]> git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/s3_lib.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update copyright year
[thirdparty/openssl.git] / ssl / s3_lib.c
1 /*
2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4 * Copyright 2005 Nokia. All rights reserved.
5 *
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
10 */
11
12 #include <stdio.h>
13 #include <openssl/objects.h>
14 #include "internal/nelem.h"
15 #include "ssl_local.h"
16 #include <openssl/md5.h>
17 #include <openssl/dh.h>
18 #include <openssl/rand.h>
19 #include <openssl/trace.h>
20 #include <openssl/x509v3.h>
21 #include <openssl/core_names.h>
22 #include "internal/cryptlib.h"
23
24 #define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers)
25 #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
26 #define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs)
27
28 /* TLSv1.3 downgrade protection sentinel values */
29 const unsigned char tls11downgrade[] = {
30 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
31 };
32 const unsigned char tls12downgrade[] = {
33 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
34 };
35
36 /* The list of available TLSv1.3 ciphers */
37 static SSL_CIPHER tls13_ciphers[] = {
38 {
39 1,
40 TLS1_3_RFC_AES_128_GCM_SHA256,
41 TLS1_3_RFC_AES_128_GCM_SHA256,
42 TLS1_3_CK_AES_128_GCM_SHA256,
43 SSL_kANY,
44 SSL_aANY,
45 SSL_AES128GCM,
46 SSL_AEAD,
47 TLS1_3_VERSION, TLS1_3_VERSION,
48 0, 0,
49 SSL_HIGH,
50 SSL_HANDSHAKE_MAC_SHA256,
51 128,
52 128,
53 }, {
54 1,
55 TLS1_3_RFC_AES_256_GCM_SHA384,
56 TLS1_3_RFC_AES_256_GCM_SHA384,
57 TLS1_3_CK_AES_256_GCM_SHA384,
58 SSL_kANY,
59 SSL_aANY,
60 SSL_AES256GCM,
61 SSL_AEAD,
62 TLS1_3_VERSION, TLS1_3_VERSION,
63 0, 0,
64 SSL_HIGH,
65 SSL_HANDSHAKE_MAC_SHA384,
66 256,
67 256,
68 },
69 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
70 {
71 1,
72 TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
73 TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
74 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
75 SSL_kANY,
76 SSL_aANY,
77 SSL_CHACHA20POLY1305,
78 SSL_AEAD,
79 TLS1_3_VERSION, TLS1_3_VERSION,
80 0, 0,
81 SSL_HIGH,
82 SSL_HANDSHAKE_MAC_SHA256,
83 256,
84 256,
85 },
86 #endif
87 {
88 1,
89 TLS1_3_RFC_AES_128_CCM_SHA256,
90 TLS1_3_RFC_AES_128_CCM_SHA256,
91 TLS1_3_CK_AES_128_CCM_SHA256,
92 SSL_kANY,
93 SSL_aANY,
94 SSL_AES128CCM,
95 SSL_AEAD,
96 TLS1_3_VERSION, TLS1_3_VERSION,
97 0, 0,
98 SSL_NOT_DEFAULT | SSL_HIGH,
99 SSL_HANDSHAKE_MAC_SHA256,
100 128,
101 128,
102 }, {
103 1,
104 TLS1_3_RFC_AES_128_CCM_8_SHA256,
105 TLS1_3_RFC_AES_128_CCM_8_SHA256,
106 TLS1_3_CK_AES_128_CCM_8_SHA256,
107 SSL_kANY,
108 SSL_aANY,
109 SSL_AES128CCM8,
110 SSL_AEAD,
111 TLS1_3_VERSION, TLS1_3_VERSION,
112 0, 0,
113 SSL_NOT_DEFAULT | SSL_HIGH,
114 SSL_HANDSHAKE_MAC_SHA256,
115 128,
116 128,
117 }
118 };
119
120 /*
121 * The list of available ciphers, mostly organized into the following
122 * groups:
123 * Always there
124 * EC
125 * PSK
126 * SRP (within that: RSA EC PSK)
127 * Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
128 * Weak ciphers
129 */
130 static SSL_CIPHER ssl3_ciphers[] = {
131 {
132 1,
133 SSL3_TXT_RSA_NULL_MD5,
134 SSL3_RFC_RSA_NULL_MD5,
135 SSL3_CK_RSA_NULL_MD5,
136 SSL_kRSA,
137 SSL_aRSA,
138 SSL_eNULL,
139 SSL_MD5,
140 SSL3_VERSION, TLS1_2_VERSION,
141 DTLS1_BAD_VER, DTLS1_2_VERSION,
142 SSL_STRONG_NONE,
143 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
144 0,
145 0,
146 },
147 {
148 1,
149 SSL3_TXT_RSA_NULL_SHA,
150 SSL3_RFC_RSA_NULL_SHA,
151 SSL3_CK_RSA_NULL_SHA,
152 SSL_kRSA,
153 SSL_aRSA,
154 SSL_eNULL,
155 SSL_SHA1,
156 SSL3_VERSION, TLS1_2_VERSION,
157 DTLS1_BAD_VER, DTLS1_2_VERSION,
158 SSL_STRONG_NONE | SSL_FIPS,
159 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
160 0,
161 0,
162 },
163 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
164 {
165 1,
166 SSL3_TXT_RSA_DES_192_CBC3_SHA,
167 SSL3_RFC_RSA_DES_192_CBC3_SHA,
168 SSL3_CK_RSA_DES_192_CBC3_SHA,
169 SSL_kRSA,
170 SSL_aRSA,
171 SSL_3DES,
172 SSL_SHA1,
173 SSL3_VERSION, TLS1_2_VERSION,
174 DTLS1_BAD_VER, DTLS1_2_VERSION,
175 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
176 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
177 112,
178 168,
179 },
180 {
181 1,
182 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
183 SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
184 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
185 SSL_kDHE,
186 SSL_aDSS,
187 SSL_3DES,
188 SSL_SHA1,
189 SSL3_VERSION, TLS1_2_VERSION,
190 DTLS1_BAD_VER, DTLS1_2_VERSION,
191 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
192 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
193 112,
194 168,
195 },
196 {
197 1,
198 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
199 SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
200 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
201 SSL_kDHE,
202 SSL_aRSA,
203 SSL_3DES,
204 SSL_SHA1,
205 SSL3_VERSION, TLS1_2_VERSION,
206 DTLS1_BAD_VER, DTLS1_2_VERSION,
207 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
208 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
209 112,
210 168,
211 },
212 {
213 1,
214 SSL3_TXT_ADH_DES_192_CBC_SHA,
215 SSL3_RFC_ADH_DES_192_CBC_SHA,
216 SSL3_CK_ADH_DES_192_CBC_SHA,
217 SSL_kDHE,
218 SSL_aNULL,
219 SSL_3DES,
220 SSL_SHA1,
221 SSL3_VERSION, TLS1_2_VERSION,
222 DTLS1_BAD_VER, DTLS1_2_VERSION,
223 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
224 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
225 112,
226 168,
227 },
228 #endif
229 {
230 1,
231 TLS1_TXT_RSA_WITH_AES_128_SHA,
232 TLS1_RFC_RSA_WITH_AES_128_SHA,
233 TLS1_CK_RSA_WITH_AES_128_SHA,
234 SSL_kRSA,
235 SSL_aRSA,
236 SSL_AES128,
237 SSL_SHA1,
238 SSL3_VERSION, TLS1_2_VERSION,
239 DTLS1_BAD_VER, DTLS1_2_VERSION,
240 SSL_HIGH | SSL_FIPS,
241 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
242 128,
243 128,
244 },
245 {
246 1,
247 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
248 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
249 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
250 SSL_kDHE,
251 SSL_aDSS,
252 SSL_AES128,
253 SSL_SHA1,
254 SSL3_VERSION, TLS1_2_VERSION,
255 DTLS1_BAD_VER, DTLS1_2_VERSION,
256 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
257 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
258 128,
259 128,
260 },
261 {
262 1,
263 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
264 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
265 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
266 SSL_kDHE,
267 SSL_aRSA,
268 SSL_AES128,
269 SSL_SHA1,
270 SSL3_VERSION, TLS1_2_VERSION,
271 DTLS1_BAD_VER, DTLS1_2_VERSION,
272 SSL_HIGH | SSL_FIPS,
273 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
274 128,
275 128,
276 },
277 {
278 1,
279 TLS1_TXT_ADH_WITH_AES_128_SHA,
280 TLS1_RFC_ADH_WITH_AES_128_SHA,
281 TLS1_CK_ADH_WITH_AES_128_SHA,
282 SSL_kDHE,
283 SSL_aNULL,
284 SSL_AES128,
285 SSL_SHA1,
286 SSL3_VERSION, TLS1_2_VERSION,
287 DTLS1_BAD_VER, DTLS1_2_VERSION,
288 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
289 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
290 128,
291 128,
292 },
293 {
294 1,
295 TLS1_TXT_RSA_WITH_AES_256_SHA,
296 TLS1_RFC_RSA_WITH_AES_256_SHA,
297 TLS1_CK_RSA_WITH_AES_256_SHA,
298 SSL_kRSA,
299 SSL_aRSA,
300 SSL_AES256,
301 SSL_SHA1,
302 SSL3_VERSION, TLS1_2_VERSION,
