2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* ====================================================================
11 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
13 * Portions of the attached software ("Contribution") are developed by
14 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
16 * The Contribution is licensed pursuant to the OpenSSL open source
17 * license provided above.
19 * ECC cipher suite support in OpenSSL originally written by
20 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
23 /* ====================================================================
24 * Copyright 2005 Nokia. All rights reserved.
26 * The portions of the attached software ("Contribution") is developed by
27 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
30 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
31 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
32 * support (see RFC 4279) to OpenSSL.
34 * No patent licenses or other rights except those expressly stated in
35 * the OpenSSL open source license shall be deemed granted or received
36 * expressly, by implication, estoppel, or otherwise.
38 * No assurances are provided by Nokia that the Contribution does not
39 * infringe the patent or other intellectual property rights of any third
40 * party or that the license provides you with all the necessary rights
41 * to make use of the Contribution.
43 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
44 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
45 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
46 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
51 #include <openssl/objects.h>
53 #include <openssl/md5.h>
54 #include <openssl/dh.h>
55 #include <openssl/rand.h>
57 #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
60 * The list of available ciphers, mostly organized into the following
65 * SRP (within that: RSA EC PSK)
66 * Cipher families: Chacha/poly, Camellila, Gost, IDEA, SEED
69 static SSL_CIPHER ssl3_ciphers
[] = {
72 SSL3_TXT_RSA_NULL_MD5
,
78 SSL3_VERSION
, TLS1_2_VERSION
,
79 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
81 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
87 SSL3_TXT_RSA_NULL_SHA
,
93 SSL3_VERSION
, TLS1_2_VERSION
,
94 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
95 SSL_STRONG_NONE
| SSL_FIPS
,
96 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
100 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
103 SSL3_TXT_RSA_DES_192_CBC3_SHA
,
104 SSL3_CK_RSA_DES_192_CBC3_SHA
,
109 SSL3_VERSION
, TLS1_2_VERSION
,
110 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
111 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
112 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
118 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA
,
119 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA
,
124 SSL3_VERSION
, TLS1_2_VERSION
,
125 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
126 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
127 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
133 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA
,
134 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA
,
139 SSL3_VERSION
, TLS1_2_VERSION
,
140 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
141 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
142 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
148 SSL3_TXT_ADH_DES_192_CBC_SHA
,
149 SSL3_CK_ADH_DES_192_CBC_SHA
,
154 SSL3_VERSION
, TLS1_2_VERSION
,
155 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
156 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
157 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
164 TLS1_TXT_RSA_WITH_AES_128_SHA
,
165 TLS1_CK_RSA_WITH_AES_128_SHA
,
170 SSL3_VERSION
, TLS1_2_VERSION
,
171 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
173 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
179 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA
,
180 TLS1_CK_DHE_DSS_WITH_AES_128_SHA
,
185 SSL3_VERSION
, TLS1_2_VERSION
,
186 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
187 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
188 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
194 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA
,
195 TLS1_CK_DHE_RSA_WITH_AES_128_SHA
,
200 SSL3_VERSION
, TLS1_2_VERSION
,
201 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
203 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
209 TLS1_TXT_ADH_WITH_AES_128_SHA
,
210 TLS1_CK_ADH_WITH_AES_128_SHA
,
215 SSL3_VERSION
, TLS1_2_VERSION
,
216 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
217 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
218 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
224 TLS1_TXT_RSA_WITH_AES_256_SHA
,
225 TLS1_CK_RSA_WITH_AES_256_SHA
,
230 SSL3_VERSION
, TLS1_2_VERSION
,
231 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
233 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
239 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA
,
240 TLS1_CK_DHE_DSS_WITH_AES_256_SHA
,
245 SSL3_VERSION
, TLS1_2_VERSION
,
246 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
247 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
248 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
254 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA
,
255 TLS1_CK_DHE_RSA_WITH_AES_256_SHA
,
260 SSL3_VERSION
, TLS1_2_VERSION
,
261 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
263 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
269 TLS1_TXT_ADH_WITH_AES_256_SHA
,
270 TLS1_CK_ADH_WITH_AES_256_SHA
,
275 SSL3_VERSION
, TLS1_2_VERSION
,
276 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
277 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
278 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
284 TLS1_TXT_RSA_WITH_NULL_SHA256
,
285 TLS1_CK_RSA_WITH_NULL_SHA256
,
290 TLS1_2_VERSION
, TLS1_2_VERSION
,
291 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
292 SSL_STRONG_NONE
| SSL_FIPS
,
293 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
299 TLS1_TXT_RSA_WITH_AES_128_SHA256
,
300 TLS1_CK_RSA_WITH_AES_128_SHA256
,
305 TLS1_2_VERSION
, TLS1_2_VERSION
,
306 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
308 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
314 TLS1_TXT_RSA_WITH_AES_256_SHA256
,
315 TLS1_CK_RSA_WITH_AES_256_SHA256
,
320 TLS1_2_VERSION
, TLS1_2_VERSION
,
321 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
323 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
329 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256
,
330 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256
,
335 TLS1_2_VERSION
, TLS1_2_VERSION
,
336 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
337 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
338 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
344 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256
,
345 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256
,
350 TLS1_2_VERSION
, TLS1_2_VERSION
,
351 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
353 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
359 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256
,
360 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256
,
365 TLS1_2_VERSION
, TLS1_2_VERSION
,
366 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
367 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
368 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
374 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256
,
375 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256
,
380 TLS1_2_VERSION
, TLS1_2_VERSION
,
381 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
383 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
389 TLS1_TXT_ADH_WITH_AES_128_SHA256
,
390 TLS1_CK_ADH_WITH_AES_128_SHA256
,
395 TLS1_2_VERSION
, TLS1_2_VERSION
,
396 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
397 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
398 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
404 TLS1_TXT_ADH_WITH_AES_256_SHA256
,
405 TLS1_CK_ADH_WITH_AES_256_SHA256
,
410 TLS1_2_VERSION
, TLS1_2_VERSION
,
411 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
412 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
413 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
419 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256
,
420 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256
,
425 TLS1_2_VERSION
, TLS1_2_VERSION
,
426 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
428 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
434 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384
,
435 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384
,
440 TLS1_2_VERSION
, TLS1_2_VERSION
,
441 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
443 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
449 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256
,
450 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256
,
455 TLS1_2_VERSION
, TLS1_2_VERSION
,
456 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
458 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
464 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384
,
465 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384
,
470 TLS1_2_VERSION
, TLS1_2_VERSION
,
471 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
473 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
479 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256
,
480 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256
,
485 TLS1_2_VERSION
, TLS1_2_VERSION
,
486 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
487 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
488 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
494 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384
,
495 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384
,
500 TLS1_2_VERSION
, TLS1_2_VERSION
,
501 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
502 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
503 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
509 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256
,
510 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256
,
515 TLS1_2_VERSION
, TLS1_2_VERSION
,
516 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
517 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
518 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
524 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384
,
525 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384
,
530 TLS1_2_VERSION
, TLS1_2_VERSION
,
531 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
532 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
533 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
539 TLS1_TXT_RSA_WITH_AES_128_CCM
,
540 TLS1_CK_RSA_WITH_AES_128_CCM
,
545 TLS1_2_VERSION
, TLS1_2_VERSION
,
546 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
547 SSL_NOT_DEFAULT
| SSL_HIGH
,
548 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
554 TLS1_TXT_RSA_WITH_AES_256_CCM
,
555 TLS1_CK_RSA_WITH_AES_256_CCM
,
560 TLS1_2_VERSION
, TLS1_2_VERSION
,
561 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
562 SSL_NOT_DEFAULT
| SSL_HIGH
,
563 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
569 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM
,
570 TLS1_CK_DHE_RSA_WITH_AES_128_CCM
,
575 TLS1_2_VERSION
, TLS1_2_VERSION
,
576 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
577 SSL_NOT_DEFAULT
| SSL_HIGH
,
578 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
584 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM
,
585 TLS1_CK_DHE_RSA_WITH_AES_256_CCM
,
590 TLS1_2_VERSION
, TLS1_2_VERSION
,
591 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
592 SSL_NOT_DEFAULT
| SSL_HIGH
,
593 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
599 TLS1_TXT_RSA_WITH_AES_128_CCM_8
,
600 TLS1_CK_RSA_WITH_AES_128_CCM_8
,
605 TLS1_2_VERSION
, TLS1_2_VERSION
,
606 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
607 SSL_NOT_DEFAULT
| SSL_HIGH
,
608 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
614 TLS1_TXT_RSA_WITH_AES_256_CCM_8
,
615 TLS1_CK_RSA_WITH_AES_256_CCM_8
,
620 TLS1_2_VERSION
, TLS1_2_VERSION
,
