SSL_CAMELLIA128,
2368 SSL_SHA1,
2369 SSL3_VERSION, TLS1_2_VERSION,
2370 DTLS1_BAD_VER, DTLS1_2_VERSION,
2371 SSL_NOT_DEFAULT | SSL_HIGH,
2372 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2373 128,
2374 128,
2375 },
2376 {
2377 1,
2378 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2379 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2380 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2381 SSL_kDHE,
2382 SSL_aDSS,
2383 SSL_CAMELLIA128,
2384 SSL_SHA1,
2385 SSL3_VERSION, TLS1_2_VERSION,
2386 DTLS1_BAD_VER, DTLS1_2_VERSION,
2387 SSL_NOT_DEFAULT | SSL_HIGH,
2388 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2389 128,
2390 128,
2391 },
2392 {
2393 1,
2394 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2395 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2396 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2397 SSL_kDHE,
2398 SSL_aRSA,
2399 SSL_CAMELLIA128,
2400 SSL_SHA1,
2401 SSL3_VERSION, TLS1_2_VERSION,
2402 DTLS1_BAD_VER, DTLS1_2_VERSION,
2403 SSL_NOT_DEFAULT | SSL_HIGH,
2404 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2405 128,
2406 128,
2407 },
2408 {
2409 1,
2410 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
2411 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
2412 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
2413 SSL_kDHE,
2414 SSL_aNULL,
2415 SSL_CAMELLIA128,
2416 SSL_SHA1,
2417 SSL3_VERSION, TLS1_2_VERSION,
2418 DTLS1_BAD_VER, DTLS1_2_VERSION,
2419 SSL_NOT_DEFAULT | SSL_HIGH,
2420 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2421 128,
2422 128,
2423 },
2424
2425# ifndef OPENSSL_NO_EC
2426 {
2427 1,
2428 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2429 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2430 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2431 SSL_kECDHE,
2432 SSL_aECDSA,
2433 SSL_CAMELLIA128,
2434 SSL_SHA256,
2435 TLS1_2_VERSION, TLS1_2_VERSION,
2436 DTLS1_2_VERSION, DTLS1_2_VERSION,
2437 SSL_NOT_DEFAULT | SSL_HIGH,
2438 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2439 128,
2440 128,
2441 },
2442 {
2443 1,
2444 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2445 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2446 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2447 SSL_kECDHE,
2448 SSL_aECDSA,
2449 SSL_CAMELLIA256,
2450 SSL_SHA384,
2451 TLS1_2_VERSION, TLS1_2_VERSION,
2452 DTLS1_2_VERSION, DTLS1_2_VERSION,
2453 SSL_NOT_DEFAULT | SSL_HIGH,
2454 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2455 256,
2456 256,
2457 },
2458 {
2459 1,
2460 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2461 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2462 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2463 SSL_kECDHE,
2464 SSL_aRSA,
2465 SSL_CAMELLIA128,
2466 SSL_SHA256,
2467 TLS1_2_VERSION, TLS1_2_VERSION,
2468 DTLS1_2_VERSION, DTLS1_2_VERSION,
2469 SSL_NOT_DEFAULT | SSL_HIGH,
2470 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2471 128,
2472 128,
2473 },
2474 {
2475 1,
2476 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2477 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2478 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2479 SSL_kECDHE,
2480 SSL_aRSA,
2481 SSL_CAMELLIA256,
2482 SSL_SHA384,
2483 TLS1_2_VERSION, TLS1_2_VERSION,
2484 DTLS1_2_VERSION, DTLS1_2_VERSION,
2485 SSL_NOT_DEFAULT | SSL_HIGH,
2486 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2487 256,
2488 256,
2489 },
2490# endif /* OPENSSL_NO_EC */
2491
2492# ifndef OPENSSL_NO_PSK
2493 {
2494 1,
2495 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2496 TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2497 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2498 SSL_kPSK,
2499 SSL_aPSK,
2500 SSL_CAMELLIA128,
2501 SSL_SHA256,
2502 TLS1_VERSION, TLS1_2_VERSION,
2503 DTLS1_BAD_VER, DTLS1_2_VERSION,
2504 SSL_NOT_DEFAULT | SSL_HIGH,
2505 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2506 128,
2507 128,
2508 },
2509 {
2510 1,
2511 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2512 TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2513 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2514 SSL_kPSK,
2515 SSL_aPSK,
2516 SSL_CAMELLIA256,
2517 SSL_SHA384,
2518 TLS1_VERSION, TLS1_2_VERSION,
2519 DTLS1_BAD_VER, DTLS1_2_VERSION,
2520 SSL_NOT_DEFAULT | SSL_HIGH,
2521 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2522 256,
2523 256,
2524 },
2525 {
2526 1,
2527 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2528 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2529 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2530 SSL_kDHEPSK,
2531 SSL_aPSK,
2532 SSL_CAMELLIA128,
2533 SSL_SHA256,
2534 TLS1_VERSION, TLS1_2_VERSION,
2535 DTLS1_BAD_VER, DTLS1_2_VERSION,
2536 SSL_NOT_DEFAULT | SSL_HIGH,
2537 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2538 128,
2539 128,
2540 },
2541 {
2542 1,
2543 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2544 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2545 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2546 SSL_kDHEPSK,
2547 SSL_aPSK,
2548 SSL_CAMELLIA256,
2549 SSL_SHA384,
2550 TLS1_VERSION, TLS1_2_VERSION,
2551 DTLS1_BAD_VER, DTLS1_2_VERSION,
2552 SSL_NOT_DEFAULT | SSL_HIGH,
2553 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2554 256,
2555 256,
2556 },
2557 {
2558 1,
2559 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2560 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2561 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2562 SSL_kRSAPSK,
2563 SSL_aRSA,
2564 SSL_CAMELLIA128,
2565 SSL_SHA256,
2566 TLS1_VERSION, TLS1_2_VERSION,
2567 DTLS1_BAD_VER, DTLS1_2_VERSION,
2568 SSL_NOT_DEFAULT | SSL_HIGH,
2569 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2570 128,
2571 128,
2572 },
2573 {
2574 1,
2575 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2576 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2577 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2578 SSL_kRSAPSK,
2579 SSL_aRSA,
2580 SSL_CAMELLIA256,
2581 SSL_SHA384,
2582 TLS1_VERSION, TLS1_2_VERSION,
2583 DTLS1_BAD_VER, DTLS1_2_VERSION,
2584 SSL_NOT_DEFAULT | SSL_HIGH,
2585 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2586 256,
2587 256,
2588 },
2589 {
2590 1,
2591 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2592 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2593 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2594 SSL_kECDHEPSK,
2595 SSL_aPSK,
2596 SSL_CAMELLIA128,
2597 SSL_SHA256,
2598 TLS1_VERSION, TLS1_2_VERSION,
2599 DTLS1_BAD_VER, DTLS1_2_VERSION,
2600 SSL_NOT_DEFAULT | SSL_HIGH,
2601 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2602 128,
2603 128,
2604 },
2605 {
2606 1,
2607 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2608 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2609 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2610 SSL_kECDHEPSK,
2611 SSL_aPSK,
2612 SSL_CAMELLIA256,
2613 SSL_SHA384,
2614 TLS1_VERSION, TLS1_2_VERSION,
2615 DTLS1_BAD_VER, DTLS1_2_VERSION,
2616 SSL_NOT_DEFAULT | SSL_HIGH,
2617 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2618 256,
2619 256,
2620 },
2621# endif /* OPENSSL_NO_PSK */
2622
2623#endif /* OPENSSL_NO_CAMELLIA */
2624
2625#ifndef OPENSSL_NO_GOST
2626 {
2627 1,
2628 "GOST2001-GOST89-GOST89",
2629 "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
2630 0x3000081,
2631 SSL_kGOST,
2632 SSL_aGOST01,
2633 SSL_eGOST2814789CNT,
2634 SSL_GOST89MAC,