303 DTLS1_BAD_VER, DTLS1_2_VERSION,
304 SSL_HIGH | SSL_FIPS,
305 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
306 256,
307 256,
308 },
309 {
310 1,
311 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
312 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
313 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
314 SSL_kDHE,
315 SSL_aDSS,
316 SSL_AES256,
317 SSL_SHA1,
318 SSL3_VERSION, TLS1_2_VERSION,
319 DTLS1_BAD_VER, DTLS1_2_VERSION,
320 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
321 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
322 256,
323 256,
324 },
325 {
326 1,
327 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
328 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
329 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
330 SSL_kDHE,
331 SSL_aRSA,
332 SSL_AES256,
333 SSL_SHA1,
334 SSL3_VERSION, TLS1_2_VERSION,
335 DTLS1_BAD_VER, DTLS1_2_VERSION,
336 SSL_HIGH | SSL_FIPS,
337 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
338 256,
339 256,
340 },
341 {
342 1,
343 TLS1_TXT_ADH_WITH_AES_256_SHA,
344 TLS1_RFC_ADH_WITH_AES_256_SHA,
345 TLS1_CK_ADH_WITH_AES_256_SHA,
346 SSL_kDHE,
347 SSL_aNULL,
348 SSL_AES256,
349 SSL_SHA1,
350 SSL3_VERSION, TLS1_2_VERSION,
351 DTLS1_BAD_VER, DTLS1_2_VERSION,
352 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
353 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
354 256,
355 256,
356 },
357 {
358 1,
359 TLS1_TXT_RSA_WITH_NULL_SHA256,
360 TLS1_RFC_RSA_WITH_NULL_SHA256,
361 TLS1_CK_RSA_WITH_NULL_SHA256,
362 SSL_kRSA,
363 SSL_aRSA,
364 SSL_eNULL,
365 SSL_SHA256,
366 TLS1_2_VERSION, TLS1_2_VERSION,
367 DTLS1_2_VERSION, DTLS1_2_VERSION,
368 SSL_STRONG_NONE | SSL_FIPS,
369 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
370 0,
371 0,
372 },
373 {
374 1,
375 TLS1_TXT_RSA_WITH_AES_128_SHA256,
376 TLS1_RFC_RSA_WITH_AES_128_SHA256,
377 TLS1_CK_RSA_WITH_AES_128_SHA256,
378 SSL_kRSA,
379 SSL_aRSA,
380 SSL_AES128,
381 SSL_SHA256,
382 TLS1_2_VERSION, TLS1_2_VERSION,
383 DTLS1_2_VERSION, DTLS1_2_VERSION,
384 SSL_HIGH | SSL_FIPS,
385 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
386 128,
387 128,
388 },
389 {
390 1,
391 TLS1_TXT_RSA_WITH_AES_256_SHA256,
392 TLS1_RFC_RSA_WITH_AES_256_SHA256,
393 TLS1_CK_RSA_WITH_AES_256_SHA256,
394 SSL_kRSA,
395 SSL_aRSA,
396 SSL_AES256,
397 SSL_SHA256,
398 TLS1_2_VERSION, TLS1_2_VERSION,
399 DTLS1_2_VERSION, DTLS1_2_VERSION,
400 SSL_HIGH | SSL_FIPS,
401 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
402 256,
403 256,
404 },
405 {
406 1,
407 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
408 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
409 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
410 SSL_kDHE,
411 SSL_aDSS,
412 SSL_AES128,
413 SSL_SHA256,
414 TLS1_2_VERSION, TLS1_2_VERSION,
415 DTLS1_2_VERSION, DTLS1_2_VERSION,
416 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
417 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
418 128,
419 128,
420 },
421 {
422 1,
423 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
424 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
425 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
426 SSL_kDHE,
427 SSL_aRSA,
428 SSL_AES128,
429 SSL_SHA256,
430 TLS1_2_VERSION, TLS1_2_VERSION,
431 DTLS1_2_VERSION, DTLS1_2_VERSION,
432 SSL_HIGH | SSL_FIPS,
433 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
434 128,
435 128,
436 },
437 {
438 1,
439 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
440 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
441 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
442 SSL_kDHE,
443 SSL_aDSS,
444 SSL_AES256,
445 SSL_SHA256,
446 TLS1_2_VERSION, TLS1_2_VERSION,
447 DTLS1_2_VERSION, DTLS1_2_VERSION,
448 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
449 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
450 256,
451 256,
452 },
453 {
454 1,
455 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
456 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
457 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
458 SSL_kDHE,
459 SSL_aRSA,
460 SSL_AES256,
461 SSL_SHA256,
462 TLS1_2_VERSION, TLS1_2_VERSION,
463 DTLS1_2_VERSION, DTLS1_2_VERSION,
464 SSL_HIGH | SSL_FIPS,
465 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
466 256,
467 256,
468 },
469 {
470 1,
471 TLS1_TXT_ADH_WITH_AES_128_SHA256,
472 TLS1_RFC_ADH_WITH_AES_128_SHA256,
473 TLS1_CK_ADH_WITH_AES_128_SHA256,
474 SSL_kDHE,
475 SSL_aNULL,
476 SSL_AES128,
477 SSL_SHA256,
478 TLS1_2_VERSION, TLS1_2_VERSION,
479 DTLS1_2_VERSION, DTLS1_2_VERSION,
480 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
481 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
482 128,
483 128,
484 },
485 {
486 1,
487 TLS1_TXT_ADH_WITH_AES_256_SHA256,
488 TLS1_RFC_ADH_WITH_AES_256_SHA256,
489 TLS1_CK_ADH_WITH_AES_256_SHA256,
490 SSL_kDHE,
491 SSL_aNULL,
492 SSL_AES256,
493 SSL_SHA256,
494 TLS1_2_VERSION, TLS1_2_VERSION,
495 DTLS1_2_VERSION, DTLS1_2_VERSION,
496 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
497 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
498 256,
499 256,
500 },
501 {
502 1,
503 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
504 TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
505 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
506 SSL_kRSA,
507 SSL_aRSA,
508 SSL_AES128GCM,
509 SSL_AEAD,
510 TLS1_2_VERSION, TLS1_2_VERSION,
511 DTLS1_2_VERSION, DTLS1_2_VERSION,
512 SSL_HIGH | SSL_FIPS,
513 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
514 128,
515 128,
516 },
517 {
518 1,
519 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
520 TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
521 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
522 SSL_kRSA,
523 SSL_aRSA,
524 SSL_AES256GCM,
525 SSL_AEAD,
526 TLS1_2_VERSION, TLS1_2_VERSION,
527 DTLS1_2_VERSION, DTLS1_2_VERSION,
528 SSL_HIGH | SSL_FIPS,
529 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
530 256,
531 256,
532 },
533 {
534 1,
535 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
536 TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
537 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
538 SSL_kDHE,
539 SSL_aRSA,
540 SSL_AES128GCM,
541 SSL_AEAD,
542 TLS1_2_VERSION, TLS1_2_VERSION,
543 DTLS1_2_VERSION, DTLS1_2_VERSION,
544 SSL_HIGH | SSL_FIPS,
545 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
546 128,
547 128,
548 },
549 {
550 1,
551 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
552 TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
553 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
554 SSL_kDHE,
555 SSL_aRSA,
556 SSL_AES256GCM,
557 SSL_AEAD,
558 TLS1_2_VERSION, TLS1_2_VERSION,
559 DTLS1_2_VERSION, DTLS1_2_VERSION,
560 SSL_HIGH | SSL_FIPS,
561 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
562 256,
563 256,
564 },
565 {
566 1,
567 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
568 TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
569 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
570 SSL_kDHE,
571 SSL_aDSS,
572 SSL_AES128GCM,
573 SSL_AEAD,
574 TLS1_2_VERSION, TLS1_2_VERSION,
575 DTLS1_2_VERSION, DTLS1_2_VERSION,
576 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
577 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
578 128,
579 128,
580 },
581 {
582 1,
583 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