621 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
622 SSL_NOT_DEFAULT
| SSL_HIGH
,
623 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
629 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8
,
630 TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8
,
635 TLS1_2_VERSION
, TLS1_2_VERSION
,
636 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
637 SSL_NOT_DEFAULT
| SSL_HIGH
,
638 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
644 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8
,
645 TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8
,
650 TLS1_2_VERSION
, TLS1_2_VERSION
,
651 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
652 SSL_NOT_DEFAULT
| SSL_HIGH
,
653 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
659 TLS1_TXT_PSK_WITH_AES_128_CCM
,
660 TLS1_CK_PSK_WITH_AES_128_CCM
,
665 TLS1_2_VERSION
, TLS1_2_VERSION
,
666 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
667 SSL_NOT_DEFAULT
| SSL_HIGH
,
668 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
674 TLS1_TXT_PSK_WITH_AES_256_CCM
,
675 TLS1_CK_PSK_WITH_AES_256_CCM
,
680 TLS1_2_VERSION
, TLS1_2_VERSION
,
681 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
682 SSL_NOT_DEFAULT
| SSL_HIGH
,
683 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
689 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM
,
690 TLS1_CK_DHE_PSK_WITH_AES_128_CCM
,
695 TLS1_2_VERSION
, TLS1_2_VERSION
,
696 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
697 SSL_NOT_DEFAULT
| SSL_HIGH
,
698 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
704 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM
,
705 TLS1_CK_DHE_PSK_WITH_AES_256_CCM
,
710 TLS1_2_VERSION
, TLS1_2_VERSION
,
711 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
712 SSL_NOT_DEFAULT
| SSL_HIGH
,
713 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
719 TLS1_TXT_PSK_WITH_AES_128_CCM_8
,
720 TLS1_CK_PSK_WITH_AES_128_CCM_8
,
725 TLS1_2_VERSION
, TLS1_2_VERSION
,
726 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
727 SSL_NOT_DEFAULT
| SSL_HIGH
,
728 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
734 TLS1_TXT_PSK_WITH_AES_256_CCM_8
,
735 TLS1_CK_PSK_WITH_AES_256_CCM_8
,
740 TLS1_2_VERSION
, TLS1_2_VERSION
,
741 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
742 SSL_NOT_DEFAULT
| SSL_HIGH
,
743 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
749 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8
,
750 TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8
,
755 TLS1_2_VERSION
, TLS1_2_VERSION
,
756 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
757 SSL_NOT_DEFAULT
| SSL_HIGH
,
758 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
764 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8
,
765 TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8
,
770 TLS1_2_VERSION
, TLS1_2_VERSION
,
771 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
772 SSL_NOT_DEFAULT
| SSL_HIGH
,
773 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
779 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM
,
780 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM
,
785 TLS1_2_VERSION
, TLS1_2_VERSION
,
786 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
787 SSL_NOT_DEFAULT
| SSL_HIGH
,
788 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
794 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM
,
795 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM
,
800 TLS1_2_VERSION
, TLS1_2_VERSION
,
801 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
802 SSL_NOT_DEFAULT
| SSL_HIGH
,
803 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
809 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8
,
810 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8
,
815 TLS1_2_VERSION
, TLS1_2_VERSION
,
816 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
817 SSL_NOT_DEFAULT
| SSL_HIGH
,
818 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
824 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8
,
825 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8
,
830 TLS1_2_VERSION
, TLS1_2_VERSION
,
831 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
832 SSL_NOT_DEFAULT
| SSL_HIGH
,
833 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
839 TLS1_3_TXT_AES_128_GCM_SHA256
,
840 TLS1_3_CK_AES_128_GCM_SHA256
,
845 TLS1_3_VERSION
, TLS1_3_VERSION
,
848 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
853 #ifndef OPENSSL_NO_EC
856 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA
,
857 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA
,
862 SSL3_VERSION
, TLS1_2_VERSION
,
863 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
864 SSL_STRONG_NONE
| SSL_FIPS
,
865 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
869 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
872 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA
,
873 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA
,
878 SSL3_VERSION
, TLS1_2_VERSION
,
879 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
880 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
881 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
888 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,
889 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,
894 SSL3_VERSION
, TLS1_2_VERSION
,
895 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
897 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
903 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,
904 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,
909 SSL3_VERSION
, TLS1_2_VERSION
,
910 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
912 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
918 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA
,
919 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA
,
924 SSL3_VERSION
, TLS1_2_VERSION
,
925 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
926 SSL_STRONG_NONE
| SSL_FIPS
,
927 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
931 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
934 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA
,
935 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA
,
940 SSL3_VERSION
, TLS1_2_VERSION
,
941 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
942 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
943 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
950 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA
,
951 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
,
956 SSL3_VERSION
, TLS1_2_VERSION
,
957 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
959 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
965 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA
,
966 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
,
971 SSL3_VERSION
, TLS1_2_VERSION
,
972 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
974 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
980 TLS1_TXT_ECDH_anon_WITH_NULL_SHA
,
981 TLS1_CK_ECDH_anon_WITH_NULL_SHA
,
986 SSL3_VERSION
, TLS1_2_VERSION
,
987 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
988 SSL_STRONG_NONE
| SSL_FIPS
,
989 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
993 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
996 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA
,
997 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA
,
1002 SSL3_VERSION
, TLS1_2_VERSION
,
1003 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1004 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
1005 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1012 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA
,
1013 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA
,
1018 SSL3_VERSION
, TLS1_2_VERSION
,
1019 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1020 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
1021 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1027 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA
,
1028 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA
,
1033 SSL3_VERSION
, TLS1_2_VERSION
,
1034 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1035 SSL_NOT_DEFAULT
| SSL_HIGH
| SSL_FIPS
,
1036 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1042 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256
,
1043 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256
,
1048 TLS1_2_VERSION
, TLS1_2_VERSION
,
1049 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1050 SSL_HIGH
| SSL_FIPS
,
1051 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1057 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384
,
1058 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384
,
1063 TLS1_2_VERSION
, TLS1_2_VERSION
,
1064 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1065 SSL_HIGH
| SSL_FIPS
,
1066 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1072 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256
,
1073 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256
,
1078 TLS1_2_VERSION
, TLS1_2_VERSION
,
1079 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1080 SSL_HIGH
| SSL_FIPS
,
1081 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1087 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384
,
1088 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384
,
1093 TLS1_2_VERSION
, TLS1_2_VERSION
,
1094 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1095 SSL_HIGH
| SSL_FIPS
,
1096 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1102 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,
1103 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,
1108 TLS1_2_VERSION
, TLS1_2_VERSION
,
1109 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1110 SSL_HIGH
| SSL_FIPS
,
1111 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1117 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,
1118 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,
1123 TLS1_2_VERSION
, TLS1_2_VERSION
,
1124 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1125 SSL_HIGH
| SSL_FIPS
,
1126 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1132 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,
1133 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,
1138 TLS1_2_VERSION
, TLS1_2_VERSION
,
1139 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1140 SSL_HIGH
| SSL_FIPS
,
1141 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1147 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,
1148 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,
1153 TLS1_2_VERSION
, TLS1_2_VERSION
,
1154 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1155 SSL_HIGH
| SSL_FIPS
,
1156 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1160 #endif /* OPENSSL_NO_EC */
1162 #ifndef OPENSSL_NO_PSK
1165 TLS1_TXT_PSK_WITH_NULL_SHA
,
1166 TLS1_CK_PSK_WITH_NULL_SHA
,
1171 SSL3_VERSION
, TLS1_2_VERSION
,
1172 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1173 SSL_STRONG_NONE
| SSL_FIPS
,
1174 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1180 TLS1_TXT_DHE_PSK_WITH_NULL_SHA
,
1181 TLS1_CK_DHE_PSK_WITH_NULL_SHA
,
1186 SSL3_VERSION
, TLS1_2_VERSION
,
1187 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1188 SSL_STRONG_NONE
| SSL_FIPS
,
1189 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1195 TLS1_TXT_RSA_PSK_WITH_NULL_SHA
,
1196 TLS1_CK_RSA_PSK_WITH_NULL_SHA
,
1201 SSL3_VERSION
, TLS1_2_VERSION
,
1202 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1203 SSL_STRONG_NONE
| SSL_FIPS
,
1204 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1208 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1211 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA
,
1212 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA
,
1217 SSL3_VERSION
, TLS1_2_VERSION
,
1218 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1219 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
1220 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1227 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA
,
1228 TLS1_CK_PSK_WITH_AES_128_CBC_SHA
,
1233 SSL3_VERSION
, TLS1_2_VERSION
,
1234 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1235 SSL_HIGH
| SSL_FIPS
,
1236 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1242 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA
,
1243 TLS1_CK_PSK_WITH_AES_256_CBC_SHA
,
1248 SSL3_VERSION
, TLS1_2_VERSION