2635 TLS1_VERSION, TLS1_2_VERSION,
2636 0, 0,
2637 SSL_HIGH,
2638 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
2639 256,
2640 256,
2641 },
2642 {
2643 1,
2644 "GOST2001-NULL-GOST94",
2645 "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
2646 0x3000083,
2647 SSL_kGOST,
2648 SSL_aGOST01,
2649 SSL_eNULL,
2650 SSL_GOST94,
2651 TLS1_VERSION, TLS1_2_VERSION,
2652 0, 0,
2653 SSL_STRONG_NONE,
2654 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
2655 0,
2656 0,
2657 },
2658 {
2659 1,
2660 "GOST2012-GOST8912-GOST8912",
2661 NULL,
2662 0x0300ff85,
2663 SSL_kGOST,
2664 SSL_aGOST12 | SSL_aGOST01,
2665 SSL_eGOST2814789CNT12,
2666 SSL_GOST89MAC12,
2667 TLS1_VERSION, TLS1_2_VERSION,
2668 0, 0,
2669 SSL_HIGH,
2670 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2671 256,
2672 256,
2673 },
2674 {
2675 1,
2676 "GOST2012-NULL-GOST12",
2677 NULL,
2678 0x0300ff87,
2679 SSL_kGOST,
2680 SSL_aGOST12 | SSL_aGOST01,
2681 SSL_eNULL,
2682 SSL_GOST12_256,
2683 TLS1_VERSION, TLS1_2_VERSION,
2684 0, 0,
2685 SSL_STRONG_NONE,
2686 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2687 0,
2688 0,
2689 },
2690#endif /* OPENSSL_NO_GOST */
2691
2692#ifndef OPENSSL_NO_IDEA
2693 {
2694 1,
2695 SSL3_TXT_RSA_IDEA_128_SHA,
2696 SSL3_RFC_RSA_IDEA_128_SHA,
2697 SSL3_CK_RSA_IDEA_128_SHA,
2698 SSL_kRSA,
2699 SSL_aRSA,
2700 SSL_IDEA,
2701 SSL_SHA1,
2702 SSL3_VERSION, TLS1_1_VERSION,
2703 DTLS1_BAD_VER, DTLS1_VERSION,
2704 SSL_NOT_DEFAULT | SSL_MEDIUM,
2705 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2706 128,
2707 128,
2708 },
2709#endif
2710
2711#ifndef OPENSSL_NO_SEED
2712 {
2713 1,
2714 TLS1_TXT_RSA_WITH_SEED_SHA,
2715 TLS1_RFC_RSA_WITH_SEED_SHA,
2716 TLS1_CK_RSA_WITH_SEED_SHA,
2717 SSL_kRSA,
2718 SSL_aRSA,
2719 SSL_SEED,
2720 SSL_SHA1,
2721 SSL3_VERSION, TLS1_2_VERSION,
2722 DTLS1_BAD_VER, DTLS1_2_VERSION,
2723 SSL_NOT_DEFAULT | SSL_MEDIUM,
2724 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2725 128,
2726 128,
2727 },
2728 {
2729 1,
2730 TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
2731 TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
2732 TLS1_CK_DHE_DSS_WITH_SEED_SHA,
2733 SSL_kDHE,
2734 SSL_aDSS,
2735 SSL_SEED,
2736 SSL_SHA1,
2737 SSL3_VERSION, TLS1_2_VERSION,
2738 DTLS1_BAD_VER, DTLS1_2_VERSION,
2739 SSL_NOT_DEFAULT | SSL_MEDIUM,
2740 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2741 128,
2742 128,
2743 },
2744 {
2745 1,
2746 TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
2747 TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
2748 TLS1_CK_DHE_RSA_WITH_SEED_SHA,
2749 SSL_kDHE,
2750 SSL_aRSA,
2751 SSL_SEED,
2752 SSL_SHA1,
2753 SSL3_VERSION, TLS1_2_VERSION,
2754 DTLS1_BAD_VER, DTLS1_2_VERSION,
2755 SSL_NOT_DEFAULT | SSL_MEDIUM,
2756 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2757 128,
2758 128,
2759 },
2760 {
2761 1,
2762 TLS1_TXT_ADH_WITH_SEED_SHA,
2763 TLS1_RFC_ADH_WITH_SEED_SHA,
2764 TLS1_CK_ADH_WITH_SEED_SHA,
2765 SSL_kDHE,
2766 SSL_aNULL,
2767 SSL_SEED,
2768 SSL_SHA1,
2769 SSL3_VERSION, TLS1_2_VERSION,
2770 DTLS1_BAD_VER, DTLS1_2_VERSION,
2771 SSL_NOT_DEFAULT | SSL_MEDIUM,
2772 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2773 128,
2774 128,
2775 },
2776#endif /* OPENSSL_NO_SEED */
2777
2778#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
2779 {
2780 1,
2781 SSL3_TXT_RSA_RC4_128_MD5,
2782 SSL3_RFC_RSA_RC4_128_MD5,
2783 SSL3_CK_RSA_RC4_128_MD5,
2784 SSL_kRSA,
2785 SSL_aRSA,
2786 SSL_RC4,
2787 SSL_MD5,
2788 SSL3_VERSION, TLS1_2_VERSION,
2789 0, 0,
2790 SSL_NOT_DEFAULT | SSL_MEDIUM,
2791 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2792 128,
2793 128,
2794 },
2795 {
2796 1,
2797 SSL3_TXT_RSA_RC4_128_SHA,
2798 SSL3_RFC_RSA_RC4_128_SHA,
2799 SSL3_CK_RSA_RC4_128_SHA,
2800 SSL_kRSA,
2801 SSL_aRSA,
2802 SSL_RC4,
2803 SSL_SHA1,
2804 SSL3_VERSION, TLS1_2_VERSION,
2805 0, 0,
2806 SSL_NOT_DEFAULT | SSL_MEDIUM,
2807 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2808 128,
2809 128,
2810 },
2811 {
2812 1,
2813 SSL3_TXT_ADH_RC4_128_MD5,
2814 SSL3_RFC_ADH_RC4_128_MD5,
2815 SSL3_CK_ADH_RC4_128_MD5,
2816 SSL_kDHE,
2817 SSL_aNULL,
2818 SSL_RC4,
2819 SSL_MD5,
2820 SSL3_VERSION, TLS1_2_VERSION,
2821 0, 0,
2822 SSL_NOT_DEFAULT | SSL_MEDIUM,
2823 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2824 128,
2825 128,
2826 },
2827
2828# ifndef OPENSSL_NO_EC
2829 {
2830 1,
2831 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
2832 TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
2833 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2834 SSL_kECDHEPSK,
2835 SSL_aPSK,
2836 SSL_RC4,
2837 SSL_SHA1,
2838 TLS1_VERSION, TLS1_2_VERSION,
2839 0, 0,
2840 SSL_NOT_DEFAULT | SSL_MEDIUM,
2841 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2842 128,
2843 128,
2844 },
2845 {
2846 1,
2847 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2848 TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
2849 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2850 SSL_kECDHE,
2851 SSL_aNULL,
2852 SSL_RC4,
2853 SSL_SHA1,
2854 TLS1_VERSION, TLS1_2_VERSION,
2855 0, 0,
2856 SSL_NOT_DEFAULT | SSL_MEDIUM,
2857 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2858 128,
2859 128,
2860 },
2861 {
2862 1,
2863 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2864 TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
2865 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2866 SSL_kECDHE,
2867 SSL_aECDSA,
2868 SSL_RC4,
2869 SSL_SHA1,
2870 TLS1_VERSION, TLS1_2_VERSION,
2871 0, 0,
2872 SSL_NOT_DEFAULT | SSL_MEDIUM,
2873 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2874 128,
2875 128,
2876 },
2877 {
2878 1,
2879 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2880 TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
2881 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2882 SSL_kECDHE,
2883 SSL_aRSA,
2884 SSL_RC4,
2885 SSL_SHA1,
2886 TLS1_VERSION, TLS1_2_VERSION,
2887 0, 0,
2888 SSL_NOT_DEFAULT | SSL_MEDIUM,
2889 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2890 128,
2891 128,
2892 },
2893# endif /* OPENSSL_NO_EC */
2894
2895# ifndef OPENSSL_NO_PSK
2896 {
2897 1,
2898 TLS1_TXT_PSK_WITH_RC4_128_SHA,
2899 TLS1_RFC_PSK_WITH_RC4_128_SHA,
2900 TLS1_CK_PSK_WITH_RC4_128_SHA,
2901 SSL_kPSK,
2902 SSL_aPSK,
2903 SSL_RC4,
2904 SSL_SHA1,
2905 SSL3_VERSION, TLS1_2_VERSION,
2906 0, 0,
2907 SSL_NOT_DEFAULT | SSL_MEDIUM,
2908 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2909 128,
2910 128,
2911 },
2912 {
2913 1,
2914 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
2915 TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
2916 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
2917 SSL_kRSAPSK,
2918 SSL_aRSA,
2919 SSL_RC4,
2920 SSL_SHA1,
2921 SSL3_VERSION, TLS1_2_VERSION,
2922 0, 0,
2923 SSL_NOT_DEFAULT | SSL_MEDIUM,
2924 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2925 128,
2926 128,
2927 },
2928 {
2929 1,
2930 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
2931 TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
2932 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
2933 SSL_kDHEPSK,
2934 SSL_aPSK,
2935 SSL_RC4,
2936 SSL_SHA1,
2937 SSL3_VERSION, TLS1_2_VERSION,
2938 0, 0,
2939 SSL_NOT_DEFAULT | SSL_MEDIUM,
2940 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2941 128,
2942 128,
2943 },
2944# endif /* OPENSSL_NO_PSK */
2945
2946#endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
2947
2948#ifndef OPENSSL_NO_ARIA
2949 {
2950 1,
2951 TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