584 TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
585 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
586 SSL_kDHE,
587 SSL_aDSS,
588 SSL_AES256GCM,
589 SSL_AEAD,
590 TLS1_2_VERSION, TLS1_2_VERSION,
591 DTLS1_2_VERSION, DTLS1_2_VERSION,
592 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
593 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
594 256,
595 256,
596 },
597 {
598 1,
599 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
600 TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
601 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
602 SSL_kDHE,
603 SSL_aNULL,
604 SSL_AES128GCM,
605 SSL_AEAD,
606 TLS1_2_VERSION, TLS1_2_VERSION,
607 DTLS1_2_VERSION, DTLS1_2_VERSION,
608 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
609 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
610 128,
611 128,
612 },
613 {
614 1,
615 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
616 TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
617 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
618 SSL_kDHE,
619 SSL_aNULL,
620 SSL_AES256GCM,
621 SSL_AEAD,
622 TLS1_2_VERSION, TLS1_2_VERSION,
623 DTLS1_2_VERSION, DTLS1_2_VERSION,
624 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
625 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
626 256,
627 256,
628 },
629 {
630 1,
631 TLS1_TXT_RSA_WITH_AES_128_CCM,
632 TLS1_RFC_RSA_WITH_AES_128_CCM,
633 TLS1_CK_RSA_WITH_AES_128_CCM,
634 SSL_kRSA,
635 SSL_aRSA,
636 SSL_AES128CCM,
637 SSL_AEAD,
638 TLS1_2_VERSION, TLS1_2_VERSION,
639 DTLS1_2_VERSION, DTLS1_2_VERSION,
640 SSL_NOT_DEFAULT | SSL_HIGH,
641 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
642 128,
643 128,
644 },
645 {
646 1,
647 TLS1_TXT_RSA_WITH_AES_256_CCM,
648 TLS1_RFC_RSA_WITH_AES_256_CCM,
649 TLS1_CK_RSA_WITH_AES_256_CCM,
650 SSL_kRSA,
651 SSL_aRSA,
652 SSL_AES256CCM,
653 SSL_AEAD,
654 TLS1_2_VERSION, TLS1_2_VERSION,
655 DTLS1_2_VERSION, DTLS1_2_VERSION,
656 SSL_NOT_DEFAULT | SSL_HIGH,
657 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
658 256,
659 256,
660 },
661 {
662 1,
663 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
664 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
665 TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
666 SSL_kDHE,
667 SSL_aRSA,
668 SSL_AES128CCM,
669 SSL_AEAD,
670 TLS1_2_VERSION, TLS1_2_VERSION,
671 DTLS1_2_VERSION, DTLS1_2_VERSION,
672 SSL_NOT_DEFAULT | SSL_HIGH,
673 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
674 128,
675 128,
676 },
677 {
678 1,
679 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
680 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
681 TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
682 SSL_kDHE,
683 SSL_aRSA,
684 SSL_AES256CCM,
685 SSL_AEAD,
686 TLS1_2_VERSION, TLS1_2_VERSION,
687 DTLS1_2_VERSION, DTLS1_2_VERSION,
688 SSL_NOT_DEFAULT | SSL_HIGH,
689 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
690 256,
691 256,
692 },
693 {
694 1,
695 TLS1_TXT_RSA_WITH_AES_128_CCM_8,
696 TLS1_RFC_RSA_WITH_AES_128_CCM_8,
697 TLS1_CK_RSA_WITH_AES_128_CCM_8,
698 SSL_kRSA,
699 SSL_aRSA,
700 SSL_AES128CCM8,
701 SSL_AEAD,
702 TLS1_2_VERSION, TLS1_2_VERSION,
703 DTLS1_2_VERSION, DTLS1_2_VERSION,
704 SSL_NOT_DEFAULT | SSL_HIGH,
705 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
706 128,
707 128,
708 },
709 {
710 1,
711 TLS1_TXT_RSA_WITH_AES_256_CCM_8,
712 TLS1_RFC_RSA_WITH_AES_256_CCM_8,
713 TLS1_CK_RSA_WITH_AES_256_CCM_8,
714 SSL_kRSA,
715 SSL_aRSA,
716 SSL_AES256CCM8,
717 SSL_AEAD,
718 TLS1_2_VERSION, TLS1_2_VERSION,
719 DTLS1_2_VERSION, DTLS1_2_VERSION,
720 SSL_NOT_DEFAULT | SSL_HIGH,
721 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
722 256,
723 256,
724 },
725 {
726 1,
727 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
728 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
729 TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
730 SSL_kDHE,
731 SSL_aRSA,
732 SSL_AES128CCM8,
733 SSL_AEAD,
734 TLS1_2_VERSION, TLS1_2_VERSION,
735 DTLS1_2_VERSION, DTLS1_2_VERSION,
736 SSL_NOT_DEFAULT | SSL_HIGH,
737 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
738 128,
739 128,
740 },
741 {
742 1,
743 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
744 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
745 TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
746 SSL_kDHE,
747 SSL_aRSA,
748 SSL_AES256CCM8,
749 SSL_AEAD,
750 TLS1_2_VERSION, TLS1_2_VERSION,
751 DTLS1_2_VERSION, DTLS1_2_VERSION,
752 SSL_NOT_DEFAULT | SSL_HIGH,
753 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
754 256,
755 256,
756 },
757 {
758 1,
759 TLS1_TXT_PSK_WITH_AES_128_CCM,
760 TLS1_RFC_PSK_WITH_AES_128_CCM,
761 TLS1_CK_PSK_WITH_AES_128_CCM,
762 SSL_kPSK,
763 SSL_aPSK,
764 SSL_AES128CCM,
765 SSL_AEAD,
766 TLS1_2_VERSION, TLS1_2_VERSION,
767 DTLS1_2_VERSION, DTLS1_2_VERSION,
768 SSL_NOT_DEFAULT | SSL_HIGH,
769 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
770 128,
771 128,
772 },
773 {
774 1,
775 TLS1_TXT_PSK_WITH_AES_256_CCM,
776 TLS1_RFC_PSK_WITH_AES_256_CCM,
777 TLS1_CK_PSK_WITH_AES_256_CCM,
778 SSL_kPSK,
779 SSL_aPSK,
780 SSL_AES256CCM,
781 SSL_AEAD,
782 TLS1_2_VERSION, TLS1_2_VERSION,
783 DTLS1_2_VERSION, DTLS1_2_VERSION,
784 SSL_NOT_DEFAULT | SSL_HIGH,
785 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
786 256,
787 256,
788 },
789 {
790 1,
791 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
792 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
793 TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
794 SSL_kDHEPSK,
795 SSL_aPSK,
796 SSL_AES128CCM,
797 SSL_AEAD,
798 TLS1_2_VERSION, TLS1_2_VERSION,
799 DTLS1_2_VERSION, DTLS1_2_VERSION,
800 SSL_NOT_DEFAULT | SSL_HIGH,
801 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
802 128,
803 128,
804 },
805 {
806 1,
807 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
808 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
809 TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
810 SSL_kDHEPSK,
811 SSL_aPSK,
812 SSL_AES256CCM,
813 SSL_AEAD,
814 TLS1_2_VERSION, TLS1_2_VERSION,
815 DTLS1_2_VERSION, DTLS1_2_VERSION,
816 SSL_NOT_DEFAULT | SSL_HIGH,
817 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
818 256,
819 256,
820 },
821 {
822 1,
823 TLS1_TXT_PSK_WITH_AES_128_CCM_8,
824 TLS1_RFC_PSK_WITH_AES_128_CCM_8,
825 TLS1_CK_PSK_WITH_AES_128_CCM_8,
826 SSL_kPSK,
827 SSL_aPSK,
828 SSL_AES128CCM8,
829 SSL_AEAD,
830 TLS1_2_VERSION, TLS1_2_VERSION,
831 DTLS1_2_VERSION, DTLS1_2_VERSION,
832 SSL_NOT_DEFAULT | SSL_HIGH,
833 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
834 128,
835 128,
836 },
837 {
838 1,
839 TLS1_TXT_PSK_WITH_AES_256_CCM_8,
840 TLS1_RFC_PSK_WITH_AES_256_CCM_8,
841 TLS1_CK_PSK_WITH_AES_256_CCM_8,
842 SSL_kPSK,
843 SSL_aPSK,
844 SSL_AES256CCM8,
845 SSL_AEAD,
846 TLS1_2_VERSION, TLS1_2_VERSION,
847 DTLS1_2_VERSION, DTLS1_2_VERSION,
848 SSL_NOT_DEFAULT | SSL_HIGH,
849 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
850 256,
851 256,
852 },
853 {
854 1,
855 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
856 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
857 TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
858 SSL_kDHEPSK,
859 SSL_aPSK,
860 SSL_AES128CCM8,
861 SSL_AEAD,
862 TLS1_2_VERSION, TLS1_2_VERSION,
863 DTLS1_2_VERSION, DTLS1_2_VERSION,
864 SSL_NOT_DEFAULT | SSL_HIGH,
865 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
866 128,
867 128,