,
1249 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1250 SSL_HIGH
| SSL_FIPS
,
1251 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1255 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1258 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA
,
1259 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA
,
1264 SSL3_VERSION
, TLS1_2_VERSION
,
1265 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1266 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
1267 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1274 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA
,
1275 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA
,
1280 SSL3_VERSION
, TLS1_2_VERSION
,
1281 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1282 SSL_HIGH
| SSL_FIPS
,
1283 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1289 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA
,
1290 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA
,
1295 SSL3_VERSION
, TLS1_2_VERSION
,
1296 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1297 SSL_HIGH
| SSL_FIPS
,
1298 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1302 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1305 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA
,
1306 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA
,
1311 SSL3_VERSION
, TLS1_2_VERSION
,
1312 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1313 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
1314 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1321 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA
,
1322 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA
,
1327 SSL3_VERSION
, TLS1_2_VERSION
,
1328 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1329 SSL_HIGH
| SSL_FIPS
,
1330 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1336 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA
,
1337 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA
,
1342 SSL3_VERSION
, TLS1_2_VERSION
,
1343 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1344 SSL_HIGH
| SSL_FIPS
,
1345 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1351 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256
,
1352 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256
,
1357 TLS1_2_VERSION
, TLS1_2_VERSION
,
1358 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1359 SSL_HIGH
| SSL_FIPS
,
1360 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1366 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384
,
1367 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384
,
1372 TLS1_2_VERSION
, TLS1_2_VERSION
,
1373 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1374 SSL_HIGH
| SSL_FIPS
,
1375 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1381 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256
,
1382 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256
,
1387 TLS1_2_VERSION
, TLS1_2_VERSION
,
1388 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1389 SSL_HIGH
| SSL_FIPS
,
1390 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1396 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384
,
1397 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384
,
1402 TLS1_2_VERSION
, TLS1_2_VERSION
,
1403 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1404 SSL_HIGH
| SSL_FIPS
,
1405 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1411 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256
,
1412 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256
,
1417 TLS1_2_VERSION
, TLS1_2_VERSION
,
1418 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1419 SSL_HIGH
| SSL_FIPS
,
1420 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1426 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384
,
1427 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384
,
1432 TLS1_2_VERSION
, TLS1_2_VERSION
,
1433 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1434 SSL_HIGH
| SSL_FIPS
,
1435 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1441 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256
,
1442 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256
,
1447 TLS1_VERSION
, TLS1_2_VERSION
,
1448 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1449 SSL_HIGH
| SSL_FIPS
,
1450 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1456 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384
,
1457 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384
,
1462 TLS1_VERSION
, TLS1_2_VERSION
,
1463 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1464 SSL_HIGH
| SSL_FIPS
,
1465 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1471 TLS1_TXT_PSK_WITH_NULL_SHA256
,
1472 TLS1_CK_PSK_WITH_NULL_SHA256
,
1477 TLS1_VERSION
, TLS1_2_VERSION
,
1478 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1479 SSL_STRONG_NONE
| SSL_FIPS
,
1480 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1486 TLS1_TXT_PSK_WITH_NULL_SHA384
,
1487 TLS1_CK_PSK_WITH_NULL_SHA384
,
1492 TLS1_VERSION
, TLS1_2_VERSION
,
1493 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1494 SSL_STRONG_NONE
| SSL_FIPS
,
1495 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1501 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256
,
1502 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256
,
1507 TLS1_VERSION
, TLS1_2_VERSION
,
1508 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1509 SSL_HIGH
| SSL_FIPS
,
1510 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1516 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384
,
1517 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384
,
1522 TLS1_VERSION
, TLS1_2_VERSION
,
1523 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1524 SSL_HIGH
| SSL_FIPS
,
1525 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1531 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256
,
1532 TLS1_CK_DHE_PSK_WITH_NULL_SHA256
,
1537 TLS1_VERSION
, TLS1_2_VERSION
,
1538 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1539 SSL_STRONG_NONE
| SSL_FIPS
,
1540 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1546 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384
,
1547 TLS1_CK_DHE_PSK_WITH_NULL_SHA384
,
1552 TLS1_VERSION
, TLS1_2_VERSION
,
1553 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1554 SSL_STRONG_NONE
| SSL_FIPS
,
1555 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1561 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256
,
1562 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256
,
1567 TLS1_VERSION
, TLS1_2_VERSION
,
1568 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1569 SSL_HIGH
| SSL_FIPS
,
1570 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1576 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384
,
1577 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384
,
1582 TLS1_VERSION
, TLS1_2_VERSION
,
1583 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1584 SSL_HIGH
| SSL_FIPS
,
1585 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1591 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256
,
1592 TLS1_CK_RSA_PSK_WITH_NULL_SHA256
,
1597 TLS1_VERSION
, TLS1_2_VERSION
,
1598 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1599 SSL_STRONG_NONE
| SSL_FIPS
,
1600 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1606 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384
,
1607 TLS1_CK_RSA_PSK_WITH_NULL_SHA384
,
1612 TLS1_VERSION
, TLS1_2_VERSION
,
1613 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1614 SSL_STRONG_NONE
| SSL_FIPS
,
1615 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1619 # ifndef OPENSSL_NO_EC
1620 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1623 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
,
1624 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
,
1629 SSL3_VERSION
, TLS1_2_VERSION
,
1630 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1631 SSL_NOT_DEFAULT
| SSL_MEDIUM
| SSL_FIPS
,
1632 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1639 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA
,
1640 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA
,
1645 SSL3_VERSION
, TLS1_2_VERSION
,
1646 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1647 SSL_HIGH
| SSL_FIPS
,
1648 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1654 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA
,
1655 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA
,
1660 SSL3_VERSION
, TLS1_2_VERSION
,
1661 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1662 SSL_HIGH
| SSL_FIPS
,
1663 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1669 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256
,
1670 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256
,
1675 TLS1_VERSION
, TLS1_2_VERSION
,
1676 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1677 SSL_HIGH
| SSL_FIPS
,
1678 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1684 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384
,
1685 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384
,
1690 TLS1_VERSION
, TLS1_2_VERSION
,
1691 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1692 SSL_HIGH
| SSL_FIPS
,
1693 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1699 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA
,
1700 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA
,
1705 SSL3_VERSION
, TLS1_2_VERSION
,
1706 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1707 SSL_STRONG_NONE
| SSL_FIPS
,
1708 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1714 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256
,
1715 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256
,
1720 TLS1_VERSION
, TLS1_2_VERSION
,
1721 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1722 SSL_STRONG_NONE
| SSL_FIPS
,
1723 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1729 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384
,
1730 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384
,
1735 TLS1_VERSION
, TLS1_2_VERSION
,
1736 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1737 SSL_STRONG_NONE
| SSL_FIPS
,
1738 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
1742 # endif /* OPENSSL_NO_EC */
1743 #endif /* OPENSSL_NO_PSK */
1745 #ifndef OPENSSL_NO_SRP
1746 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1749 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA
,
1750 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA
,
1755 SSL3_VERSION
, TLS1_2_VERSION
,
1756 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1757 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
1758 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1764 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
,
1765 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
,
1770 SSL3_VERSION
, TLS1_2_VERSION
,
1771 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1772 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
1773 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1779 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
,
1780 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
,
1785 SSL3_VERSION
, TLS1_2_VERSION
,
1786 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1787 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
1788 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1795 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA
,
1796 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA
,
1801 SSL3_VERSION
, TLS1_2_VERSION
,
1802 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1804 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1810 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
,
1811 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
,
1816 SSL3_VERSION
, TLS1_2_VERSION
,
1817 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1819 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1825 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA
,
1826 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA
,
1831 SSL3_VERSION
, TLS1_2_VERSION
,
1832 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1833 SSL_NOT_DEFAULT
| SSL_HIGH
,
1834 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1840 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA
,
1841 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA
,
1846 SSL3_VERSION
, TLS1_2_VERSION
,