2952 TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
2953 TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
2954 SSL_kRSA,
2955 SSL_aRSA,
2956 SSL_ARIA128GCM,
2957 SSL_AEAD,
2958 TLS1_2_VERSION, TLS1_2_VERSION,
2959 DTLS1_2_VERSION, DTLS1_2_VERSION,
2960 SSL_NOT_DEFAULT | SSL_HIGH,
2961 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2962 128,
2963 128,
2964 },
2965 {
2966 1,
2967 TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
2968 TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
2969 TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
2970 SSL_kRSA,
2971 SSL_aRSA,
2972 SSL_ARIA256GCM,
2973 SSL_AEAD,
2974 TLS1_2_VERSION, TLS1_2_VERSION,
2975 DTLS1_2_VERSION, DTLS1_2_VERSION,
2976 SSL_NOT_DEFAULT | SSL_HIGH,
2977 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2978 256,
2979 256,
2980 },
2981 {
2982 1,
2983 TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2984 TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2985 TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2986 SSL_kDHE,
2987 SSL_aRSA,
2988 SSL_ARIA128GCM,
2989 SSL_AEAD,
2990 TLS1_2_VERSION, TLS1_2_VERSION,
2991 DTLS1_2_VERSION, DTLS1_2_VERSION,
2992 SSL_NOT_DEFAULT | SSL_HIGH,
2993 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2994 128,
2995 128,
2996 },
2997 {
2998 1,
2999 TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3000 TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3001 TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3002 SSL_kDHE,
3003 SSL_aRSA,
3004 SSL_ARIA256GCM,
3005 SSL_AEAD,
3006 TLS1_2_VERSION, TLS1_2_VERSION,
3007 DTLS1_2_VERSION, DTLS1_2_VERSION,
3008 SSL_NOT_DEFAULT | SSL_HIGH,
3009 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3010 256,
3011 256,
3012 },
3013 {
3014 1,
3015 TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3016 TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3017 TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3018 SSL_kDHE,
3019 SSL_aDSS,
3020 SSL_ARIA128GCM,
3021 SSL_AEAD,
3022 TLS1_2_VERSION, TLS1_2_VERSION,
3023 DTLS1_2_VERSION, DTLS1_2_VERSION,
3024 SSL_NOT_DEFAULT | SSL_HIGH,
3025 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3026 128,
3027 128,
3028 },
3029 {
3030 1,
3031 TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3032 TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3033 TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3034 SSL_kDHE,
3035 SSL_aDSS,
3036 SSL_ARIA256GCM,
3037 SSL_AEAD,
3038 TLS1_2_VERSION, TLS1_2_VERSION,
3039 DTLS1_2_VERSION, DTLS1_2_VERSION,
3040 SSL_NOT_DEFAULT | SSL_HIGH,
3041 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3042 256,
3043 256,
3044 },
3045 {
3046 1,
3047 TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3048 TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3049 TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3050 SSL_kECDHE,
3051 SSL_aECDSA,
3052 SSL_ARIA128GCM,
3053 SSL_AEAD,
3054 TLS1_2_VERSION, TLS1_2_VERSION,
3055 DTLS1_2_VERSION, DTLS1_2_VERSION,
3056 SSL_NOT_DEFAULT | SSL_HIGH,
3057 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3058 128,
3059 128,
3060 },
3061 {
3062 1,
3063 TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3064 TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3065 TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3066 SSL_kECDHE,
3067 SSL_aECDSA,
3068 SSL_ARIA256GCM,
3069 SSL_AEAD,
3070 TLS1_2_VERSION, TLS1_2_VERSION,
3071 DTLS1_2_VERSION, DTLS1_2_VERSION,
3072 SSL_NOT_DEFAULT | SSL_HIGH,
3073 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3074 256,
3075 256,
3076 },
3077
3078 {
3079 1,
3080 TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3081 TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3082 TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3083 SSL_kECDHE,
3084 SSL_aRSA,
3085 SSL_ARIA128GCM,
3086 SSL_AEAD,
3087 TLS1_2_VERSION, TLS1_2_VERSION,
3088 DTLS1_2_VERSION, DTLS1_2_VERSION,
3089 SSL_NOT_DEFAULT | SSL_HIGH,
3090 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3091 128,
3092 128,
3093 },
3094 {
3095 1,
3096 TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3097 TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3098 TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3099 SSL_kECDHE,
3100 SSL_aRSA,
3101 SSL_ARIA256GCM,
3102 SSL_AEAD,
3103 TLS1_2_VERSION, TLS1_2_VERSION,
3104 DTLS1_2_VERSION, DTLS1_2_VERSION,
3105 SSL_NOT_DEFAULT | SSL_HIGH,
3106 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3107 256,
3108 256,
3109 },
3110 {
3111 1,
3112 TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
3113 TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
3114 TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
3115 SSL_kPSK,
3116 SSL_aPSK,
3117 SSL_ARIA128GCM,
3118 SSL_AEAD,
3119 TLS1_2_VERSION, TLS1_2_VERSION,
3120 DTLS1_2_VERSION, DTLS1_2_VERSION,
3121 SSL_NOT_DEFAULT | SSL_HIGH,
3122 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3123 128,
3124 128,
3125 },
3126 {
3127 1,
3128 TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
3129 TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
3130 TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
3131 SSL_kPSK,
3132 SSL_aPSK,
3133 SSL_ARIA256GCM,
3134 SSL_AEAD,
3135 TLS1_2_VERSION, TLS1_2_VERSION,
3136 DTLS1_2_VERSION, DTLS1_2_VERSION,
3137 SSL_NOT_DEFAULT | SSL_HIGH,
3138 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3139 256,
3140 256,
3141 },
3142 {
3143 1,
3144 TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3145 TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3146 TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3147 SSL_kDHEPSK,
3148 SSL_aPSK,
3149 SSL_ARIA128GCM,
3150 SSL_AEAD,
3151 TLS1_2_VERSION, TLS1_2_VERSION,
3152 DTLS1_2_VERSION, DTLS1_2_VERSION,
3153 SSL_NOT_DEFAULT | SSL_HIGH,
3154 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3155 128,
3156 128,
3157 },
3158 {
3159 1,
3160 TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3161 TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3162 TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3163 SSL_kDHEPSK,
3164 SSL_aPSK,
3165 SSL_ARIA256GCM,
3166 SSL_AEAD,
3167 TLS1_2_VERSION, TLS1_2_VERSION,
3168 DTLS1_2_VERSION, DTLS1_2_VERSION,
3169 SSL_NOT_DEFAULT | SSL_HIGH,
3170 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3171 256,
3172 256,
3173 },
3174
3175 {
3176 1,
3177 TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3178 TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3179 TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3180 SSL_kRSAPSK,
3181 SSL_aRSA,
3182 SSL_ARIA128GCM,
3183 SSL_AEAD,
3184 TLS1_2_VERSION, TLS1_2_VERSION,
3185 DTLS1_2_VERSION, DTLS1_2_VERSION,
3186 SSL_NOT_DEFAULT | SSL_HIGH,
3187 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3188 128,
3189 128,
3190 },
3191 {
3192 1,
3193 TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3194 TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3195 TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3196 SSL_kRSAPSK,
3197 SSL_aRSA,
3198 SSL_ARIA256GCM,
3199 SSL_AEAD,
3200 TLS1_2_VERSION, TLS1_2_VERSION,
3201 DTLS1_2_VERSION, DTLS1_2_VERSION,
3202 SSL_NOT_DEFAULT | SSL_HIGH,
3203 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3204 256,
3205 256,
3206 },
3207#endif /* OPENSSL_NO_ARIA */
3208};
3209
3210/*
3211 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
3212 * values stuffed into the ciphers field of the wire protocol for signalling
3213 * purposes.