868 },
869 {
870 1,
871 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
872 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
873 TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
874 SSL_kDHEPSK,
875 SSL_aPSK,
876 SSL_AES256CCM8,
877 SSL_AEAD,
878 TLS1_2_VERSION, TLS1_2_VERSION,
879 DTLS1_2_VERSION, DTLS1_2_VERSION,
880 SSL_NOT_DEFAULT | SSL_HIGH,
881 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
882 256,
883 256,
884 },
885 {
886 1,
887 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
888 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
889 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
890 SSL_kECDHE,
891 SSL_aECDSA,
892 SSL_AES128CCM,
893 SSL_AEAD,
894 TLS1_2_VERSION, TLS1_2_VERSION,
895 DTLS1_2_VERSION, DTLS1_2_VERSION,
896 SSL_NOT_DEFAULT | SSL_HIGH,
897 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
898 128,
899 128,
900 },
901 {
902 1,
903 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
904 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
905 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
906 SSL_kECDHE,
907 SSL_aECDSA,
908 SSL_AES256CCM,
909 SSL_AEAD,
910 TLS1_2_VERSION, TLS1_2_VERSION,
911 DTLS1_2_VERSION, DTLS1_2_VERSION,
912 SSL_NOT_DEFAULT | SSL_HIGH,
913 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
914 256,
915 256,
916 },
917 {
918 1,
919 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
920 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
921 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
922 SSL_kECDHE,
923 SSL_aECDSA,
924 SSL_AES128CCM8,
925 SSL_AEAD,
926 TLS1_2_VERSION, TLS1_2_VERSION,
927 DTLS1_2_VERSION, DTLS1_2_VERSION,
928 SSL_NOT_DEFAULT | SSL_HIGH,
929 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
930 128,
931 128,
932 },
933 {
934 1,
935 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
936 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
937 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
938 SSL_kECDHE,
939 SSL_aECDSA,
940 SSL_AES256CCM8,
941 SSL_AEAD,
942 TLS1_2_VERSION, TLS1_2_VERSION,
943 DTLS1_2_VERSION, DTLS1_2_VERSION,
944 SSL_NOT_DEFAULT | SSL_HIGH,
945 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
946 256,
947 256,
948 },
949 {
950 1,
951 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
952 TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
953 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
954 SSL_kECDHE,
955 SSL_aECDSA,
956 SSL_eNULL,
957 SSL_SHA1,
958 TLS1_VERSION, TLS1_2_VERSION,
959 DTLS1_BAD_VER, DTLS1_2_VERSION,
960 SSL_STRONG_NONE | SSL_FIPS,
961 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
962 0,
963 0,
964 },
965 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
966 {
967 1,
968 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
969 TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
970 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
971 SSL_kECDHE,
972 SSL_aECDSA,
973 SSL_3DES,
974 SSL_SHA1,
975 TLS1_VERSION, TLS1_2_VERSION,
976 DTLS1_BAD_VER, DTLS1_2_VERSION,
977 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
978 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
979 112,
980 168,
981 },
982 # endif
983 {
984 1,
985 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
986 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
987 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
988 SSL_kECDHE,
989 SSL_aECDSA,
990 SSL_AES128,
991 SSL_SHA1,
992 TLS1_VERSION, TLS1_2_VERSION,
993 DTLS1_BAD_VER, DTLS1_2_VERSION,
994 SSL_HIGH | SSL_FIPS,
995 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
996 128,
997 128,
998 },
999 {
1000 1,
1001 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1002 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1003 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1004 SSL_kECDHE,
1005 SSL_aECDSA,
1006 SSL_AES256,
1007 SSL_SHA1,
1008 TLS1_VERSION, TLS1_2_VERSION,
1009 DTLS1_BAD_VER, DTLS1_2_VERSION,
1010 SSL_HIGH | SSL_FIPS,
1011 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1012 256,
1013 256,
1014 },
1015 {
1016 1,
1017 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1018 TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
1019 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1020 SSL_kECDHE,
1021 SSL_aRSA,
1022 SSL_eNULL,
1023 SSL_SHA1,
1024 TLS1_VERSION, TLS1_2_VERSION,
1025 DTLS1_BAD_VER, DTLS1_2_VERSION,
1026 SSL_STRONG_NONE | SSL_FIPS,
1027 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1028 0,
1029 0,
1030 },
1031 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1032 {
1033 1,
1034 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1035 TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1036 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1037 SSL_kECDHE,
1038 SSL_aRSA,
1039 SSL_3DES,
1040 SSL_SHA1,
1041 TLS1_VERSION, TLS1_2_VERSION,
1042 DTLS1_BAD_VER, DTLS1_2_VERSION,
1043 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1044 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1045 112,
1046 168,
1047 },
1048 # endif
1049 {
1050 1,
1051 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1052 TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1053 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1054 SSL_kECDHE,
1055 SSL_aRSA,
1056 SSL_AES128,
1057 SSL_SHA1,
1058 TLS1_VERSION, TLS1_2_VERSION,
1059 DTLS1_BAD_VER, DTLS1_2_VERSION,
1060 SSL_HIGH | SSL_FIPS,
1061 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1062 128,
1063 128,
1064 },
1065 {
1066 1,
1067 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1068 TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1069 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1070 SSL_kECDHE,
1071 SSL_aRSA,
1072 SSL_AES256,
1073 SSL_SHA1,
1074 TLS1_VERSION, TLS1_2_VERSION,
1075 DTLS1_BAD_VER, DTLS1_2_VERSION,
1076 SSL_HIGH | SSL_FIPS,
1077 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1078 256,
1079 256,
1080 },
1081 {
1082 1,
1083 TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1084 TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
1085 TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1086 SSL_kECDHE,
1087 SSL_aNULL,
1088 SSL_eNULL,
1089 SSL_SHA1,
1090 TLS1_VERSION, TLS1_2_VERSION,
1091 DTLS1_BAD_VER, DTLS1_2_VERSION,
1092 SSL_STRONG_NONE | SSL_FIPS,
1093 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1094 0,
1095 0,
1096 },
1097 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1098 {
1099 1,
1100 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1101 TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
1102 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1103 SSL_kECDHE,
1104 SSL_aNULL,
1105 SSL_3DES,
1106 SSL_SHA1,
1107 TLS1_VERSION, TLS1_2_VERSION,
1108 DTLS1_BAD_VER, DTLS1_2_VERSION,
1109 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1110 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1111 112,
1112 168,
1113 },
1114 # endif
1115 {
1116 1,
1117 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1118 TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
1119 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1120 SSL_kECDHE,
1121 SSL_aNULL,
1122 SSL_AES128,
1123 SSL_SHA1,
1124 TLS1_VERSION, TLS1_2_VERSION,
1125 DTLS1_BAD_VER, DTLS1_2_VERSION,
1126 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1127 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1128 128,
1129 128,
1130 },