1847 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1849 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1855 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA
,
1856 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA
,
1861 SSL3_VERSION
, TLS1_2_VERSION
,
1862 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1864 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1870 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA
,
1871 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA
,
1876 SSL3_VERSION
, TLS1_2_VERSION
,
1877 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
1878 SSL_NOT_DEFAULT
| SSL_HIGH
,
1879 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
1883 #endif /* OPENSSL_NO_SRP */
1885 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1886 # ifndef OPENSSL_NO_RSA
1889 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305
,
1890 TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305
,
1893 SSL_CHACHA20POLY1305
,
1895 TLS1_2_VERSION
, TLS1_2_VERSION
,
1896 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1898 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1902 # endif /* OPENSSL_NO_RSA */
1904 # ifndef OPENSSL_NO_EC
1907 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305
,
1908 TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305
,
1911 SSL_CHACHA20POLY1305
,
1913 TLS1_2_VERSION
, TLS1_2_VERSION
,
1914 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1916 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1922 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
,
1923 TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
,
1926 SSL_CHACHA20POLY1305
,
1928 TLS1_2_VERSION
, TLS1_2_VERSION
,
1929 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1931 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1935 # endif /* OPENSSL_NO_EC */
1937 # ifndef OPENSSL_NO_PSK
1940 TLS1_TXT_PSK_WITH_CHACHA20_POLY1305
,
1941 TLS1_CK_PSK_WITH_CHACHA20_POLY1305
,
1944 SSL_CHACHA20POLY1305
,
1946 TLS1_2_VERSION
, TLS1_2_VERSION
,
1947 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1949 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1955 TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305
,
1956 TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305
,
1959 SSL_CHACHA20POLY1305
,
1961 TLS1_2_VERSION
, TLS1_2_VERSION
,
1962 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1964 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1970 TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305
,
1971 TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305
,
1974 SSL_CHACHA20POLY1305
,
1976 TLS1_2_VERSION
, TLS1_2_VERSION
,
1977 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1979 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1985 TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305
,
1986 TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305
,
1989 SSL_CHACHA20POLY1305
,
1991 TLS1_2_VERSION
, TLS1_2_VERSION
,
1992 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
1994 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
1998 # endif /* OPENSSL_NO_PSK */
1999 #endif /* !defined(OPENSSL_NO_CHACHA) &&
2000 * !defined(OPENSSL_NO_POLY1305) */
2002 #ifndef OPENSSL_NO_CAMELLIA
2005 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
2006 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
2011 TLS1_2_VERSION
, TLS1_2_VERSION
,
2012 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2013 SSL_NOT_DEFAULT
| SSL_HIGH
,
2014 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2020 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
,
2021 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
,
2026 TLS1_2_VERSION
, TLS1_2_VERSION
,
2027 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2028 SSL_NOT_DEFAULT
| SSL_HIGH
,
2029 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2035 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
2036 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
2041 TLS1_2_VERSION
, TLS1_2_VERSION
,
2042 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2043 SSL_NOT_DEFAULT
| SSL_HIGH
,
2044 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2050 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256
,
2051 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256
,
2056 TLS1_2_VERSION
, TLS1_2_VERSION
,
2057 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2058 SSL_NOT_DEFAULT
| SSL_HIGH
,
2059 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2065 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256
,
2066 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256
,
2071 TLS1_2_VERSION
, TLS1_2_VERSION
,
2072 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2073 SSL_NOT_DEFAULT
| SSL_HIGH
,
2074 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2080 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
,
2081 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
,
2086 TLS1_2_VERSION
, TLS1_2_VERSION
,
2087 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2088 SSL_NOT_DEFAULT
| SSL_HIGH
,
2089 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2095 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
,
2096 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
,
2101 TLS1_2_VERSION
, TLS1_2_VERSION
,
2102 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2103 SSL_NOT_DEFAULT
| SSL_HIGH
,
2104 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2110 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256
,
2111 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256
,
2116 TLS1_2_VERSION
, TLS1_2_VERSION
,
2117 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2118 SSL_NOT_DEFAULT
| SSL_HIGH
,
2119 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2125 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA
,
2126 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA
,
2131 SSL3_VERSION
, TLS1_2_VERSION
,
2132 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2133 SSL_NOT_DEFAULT
| SSL_HIGH
,
2134 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2140 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
,
2141 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
,
2146 SSL3_VERSION
, TLS1_2_VERSION
,
2147 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2148 SSL_NOT_DEFAULT
| SSL_HIGH
,
2149 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2155 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
,
2156 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
,
2161 SSL3_VERSION
, TLS1_2_VERSION
,
2162 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2163 SSL_NOT_DEFAULT
| SSL_HIGH
,
2164 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2170 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA
,
2171 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA
,
2176 SSL3_VERSION
, TLS1_2_VERSION
,
2177 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2178 SSL_NOT_DEFAULT
| SSL_HIGH
,
2179 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2185 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA
,
2186 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA
,
2191 SSL3_VERSION
, TLS1_2_VERSION
,
2192 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2193 SSL_NOT_DEFAULT
| SSL_HIGH
,
2194 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2200 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
,
2201 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
,
2206 SSL3_VERSION
, TLS1_2_VERSION
,
2207 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2208 SSL_NOT_DEFAULT
| SSL_HIGH
,
2209 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2215 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
,
2216 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
,
2221 SSL3_VERSION
, TLS1_2_VERSION
,
2222 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2223 SSL_NOT_DEFAULT
| SSL_HIGH
,
2224 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2230 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA
,
2231 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA
,
2236 SSL3_VERSION
, TLS1_2_VERSION
,
2237 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2238 SSL_NOT_DEFAULT
| SSL_HIGH
,
2239 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2244 # ifndef OPENSSL_NO_EC
2247 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
,
2248 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
,
2253 TLS1_2_VERSION
, TLS1_2_VERSION
,
2254 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2255 SSL_NOT_DEFAULT
| SSL_HIGH
,
2256 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2262 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
,
2263 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
,
2268 TLS1_2_VERSION
, TLS1_2_VERSION
,
2269 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2270 SSL_NOT_DEFAULT
| SSL_HIGH
,
2271 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
2277 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
2278 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
2283 TLS1_2_VERSION
, TLS1_2_VERSION
,
2284 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2285 SSL_NOT_DEFAULT
| SSL_HIGH
,
2286 SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
,
2292 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
,
2293 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
,
2298 TLS1_2_VERSION
, TLS1_2_VERSION
,
2299 DTLS1_2_VERSION
, DTLS1_2_VERSION
,
2300 SSL_NOT_DEFAULT
| SSL_HIGH
,
2301 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
2305 # endif /* OPENSSL_NO_EC */
2307 # ifndef OPENSSL_NO_PSK
2310 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
2311 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
2316 TLS1_VERSION
, TLS1_2_VERSION
,
2317 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2318 SSL_NOT_DEFAULT
| SSL_HIGH
,
2319 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2325 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
2326 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
2331 TLS1_VERSION
, TLS1_2_VERSION
,
2332 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2333 SSL_NOT_DEFAULT
| SSL_HIGH
,
2334 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
2340 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
2341 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
2346 TLS1_VERSION
, TLS1_2_VERSION
,
2347 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2348 SSL_NOT_DEFAULT
| SSL_HIGH
,
2349 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2355 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
2356 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
2361 TLS1_VERSION
, TLS1_2_VERSION
,
2362 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2363 SSL_NOT_DEFAULT
| SSL_HIGH
,
2364 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
2370 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
2371 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
2376 TLS1_VERSION
, TLS1_2_VERSION
,
2377 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2378 SSL_NOT_DEFAULT
| SSL_HIGH
,
2379 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2385 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
2386 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
2391 TLS1_VERSION
, TLS1_2_VERSION
,
2392 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2393 SSL_NOT_DEFAULT
| SSL_HIGH
,
2394 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
2400 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
2401 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
2406 TLS1_VERSION
, TLS1_2_VERSION
,
2407 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2408 SSL_NOT_DEFAULT
| SSL_HIGH
,
2409 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2415 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
2416 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
2421 TLS1_VERSION
, TLS1_2_VERSION
,
2422 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2423 SSL_NOT_DEFAULT
| SSL_HIGH
,
2424 SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
,
2428 # endif /* OPENSSL_NO_PSK */
2430 #endif /* OPENSSL_NO_CAMELLIA */
2432 #ifndef OPENSSL_NO_GOST
2435 "GOST2001-GOST89-GOST89",
2439 SSL_eGOST2814789CNT
,
2441 TLS1_VERSION
, TLS1_2_VERSION
,
2444 SSL_HANDSHAKE_MAC_GOST94
| TLS1_PRF_GOST94
| TLS1_STREAM_MAC
,
2450 "GOST2001-NULL-GOST94",
2456 TLS1_VERSION
, TLS1_2_VERSION