3214 */
3215static SSL_CIPHER ssl3_scsvs[] = {
3216 {
3217 0,
3218 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3219 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3220 SSL3_CK_SCSV,
3221 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3222 },
3223 {
3224 0,
3225 "TLS_FALLBACK_SCSV",
3226 "TLS_FALLBACK_SCSV",
3227 SSL3_CK_FALLBACK_SCSV,
3228 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3229 },
3230};
3231
3232static int cipher_compare(const void *a, const void *b)
3233{
3234 const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
3235 const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
3236
3237 if (ap->id == bp->id)
3238 return 0;
3239 return ap->id < bp->id ? -1 : 1;
3240}
3241
3242void ssl_sort_cipher_list(void)
3243{
3244 qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof ssl3_ciphers[0],
3245 cipher_compare);
3246 qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof ssl3_scsvs[0], cipher_compare);
3247}
3248
3249const SSL3_ENC_METHOD SSLv3_enc_data = {
3250 ssl3_enc,
3251 n_ssl3_mac,
3252 ssl3_setup_key_block,
3253 ssl3_generate_master_secret,
3254 ssl3_change_cipher_state,
3255 ssl3_final_finish_mac,
3256 SSL3_MD_CLIENT_FINISHED_CONST, 4,
3257 SSL3_MD_SERVER_FINISHED_CONST, 4,
3258 ssl3_alert_code,
3259 (int (*)(SSL *, unsigned char *, size_t, const char *,
3260 size_t, const unsigned char *, size_t,
3261 int use_context))ssl_undefined_function,
3262 0,
3263 ssl3_set_handshake_header,
3264 tls_close_construct_packet,
3265 ssl3_handshake_write
3266};
3267
3268long ssl3_default_timeout(void)
3269{
3270 /*
3271 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
3272 * http, the cache would over fill
3273 */
3274 return (60 * 60 * 2);
3275}
3276
3277int ssl3_num_ciphers(void)
3278{
3279 return SSL3_NUM_CIPHERS;
3280}
3281
3282const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
3283{
3284 if (u < SSL3_NUM_CIPHERS)
3285 return &(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]);
3286 else
3287 return NULL;
3288}
3289
3290int ssl3_set_handshake_header(SSL *s, WPACKET *pkt, int htype)
3291{
3292 /* No header in the event of a CCS */
3293 if (htype == SSL3_MT_CHANGE_CIPHER_SPEC)
3294 return 1;
3295
3296 /* Set the content type and 3 bytes for the message len */
3297 if (!WPACKET_put_bytes_u8(pkt, htype)
3298 || !WPACKET_start_sub_packet_u24(pkt))
3299 return 0;
3300
3301 return 1;
3302}
3303
3304int ssl3_handshake_write(SSL *s)
3305{
3306 return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3307}
3308
3309int ssl3_new(SSL *s)
3310{
3311 SSL3_STATE *s3;
3312
3313 if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL)
3314 goto err;
3315 s->s3 = s3;
3316
3317#ifndef OPENSSL_NO_SRP
3318 if (!SSL_SRP_CTX_init(s))
3319 goto err;
3320#endif
3321
3322 if (!s->method->ssl_clear(s))
3323 return 0;
3324
3325 return 1;
3326 err:
3327 return 0;
3328}
3329
3330void ssl3_free(SSL *s)
3331{
3332 if (s == NULL || s->s3 == NULL)
3333 return;
3334
3335 ssl3_cleanup_key_block(s);
3336
3337#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3338 EVP_PKEY_free(s->s3->peer_tmp);
3339 s->s3->peer_tmp = NULL;
3340 EVP_PKEY_free(s->s3->tmp.pkey);
3341 s->s3->tmp.pkey = NULL;
3342#endif
3343
3344 OPENSSL_free(s->s3->tmp.ctype);
3345 sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
3346 OPENSSL_free(s->s3->tmp.ciphers_raw);
3347 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3348 OPENSSL_free(s->s3->tmp.peer_sigalgs);
3349 ssl3_free_digest_list(s);
3350 OPENSSL_free(s->s3->alpn_selected);
3351 OPENSSL_free(s->s3->alpn_proposed);
3352
3353#ifndef OPENSSL_NO_SRP
3354 SSL_SRP_CTX_free(s);
3355#endif
3356 OPENSSL_clear_free(s->s3, sizeof(*s->s3));
3357 s->s3 = NULL;
3358}
3359
3360int ssl3_clear(SSL *s)
3361{
3362 ssl3_cleanup_key_block(s);
3363 OPENSSL_free(s->s3->tmp.ctype);
3364 sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
3365 OPENSSL_free(s->s3->tmp.ciphers_raw);
3366 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3367 OPENSSL_free(s->s3->tmp.peer_sigalgs);
3368
3369#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3370 EVP_PKEY_free(s->s3->tmp.pkey);
3371 EVP_PKEY_free(s->s3->peer_tmp);
3372#endif /* !OPENSSL_NO_EC */
3373
3374 ssl3_free_digest_list(s);
3375
3376 OPENSSL_free(s->s3->alpn_selected);
3377 OPENSSL_free(s->s3->alpn_proposed);
3378
3379 /* NULL/zero-out everything in the s3 struct */
3380 memset(s->s3, 0, sizeof(*s->s3));
3381
3382 if (!ssl_free_wbio_buffer(s))
3383 return 0;
3384
3385 s->version = SSL3_VERSION;
3386
3387#if !defined(OPENSSL_NO_NEXTPROTONEG)
3388 OPENSSL_free(s->ext.npn);
3389 s->ext.npn = NULL;
3390 s->ext.npn_len = 0;
3391#endif
3392
3393 return 1;
3394}
3395
3396#ifndef OPENSSL_NO_SRP
3397static char *srp_password_from_info_cb(SSL *s, void *arg)
3398{
3399 return OPENSSL_strdup(s->srp_ctx.info);
3400}
3401#endif
3402
3403static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
3404
3405long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3406{
3407 int ret = 0;
3408
3409 switch (cmd) {
3410 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3411 break;
3412 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3413 ret = s->s3->num_renegotiations;
3414 break;
3415 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3416 ret = s->s3->num_renegotiations;
3417 s->s3->num_renegotiations = 0;
3418 break;
3419 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3420 ret = s->s3->total_renegotiations;
3421 break;
3422 case SSL_CTRL_GET_FLAGS:
3423 ret = (int)(s->s3->flags);
3424 break;
3425#ifndef OPENSSL_NO_DH
3426 case SSL_CTRL_SET_TMP_DH:
3427 {
3428 DH *dh = (DH *)parg;
3429 EVP_PKEY *pkdh = NULL;
3430 if (dh == NULL) {
3431 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3432 return ret;
3433 }
3434 pkdh = ssl_dh_to_pkey(dh);
3435 if (pkdh == NULL) {
3436 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3437 return 0;
3438 }
3439 if (!ssl_security(s, SSL_SECOP_TMP_DH,
3440 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3441 SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3442 EVP_PKEY_free(pkdh);
3443 return ret;
3444 }
3445 EVP_PKEY_free(s->cert->dh_tmp);
3446 s->cert->dh_tmp = pkdh;
3447 ret = 1;
3448 }
3449 break;
3450 case SSL_CTRL_SET_TMP_DH_CB:
3451 {
3452 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3453 return ret;
3454 }
3455 case SSL_CTRL_SET_DH_AUTO:
3456 s->cert->dh_tmp_auto = larg;
3457 return 1;
3458#endif
3459#ifndef OPENSSL_NO_EC
3460 case SSL_CTRL_SET_TMP_ECDH:
3461 {
3462 const EC_GROUP *group = NULL;
3463 int nid;
3464
3465 if (parg == NULL) {
3466 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3467 return 0;
3468 }
3469 group = EC_KEY_get0_group((const EC_KEY *)parg);
3470 if (group == NULL) {
3471 SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS);
3472 return 0;
3473 }
3474 nid = EC_GROUP_get_curve_name(group);
3475 if (nid == NID_undef)
3476 return 0;
3477 return tls1_set_groups(&s->ext.supportedgroups,
3478 &s->ext.supportedgroups_len,
3479 &nid, 1);
3480 }
3481 break;
3482#endif /* !OPENSSL_NO_EC */
3483 case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3484 if (larg == TLSEXT_NAMETYPE_host_name) {
3485 size_t len;
3486
3487 OPENSSL_free(s->ext.hostname);
3488 s->ext.hostname = NULL;
3489
3490 ret = 1;
3491 if (parg == NULL)
3492 break;
3493 len = strlen((char *)parg);
3494 if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
3495 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3496 return 0;
3497 }
3498 if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) {
3499 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3500 return 0;
3501 }
3502 } else {
3503 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3504 return 0;
3505 }
3506 break;
3507 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3508 s->ext.debug_arg = parg;
3509 ret = 1;
3510 break;
3511
3512 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3513 ret = s->ext.status_type;
3514 break;
3515
3516 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3517 s->ext.status_type = larg;
3518 ret = 1;
3519 break;
3520
3521 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3522 *(STACK_OF(X509_EXTENSION) **)parg = s->ext.ocsp.exts;
3523 ret = 1;
3524 break;
3525
3526 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3527 s->ext.ocsp.exts = parg;
3528 ret = 1;
3529 break;
3530
3531 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3532 *(STACK_OF(OCSP_RESPID) **)parg = s->ext.ocsp.ids;
3533 ret = 1;
3534 break;
3535
3536 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3537 s->ext.ocsp.ids = parg;
3538 ret = 1;
3539 break;
3540
3541 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3542 *(unsigned char **)parg = s->ext.ocsp.resp;
3543 if (s->ext.ocsp.resp_len == 0
3544 || s->ext.ocsp.resp_len > LONG_MAX)
3545 return -1;
3546 return (long)s->ext.ocsp.resp_len;
3547
3548 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3549 OPENSSL_free(s->ext.ocsp.resp);
3550 s->ext.ocsp.resp = parg;
3551 s->ext.ocsp.resp_len = larg;
3552 ret = 1;
3553 break;
3554
3555#ifndef OPENSSL_NO_HEARTBEATS
3556 case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT:
3557 case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING:
3558 case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS:
3559 break;
3560#endif
3561
3562 case SSL_CTRL_CHAIN:
3563 if (larg)
3564 return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
3565 else
3566 return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);
3567
3568 case SSL_CTRL_CHAIN_CERT:
3569 if (larg)
3570 return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
3571 else