1131 {
1132 1,
1133 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1134 TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
1135 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1136 SSL_kECDHE,
1137 SSL_aNULL,
1138 SSL_AES256,
1139 SSL_SHA1,
1140 TLS1_VERSION, TLS1_2_VERSION,
1141 DTLS1_BAD_VER, DTLS1_2_VERSION,
1142 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1143 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1144 256,
1145 256,
1146 },
1147 {
1148 1,
1149 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1150 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
1151 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1152 SSL_kECDHE,
1153 SSL_aECDSA,
1154 SSL_AES128,
1155 SSL_SHA256,
1156 TLS1_2_VERSION, TLS1_2_VERSION,
1157 DTLS1_2_VERSION, DTLS1_2_VERSION,
1158 SSL_HIGH | SSL_FIPS,
1159 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1160 128,
1161 128,
1162 },
1163 {
1164 1,
1165 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1166 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
1167 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1168 SSL_kECDHE,
1169 SSL_aECDSA,
1170 SSL_AES256,
1171 SSL_SHA384,
1172 TLS1_2_VERSION, TLS1_2_VERSION,
1173 DTLS1_2_VERSION, DTLS1_2_VERSION,
1174 SSL_HIGH | SSL_FIPS,
1175 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1176 256,
1177 256,
1178 },
1179 {
1180 1,
1181 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1182 TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
1183 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1184 SSL_kECDHE,
1185 SSL_aRSA,
1186 SSL_AES128,
1187 SSL_SHA256,
1188 TLS1_2_VERSION, TLS1_2_VERSION,
1189 DTLS1_2_VERSION, DTLS1_2_VERSION,
1190 SSL_HIGH | SSL_FIPS,
1191 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1192 128,
1193 128,
1194 },
1195 {
1196 1,
1197 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
1198 TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
1199 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
1200 SSL_kECDHE,
1201 SSL_aRSA,
1202 SSL_AES256,
1203 SSL_SHA384,
1204 TLS1_2_VERSION, TLS1_2_VERSION,
1205 DTLS1_2_VERSION, DTLS1_2_VERSION,
1206 SSL_HIGH | SSL_FIPS,
1207 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1208 256,
1209 256,
1210 },
1211 {
1212 1,
1213 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1214 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1215 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1216 SSL_kECDHE,
1217 SSL_aECDSA,
1218 SSL_AES128GCM,
1219 SSL_AEAD,
1220 TLS1_2_VERSION, TLS1_2_VERSION,
1221 DTLS1_2_VERSION, DTLS1_2_VERSION,
1222 SSL_HIGH | SSL_FIPS,
1223 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1224 128,
1225 128,
1226 },
1227 {
1228 1,
1229 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1230 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1231 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1232 SSL_kECDHE,
1233 SSL_aECDSA,
1234 SSL_AES256GCM,
1235 SSL_AEAD,
1236 TLS1_2_VERSION, TLS1_2_VERSION,
1237 DTLS1_2_VERSION, DTLS1_2_VERSION,
1238 SSL_HIGH | SSL_FIPS,
1239 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1240 256,
1241 256,
1242 },
1243 {
1244 1,
1245 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1246 TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1247 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1248 SSL_kECDHE,
1249 SSL_aRSA,
1250 SSL_AES128GCM,
1251 SSL_AEAD,
1252 TLS1_2_VERSION, TLS1_2_VERSION,
1253 DTLS1_2_VERSION, DTLS1_2_VERSION,
1254 SSL_HIGH | SSL_FIPS,
1255 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1256 128,
1257 128,
1258 },
1259 {
1260 1,
1261 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1262 TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1263 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1264 SSL_kECDHE,
1265 SSL_aRSA,
1266 SSL_AES256GCM,
1267 SSL_AEAD,
1268 TLS1_2_VERSION, TLS1_2_VERSION,
1269 DTLS1_2_VERSION, DTLS1_2_VERSION,
1270 SSL_HIGH | SSL_FIPS,
1271 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1272 256,
1273 256,
1274 },
1275 {
1276 1,
1277 TLS1_TXT_PSK_WITH_NULL_SHA,
1278 TLS1_RFC_PSK_WITH_NULL_SHA,
1279 TLS1_CK_PSK_WITH_NULL_SHA,
1280 SSL_kPSK,
1281 SSL_aPSK,
1282 SSL_eNULL,
1283 SSL_SHA1,
1284 SSL3_VERSION, TLS1_2_VERSION,
1285 DTLS1_BAD_VER, DTLS1_2_VERSION,
1286 SSL_STRONG_NONE | SSL_FIPS,
1287 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1288 0,
1289 0,
1290 },
1291 {
1292 1,
1293 TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
1294 TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
1295 TLS1_CK_DHE_PSK_WITH_NULL_SHA,
1296 SSL_kDHEPSK,
1297 SSL_aPSK,
1298 SSL_eNULL,
1299 SSL_SHA1,
1300 SSL3_VERSION, TLS1_2_VERSION,
1301 DTLS1_BAD_VER, DTLS1_2_VERSION,
1302 SSL_STRONG_NONE | SSL_FIPS,
1303 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1304 0,
1305 0,
1306 },
1307 {
1308 1,
1309 TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
1310 TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
1311 TLS1_CK_RSA_PSK_WITH_NULL_SHA,
1312 SSL_kRSAPSK,
1313 SSL_aRSA,
1314 SSL_eNULL,
1315 SSL_SHA1,
1316 SSL3_VERSION, TLS1_2_VERSION,
1317 DTLS1_BAD_VER, DTLS1_2_VERSION,
1318 SSL_STRONG_NONE | SSL_FIPS,
1319 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1320 0,
1321 0,
1322 },
1323 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1324 {
1325 1,
1326 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1327 TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
1328 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1329 SSL_kPSK,
1330 SSL_aPSK,
1331 SSL_3DES,
1332 SSL_SHA1,
1333 SSL3_VERSION, TLS1_2_VERSION,
1334 DTLS1_BAD_VER, DTLS1_2_VERSION,
1335 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1336 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1337 112,
1338 168,
1339 },
1340 # endif
1341 {
1342 1,
1343 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1344 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
1345 TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1346 SSL_kPSK,
1347 SSL_aPSK,
1348 SSL_AES128,
1349 SSL_SHA1,
1350 SSL3_VERSION, TLS1_2_VERSION,
1351 DTLS1_BAD_VER, DTLS1_2_VERSION,
1352 SSL_HIGH | SSL_FIPS,
1353 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1354 128,
1355 128,
1356 },
1357 {
1358 1,
1359 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1360 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
1361 TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1362 SSL_kPSK,
1363 SSL_aPSK,
1364 SSL_AES256,
1365 SSL_SHA1,
1366 SSL3_VERSION, TLS1_2_VERSION,
1367 DTLS1_BAD_VER, DTLS1_2_VERSION,
1368 SSL_HIGH | SSL_FIPS,
1369 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1370 256,
1371 256,
1372 },
1373 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1374 {
1375 1,
1376 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1377 TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1378 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1379 SSL_kDHEPSK,
1380 SSL_aPSK,
1381 SSL_3DES,
1382 SSL_SHA1,
1383 SSL3_VERSION, TLS1_2_VERSION,
1384 DTLS1_BAD_VER, DTLS1_2_VERSION,
1385 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1386 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1387 112,
1388 168,
1389 },
1390 # endif
1391 {
1392 1,
1393 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
1394 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