,
2459 SSL_HANDSHAKE_MAC_GOST94
| TLS1_PRF_GOST94
,
2465 "GOST2012-GOST8912-GOST8912",
2468 SSL_aGOST12
| SSL_aGOST01
,
2469 SSL_eGOST2814789CNT12
,
2471 TLS1_VERSION
, TLS1_2_VERSION
,
2474 SSL_HANDSHAKE_MAC_GOST12_256
| TLS1_PRF_GOST12_256
| TLS1_STREAM_MAC
,
2480 "GOST2012-NULL-GOST12",
2483 SSL_aGOST12
| SSL_aGOST01
,
2486 TLS1_VERSION
, TLS1_2_VERSION
,
2489 SSL_HANDSHAKE_MAC_GOST12_256
| TLS1_PRF_GOST12_256
| TLS1_STREAM_MAC
,
2493 #endif /* OPENSSL_NO_GOST */
2495 #ifndef OPENSSL_NO_IDEA
2498 SSL3_TXT_RSA_IDEA_128_SHA
,
2499 SSL3_CK_RSA_IDEA_128_SHA
,
2504 SSL3_VERSION
, TLS1_1_VERSION
,
2505 DTLS1_BAD_VER
, DTLS1_VERSION
,
2506 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2507 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2513 #ifndef OPENSSL_NO_SEED
2516 TLS1_TXT_RSA_WITH_SEED_SHA
,
2517 TLS1_CK_RSA_WITH_SEED_SHA
,
2522 SSL3_VERSION
, TLS1_2_VERSION
,
2523 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2524 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2525 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2531 TLS1_TXT_DHE_DSS_WITH_SEED_SHA
,
2532 TLS1_CK_DHE_DSS_WITH_SEED_SHA
,
2537 SSL3_VERSION
, TLS1_2_VERSION
,
2538 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2539 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2540 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2546 TLS1_TXT_DHE_RSA_WITH_SEED_SHA
,
2547 TLS1_CK_DHE_RSA_WITH_SEED_SHA
,
2552 SSL3_VERSION
, TLS1_2_VERSION
,
2553 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2554 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2555 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2561 TLS1_TXT_ADH_WITH_SEED_SHA
,
2562 TLS1_CK_ADH_WITH_SEED_SHA
,
2567 SSL3_VERSION
, TLS1_2_VERSION
,
2568 DTLS1_BAD_VER
, DTLS1_2_VERSION
,
2569 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2570 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2574 #endif /* OPENSSL_NO_SEED */
2576 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
2579 SSL3_TXT_RSA_RC4_128_MD5
,
2580 SSL3_CK_RSA_RC4_128_MD5
,
2585 SSL3_VERSION
, TLS1_2_VERSION
,
2587 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2588 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2594 SSL3_TXT_RSA_RC4_128_SHA
,
2595 SSL3_CK_RSA_RC4_128_SHA
,
2600 SSL3_VERSION
, TLS1_2_VERSION
,
2602 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2603 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2609 SSL3_TXT_ADH_RC4_128_MD5
,
2610 SSL3_CK_ADH_RC4_128_MD5
,
2615 SSL3_VERSION
, TLS1_2_VERSION
,
2617 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2618 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2623 # ifndef OPENSSL_NO_EC
2626 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA
,
2627 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA
,
2632 SSL3_VERSION
, TLS1_2_VERSION
,
2634 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2635 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2641 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA
,
2642 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA
,
2647 SSL3_VERSION
, TLS1_2_VERSION
,
2649 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2650 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2656 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA
,
2657 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA
,
2662 SSL3_VERSION
, TLS1_2_VERSION
,
2664 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2665 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2671 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA
,
2672 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA
,
2677 SSL3_VERSION
, TLS1_2_VERSION
,
2679 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2680 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2684 # endif /* OPENSSL_NO_EC */
2686 # ifndef OPENSSL_NO_PSK
2689 TLS1_TXT_PSK_WITH_RC4_128_SHA
,
2690 TLS1_CK_PSK_WITH_RC4_128_SHA
,
2695 SSL3_VERSION
, TLS1_2_VERSION
,
2697 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2698 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2704 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA
,
2705 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA
,
2710 SSL3_VERSION
, TLS1_2_VERSION
,
2712 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2713 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2719 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA
,
2720 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA
,
2725 SSL3_VERSION
, TLS1_2_VERSION
,
2727 SSL_NOT_DEFAULT
| SSL_MEDIUM
,
2728 SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
,
2732 # endif /* OPENSSL_NO_PSK */
2734 #endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
2738 static int cipher_compare(const void *a
, const void *b
)
2740 const SSL_CIPHER
*ap
= (const SSL_CIPHER
*)a
;
2741 const SSL_CIPHER
*bp
= (const SSL_CIPHER
*)b
;
2743 return ap
->id
- bp
->id
;
2746 void ssl_sort_cipher_list(void)
2748 qsort(ssl3_ciphers
, OSSL_NELEM(ssl3_ciphers
), sizeof ssl3_ciphers
[0],
2752 const SSL3_ENC_METHOD SSLv3_enc_data
= {
2755 ssl3_setup_key_block
,
2756 ssl3_generate_master_secret
,
2757 ssl3_change_cipher_state
,
2758 ssl3_final_finish_mac
,
2759 SSL3_MD_CLIENT_FINISHED_CONST
, 4,
2760 SSL3_MD_SERVER_FINISHED_CONST
, 4,
2762 (int (*)(SSL
*, unsigned char *, size_t, const char *,
2763 size_t, const unsigned char *, size_t,
2764 int use_context
))ssl_undefined_function
,
2766 ssl3_set_handshake_header
,
2767 tls_close_construct_packet
,
2768 ssl3_handshake_write
2771 long ssl3_default_timeout(void)
2774 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
2775 * http, the cache would over fill
2777 return (60 * 60 * 2);
2780 int ssl3_num_ciphers(void)
2782 return (SSL3_NUM_CIPHERS
);
2785 const SSL_CIPHER
*ssl3_get_cipher(unsigned int u
)
2787 if (u
< SSL3_NUM_CIPHERS
)
2788 return (&(ssl3_ciphers
[SSL3_NUM_CIPHERS
- 1 - u
]));
2793 int ssl3_set_handshake_header(SSL
*s
, WPACKET
*pkt
, int htype
)
2795 /* No header in the event of a CCS */
2796 if (htype
== SSL3_MT_CHANGE_CIPHER_SPEC
)
2799 /* Set the content type and 3 bytes for the message len */
2800 if (!WPACKET_put_bytes_u8(pkt
, htype
)
2801 || !WPACKET_start_sub_packet_u24(pkt
))
2807 int ssl3_handshake_write(SSL
*s
)
2809 return ssl3_do_write(s
, SSL3_RT_HANDSHAKE
);
2812 int ssl3_new(SSL
*s
)
2816 if ((s3
= OPENSSL_zalloc(sizeof(*s3
))) == NULL
)
2820 #ifndef OPENSSL_NO_SRP
2821 if (!SSL_SRP_CTX_init(s
))
2824 s
->method
->ssl_clear(s
);
2830 void ssl3_free(SSL
*s
)
2832 if (s
== NULL
|| s
->s3
== NULL
)
2835 ssl3_cleanup_key_block(s
);
2837 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
2838 EVP_PKEY_free(s
->s3
->peer_tmp
);
2839 s
->s3
->peer_tmp
= NULL
;
2840 EVP_PKEY_free(s
->s3
->tmp
.pkey
);
2841 s
->s3
->tmp
.pkey
= NULL
;
2844 sk_X509_NAME_pop_free(s
->s3
->tmp
.ca_names
, X509_NAME_free
);
2845 OPENSSL_free(s
->s3
->tmp
.ciphers_raw
);
2846 OPENSSL_clear_free(s
->s3
->tmp
.pms
, s
->s3
->tmp
.pmslen
);
2847 OPENSSL_free(s
->s3
->tmp
.peer_sigalgs
);
2848 ssl3_free_digest_list(s
);
2849 OPENSSL_free(s
->s3
->alpn_selected
);
2850 OPENSSL_free(s
->s3
->alpn_proposed
);
2852 #ifndef OPENSSL_NO_SRP
2853 SSL_SRP_CTX_free(s
);
2855 OPENSSL_clear_free(s
->s3
, sizeof(*s
->s3
));
2859 void ssl3_clear(SSL
*s
)
2861 ssl3_cleanup_key_block(s
);
2862 sk_X509_NAME_pop_free(s
->s3
->tmp
.ca_names
, X509_NAME_free
);
2863 OPENSSL_free(s
->s3
->tmp
.ciphers_raw
);
2864 OPENSSL_clear_free(s
->s3
->tmp
.pms
, s
->s3
->tmp
.pmslen
);
2865 OPENSSL_free(s
->s3
->tmp
.peer_sigalgs
);
2867 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
2868 EVP_PKEY_free(s
->s3
->tmp
.pkey
);
2869 EVP_PKEY_free(s
->s3
->peer_tmp
);
2870 #endif /* !OPENSSL_NO_EC */
2872 ssl3_free_digest_list(s
);
2874 OPENSSL_free(s
->s3
->alpn_selected
);
2875 OPENSSL_free(s
->s3
->alpn_proposed
);
2877 /* NULL/zero-out everything in the s3 struct */
2878 memset(s
->s3
, 0, sizeof(*s
->s3
));
2880 ssl_free_wbio_buffer(s
);
2882 s
->version
= SSL3_VERSION
;
2884 #if !defined(OPENSSL_NO_NEXTPROTONEG)
2885 OPENSSL_free(s
->ext
.npn
);
2891 #ifndef OPENSSL_NO_SRP
2892 static char *srp_password_from_info_cb(SSL
*s
, void *arg
)
2894 return OPENSSL_strdup(s
->srp_ctx
.info
);
2898 static int ssl3_set_req_cert_type(CERT
*c
, const unsigned char *p
, size_t len
);
2900 long ssl3_ctrl(SSL
*s
, int cmd
, long larg
, void *parg
)
2905 case SSL_CTRL_GET_CLIENT_CERT_REQUEST
:
2907 case SSL_CTRL_GET_NUM_RENEGOTIATIONS
:
2908 ret
= s
->s3
->num_renegotiations
;
2910 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS
:
2911 ret
= s
->s3
->num_renegotiations
;
2912 s
->s3
->num_renegotiations
= 0;
2914 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS
:
2915 ret
= s
->s3
->total_renegotiations
;
2917 case SSL_CTRL_GET_FLAGS
:
2918 ret
= (int)(s
->s3
->flags
);
2920 #ifndef OPENSSL_NO_DH
2921 case SSL_CTRL_SET_TMP_DH
:
2923 DH
*dh
= (DH
*)parg
;
2924 EVP_PKEY
*pkdh
= NULL
;
2926 SSLerr(SSL_F_SSL3_CTRL
, ERR_R_PASSED_NULL_PARAMETER
);
2929 pkdh
= ssl_dh_to_pkey(dh
);
2931 SSLerr(SSL_F_SSL3_CTRL
, ERR_R_MALLOC_FAILURE
);
2934 if (!ssl_security(s
, SSL_SECOP_TMP_DH
,
2935 EVP_PKEY_security_bits(pkdh
), 0, pkdh
)) {
2936 SSLerr(SSL_F_SSL3_CTRL
, SSL_R_DH_KEY_TOO_SMALL
);
2937 EVP_PKEY_free(pkdh
);
2940 EVP_PKEY_free(s
->cert
->dh_tmp
);
2941 s
->cert
->dh_tmp
= pkdh
;
2945 case SSL_CTRL_SET_TMP_DH_CB
:
2947 SSLerr(SSL_F_SSL3_CTRL
, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
);
2950 case SSL_CTRL_SET_DH_AUTO
:
2951 s
->cert
->dh_tmp_auto
= larg
;
2954 #ifndef OPENSSL_NO_EC
2955 case SSL_CTRL_SET_TMP_ECDH
:
2957 const EC_GROUP
*group
= NULL
;
2961 SSLerr(SSL_F_SSL3_CTRL
, ERR_R_PASSED_NULL_PARAMETER
);
2964 group
= EC_KEY_get0_group((const EC_KEY
*)parg
);
2965 if (group
== NULL
) {
2966 SSLerr(SSL_F_SSL3_CTRL
, EC_R_MISSING_PARAMETERS
);
2969 nid
= EC_GROUP_get_curve_name(group
);
2970 if (nid
== NID_undef
)
2972 return tls1_set_groups(&s
->ext
.supportedgroups
,
2973 &s
->ext
.supportedgroups_len
,
2977 #endif /* !OPENSSL_NO_EC */
2978 case SSL_CTRL_SET_TLSEXT_HOSTNAME
:
2979 if (larg
== TLSEXT_NAMETYPE_host_name
) {
2982 OPENSSL_free(s
->ext
.hostname
);
2983 s
->ext
.hostname
= NULL
;
2988 len
= strlen((char *)parg
);
2989 if (len
== 0 || len
> TLSEXT_MAXLEN_host_name
) {
2990 SSLerr(SSL_F_SSL3_CTRL
, SSL_R_SSL3_EXT_INVALID_SERVERNAME
);
2993 if ((s
->ext
.hostname
= OPENSSL_strdup((char *)parg
)) == NULL
) {
2994 SSLerr(SSL_F_SSL3_CTRL
, ERR_R_INTERNAL_ERROR
);
2998 SSLerr(SSL_F_SSL3_CTRL
, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE
);
3002 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG
:
3003 s
->ext
.debug_arg
= parg
;
3007 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE
:
3008 ret
= s
->ext
.status_type
;
3011 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE
:
3012 s
->ext
.status_type
= larg
;
3016 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS
:
3017 *(STACK_OF(X509_EXTENSION
) **)parg
= s
->ext
.ocsp
.exts
;
3021 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS
:
3022 s
->ext
.ocsp
.exts
= parg
;
3026 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS
:
3027 *(STACK_OF(OCSP_RESPID
) **)parg
= s
->ext
.ocsp
.ids
;
3031 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS
:
3032 s
->ext
.ocsp
.ids
= parg
;
3036 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP
:
3037 *(unsigned char **)parg
= s
->ext
.ocsp
.resp
;
3038 if (s
->ext
.ocsp
.resp_len
== 0
3039 || s
->ext
.ocsp
.resp_len
> LONG_MAX
)
3041 return (long)s
->ext
.ocsp
.resp_len
;
3043 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP
:
3044 OPENSSL_free(s
->ext
.ocsp
.resp
);
3045 s
->ext
.ocsp
.resp
= parg
;
3046 s
->ext
.ocsp
.resp_len
= larg
;
3050 #ifndef OPENSSL_NO_HEARTBEATS
3051 case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT
:
3052 case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING
:
3053 case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS
:
3057 case SSL_CTRL_CHAIN
:
3059 return ssl_cert_set1_chain(s
, NULL
, (STACK_OF(X509
) *)parg
);
3061 return ssl_cert_set0_chain(s
, NULL
, (STACK_OF(X509
) *)parg
);
3063 case SSL_CTRL_CHAIN_CERT
:
3065 return ssl_cert_add1_chain_cert(s
, NULL
, (X509
*)parg
);
3067 return ssl_cert_add0_chain_cert(s
, NULL
, (X509
*)parg
);
3069 case SSL_CTRL_GET_CHAIN_CERTS
:
3070 *(STACK_OF(X509
) **)parg
= s
->cert