3572 return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);
3573
3574 case SSL_CTRL_GET_CHAIN_CERTS:
3575 *(STACK_OF(X509) **)parg = s->cert->key->chain;
3576 break;
3577
3578 case SSL_CTRL_SELECT_CURRENT_CERT:
3579 return ssl_cert_select_current(s->cert, (X509 *)parg);
3580
3581 case SSL_CTRL_SET_CURRENT_CERT:
3582 if (larg == SSL_CERT_SET_SERVER) {
3583 const SSL_CIPHER *cipher;
3584 if (!s->server)
3585 return 0;
3586 cipher = s->s3->tmp.new_cipher;
3587 if (cipher == NULL)
3588 return 0;
3589 /*
3590 * No certificate for unauthenticated ciphersuites or using SRP
3591 * authentication
3592 */
3593 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3594 return 2;
3595 if (s->s3->tmp.cert == NULL)
3596 return 0;
3597 s->cert->key = s->s3->tmp.cert;
3598 return 1;
3599 }
3600 return ssl_cert_set_current(s->cert, larg);
3601
3602#ifndef OPENSSL_NO_EC
3603 case SSL_CTRL_GET_GROUPS:
3604 {
3605 uint16_t *clist;
3606 size_t clistlen;
3607
3608 if (!s->session)
3609 return 0;
3610 clist = s->session->ext.supportedgroups;
3611 clistlen = s->session->ext.supportedgroups_len;
3612 if (parg) {
3613 size_t i;
3614 int *cptr = parg;
3615
3616 for (i = 0; i < clistlen; i++) {
3617 const TLS_GROUP_INFO *cinf = tls1_group_id_lookup(clist[i]);
3618
3619 if (cinf != NULL)
3620 cptr[i] = cinf->nid;
3621 else
3622 cptr[i] = TLSEXT_nid_unknown | clist[i];
3623 }
3624 }
3625 return (int)clistlen;
3626 }
3627
3628 case SSL_CTRL_SET_GROUPS:
3629 return tls1_set_groups(&s->ext.supportedgroups,
3630 &s->ext.supportedgroups_len, parg, larg);
3631
3632 case SSL_CTRL_SET_GROUPS_LIST:
3633 return tls1_set_groups_list(&s->ext.supportedgroups,
3634 &s->ext.supportedgroups_len, parg);
3635
3636 case SSL_CTRL_GET_SHARED_GROUP:
3637 {
3638 uint16_t id = tls1_shared_group(s, larg);
3639
3640 if (larg != -1) {
3641 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
3642
3643 return ginf == NULL ? 0 : ginf->nid;
3644 }
3645 return id;
3646 }
3647#endif
3648 case SSL_CTRL_SET_SIGALGS:
3649 return tls1_set_sigalgs(s->cert, parg, larg, 0);
3650
3651 case SSL_CTRL_SET_SIGALGS_LIST:
3652 return tls1_set_sigalgs_list(s->cert, parg, 0);
3653
3654 case SSL_CTRL_SET_CLIENT_SIGALGS:
3655 return tls1_set_sigalgs(s->cert, parg, larg, 1);
3656
3657 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3658 return tls1_set_sigalgs_list(s->cert, parg, 1);
3659
3660 case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3661 {
3662 const unsigned char **pctype = parg;
3663 if (s->server || !s->s3->tmp.cert_req)
3664 return 0;
3665 if (pctype)
3666 *pctype = s->s3->tmp.ctype;
3667 return s->s3->tmp.ctype_len;
3668 }
3669
3670 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3671 if (!s->server)
3672 return 0;
3673 return ssl3_set_req_cert_type(s->cert, parg, larg);
3674
3675 case SSL_CTRL_BUILD_CERT_CHAIN:
3676 return ssl_build_cert_chain(s, NULL, larg);
3677
3678 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3679 return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
3680
3681 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3682 return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
3683
3684 case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3685 if (s->s3->tmp.peer_sigalg == NULL)
3686 return 0;
3687 *(int *)parg = s->s3->tmp.peer_sigalg->hash;
3688 return 1;
3689
3690 case SSL_CTRL_GET_SERVER_TMP_KEY:
3691#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3692 if (s->server || s->session == NULL || s->s3->peer_tmp == NULL) {
3693 return 0;
3694 } else {
3695 EVP_PKEY_up_ref(s->s3->peer_tmp);
3696 *(EVP_PKEY **)parg = s->s3->peer_tmp;
3697 return 1;
3698 }
3699#else
3700 return 0;
3701#endif
3702#ifndef OPENSSL_NO_EC
3703 case SSL_CTRL_GET_EC_POINT_FORMATS:
3704 {
3705 SSL_SESSION *sess = s->session;
3706 const unsigned char **pformat = parg;
3707
3708 if (sess == NULL || sess->ext.ecpointformats == NULL)
3709 return 0;
3710 *pformat = sess->ext.ecpointformats;
3711 return (int)sess->ext.ecpointformats_len;
3712 }
3713#endif
3714
3715 default:
3716 break;
3717 }
3718 return ret;
3719}
3720
3721long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3722{
3723 int ret = 0;
3724
3725 switch (cmd) {
3726#ifndef OPENSSL_NO_DH
3727 case SSL_CTRL_SET_TMP_DH_CB:
3728 {
3729 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3730 }
3731 break;
3732#endif
3733 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3734 s->ext.debug_cb = (void (*)(SSL *, int, int,
3735 const unsigned char *, int, void *))fp;
3736 break;
3737
3738 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3739 {
3740 s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3741 }
3742 break;
3743 default:
3744 break;
3745 }
3746 return ret;
3747}
3748
3749long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3750{
3751 switch (cmd) {
3752#ifndef OPENSSL_NO_DH
3753 case SSL_CTRL_SET_TMP_DH:
3754 {
3755 DH *dh = (DH *)parg;
3756 EVP_PKEY *pkdh = NULL;
3757 if (dh == NULL) {
3758 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3759 return 0;
3760 }
3761 pkdh = ssl_dh_to_pkey(dh);
3762 if (pkdh == NULL) {
3763 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3764 return 0;
3765 }
3766 if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
3767 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3768 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3769 EVP_PKEY_free(pkdh);
3770 return 1;
3771 }
3772 EVP_PKEY_free(ctx->cert->dh_tmp);
3773 ctx->cert->dh_tmp = pkdh;
3774 return 1;
3775 }
3776 case SSL_CTRL_SET_TMP_DH_CB:
3777 {
3778 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3779 return 0;
3780 }
3781 case SSL_CTRL_SET_DH_AUTO:
3782 ctx->cert->dh_tmp_auto = larg;
3783 return 1;
3784#endif
3785#ifndef OPENSSL_NO_EC
3786 case SSL_CTRL_SET_TMP_ECDH:
3787 {
3788 const EC_GROUP *group = NULL;
3789 int nid;
3790
3791 if (parg == NULL) {
3792 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3793 return 0;
3794 }
3795 group = EC_KEY_get0_group((const EC_KEY *)parg);
3796 if (group == NULL) {
3797 SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS);
3798 return 0;
3799 }
3800 nid = EC_GROUP_get_curve_name(group);
3801 if (nid == NID_undef)
3802 return 0;
3803 return tls1_set_groups(&ctx->ext.supportedgroups,
3804 &ctx->ext.supportedgroups_len,
3805 &nid, 1);
3806 }
3807#endif /* !OPENSSL_NO_EC */
3808 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3809 ctx->ext.servername_arg = parg;
3810 break;
3811 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3812 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3813 {
3814 unsigned char *keys = parg;
3815 long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
3816 sizeof(ctx->ext.tick_hmac_key) +
3817 sizeof(ctx->ext.tick_aes_key));
3818 if (keys == NULL)
3819 return tick_keylen;
3820 if (larg != tick_keylen) {
3821 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3822 return 0;
3823 }
3824 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3825 memcpy(ctx->ext.tick_key_name, keys,
3826 sizeof(ctx->ext.tick_key_name));
3827 memcpy(ctx->ext.tick_hmac_key,
3828 keys + sizeof(ctx->ext.tick_key_name),
3829 sizeof(ctx->ext.tick_hmac_key));
3830 memcpy(ctx->ext.tick_aes_key,
3831 keys + sizeof(ctx->ext.tick_key_name) +
3832 sizeof(ctx->ext.tick_hmac_key),
3833 sizeof(ctx->ext.tick_aes_key));
3834 } else {
3835 memcpy(keys, ctx->ext.tick_key_name,
3836 sizeof(ctx->ext.tick_key_name));
3837 memcpy(keys + sizeof(ctx->ext.tick_key_name),
3838 ctx->ext.tick_hmac_key,
3839 sizeof(ctx->ext.tick_hmac_key));
3840 memcpy(keys + sizeof(ctx->ext.tick_key_name) +
3841 sizeof(ctx->ext.tick_hmac_key),
3842 ctx->ext.tick_aes_key,
3843 sizeof(ctx->ext.tick_aes_key));
3844 }
3845 return 1;
3846 }
3847
3848 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3849 return ctx->ext.status_type;
3850
3851 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3852 ctx->ext.status_type = larg;
3853 break;
3854
3855 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3856 ctx->ext.status_arg = parg;
3857 return 1;
3858
3859 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
3860 *(void**)parg = ctx->ext.status_arg;
3861 break;
3862
3863 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
3864 *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
3865 break;
3866
3867#ifndef OPENSSL_NO_SRP
3868 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3869 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3870 OPENSSL_free(ctx->srp_ctx.login);
3871 ctx->srp_ctx.login = NULL;
3872 if (parg == NULL)
3873 break;
3874 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
3875 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3876 return 0;
3877 }
3878 if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
3879 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3880 return 0;
3881 }
3882 break;
3883 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3884 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3885 srp_password_from_info_cb;
3886 if (ctx->srp_ctx.info != NULL)
3887 OPENSSL_free(ctx->srp_ctx.info);
3888 if ((ctx->srp_ctx.info = BUF_strdup((char *)parg)) == NULL) {
3889 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3890 return 0;
3891 }
3892 break;
3893 case SSL_CTRL_SET_SRP_ARG:
3894 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3895 ctx->srp_ctx.SRP_cb_arg = parg;
3896 break;
3897
3898 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3899 ctx->srp_ctx.strength = larg;
3900 break;
3901#endif
3902
3903#ifndef OPENSSL_NO_EC
3904 case SSL_CTRL_SET_GROUPS:
3905 return tls1_set_groups(&ctx->ext.supportedgroups,
3906 &ctx->ext.supportedgroups_len,
3907 parg, larg);