1395 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1396 SSL_kDHEPSK,
1397 SSL_aPSK,
1398 SSL_AES128,
1399 SSL_SHA1,
1400 SSL3_VERSION, TLS1_2_VERSION,
1401 DTLS1_BAD_VER, DTLS1_2_VERSION,
1402 SSL_HIGH | SSL_FIPS,
1403 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1404 128,
1405 128,
1406 },
1407 {
1408 1,
1409 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
1410 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
1411 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1412 SSL_kDHEPSK,
1413 SSL_aPSK,
1414 SSL_AES256,
1415 SSL_SHA1,
1416 SSL3_VERSION, TLS1_2_VERSION,
1417 DTLS1_BAD_VER, DTLS1_2_VERSION,
1418 SSL_HIGH | SSL_FIPS,
1419 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1420 256,
1421 256,
1422 },
1423 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1424 {
1425 1,
1426 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1427 TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1428 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1429 SSL_kRSAPSK,
1430 SSL_aRSA,
1431 SSL_3DES,
1432 SSL_SHA1,
1433 SSL3_VERSION, TLS1_2_VERSION,
1434 DTLS1_BAD_VER, DTLS1_2_VERSION,
1435 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1436 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1437 112,
1438 168,
1439 },
1440 # endif
1441 {
1442 1,
1443 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
1444 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
1445 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1446 SSL_kRSAPSK,
1447 SSL_aRSA,
1448 SSL_AES128,
1449 SSL_SHA1,
1450 SSL3_VERSION, TLS1_2_VERSION,
1451 DTLS1_BAD_VER, DTLS1_2_VERSION,
1452 SSL_HIGH | SSL_FIPS,
1453 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1454 128,
1455 128,
1456 },
1457 {
1458 1,
1459 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1460 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
1461 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1462 SSL_kRSAPSK,
1463 SSL_aRSA,
1464 SSL_AES256,
1465 SSL_SHA1,
1466 SSL3_VERSION, TLS1_2_VERSION,
1467 DTLS1_BAD_VER, DTLS1_2_VERSION,
1468 SSL_HIGH | SSL_FIPS,
1469 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1470 256,
1471 256,
1472 },
1473 {
1474 1,
1475 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1476 TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
1477 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1478 SSL_kPSK,
1479 SSL_aPSK,
1480 SSL_AES128GCM,
1481 SSL_AEAD,
1482 TLS1_2_VERSION, TLS1_2_VERSION,
1483 DTLS1_2_VERSION, DTLS1_2_VERSION,
1484 SSL_HIGH | SSL_FIPS,
1485 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1486 128,
1487 128,
1488 },
1489 {
1490 1,
1491 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1492 TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
1493 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1494 SSL_kPSK,
1495 SSL_aPSK,
1496 SSL_AES256GCM,
1497 SSL_AEAD,
1498 TLS1_2_VERSION, TLS1_2_VERSION,
1499 DTLS1_2_VERSION, DTLS1_2_VERSION,
1500 SSL_HIGH | SSL_FIPS,
1501 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1502 256,
1503 256,
1504 },
1505 {
1506 1,
1507 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1508 TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
1509 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1510 SSL_kDHEPSK,
1511 SSL_aPSK,
1512 SSL_AES128GCM,
1513 SSL_AEAD,
1514 TLS1_2_VERSION, TLS1_2_VERSION,
1515 DTLS1_2_VERSION, DTLS1_2_VERSION,
1516 SSL_HIGH | SSL_FIPS,
1517 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1518 128,
1519 128,
1520 },
1521 {
1522 1,
1523 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1524 TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
1525 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1526 SSL_kDHEPSK,
1527 SSL_aPSK,
1528 SSL_AES256GCM,
1529 SSL_AEAD,
1530 TLS1_2_VERSION, TLS1_2_VERSION,
1531 DTLS1_2_VERSION, DTLS1_2_VERSION,
1532 SSL_HIGH | SSL_FIPS,
1533 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1534 256,
1535 256,
1536 },
1537 {
1538 1,
1539 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1540 TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
1541 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1542 SSL_kRSAPSK,
1543 SSL_aRSA,
1544 SSL_AES128GCM,
1545 SSL_AEAD,
1546 TLS1_2_VERSION, TLS1_2_VERSION,
1547 DTLS1_2_VERSION, DTLS1_2_VERSION,
1548 SSL_HIGH | SSL_FIPS,
1549 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1550 128,
1551 128,
1552 },
1553 {
1554 1,
1555 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1556 TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
1557 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1558 SSL_kRSAPSK,
1559 SSL_aRSA,
1560 SSL_AES256GCM,
1561 SSL_AEAD,
1562 TLS1_2_VERSION, TLS1_2_VERSION,
1563 DTLS1_2_VERSION, DTLS1_2_VERSION,
1564 SSL_HIGH | SSL_FIPS,
1565 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1566 256,
1567 256,
1568 },
1569 {
1570 1,
1571 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1572 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
1573 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1574 SSL_kPSK,
1575 SSL_aPSK,
1576 SSL_AES128,
1577 SSL_SHA256,
1578 TLS1_VERSION, TLS1_2_VERSION,
1579 DTLS1_BAD_VER, DTLS1_2_VERSION,
1580 SSL_HIGH | SSL_FIPS,
1581 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1582 128,
1583 128,
1584 },
1585 {
1586 1,
1587 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1588 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
1589 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1590 SSL_kPSK,
1591 SSL_aPSK,
1592 SSL_AES256,
1593 SSL_SHA384,
1594 TLS1_VERSION, TLS1_2_VERSION,
1595 DTLS1_BAD_VER, DTLS1_2_VERSION,
1596 SSL_HIGH | SSL_FIPS,
1597 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1598 256,
1599 256,
1600 },
1601 {
1602 1,
1603 TLS1_TXT_PSK_WITH_NULL_SHA256,
1604 TLS1_RFC_PSK_WITH_NULL_SHA256,
1605 TLS1_CK_PSK_WITH_NULL_SHA256,
1606 SSL_kPSK,
1607 SSL_aPSK,
1608 SSL_eNULL,
1609 SSL_SHA256,
1610 TLS1_VERSION, TLS1_2_VERSION,
1611 DTLS1_BAD_VER, DTLS1_2_VERSION,
1612 SSL_STRONG_NONE | SSL_FIPS,
1613 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1614 0,
1615 0,
1616 },
1617 {
1618 1,
1619 TLS1_TXT_PSK_WITH_NULL_SHA384,
1620 TLS1_RFC_PSK_WITH_NULL_SHA384,
1621 TLS1_CK_PSK_WITH_NULL_SHA384,
1622 SSL_kPSK,
1623 SSL_aPSK,
1624 SSL_eNULL,
1625 SSL_SHA384,
1626 TLS1_VERSION, TLS1_2_VERSION,
1627 DTLS1_BAD_VER, DTLS1_2_VERSION,
1628 SSL_STRONG_NONE | SSL_FIPS,
1629 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1630 0,
1631 0,
1632 },
1633 {
1634 1,
1635 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1636 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
1637 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1638 SSL_kDHEPSK,
1639 SSL_aPSK,
1640 SSL_AES128,
1641 SSL_SHA256,
1642 TLS1_VERSION, TLS1_2_VERSION,
1643 DTLS1_BAD_VER, DTLS1_2_VERSION,
1644 SSL_HIGH | SSL_FIPS,
1645 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1646 128,
1647 128,
1648 },
1649 {
1650 1,
1651 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1652 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
1653 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1654 SSL_kDHEPSK,
1655 SSL_aPSK,
1656 SSL_AES256,
1657 SSL_SHA384,
1658 TLS1_VERSION, TLS1_2_VERSION,
1659 DTLS1_BAD_VER, DTLS1_2_VERSION,
1660 SSL_HIGH | SSL_FIPS,
1661 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1662 256,
1663 256,
1664 },
1665 {
1666 1,