->key
->chain
;
3073 case SSL_CTRL_SELECT_CURRENT_CERT
:
3074 return ssl_cert_select_current(s
->cert
, (X509
*)parg
);
3076 case SSL_CTRL_SET_CURRENT_CERT
:
3077 if (larg
== SSL_CERT_SET_SERVER
) {
3079 const SSL_CIPHER
*cipher
;
3082 cipher
= s
->s3
->tmp
.new_cipher
;
3086 * No certificate for unauthenticated ciphersuites or using SRP
3089 if (cipher
->algorithm_auth
& (SSL_aNULL
| SSL_aSRP
))
3091 cpk
= ssl_get_server_send_pkey(s
);
3097 return ssl_cert_set_current(s
->cert
, larg
);
3099 #ifndef OPENSSL_NO_EC
3100 case SSL_CTRL_GET_GROUPS
:
3102 unsigned char *clist
;
3107 clist
= s
->session
->ext
.supportedgroups
;
3108 clistlen
= s
->session
->ext
.supportedgroups_len
/ 2;
3112 unsigned int cid
, nid
;
3113 for (i
= 0; i
< clistlen
; i
++) {
3115 /* TODO(TLS1.3): Handle DH groups here */
3116 nid
= tls1_ec_curve_id2nid(cid
, NULL
);
3120 cptr
[i
] = TLSEXT_nid_unknown
| cid
;
3123 return (int)clistlen
;
3126 case SSL_CTRL_SET_GROUPS
:
3127 return tls1_set_groups(&s
->ext
.supportedgroups
,
3128 &s
->ext
.supportedgroups_len
, parg
, larg
);
3130 case SSL_CTRL_SET_GROUPS_LIST
:
3131 return tls1_set_groups_list(&s
->ext
.supportedgroups
,
3132 &s
->ext
.supportedgroups_len
, parg
);
3134 case SSL_CTRL_GET_SHARED_GROUP
:
3135 return tls1_shared_group(s
, larg
);
3138 case SSL_CTRL_SET_SIGALGS
:
3139 return tls1_set_sigalgs(s
->cert
, parg
, larg
, 0);
3141 case SSL_CTRL_SET_SIGALGS_LIST
:
3142 return tls1_set_sigalgs_list(s
->cert
, parg
, 0);
3144 case SSL_CTRL_SET_CLIENT_SIGALGS
:
3145 return tls1_set_sigalgs(s
->cert
, parg
, larg
, 1);
3147 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST
:
3148 return tls1_set_sigalgs_list(s
->cert
, parg
, 1);
3150 case SSL_CTRL_GET_CLIENT_CERT_TYPES
:
3152 const unsigned char **pctype
= parg
;
3153 if (s
->server
|| !s
->s3
->tmp
.cert_req
)
3155 if (s
->cert
->ctypes
) {
3157 *pctype
= s
->cert
->ctypes
;
3158 return (int)s
->cert
->ctype_num
;
3161 *pctype
= (unsigned char *)s
->s3
->tmp
.ctype
;
3162 return s
->s3
->tmp
.ctype_num
;
3165 case SSL_CTRL_SET_CLIENT_CERT_TYPES
:
3168 return ssl3_set_req_cert_type(s
->cert
, parg
, larg
);
3170 case SSL_CTRL_BUILD_CERT_CHAIN
:
3171 return ssl_build_cert_chain(s
, NULL
, larg
);
3173 case SSL_CTRL_SET_VERIFY_CERT_STORE
:
3174 return ssl_cert_set_cert_store(s
->cert
, parg
, 0, larg
);
3176 case SSL_CTRL_SET_CHAIN_CERT_STORE
:
3177 return ssl_cert_set_cert_store(s
->cert
, parg
, 1, larg
);
3179 case SSL_CTRL_GET_PEER_SIGNATURE_NID
:
3180 if (SSL_USE_SIGALGS(s
)) {
3183 sig
= s
->s3
->tmp
.peer_md
;
3185 *(int *)parg
= EVP_MD_type(sig
);
3191 /* Might want to do something here for other versions */
3195 case SSL_CTRL_GET_SERVER_TMP_KEY
:
3196 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3197 if (s
->server
|| s
->session
== NULL
|| s
->s3
->peer_tmp
== NULL
) {
3200 EVP_PKEY_up_ref(s
->s3
->peer_tmp
);
3201 *(EVP_PKEY
**)parg
= s
->s3
->peer_tmp
;
3207 #ifndef OPENSSL_NO_EC
3208 case SSL_CTRL_GET_EC_POINT_FORMATS
:
3210 SSL_SESSION
*sess
= s
->session
;
3211 const unsigned char **pformat
= parg
;
3213 if (sess
== NULL
|| sess
->ext
.ecpointformats
== NULL
)
3215 *pformat
= sess
->ext
.ecpointformats
;
3216 return (int)sess
->ext
.ecpointformats_len
;
3226 long ssl3_callback_ctrl(SSL
*s
, int cmd
, void (*fp
) (void))
3231 #ifndef OPENSSL_NO_DH
3232 case SSL_CTRL_SET_TMP_DH_CB
:
3234 s
->cert
->dh_tmp_cb
= (DH
*(*)(SSL
*, int, int))fp
;
3238 case SSL_CTRL_SET_TLSEXT_DEBUG_CB
:
3239 s
->ext
.debug_cb
= (void (*)(SSL
*, int, int,
3240 const unsigned char *, int, void *))fp
;
3243 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB
:
3245 s
->not_resumable_session_cb
= (int (*)(SSL
*, int))fp
;
3254 long ssl3_ctx_ctrl(SSL_CTX
*ctx
, int cmd
, long larg
, void *parg
)
3257 #ifndef OPENSSL_NO_DH
3258 case SSL_CTRL_SET_TMP_DH
:
3260 DH
*dh
= (DH
*)parg
;
3261 EVP_PKEY
*pkdh
= NULL
;
3263 SSLerr(SSL_F_SSL3_CTX_CTRL
, ERR_R_PASSED_NULL_PARAMETER
);
3266 pkdh
= ssl_dh_to_pkey(dh
);
3268 SSLerr(SSL_F_SSL3_CTX_CTRL
, ERR_R_MALLOC_FAILURE
);
3271 if (!ssl_ctx_security(ctx
, SSL_SECOP_TMP_DH
,
3272 EVP_PKEY_security_bits(pkdh
), 0, pkdh
)) {
3273 SSLerr(SSL_F_SSL3_CTX_CTRL
, SSL_R_DH_KEY_TOO_SMALL
);
3274 EVP_PKEY_free(pkdh
);
3277 EVP_PKEY_free(ctx
->cert
->dh_tmp
);
3278 ctx
->cert
->dh_tmp
= pkdh
;
3284 case SSL_CTRL_SET_TMP_DH_CB
:
3286 SSLerr(SSL_F_SSL3_CTX_CTRL
, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
);
3289 case SSL_CTRL_SET_DH_AUTO
:
3290 ctx
->cert
->dh_tmp_auto
= larg
;
3293 #ifndef OPENSSL_NO_EC
3294 case SSL_CTRL_SET_TMP_ECDH
:
3296 const EC_GROUP
*group
= NULL
;
3300 SSLerr(SSL_F_SSL3_CTX_CTRL
, ERR_R_PASSED_NULL_PARAMETER
);
3303 group
= EC_KEY_get0_group((const EC_KEY
*)parg
);
3304 if (group
== NULL
) {
3305 SSLerr(SSL_F_SSL3_CTX_CTRL
, EC_R_MISSING_PARAMETERS
);
3308 nid
= EC_GROUP_get_curve_name(group
);
3309 if (nid
== NID_undef
)
3311 return tls1_set_groups(&ctx
->ext
.supportedgroups
,
3312 &ctx
->ext
.supportedgroups_len
,
3316 #endif /* !OPENSSL_NO_EC */
3317 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
:
3318 ctx
->ext
.servername_arg
= parg
;
3320 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS
:
3321 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS
:
3323 unsigned char *keys
= parg
;
3324 long tick_keylen
= (sizeof(ctx
->ext
.tick_key_name
) +
3325 sizeof(ctx
->ext
.tick_hmac_key
) +
3326 sizeof(ctx
->ext
.tick_aes_key
));
3329 if (larg
!= tick_keylen
) {
3330 SSLerr(SSL_F_SSL3_CTX_CTRL
, SSL_R_INVALID_TICKET_KEYS_LENGTH
);
3333 if (cmd
== SSL_CTRL_SET_TLSEXT_TICKET_KEYS
) {
3334 memcpy(ctx
->ext
.tick_key_name
, keys
,
3335 sizeof(ctx
->ext
.tick_key_name
));
3336 memcpy(ctx
->ext
.tick_hmac_key
,
3337 keys
+ sizeof(ctx
->ext
.tick_key_name
),
3338 sizeof(ctx
->ext
.tick_hmac_key
));
3339 memcpy(ctx
->ext
.tick_aes_key
,
3340 keys
+ sizeof(ctx
->ext
.tick_key_name
) +
3341 sizeof(ctx
->ext
.tick_hmac_key
),
3342 sizeof(ctx
->ext
.tick_aes_key
));
3344 memcpy(keys
, ctx
->ext
.tick_key_name
,
3345 sizeof(ctx
->ext
.tick_key_name
));
3346 memcpy(keys
+ sizeof(ctx
->ext
.tick_key_name
),
3347 ctx
->ext
.tick_hmac_key
,
3348 sizeof(ctx
->ext
.tick_hmac_key
));
3349 memcpy(keys
+ sizeof(ctx
->ext
.tick_key_name
) +
3350 sizeof(ctx
->ext
.tick_hmac_key
),
3351 ctx
->ext
.tick_aes_key
,
3352 sizeof(ctx
->ext
.tick_aes_key
));
3357 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE
:
3358 return ctx
->ext
.status_type
;
3360 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE
:
3361 ctx
->ext
.status_type
= larg
;
3364 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG
:
3365 ctx
->ext
.status_arg
= parg
;
3368 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG
:
3369 *(void**)parg
= ctx
->ext
.status_arg
;
3372 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB
:
3373 *(int (**)(SSL
*, void*))parg
= ctx
->ext
.status_cb
;
3376 #ifndef OPENSSL_NO_SRP
3377 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME
:
3378 ctx
->srp_ctx
.srp_Mask
|= SSL_kSRP
;
3379 OPENSSL_free(ctx
->srp_ctx
.login
);
3380 ctx
->srp_ctx
.login
= NULL
;
3383 if (strlen((const char *)parg
) > 255 || strlen((const char *)parg
) < 1) {
3384 SSLerr(SSL_F_SSL3_CTX_CTRL
, SSL_R_INVALID_SRP_USERNAME
);
3387 if ((ctx
->srp_ctx
.login
= OPENSSL_strdup((char *)parg
)) == NULL
) {
3388 SSLerr(SSL_F_SSL3_CTX_CTRL
, ERR_R_INTERNAL_ERROR
);
3392 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD
:
3393 ctx
->srp_ctx
.SRP_give_srp_client_pwd_callback
=
3394 srp_password_from_info_cb
;
3395 ctx
->srp_ctx
.info
= parg
;
3397 case SSL_CTRL_SET_SRP_ARG
:
3398 ctx
->srp_ctx
.srp_Mask
|= SSL_kSRP
;
3399 ctx
->srp_ctx
.SRP_cb_arg
= parg
;
3402 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH
:
3403 ctx
->srp_ctx
.strength
= larg
;
3407 #ifndef OPENSSL_NO_EC
3408 case SSL_CTRL_SET_GROUPS
:
3409 return tls1_set_groups(&ctx
->ext
.supportedgroups
,
3410 &ctx
->ext
.supportedgroups_len
,
3413 case SSL_CTRL_SET_GROUPS_LIST
:
3414 return tls1_set_groups_list(&ctx
->ext
.supportedgroups
,
3415 &ctx
->ext
.supportedgroups_len
,
3418 case SSL_CTRL_SET_SIGALGS
:
3419 return tls1_set_sigalgs(ctx
->cert
, parg
, larg
, 0);
3421 case SSL_CTRL_SET_SIGALGS_LIST
:
3422 return tls1_set_sigalgs_list(ctx
->cert
, parg
, 0);
3424 case SSL_CTRL_SET_CLIENT_SIGALGS
:
3425 return tls1_set_sigalgs(ctx
->cert
, parg
, larg
, 1);
3427 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST
:
3428 return tls1_set_sigalgs_list(ctx
->cert
, parg
, 1);
3430 case SSL_CTRL_SET_CLIENT_CERT_TYPES
:
3431 return ssl3_set_req_cert_type(ctx
->cert
, parg
, larg
);
3433 case SSL_CTRL_BUILD_CERT_CHAIN
:
3434 return ssl_build_cert_chain(NULL
, ctx
, larg
);
3436 case SSL_CTRL_SET_VERIFY_CERT_STORE
:
3437 return ssl_cert_set_cert_store(ctx
->cert
, parg
, 0, larg
);
3439 case SSL_CTRL_SET_CHAIN_CERT_STORE
:
3440 return ssl_cert_set_cert_store(ctx
->cert
, parg
, 1, larg
);
3442 /* A Thawte special :-) */
3443 case SSL_CTRL_EXTRA_CHAIN_CERT
:
3444 if (ctx
->extra_certs
== NULL
) {
3445 if ((ctx
->extra_certs
= sk_X509_new_null()) == NULL
) {
3446 SSLerr(SSL_F_SSL3_CTX_CTRL
, ERR_R_MALLOC_FAILURE
);
3450 if (!sk_X509_push(ctx
->extra_certs
, (X509
*)parg
)) {
3451 SSLerr(SSL_F_SSL3_CTX_CTRL
, ERR_R_MALLOC_FAILURE
);
3456 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS
:
3457 if (ctx
->extra_certs
== NULL
&& larg
== 0)
3458 *(STACK_OF(X509
) **)parg
= ctx
->cert
->key
->chain
;
3460 *(STACK_OF(X509
) **)parg
= ctx
->extra_certs
;
3463 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS
:
3464 sk_X509_pop_free(ctx
->extra_certs
, X509_free
);
3465 ctx
->extra_certs
= NULL
;
3468 case SSL_CTRL_CHAIN
:
3470 return ssl_cert_set1_chain(NULL
, ctx
, (STACK_OF(X509
) *)parg
);
3472 return ssl_cert_set0_chain(NULL
, ctx
, (STACK_OF(X509
) *)parg
);
3474 case SSL_CTRL_CHAIN_CERT
:
3476 return ssl_cert_add1_chain_cert(NULL
, ctx
, (X509
*)parg
);
3478 return ssl_cert_add0_chain_cert(NULL
, ctx
, (X509
*)parg
);
3480 case SSL_CTRL_GET_CHAIN_CERTS
:
3481 *(STACK_OF(X509
) **)parg
= ctx
->cert
->key
->chain
;
3484 case SSL_CTRL_SELECT_CURRENT_CERT
:
3485 return ssl_cert_select_current(ctx
->cert
, (X509
*)parg
);
3487 case SSL_CTRL_SET_CURRENT_CERT
:
3488 return ssl_cert_set_current(ctx
->cert
, larg
);
3496 long ssl3_ctx_callback_ctrl(SSL_CTX
*ctx
, int cmd
, void (*fp
) (void))
3499 #ifndef OPENSSL_NO_DH
3500 case SSL_CTRL_SET_TMP_DH_CB
:
3502 ctx
->cert
->dh_tmp_cb
= (DH
*(*)(SSL
*, int, int))fp
;
3506 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
:
3507 ctx
->ext
.servername_cb
= (int (*)(SSL
*, int *, void *))fp
;
3510 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
:
3511 ctx
->ext
.status_cb
= (int (*)(SSL
*, void *))fp
;
3514 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB
:
3515 ctx
->ext
.ticket_key_cb
= (int (*)(SSL
*, unsigned char *,
3518 HMAC_CTX
*, int))fp
;
3521 #ifndef OPENSSL_NO_SRP
3522 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB
:
3523 ctx
->srp_ctx
.srp_Mask
|= SSL_kSRP
;
3524 ctx
->srp_ctx
.SRP_verify_param_callback
= (int (*)(SSL
*, void *))fp
;
3526 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB
:
3527 ctx
->srp_ctx
.srp_Mask
|= SSL_kSRP
;
3528 ctx
->srp_ctx
.TLS_ext_srp_username_callback
=
3529 (int (*)(SSL
*, int *, void *))fp
;
3531 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB
:
3532 ctx
->srp_ctx
.srp_Mask
|= SSL_kSRP
;
3533 ctx
->srp_ctx
.SRP_give_srp_client_pwd_callback
=
3534 (char *(*)(SSL
*, void *))fp
;
3537 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB
:
3539 ctx
->not_resumable_session_cb
= (int (*)(SSL
*, int))fp
;
3548 const SSL_CIPHER
*ssl3_get_cipher_by_id(uint32_t id
)
3553 return OBJ_bsearch_ssl_cipher_id(&c
, ssl3_ciphers
, SSL3_NUM_CIPHERS
);
3557 * This function needs to check if the ciphers required are actually
3560 const SSL_CIPHER
*ssl3_get_cipher_by_char(const unsigned char *p
)
3562 return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
3563 | ((uint32_t)p
[0] << 8L)
3567 int ssl3_put_cipher_by_char(const SSL_CIPHER
*c
, WPACKET
*pkt
, size_t *len
)
3569 if ((c
->id
& 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG
) {
3574 if (!WPACKET_put_bytes_u16(pkt
, c
->id
& 0xffff))
3582 * ssl3_choose_cipher - choose a cipher from those offered by the client
3583 * @s: SSL connection
3584 * @clnt: ciphers offered by the client
3585 * @srvr: ciphers enabled on the server?