3908
3909 case SSL_CTRL_SET_GROUPS_LIST:
3910 return tls1_set_groups_list(&ctx->ext.supportedgroups,
3911 &ctx->ext.supportedgroups_len,
3912 parg);
3913#endif
3914 case SSL_CTRL_SET_SIGALGS:
3915 return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
3916
3917 case SSL_CTRL_SET_SIGALGS_LIST:
3918 return tls1_set_sigalgs_list(ctx->cert, parg, 0);
3919
3920 case SSL_CTRL_SET_CLIENT_SIGALGS:
3921 return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
3922
3923 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3924 return tls1_set_sigalgs_list(ctx->cert, parg, 1);
3925
3926 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3927 return ssl3_set_req_cert_type(ctx->cert, parg, larg);
3928
3929 case SSL_CTRL_BUILD_CERT_CHAIN:
3930 return ssl_build_cert_chain(NULL, ctx, larg);
3931
3932 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3933 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
3934
3935 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3936 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
3937
3938 /* A Thawte special :-) */
3939 case SSL_CTRL_EXTRA_CHAIN_CERT:
3940 if (ctx->extra_certs == NULL) {
3941 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
3942 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3943 return 0;
3944 }
3945 }
3946 if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
3947 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3948 return 0;
3949 }
3950 break;
3951
3952 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3953 if (ctx->extra_certs == NULL && larg == 0)
3954 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3955 else
3956 *(STACK_OF(X509) **)parg = ctx->extra_certs;
3957 break;
3958
3959 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3960 sk_X509_pop_free(ctx->extra_certs, X509_free);
3961 ctx->extra_certs = NULL;
3962 break;
3963
3964 case SSL_CTRL_CHAIN:
3965 if (larg)
3966 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3967 else
3968 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3969
3970 case SSL_CTRL_CHAIN_CERT:
3971 if (larg)
3972 return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
3973 else
3974 return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
3975
3976 case SSL_CTRL_GET_CHAIN_CERTS:
3977 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3978 break;
3979
3980 case SSL_CTRL_SELECT_CURRENT_CERT:
3981 return ssl_cert_select_current(ctx->cert, (X509 *)parg);
3982
3983 case SSL_CTRL_SET_CURRENT_CERT:
3984 return ssl_cert_set_current(ctx->cert, larg);
3985
3986 default:
3987 return 0;
3988 }
3989 return 1;
3990}
3991
3992long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
3993{
3994 switch (cmd) {
3995#ifndef OPENSSL_NO_DH
3996 case SSL_CTRL_SET_TMP_DH_CB:
3997 {
3998 ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3999 }
4000 break;
4001#endif
4002 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
4003 ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
4004 break;
4005
4006 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
4007 ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
4008 break;
4009
4010 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
4011 ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
4012 unsigned char *,
4013 EVP_CIPHER_CTX *,
4014 HMAC_CTX *, int))fp;
4015 break;
4016
4017#ifndef OPENSSL_NO_SRP
4018 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
4019 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4020 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
4021 break;
4022 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
4023 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4024 ctx->srp_ctx.TLS_ext_srp_username_callback =
4025 (int (*)(SSL *, int *, void *))fp;
4026 break;
4027 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
4028 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4029 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
4030 (char *(*)(SSL *, void *))fp;
4031 break;
4032#endif
4033 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
4034 {
4035 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4036 }
4037 break;
4038 default:
4039 return 0;
4040 }
4041 return 1;
4042}
4043
4044const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
4045{
4046 SSL_CIPHER c;
4047 const SSL_CIPHER *cp;
4048
4049 c.id = id;
4050 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
4051 if (cp != NULL)
4052 return cp;
4053 return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
4054}
4055
4056const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
4057{
4058 SSL_CIPHER *c = NULL;
4059 SSL_CIPHER *tbl = ssl3_ciphers;
4060 size_t i;
4061
4062 /* this is not efficient, necessary to optimize this? */
4063 for (i = 0; i < SSL3_NUM_CIPHERS; i++, tbl++) {
4064 if (tbl->stdname == NULL)
4065 continue;
4066 if (strcmp(stdname, tbl->stdname) == 0) {
4067 c = tbl;
4068 break;
4069 }
4070 }
4071 if (c == NULL) {
4072 tbl = ssl3_scsvs;
4073 for (i = 0; i < SSL3_NUM_SCSVS; i++, tbl++) {
4074 if (strcmp(stdname, tbl->stdname) == 0) {
4075 c = tbl;
4076 break;
4077 }
4078 }
4079 }
4080 return c;
4081}
4082
4083/*
4084 * This function needs to check if the ciphers required are actually
4085 * available
4086 */
4087const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
4088{
4089 return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
4090 | ((uint32_t)p[0] << 8L)
4091 | (uint32_t)p[1]);
4092}
4093
4094int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
4095{
4096 if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) {
4097 *len = 0;
4098 return 1;
4099 }
4100
4101 if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
4102 return 0;
4103
4104 *len = 2;
4105 return 1;
4106}
4107
4108/*
4109 * ssl3_choose_cipher - choose a cipher from those offered by the client
4110 * @s: SSL connection
4111 * @clnt: ciphers offered by the client
4112 * @srvr: ciphers enabled on the server?
4113 *
4114 * Returns the selected cipher or NULL when no common ciphers.
4115 */
4116const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
4117 STACK_OF(SSL_CIPHER) *srvr)
4118{
4119 const SSL_CIPHER *c, *ret = NULL;
4120 STACK_OF(SSL_CIPHER) *prio, *allow;
4121 int i, ii, ok;
4122 unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
4123#ifndef OPENSSL_NO_CHACHA
4124 STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
4125#endif
4126
4127 /* Let's see which ciphers we can support */
4128
4129 /*
4130 * Do not set the compare functions, because this may lead to a
4131 * reordering by "id". We want to keep the original ordering. We may pay
4132 * a price in performance during sk_SSL_CIPHER_find(), but would have to
4133 * pay with the price of sk_SSL_CIPHER_dup().
4134 */
4135
4136#ifdef CIPHER_DEBUG
4137 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
4138 (void *)srvr);
4139 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
4140 c = sk_SSL_CIPHER_value(srvr, i);
4141 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4142 }
4143 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
4144 (void *)clnt);
4145 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
4146 c = sk_SSL_CIPHER_value(clnt, i);
4147 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4148 }
4149#endif
4150
4151 /* SUITE-B takes precedence over server preference and ChaCha priortiy */
4152 if (tls1_suiteb(s)) {
4153 prio = srvr;
4154 allow = clnt;
4155 } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
4156 prio = srvr;
4157 allow = clnt;
4158#ifndef OPENSSL_NO_CHACHA
4159 /* If ChaCha20 is at the top of the client preference list,
4160 and there are ChaCha20 ciphers in the server list, then
4161 temporarily prioritize all ChaCha20 ciphers in the servers list. */
4162 if (s->options & SSL_OP_PRIORITIZE_CHACHA && sk_SSL_CIPHER_num(clnt) > 0) {
4163 c = sk_SSL_CIPHER_value(clnt, 0);
4164 if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4165 /* ChaCha20 is client preferred, check server... */
4166 int num = sk_SSL_CIPHER_num(srvr);
4167 int found = 0;
4168 for (i = 0; i < num; i++) {
4169 c = sk_SSL_CIPHER_value(srvr, i);
4170 if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4171 found = 1;
4172 break;
4173 }
4174 }
4175 if (found) {
4176 prio_chacha = sk_SSL_CIPHER_new_reserve(NULL, num);
4177 /* if reserve fails, then there's likely a memory issue */
4178 if (prio_chacha != NULL) {
4179 /* Put all ChaCha20 at the top, starting with the one we just found */
4180 sk_SSL_CIPHER_push(prio_chacha, c);
4181 for (i++; i < num; i++) {
4182 c = sk_SSL_CIPHER_value(srvr, i);
4183 if (c->algorithm_enc == SSL_CHACHA20POLY1305)
4184 sk_SSL_CIPHER_push(prio_chacha, c);
4185 }
4186 /* Pull in the rest */
4187 for (i = 0; i < num; i++) {
4188 c = sk_SSL_CIPHER_value(srvr, i);
4189 if (c->algorithm_enc != SSL_CHACHA20POLY1305)
4190 sk_SSL_CIPHER_push(prio_chacha, c);
4191 }
4192 prio = prio_chacha;
4193 }
4194 }
4195 }
4196 }
4197# endif
4198 } else {
4199 prio = clnt;
4200 allow = srvr;
4201 }
4202
4203 if (!SSL_IS_TLS13(s)) {
4204 tls1_set_cert_validity(s);
4205 ssl_set_masks(s);
4206 }
4207
4208 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
4209 c = sk_SSL_CIPHER_value(prio, i);
4210
4211 /* Skip ciphers not supported by the protocol version */
4212 if (!SSL_IS_DTLS(s) &&
4213 ((s->version < c->min_tls) || (s->version > c->max_tls)))
4214 continue;
4215 if (SSL_IS_DTLS(s) &&
4216 (DTLS_VERSION_LT(s->version, c->min_dtls) ||
4217 DTLS_VERSION_GT(s->version, c->max_dtls)))
4218 continue;
4219
4220 /*
4221 * Since TLS 1.3 ciphersuites can be used with any auth or
4222 * key exchange scheme skip tests.