1667 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1668 TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
1669 TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1670 SSL_kDHEPSK,
1671 SSL_aPSK,
1672 SSL_eNULL,
1673 SSL_SHA256,
1674 TLS1_VERSION, TLS1_2_VERSION,
1675 DTLS1_BAD_VER, DTLS1_2_VERSION,
1676 SSL_STRONG_NONE | SSL_FIPS,
1677 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1678 0,
1679 0,
1680 },
1681 {
1682 1,
1683 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1684 TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
1685 TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1686 SSL_kDHEPSK,
1687 SSL_aPSK,
1688 SSL_eNULL,
1689 SSL_SHA384,
1690 TLS1_VERSION, TLS1_2_VERSION,
1691 DTLS1_BAD_VER, DTLS1_2_VERSION,
1692 SSL_STRONG_NONE | SSL_FIPS,
1693 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1694 0,
1695 0,
1696 },
1697 {
1698 1,
1699 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1700 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
1701 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1702 SSL_kRSAPSK,
1703 SSL_aRSA,
1704 SSL_AES128,
1705 SSL_SHA256,
1706 TLS1_VERSION, TLS1_2_VERSION,
1707 DTLS1_BAD_VER, DTLS1_2_VERSION,
1708 SSL_HIGH | SSL_FIPS,
1709 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1710 128,
1711 128,
1712 },
1713 {
1714 1,
1715 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
1716 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
1717 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1718 SSL_kRSAPSK,
1719 SSL_aRSA,
1720 SSL_AES256,
1721 SSL_SHA384,
1722 TLS1_VERSION, TLS1_2_VERSION,
1723 DTLS1_BAD_VER, DTLS1_2_VERSION,
1724 SSL_HIGH | SSL_FIPS,
1725 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1726 256,
1727 256,
1728 },
1729 {
1730 1,
1731 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
1732 TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
1733 TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1734 SSL_kRSAPSK,
1735 SSL_aRSA,
1736 SSL_eNULL,
1737 SSL_SHA256,
1738 TLS1_VERSION, TLS1_2_VERSION,
1739 DTLS1_BAD_VER, DTLS1_2_VERSION,
1740 SSL_STRONG_NONE | SSL_FIPS,
1741 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1742 0,
1743 0,
1744 },
1745 {
1746 1,
1747 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
1748 TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
1749 TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1750 SSL_kRSAPSK,
1751 SSL_aRSA,
1752 SSL_eNULL,
1753 SSL_SHA384,
1754 TLS1_VERSION, TLS1_2_VERSION,
1755 DTLS1_BAD_VER, DTLS1_2_VERSION,
1756 SSL_STRONG_NONE | SSL_FIPS,
1757 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1758 0,
1759 0,
1760 },
1761 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1762 {
1763 1,
1764 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1765 TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1766 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1767 SSL_kECDHEPSK,
1768 SSL_aPSK,
1769 SSL_3DES,
1770 SSL_SHA1,
1771 TLS1_VERSION, TLS1_2_VERSION,
1772 DTLS1_BAD_VER, DTLS1_2_VERSION,
1773 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1774 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1775 112,
1776 168,
1777 },
1778 # endif
1779 {
1780 1,
1781 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1782 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1783 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1784 SSL_kECDHEPSK,
1785 SSL_aPSK,
1786 SSL_AES128,
1787 SSL_SHA1,
1788 TLS1_VERSION, TLS1_2_VERSION,
1789 DTLS1_BAD_VER, DTLS1_2_VERSION,
1790 SSL_HIGH | SSL_FIPS,
1791 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1792 128,
1793 128,
1794 },
1795 {
1796 1,
1797 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1798 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1799 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1800 SSL_kECDHEPSK,
1801 SSL_aPSK,
1802 SSL_AES256,
1803 SSL_SHA1,
1804 TLS1_VERSION, TLS1_2_VERSION,
1805 DTLS1_BAD_VER, DTLS1_2_VERSION,
1806 SSL_HIGH | SSL_FIPS,
1807 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1808 256,
1809 256,
1810 },
1811 {
1812 1,
1813 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1814 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1815 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1816 SSL_kECDHEPSK,
1817 SSL_aPSK,
1818 SSL_AES128,
1819 SSL_SHA256,
1820 TLS1_VERSION, TLS1_2_VERSION,
1821 DTLS1_BAD_VER, DTLS1_2_VERSION,
1822 SSL_HIGH | SSL_FIPS,
1823 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1824 128,
1825 128,
1826 },
1827 {
1828 1,
1829 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1830 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1831 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1832 SSL_kECDHEPSK,
1833 SSL_aPSK,
1834 SSL_AES256,
1835 SSL_SHA384,
1836 TLS1_VERSION, TLS1_2_VERSION,
1837 DTLS1_BAD_VER, DTLS1_2_VERSION,
1838 SSL_HIGH | SSL_FIPS,
1839 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1840 256,
1841 256,
1842 },
1843 {
1844 1,
1845 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
1846 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
1847 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
1848 SSL_kECDHEPSK,
1849 SSL_aPSK,
1850 SSL_eNULL,
1851 SSL_SHA1,
1852 TLS1_VERSION, TLS1_2_VERSION,
1853 DTLS1_BAD_VER, DTLS1_2_VERSION,
1854 SSL_STRONG_NONE | SSL_FIPS,
1855 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1856 0,
1857 0,
1858 },
1859 {
1860 1,
1861 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
1862 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
1863 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
1864 SSL_kECDHEPSK,
1865 SSL_aPSK,
1866 SSL_eNULL,
1867 SSL_SHA256,
1868 TLS1_VERSION, TLS1_2_VERSION,
1869 DTLS1_BAD_VER, DTLS1_2_VERSION,
1870 SSL_STRONG_NONE | SSL_FIPS,
1871 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1872 0,
1873 0,
1874 },
1875 {
1876 1,
1877 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
1878 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
1879 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
1880 SSL_kECDHEPSK,
1881 SSL_aPSK,
1882 SSL_eNULL,
1883 SSL_SHA384,
1884 TLS1_VERSION, TLS1_2_VERSION,
1885 DTLS1_BAD_VER, DTLS1_2_VERSION,
1886 SSL_STRONG_NONE | SSL_FIPS,
1887 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1888 0,
1889 0,
1890 },
1891
1892 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1893 {
1894 1,
1895 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1896 TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1897 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1898 SSL_kSRP,
1899 SSL_aSRP,
1900 SSL_3DES,
1901 SSL_SHA1,
1902 SSL3_VERSION, TLS1_2_VERSION,
1903 DTLS1_BAD_VER, DTLS1_2_VERSION,
1904 SSL_NOT_DEFAULT | SSL_MEDIUM,
1905 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1906 112,
1907 168,
1908 },
1909 {
1910 1,
1911 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1912 TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1913 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1914 SSL_kSRP,
1915 SSL_aRSA,
1916 SSL_3DES,
1917 SSL_SHA1,
1918 SSL3_VERSION, TLS1_2_VERSION,
1919 DTLS1_BAD_VER, DTLS1_2_VERSION,
1920 SSL_NOT_DEFAULT | SSL_MEDIUM,
1921 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1922 112,
1923 168,
1924 },
1925 {
1926 1,
1927 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1928 TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1929 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1930 SSL_kSRP,