3587 * Returns the selected cipher or NULL when no common ciphers.
3589 const SSL_CIPHER
*ssl3_choose_cipher(SSL
*s
, STACK_OF(SSL_CIPHER
) *clnt
,
3590 STACK_OF(SSL_CIPHER
) *srvr
)
3592 const SSL_CIPHER
*c
, *ret
= NULL
;
3593 STACK_OF(SSL_CIPHER
) *prio
, *allow
;
3595 unsigned long alg_k
, alg_a
, mask_k
, mask_a
;
3597 /* Let's see which ciphers we can support */
3601 * Do not set the compare functions, because this may lead to a
3602 * reordering by "id". We want to keep the original ordering. We may pay
3603 * a price in performance during sk_SSL_CIPHER_find(), but would have to
3604 * pay with the price of sk_SSL_CIPHER_dup().
3606 sk_SSL_CIPHER_set_cmp_func(srvr
, ssl_cipher_ptr_id_cmp
);
3607 sk_SSL_CIPHER_set_cmp_func(clnt
, ssl_cipher_ptr_id_cmp
);
3611 fprintf(stderr
, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr
),
3613 for (i
= 0; i
< sk_SSL_CIPHER_num(srvr
); ++i
) {
3614 c
= sk_SSL_CIPHER_value(srvr
, i
);
3615 fprintf(stderr
, "%p:%s\n", (void *)c
, c
->name
);
3617 fprintf(stderr
, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt
),
3619 for (i
= 0; i
< sk_SSL_CIPHER_num(clnt
); ++i
) {
3620 c
= sk_SSL_CIPHER_value(clnt
, i
);
3621 fprintf(stderr
, "%p:%s\n", (void *)c
, c
->name
);
3625 if (s
->options
& SSL_OP_CIPHER_SERVER_PREFERENCE
|| tls1_suiteb(s
)) {
3633 tls1_set_cert_validity(s
);
3636 for (i
= 0; i
< sk_SSL_CIPHER_num(prio
); i
++) {
3637 c
= sk_SSL_CIPHER_value(prio
, i
);
3639 /* Skip ciphers not supported by the protocol version */
3640 if (!SSL_IS_DTLS(s
) &&
3641 ((s
->version
< c
->min_tls
) || (s
->version
> c
->max_tls
)))
3643 if (SSL_IS_DTLS(s
) &&
3644 (DTLS_VERSION_LT(s
->version
, c
->min_dtls
) ||
3645 DTLS_VERSION_GT(s
->version
, c
->max_dtls
)))
3648 mask_k
= s
->s3
->tmp
.mask_k
;
3649 mask_a
= s
->s3
->tmp
.mask_a
;
3650 #ifndef OPENSSL_NO_SRP
3651 if (s
->srp_ctx
.srp_Mask
& SSL_kSRP
) {
3657 alg_k
= c
->algorithm_mkey
;
3658 alg_a
= c
->algorithm_auth
;
3660 #ifndef OPENSSL_NO_PSK
3661 /* with PSK there must be server callback set */
3662 if ((alg_k
& SSL_PSK
) && s
->psk_server_callback
== NULL
)
3664 #endif /* OPENSSL_NO_PSK */
3666 ok
= (alg_k
& mask_k
) && (alg_a
& mask_a
);
3668 fprintf(stderr
, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok
, alg_k
,
3669 alg_a
, mask_k
, mask_a
, (void *)c
, c
->name
);
3672 #ifndef OPENSSL_NO_EC
3674 * if we are considering an ECC cipher suite that uses an ephemeral
3677 if (alg_k
& SSL_kECDHE
)
3678 ok
= ok
&& tls1_check_ec_tmp_key(s
, c
->id
);
3679 #endif /* OPENSSL_NO_EC */
3683 ii
= sk_SSL_CIPHER_find(allow
, c
);
3685 /* Check security callback permits this cipher */
3686 if (!ssl_security(s
, SSL_SECOP_CIPHER_SHARED
,
3687 c
->strength_bits
, 0, (void *)c
))
3689 #if !defined(OPENSSL_NO_EC)
3690 if ((alg_k
& SSL_kECDHE
) && (alg_a
& SSL_aECDSA
)
3691 && s
->s3
->is_probably_safari
) {
3693 ret
= sk_SSL_CIPHER_value(allow
, ii
);
3697 ret
= sk_SSL_CIPHER_value(allow
, ii
);
3704 int ssl3_get_req_cert_type(SSL
*s
, WPACKET
*pkt
)
3706 uint32_t alg_k
, alg_a
= 0;
3708 /* If we have custom certificate types set, use them */
3709 if (s
->cert
->ctypes
) {
3710 return WPACKET_memcpy(pkt
, s
->cert
->ctypes
, s
->cert
->ctype_num
);
3712 /* Get mask of algorithms disabled by signature list */
3713 ssl_set_sig_mask(&alg_a
, s
, SSL_SECOP_SIGALG_MASK
);
3715 alg_k
= s
->s3
->tmp
.new_cipher
->algorithm_mkey
;
3717 #ifndef OPENSSL_NO_GOST
3718 if (s
->version
>= TLS1_VERSION
&& (alg_k
& SSL_kGOST
))
3719 return WPACKET_put_bytes_u8(pkt
, TLS_CT_GOST01_SIGN
)
3720 && WPACKET_put_bytes_u8(pkt
, TLS_CT_GOST12_SIGN
)
3721 && WPACKET_put_bytes_u8(pkt
, TLS_CT_GOST12_512_SIGN
);
3724 if ((s
->version
== SSL3_VERSION
) && (alg_k
& SSL_kDHE
)) {
3725 #ifndef OPENSSL_NO_DH
3726 # ifndef OPENSSL_NO_RSA
3727 if (!WPACKET_put_bytes_u8(pkt
, SSL3_CT_RSA_EPHEMERAL_DH
))
3730 # ifndef OPENSSL_NO_DSA
3731 if (!WPACKET_put_bytes_u8(pkt
, SSL3_CT_DSS_EPHEMERAL_DH
))
3734 #endif /* !OPENSSL_NO_DH */
3736 #ifndef OPENSSL_NO_RSA
3737 if (!(alg_a
& SSL_aRSA
) && !WPACKET_put_bytes_u8(pkt
, SSL3_CT_RSA_SIGN
))
3740 #ifndef OPENSSL_NO_DSA
3741 if (!(alg_a
& SSL_aDSS
) && !WPACKET_put_bytes_u8(pkt
, SSL3_CT_DSS_SIGN
))
3744 #ifndef OPENSSL_NO_EC
3746 * ECDSA certs can be used with RSA cipher suites too so we don't
3747 * need to check for SSL_kECDH or SSL_kECDHE
3749 if (s
->version
>= TLS1_VERSION
3750 && !(alg_a
& SSL_aECDSA
)
3751 && !WPACKET_put_bytes_u8(pkt
, TLS_CT_ECDSA_SIGN
))
3757 static int ssl3_set_req_cert_type(CERT
*c
, const unsigned char *p
, size_t len
)
3759 OPENSSL_free(c
->ctypes
);
3765 c
->ctypes
= OPENSSL_malloc(len
);
3766 if (c
->ctypes
== NULL
)
3768 memcpy(c
->ctypes
, p
, len
);
3773 int ssl3_shutdown(SSL
*s
)
3778 * Don't do anything much if we have not done the handshake or we don't
3779 * want to send messages :-)
3781 if (s
->quiet_shutdown
|| SSL_in_before(s
)) {
3782 s
->shutdown
= (SSL_SENT_SHUTDOWN
| SSL_RECEIVED_SHUTDOWN
);
3786 if (!(s
->shutdown
& SSL_SENT_SHUTDOWN
)) {
3787 s
->shutdown
|= SSL_SENT_SHUTDOWN
;
3788 ssl3_send_alert(s
, SSL3_AL_WARNING
, SSL_AD_CLOSE_NOTIFY
);
3790 * our shutdown alert has been sent now, and if it still needs to be
3791 * written, s->s3->alert_dispatch will be true
3793 if (s
->s3
->alert_dispatch
)
3794 return (-1); /* return WANT_WRITE */
3795 } else if (s
->s3
->alert_dispatch
) {
3796 /* resend it if not sent */
3797 ret
= s
->method
->ssl_dispatch_alert(s
);
3800 * we only get to return -1 here the 2nd/Nth invocation, we must
3801 * have already signalled return 0 upon a previous invocation,
3806 } else if (!(s
->shutdown
& SSL_RECEIVED_SHUTDOWN
)) {
3809 * If we are waiting for a close from our peer, we are closed
3811 s
->method
->ssl_read_bytes(s
, 0, NULL
, NULL
, 0, 0, &readbytes
);
3812 if (!(s
->shutdown
& SSL_RECEIVED_SHUTDOWN
)) {
3813 return -1; /* return WANT_READ */
3817 if ((s
->shutdown
== (SSL_SENT_SHUTDOWN
| SSL_RECEIVED_SHUTDOWN
)) &&
3818 !s
->s3
->alert_dispatch
)
3824 int ssl3_write(SSL
*s
, const void *buf
, size_t len
, size_t *written
)
3827 if (s
->s3
->renegotiate
)
3828 ssl3_renegotiate_check(s
, 0);
3830 return s
->method
->ssl_write_bytes(s
, SSL3_RT_APPLICATION_DATA
, buf
, len
,
3834 static int ssl3_read_internal(SSL
*s
, void *buf
, size_t len
, int peek
,
3840 if (s
->s3
->renegotiate
)
3841 ssl3_renegotiate_check(s
, 0);
3842 s
->s3
->in_read_app_data
= 1;
3844 s
->method
->ssl_read_bytes(s
, SSL3_RT_APPLICATION_DATA
, NULL
, buf
, len
,
3846 if ((ret
== -1) && (s
->s3
->in_read_app_data
== 2)) {
3848 * ssl3_read_bytes decided to call s->handshake_func, which called
3849 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
3850 * actually found application data and thinks that application data
3851 * makes sense here; so disable handshake processing and try to read
3852 * application data again.