4223 */
4224 if (!SSL_IS_TLS13(s)) {
4225 mask_k = s->s3->tmp.mask_k;
4226 mask_a = s->s3->tmp.mask_a;
4227#ifndef OPENSSL_NO_SRP
4228 if (s->srp_ctx.srp_Mask & SSL_kSRP) {
4229 mask_k |= SSL_kSRP;
4230 mask_a |= SSL_aSRP;
4231 }
4232#endif
4233
4234 alg_k = c->algorithm_mkey;
4235 alg_a = c->algorithm_auth;
4236
4237#ifndef OPENSSL_NO_PSK
4238 /* with PSK there must be server callback set */
4239 if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
4240 continue;
4241#endif /* OPENSSL_NO_PSK */
4242
4243 ok = (alg_k & mask_k) && (alg_a & mask_a);
4244#ifdef CIPHER_DEBUG
4245 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
4246 alg_a, mask_k, mask_a, (void *)c, c->name);
4247#endif
4248
4249#ifndef OPENSSL_NO_EC
4250 /*
4251 * if we are considering an ECC cipher suite that uses an ephemeral
4252 * EC key check it
4253 */
4254 if (alg_k & SSL_kECDHE)
4255 ok = ok && tls1_check_ec_tmp_key(s, c->id);
4256#endif /* OPENSSL_NO_EC */
4257
4258 if (!ok)
4259 continue;
4260 }
4261 ii = sk_SSL_CIPHER_find(allow, c);
4262 if (ii >= 0) {
4263 /* Check security callback permits this cipher */
4264 if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
4265 c->strength_bits, 0, (void *)c))
4266 continue;
4267#if !defined(OPENSSL_NO_EC)
4268 if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
4269 && s->s3->is_probably_safari) {
4270 if (!ret)
4271 ret = sk_SSL_CIPHER_value(allow, ii);
4272 continue;
4273 }
4274#endif
4275 ret = sk_SSL_CIPHER_value(allow, ii);
4276 break;
4277 }
4278 }
4279#ifndef OPENSSL_NO_CHACHA
4280 sk_SSL_CIPHER_free(prio_chacha);
4281#endif
4282 return ret;
4283}
4284
4285int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt)
4286{
4287 uint32_t alg_k, alg_a = 0;
4288
4289 /* If we have custom certificate types set, use them */
4290 if (s->cert->ctype)
4291 return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
4292 /* Get mask of algorithms disabled by signature list */
4293 ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
4294
4295 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4296
4297#ifndef OPENSSL_NO_GOST
4298 if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST))
4299 return WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN)
4300 && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_SIGN)
4301 && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_512_SIGN);
4302#endif
4303
4304 if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
4305#ifndef OPENSSL_NO_DH
4306# ifndef OPENSSL_NO_RSA
4307 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
4308 return 0;
4309# endif
4310# ifndef OPENSSL_NO_DSA
4311 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
4312 return 0;
4313# endif
4314#endif /* !OPENSSL_NO_DH */
4315 }
4316#ifndef OPENSSL_NO_RSA
4317 if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
4318 return 0;
4319#endif
4320#ifndef OPENSSL_NO_DSA
4321 if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
4322 return 0;
4323#endif
4324#ifndef OPENSSL_NO_EC
4325 /*
4326 * ECDSA certs can be used with RSA cipher suites too so we don't
4327 * need to check for SSL_kECDH or SSL_kECDHE
4328 */
4329 if (s->version >= TLS1_VERSION
4330 && !(alg_a & SSL_aECDSA)
4331 && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
4332 return 0;
4333#endif
4334 return 1;
4335}
4336
4337static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
4338{
4339 OPENSSL_free(c->ctype);
4340 c->ctype = NULL;
4341 c->ctype_len = 0;
4342 if (p == NULL || len == 0)
4343 return 1;
4344 if (len > 0xff)
4345 return 0;
4346 c->ctype = OPENSSL_memdup(p, len);
4347 if (c->ctype == NULL)
4348 return 0;
4349 c->ctype_len = len;
4350 return 1;
4351}
4352
4353int ssl3_shutdown(SSL *s)
4354{
4355 int ret;
4356
4357 /*
4358 * Don't do anything much if we have not done the handshake or we don't
4359 * want to send messages :-)
4360 */
4361 if (s->quiet_shutdown || SSL_in_before(s)) {
4362 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
4363 return 1;
4364 }
4365
4366 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
4367 s->shutdown |= SSL_SENT_SHUTDOWN;
4368 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
4369 /*
4370 * our shutdown alert has been sent now, and if it still needs to be
4371 * written, s->s3->alert_dispatch will be true
4372 */
4373 if (s->s3->alert_dispatch)
4374 return -1; /* return WANT_WRITE */
4375 } else if (s->s3->alert_dispatch) {
4376 /* resend it if not sent */
4377 ret = s->method->ssl_dispatch_alert(s);
4378 if (ret == -1) {
4379 /*
4380 * we only get to return -1 here the 2nd/Nth invocation, we must
4381 * have already signalled return 0 upon a previous invocation,
4382 * return WANT_WRITE
4383 */
4384 return ret;
4385 }
4386 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4387 size_t readbytes;
4388 /*
4389 * If we are waiting for a close from our peer, we are closed
4390 */
4391 s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
4392 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4393 return -1; /* return WANT_READ */
4394 }
4395 }
4396
4397 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
4398 !s->s3->alert_dispatch)
4399 return 1;
4400 else
4401 return 0;
4402}
4403
4404int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
4405{
4406 clear_sys_error();
4407 if (s->s3->renegotiate)
4408 ssl3_renegotiate_check(s, 0);
4409
4410 return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
4411 written);
4412}
4413
4414static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
4415 size_t *readbytes)
4416{
4417 int ret;
4418
4419 clear_sys_error();
4420 if (s->s3->renegotiate)
4421 ssl3_renegotiate_check(s, 0);
4422 s->s3->in_read_app_data = 1;
4423 ret =
4424 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
4425 peek, readbytes);
4426 if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
4427 /*
4428 * ssl3_read_bytes decided to call s->handshake_func, which called
4429 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4430 * actually found application data and thinks that application data
4431 * makes sense here; so disable handshake processing and try to read
4432 * application data again.
4433 */
4434 ossl_statem_set_in_handshake(s, 1);
4435 ret =
4436 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
4437 len, peek, readbytes);
4438 ossl_statem_set_in_handshake(s, 0);
4439 } else
4440 s->s3->in_read_app_data = 0;
4441
4442 return ret;
4443}
4444
4445int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes)
4446{
4447 return ssl3_read_internal(s, buf, len, 0, readbytes);
4448}
4449
4450int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
4451{
4452 return ssl3_read_internal(s, buf, len, 1, readbytes);
4453}
4454
4455int ssl3_renegotiate(SSL *s)
4456{
4457 if (s->handshake_func == NULL)
4458 return 1;
4459
4460 s->s3->renegotiate = 1;
4461 return 1;
4462}
4463
4464/*
4465 * Check if we are waiting to do a renegotiation and if so whether now is a
4466 * good time to do it. If |initok| is true then we are being called from inside
4467 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
4468 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
4469 * should do a renegotiation now and sets up the state machine for it. Otherwise
4470 * returns 0.
4471 */
4472int ssl3_renegotiate_check(SSL *s, int initok)
4473{
4474 int ret = 0;
4475
4476 if (s->s3->renegotiate) {
4477 if (!RECORD_LAYER_read_pending(&s->rlayer)
4478 && !RECORD_LAYER_write_pending(&s->rlayer)
4479 && (initok || !SSL_in_init(s))) {
4480 /*
4481 * if we are the server, and we have sent a 'RENEGOTIATE'
4482 * message, we need to set the state machine into the renegotiate
4483 * state.
4484 */
4485 ossl_statem_set_renegotiate(s);
4486 s->s3->renegotiate = 0;
4487 s->s3->num_renegotiations++;
4488 s->s3->total_renegotiations++;
4489 ret = 1;
4490 }
4491 }
4492 return ret;
4493}
4494
4495/*
4496 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4497 * handshake macs if required.
4498 *
4499 * If PSK and using SHA384 for TLS < 1.2 switch to default.
4500 */
4501long ssl_get_algorithm2(SSL *s)
4502{
4503 long alg2;
4504 if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL)
4505 return -1;
4506 alg2 = s->s3->tmp.new_cipher->algorithm2;
4507 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4508 if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4509 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4510 } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4511 if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4512 return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4513 }
4514 return alg2;
4515}
4516
4517/*
4518 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4519 * failure, 1 on success.
4520 */
4521int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len,
4522 DOWNGRADE dgrd)
4523{
4524 int send_time = 0, ret;
4525
4526 if (len < 4)
4527 return 0;
4528 if (server)
4529 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4530 else
4531 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4532 if (send_time) {
4533 unsigned long Time = (unsigned long)time(NULL);
4534 unsigned char *p = result;
4535
4536 l2n(Time, p);
4537 ret = ssl_randbytes(s, p, len - 4);
4538 } else {
4539 ret = ssl_randbytes(s, result, len);
4540 }
4541#ifndef OPENSSL_NO_TLS13DOWNGRADE
4542 if (ret) {
4543 if (!ossl_assert(sizeof(tls11downgrade) < len)
4544 || !ossl_assert(sizeof(tls12downgrade) < len))
4545 return 0;
4546 if (dgrd == DOWNGRADE_TO_1_2)
4547 memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
4548 sizeof(tls12downgrade));
4549 else if (dgrd == DOWNGRADE_TO_1_1)
4550 memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
4551 sizeof(tls11downgrade));
4552 }
4553#endif
4554 return ret;
4555}
4556
4557int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
4558 int free_pms)
4559{
4560 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4561 int ret = 0;
4562
4563 if (alg_k & SSL_PSK) {
4564#ifndef OPENSSL_NO_PSK
4565 unsigned char *pskpms, *t;
4566 size_t psklen = s->s3->tmp.psklen;
4567 size_t pskpmslen;
4568
4569 /* create PSK premaster_secret */
4570
4571 /* For plain PSK "other_secret" is psklen zeroes */
4572 if (alg_k & SSL_kPSK)
4573 pmslen = psklen;
4574
4575 pskpmslen = 4 + pmslen + psklen;
4576 pskpms = OPENSSL_malloc(pskpmslen);
4577 if (pskpms == NULL)
4578 goto err;
4579 t = pskpms;
4580 s2n(pmslen, t);
4581 if (alg_k & SSL_kPSK)
4582 memset(t, 0, pmslen);
4583 else
4584 memcpy(t, pms, pmslen);
4585 t += pmslen;
4586 s2n(psklen, t);
4587 memcpy(t, s->s3->tmp.psk, psklen);
4588
4589 OPENSSL_clear_free(s->s3->tmp.psk, psklen);
4590 s->s3->tmp.psk = NULL;
4591 if (!s->method->ssl3_enc->generate_master_secret(s,
4592 s->session->master_key,pskpms, pskpmslen,
4593 &s->session->master_key_length))
4594 goto err;
4595 OPENSSL_clear_free(pskpms, pskpmslen);
4596#else
4597 /* Should never happen */
4598 goto err;
4599#endif
4600 } else {
4601 if (!s->method->ssl3_enc->generate_master_secret(s,
4602 s->session->master_key, pms, pmslen,
4603 &s->session->master_key_length))
4604 goto err;
4605 }
4606
4607 ret = 1;
4608 err:
4609 if (pms) {
4610 if (free_pms)
4611 OPENSSL_clear_free(pms, pmslen);
4612 else
4613 OPENSSL_cleanse(pms, pmslen);
4614 }
4615 if (s->server == 0)
4616 s->s3->tmp.pms = NULL;
4617 return ret;
4618}
4619
4620/* Generate a private key from parameters */
4621EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm)
4622{
4623 EVP_PKEY_CTX *pctx = NULL;
4624 EVP_PKEY *pkey = NULL;
4625
4626 if (pm == NULL)
4627 return NULL;
4628 pctx = EVP_PKEY_CTX_new(pm, NULL);
4629 if (pctx == NULL)
4630 goto err;
4631 if (EVP_PKEY_keygen_init(pctx) <= 0)
4632 goto err;
4633 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4634 EVP_PKEY_free(pkey);
4635 pkey = NULL;
4636 }
4637
4638 err:
4639 EVP_PKEY_CTX_free(pctx);
4640 return pkey;
4641}
4642#ifndef OPENSSL_NO_EC
4643/* Generate a private key from a group ID */
4644EVP_PKEY *ssl_generate_pkey_group(uint16_t id)
4645{
4646 EVP_PKEY_CTX *pctx = NULL;
4647 EVP_PKEY *pkey = NULL;
4648 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
4649 uint16_t gtype;
4650
4651 if (ginf == NULL)
4652 goto err;
4653 gtype = ginf->flags & TLS_CURVE_TYPE;
4654 if (gtype == TLS_CURVE_CUSTOM)
4655 pctx = EVP_PKEY_CTX_new_id(ginf->nid, NULL);
4656 else
4657 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4658 if (pctx == NULL)
4659 goto err;
4660 if (EVP_PKEY_keygen_init(pctx) <= 0)
4661 goto err;
4662 if (gtype != TLS_CURVE_CUSTOM
4663 && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0)
4664 goto err;
4665 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4666 EVP_PKEY_free(pkey);
4667 pkey = NULL;
4668 }
4669
4670 err:
4671 EVP_PKEY_CTX_free(pctx);
4672 return pkey;
4673}
4674
4675/*
4676 * Generate parameters from a group ID
4677 */
4678EVP_PKEY *ssl_generate_param_group(uint16_t id)
4679{
4680 EVP_PKEY_CTX *pctx = NULL;
4681 EVP_PKEY *pkey = NULL;
4682 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
4683
4684 if (ginf == NULL)
4685 goto err;
4686
4687 if ((ginf->flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) {
4688 pkey = EVP_PKEY_new();
4689 if (pkey != NULL && EVP_PKEY_set_type(pkey, ginf->nid))
4690 return pkey;
4691 EVP_PKEY_free(pkey);
4692 return NULL;
4693 }
4694
4695 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4696 if (pctx == NULL)
4697 goto err;
4698 if (EVP_PKEY_paramgen_init(pctx) <= 0)
4699 goto err;
4700 if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0)
4701 goto err;
4702 if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) {
4703 EVP_PKEY_free(pkey);
4704 pkey = NULL;
4705 }
4706
4707 err:
4708 EVP_PKEY_CTX_free(pctx);
4709 return pkey;
4710}
4711#endif
4712
4713/* Derive secrets for ECDH/DH */
4714int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
4715{
4716 int rv = 0;
4717 unsigned char *pms = NULL;
4718 size_t pmslen = 0;
4719 EVP_PKEY_CTX *pctx;
4720
4721 if (privkey == NULL || pubkey == NULL)
4722 return 0;
4723
4724 pctx = EVP_PKEY_CTX_new(privkey, NULL);
4725
4726 if (EVP_PKEY_derive_init(pctx) <= 0
4727 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4728 || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
4729 goto err;
4730 }
4731
4732 pms = OPENSSL_malloc(pmslen);
4733 if (pms == NULL)
4734 goto err;
4735
4736 if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0)
4737 goto err;
4738
4739 if (gensecret) {
4740 if (SSL_IS_TLS13(s)) {
4741 /*
4742 * If we are resuming then we already generated the early secret
4743 * when we created the ClientHello, so don't recreate it.
4744 */
4745 if (!s->hit)
4746 rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
4747 0,
4748 (unsigned char *)&s->early_secret);
4749 else
4750 rv = 1;
4751
4752 rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
4753 } else {
4754 rv = ssl_generate_master_secret(s, pms, pmslen, 0);
4755 }
4756 } else {
4757 /* Save premaster secret */
4758 s->s3->tmp.pms = pms;
4759 s->s3->tmp.pmslen = pmslen;
4760 pms = NULL;
4761 rv = 1;
4762 }
4763
4764 err:
4765 OPENSSL_clear_free(pms, pmslen);
4766 EVP_PKEY_CTX_free(pctx);
4767 return rv;
4768}
4769
4770#ifndef OPENSSL_NO_DH
4771EVP_PKEY *ssl_dh_to_pkey(DH *dh)
4772{
4773 EVP_PKEY *ret;
4774 if (dh == NULL)
4775 return NULL;
4776 ret = EVP_PKEY_new();
4777 if (EVP_PKEY_set1_DH(ret, dh) <= 0) {
4778 EVP_PKEY_free(ret);
4779 return NULL;
4780 }
4781 return ret;
4782}
4783#endif
A mirror of the official openssl repository