3854 ossl_statem_set_in_handshake(s
, 1);
3856 s
->method
->ssl_read_bytes(s
, SSL3_RT_APPLICATION_DATA
, NULL
, buf
,
3857 len
, peek
, readbytes
);
3858 ossl_statem_set_in_handshake(s
, 0);
3860 s
->s3
->in_read_app_data
= 0;
3865 int ssl3_read(SSL
*s
, void *buf
, size_t len
, size_t *readbytes
)
3867 return ssl3_read_internal(s
, buf
, len
, 0, readbytes
);
3870 int ssl3_peek(SSL
*s
, void *buf
, size_t len
, size_t *readbytes
)
3872 return ssl3_read_internal(s
, buf
, len
, 1, readbytes
);
3875 int ssl3_renegotiate(SSL
*s
)
3877 if (s
->handshake_func
== NULL
)
3880 s
->s3
->renegotiate
= 1;
3885 * Check if we are waiting to do a renegotiation and if so whether now is a
3886 * good time to do it. If |initok| is true then we are being called from inside
3887 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
3888 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
3889 * should do a renegotiation now and sets up the state machine for it. Otherwise
3892 int ssl3_renegotiate_check(SSL
*s
, int initok
)
3896 if (s
->s3
->renegotiate
) {
3897 if (!RECORD_LAYER_read_pending(&s
->rlayer
)
3898 && !RECORD_LAYER_write_pending(&s
->rlayer
)
3899 && (initok
|| !SSL_in_init(s
))) {
3901 * if we are the server, and we have sent a 'RENEGOTIATE'
3902 * message, we need to set the state machine into the renegotiate
3905 ossl_statem_set_renegotiate(s
);
3906 s
->s3
->renegotiate
= 0;
3907 s
->s3
->num_renegotiations
++;
3908 s
->s3
->total_renegotiations
++;
3916 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
3917 * handshake macs if required.
3919 * If PSK and using SHA384 for TLS < 1.2 switch to default.
3921 long ssl_get_algorithm2(SSL
*s
)
3924 if (s
->s3
== NULL
|| s
->s3
->tmp
.new_cipher
== NULL
)
3926 alg2
= s
->s3
->tmp
.new_cipher
->algorithm2
;
3927 if (s
->method
->ssl3_enc
->enc_flags
& SSL_ENC_FLAG_SHA256_PRF
) {
3928 if (alg2
== (SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
))
3929 return SSL_HANDSHAKE_MAC_SHA256
| TLS1_PRF_SHA256
;
3930 } else if (s
->s3
->tmp
.new_cipher
->algorithm_mkey
& SSL_PSK
) {
3931 if (alg2
== (SSL_HANDSHAKE_MAC_SHA384
| TLS1_PRF_SHA384
))
3932 return SSL_HANDSHAKE_MAC_DEFAULT
| TLS1_PRF
;
3938 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
3939 * failure, 1 on success.
3941 int ssl_fill_hello_random(SSL
*s
, int server
, unsigned char *result
, size_t len
)
3948 send_time
= (s
->mode
& SSL_MODE_SEND_SERVERHELLO_TIME
) != 0;
3950 send_time
= (s
->mode
& SSL_MODE_SEND_CLIENTHELLO_TIME
) != 0;
3952 unsigned long Time
= (unsigned long)time(NULL
);
3953 unsigned char *p
= result
;
3955 /* TODO(size_t): Convert this */
3956 return RAND_bytes(p
, (int)(len
- 4));
3958 return RAND_bytes(result
, (int)len
);
3961 int ssl_generate_master_secret(SSL
*s
, unsigned char *pms
, size_t pmslen
,
3964 unsigned long alg_k
= s
->s3
->tmp
.new_cipher
->algorithm_mkey
;
3967 if (alg_k
& SSL_PSK
) {
3968 #ifndef OPENSSL_NO_PSK
3969 unsigned char *pskpms
, *t
;
3970 size_t psklen
= s
->s3
->tmp
.psklen
;
3973 /* create PSK premaster_secret */
3975 /* For plain PSK "other_secret" is psklen zeroes */
3976 if (alg_k
& SSL_kPSK
)
3979 pskpmslen
= 4 + pmslen
+ psklen
;
3980 pskpms
= OPENSSL_malloc(pskpmslen
);
3985 if (alg_k
& SSL_kPSK
)
3986 memset(t
, 0, pmslen
);
3988 memcpy(t
, pms
, pmslen
);
3991 memcpy(t
, s
->s3
->tmp
.psk
, psklen
);
3993 OPENSSL_clear_free(s
->s3
->tmp
.psk
, psklen
);
3994 s
->s3
->tmp
.psk
= NULL
;
3995 if (!s
->method
->ssl3_enc
->generate_master_secret(s
,
3996 s
->session
->master_key
,pskpms
, pskpmslen
,
3997 &s
->session
->master_key_length
))
3999 OPENSSL_clear_free(pskpms
, pskpmslen
);
4001 /* Should never happen */
4005 if (!s
->method
->ssl3_enc
->generate_master_secret(s
,
4006 s
->session
->master_key
, pms
, pmslen
,
4007 &s
->session
->master_key_length
))
4015 OPENSSL_clear_free(pms
, pmslen
);
4017 OPENSSL_cleanse(pms
, pmslen
);
4020 s
->s3
->tmp
.pms
= NULL
;
4024 /* Generate a private key from parameters */
4025 EVP_PKEY
*ssl_generate_pkey(EVP_PKEY
*pm
)
4027 EVP_PKEY_CTX
*pctx
= NULL
;
4028 EVP_PKEY
*pkey
= NULL
;
4032 pctx
= EVP_PKEY_CTX_new(pm
, NULL
);
4035 if (EVP_PKEY_keygen_init(pctx
) <= 0)
4037 if (EVP_PKEY_keygen(pctx
, &pkey
) <= 0) {
4038 EVP_PKEY_free(pkey
);
4043 EVP_PKEY_CTX_free(pctx
);
4046 #ifndef OPENSSL_NO_EC
4047 /* Generate a private key a curve ID */
4048 EVP_PKEY
*ssl_generate_pkey_curve(int id
)
4050 EVP_PKEY_CTX
*pctx
= NULL
;
4051 EVP_PKEY
*pkey
= NULL
;
4052 unsigned int curve_flags
;
4053 int nid
= tls1_ec_curve_id2nid(id
, &curve_flags
);
4057 if ((curve_flags
& TLS_CURVE_TYPE
) == TLS_CURVE_CUSTOM
) {
4058 pctx
= EVP_PKEY_CTX_new_id(nid
, NULL
);
4061 pctx
= EVP_PKEY_CTX_new_id(EVP_PKEY_EC
, NULL
);
4065 if (EVP_PKEY_keygen_init(pctx
) <= 0)
4067 if (nid
!= 0 && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx
, nid
) <= 0)
4069 if (EVP_PKEY_keygen(pctx
, &pkey
) <= 0) {
4070 EVP_PKEY_free(pkey
);
4075 EVP_PKEY_CTX_free(pctx
);
4080 /* Derive secrets for ECDH/DH */
4081 int ssl_derive(SSL
*s
, EVP_PKEY
*privkey
, EVP_PKEY
*pubkey
, int gensecret
)
4084 unsigned char *pms
= NULL
;
4088 if (privkey
== NULL
|| pubkey
== NULL
)
4091 pctx
= EVP_PKEY_CTX_new(privkey
, NULL
);
4093 if (EVP_PKEY_derive_init(pctx
) <= 0
4094 || EVP_PKEY_derive_set_peer(pctx
, pubkey
) <= 0
4095 || EVP_PKEY_derive(pctx
, NULL
, &pmslen
) <= 0) {
4099 pms
= OPENSSL_malloc(pmslen
);
4103 if (EVP_PKEY_derive(pctx
, pms
, &pmslen
) <= 0)
4107 if (SSL_IS_TLS13(s
)) {
4109 * If we are resuming then we already generated the early secret
4110 * when we created the ClientHello, so don't recreate it.
4113 rv
= tls13_generate_secret(s
, ssl_handshake_md(s
), NULL
, NULL
,
4115 (unsigned char *)&s
->early_secret
);
4119 rv
= rv
&& tls13_generate_handshake_secret(s
, pms
, pmslen
);
4121 /* Generate master secret and discard premaster */
4122 rv
= ssl_generate_master_secret(s
, pms
, pmslen
, 1);
4126 /* Save premaster secret */
4127 s
->s3
->tmp
.pms
= pms
;
4128 s
->s3
->tmp
.pmslen
= pmslen
;
4134 OPENSSL_clear_free(pms
, pmslen
);
4135 EVP_PKEY_CTX_free(pctx
);
4139 #ifndef OPENSSL_NO_DH
4140 EVP_PKEY
*ssl_dh_to_pkey(DH
*dh
)
4145 ret
= EVP_PKEY_new();
4146 if (EVP_PKEY_set1_DH(ret
, dh
) <= 0) {