1931 SSL_aDSS,
1932 SSL_3DES,
1933 SSL_SHA1,
1934 SSL3_VERSION, TLS1_2_VERSION,
1935 DTLS1_BAD_VER, DTLS1_2_VERSION,
1936 SSL_NOT_DEFAULT | SSL_MEDIUM,
1937 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1938 112,
1939 168,
1940 },
1941 # endif
1942 {
1943 1,
1944 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
1945 TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
1946 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1947 SSL_kSRP,
1948 SSL_aSRP,
1949 SSL_AES128,
1950 SSL_SHA1,
1951 SSL3_VERSION, TLS1_2_VERSION,
1952 DTLS1_BAD_VER, DTLS1_2_VERSION,
1953 SSL_HIGH,
1954 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1955 128,
1956 128,
1957 },
1958 {
1959 1,
1960 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1961 TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1962 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1963 SSL_kSRP,
1964 SSL_aRSA,
1965 SSL_AES128,
1966 SSL_SHA1,
1967 SSL3_VERSION, TLS1_2_VERSION,
1968 DTLS1_BAD_VER, DTLS1_2_VERSION,
1969 SSL_HIGH,
1970 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1971 128,
1972 128,
1973 },
1974 {
1975 1,
1976 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1977 TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1978 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1979 SSL_kSRP,
1980 SSL_aDSS,
1981 SSL_AES128,
1982 SSL_SHA1,
1983 SSL3_VERSION, TLS1_2_VERSION,
1984 DTLS1_BAD_VER, DTLS1_2_VERSION,
1985 SSL_NOT_DEFAULT | SSL_HIGH,
1986 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1987 128,
1988 128,
1989 },
1990 {
1991 1,
1992 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
1993 TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
1994 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
1995 SSL_kSRP,
1996 SSL_aSRP,
1997 SSL_AES256,
1998 SSL_SHA1,
1999 SSL3_VERSION, TLS1_2_VERSION,
2000 DTLS1_BAD_VER, DTLS1_2_VERSION,
2001 SSL_HIGH,
2002 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2003 256,
2004 256,
2005 },
2006 {
2007 1,
2008 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2009 TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2010 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2011 SSL_kSRP,
2012 SSL_aRSA,
2013 SSL_AES256,
2014 SSL_SHA1,
2015 SSL3_VERSION, TLS1_2_VERSION,
2016 DTLS1_BAD_VER, DTLS1_2_VERSION,
2017 SSL_HIGH,
2018 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2019 256,
2020 256,
2021 },
2022 {
2023 1,
2024 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2025 TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2026 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2027 SSL_kSRP,
2028 SSL_aDSS,
2029 SSL_AES256,
2030 SSL_SHA1,
2031 SSL3_VERSION, TLS1_2_VERSION,
2032 DTLS1_BAD_VER, DTLS1_2_VERSION,
2033 SSL_NOT_DEFAULT | SSL_HIGH,
2034 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2035 256,
2036 256,
2037 },
2038
2039 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2040 {
2041 1,
2042 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
2043 TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
2044 TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
2045 SSL_kDHE,
2046 SSL_aRSA,
2047 SSL_CHACHA20POLY1305,
2048 SSL_AEAD,
2049 TLS1_2_VERSION, TLS1_2_VERSION,
2050 DTLS1_2_VERSION, DTLS1_2_VERSION,
2051 SSL_HIGH,
2052 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2053 256,
2054 256,
2055 },
2056 {
2057 1,
2058 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2059 TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2060 TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2061 SSL_kECDHE,
2062 SSL_aRSA,
2063 SSL_CHACHA20POLY1305,
2064 SSL_AEAD,
2065 TLS1_2_VERSION, TLS1_2_VERSION,
2066 DTLS1_2_VERSION, DTLS1_2_VERSION,
2067 SSL_HIGH,
2068 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2069 256,
2070 256,
2071 },
2072 {
2073 1,
2074 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2075 TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2076 TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2077 SSL_kECDHE,
2078 SSL_aECDSA,
2079 SSL_CHACHA20POLY1305,
2080 SSL_AEAD,
2081 TLS1_2_VERSION, TLS1_2_VERSION,
2082 DTLS1_2_VERSION, DTLS1_2_VERSION,
2083 SSL_HIGH,
2084 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2085 256,
2086 256,
2087 },
2088 {
2089 1,
2090 TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
2091 TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
2092 TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2093 SSL_kPSK,
2094 SSL_aPSK,
2095 SSL_CHACHA20POLY1305,
2096 SSL_AEAD,
2097 TLS1_2_VERSION, TLS1_2_VERSION,
2098 DTLS1_2_VERSION, DTLS1_2_VERSION,
2099 SSL_HIGH,
2100 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2101 256,
2102 256,
2103 },
2104 {
2105 1,
2106 TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2107 TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2108 TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2109 SSL_kECDHEPSK,
2110 SSL_aPSK,
2111 SSL_CHACHA20POLY1305,
2112 SSL_AEAD,
2113 TLS1_2_VERSION, TLS1_2_VERSION,
2114 DTLS1_2_VERSION, DTLS1_2_VERSION,
2115 SSL_HIGH,
2116 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2117 256,
2118 256,
2119 },
2120 {
2121 1,
2122 TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
2123 TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
2124 TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2125 SSL_kDHEPSK,
2126 SSL_aPSK,
2127 SSL_CHACHA20POLY1305,
2128 SSL_AEAD,
2129 TLS1_2_VERSION, TLS1_2_VERSION,
2130 DTLS1_2_VERSION, DTLS1_2_VERSION,
2131 SSL_HIGH,
2132 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2133 256,
2134 256,
2135 },
2136 {
2137 1,
2138 TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
2139 TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
2140 TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2141 SSL_kRSAPSK,
2142 SSL_aRSA,
2143 SSL_CHACHA20POLY1305,
2144 SSL_AEAD,
2145 TLS1_2_VERSION, TLS1_2_VERSION,
2146 DTLS1_2_VERSION, DTLS1_2_VERSION,
2147 SSL_HIGH,
2148 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2149 256,
2150 256,
2151 },
2152 #endif /* !defined(OPENSSL_NO_CHACHA) &&
2153 * !defined(OPENSSL_NO_POLY1305) */
2154
2155 #ifndef OPENSSL_NO_CAMELLIA
2156 {
2157 1,
2158 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2159 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2160 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2161 SSL_kRSA,
2162 SSL_aRSA,
2163 SSL_CAMELLIA128,
2164 SSL_SHA256,
2165 TLS1_2_VERSION, TLS1_2_VERSION,
2166 DTLS1_2_VERSION, DTLS1_2_VERSION,
2167 SSL_NOT_DEFAULT | SSL_HIGH,
2168 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2169 128,
2170 128,
2171 },
2172 {
2173 1,
2174 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2175 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2176 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2177 SSL_kEDH,
2178 SSL_aDSS,
2179 SSL_CAMELLIA128,
2180 SSL_SHA256,
2181 TLS1_2_VERSION, TLS1_2_VERSION,
2182 DTLS1_2_VERSION, DTLS1_2_VERSION,
2183 SSL_NOT_DEFAULT | SSL_HIGH,
2184 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2185 128,
2186 128,
2187 },
2188 {
2189 1,
2190 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2191 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2192 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2193 SSL_kEDH,
2194 SSL_aRSA,
2195 SSL_CAMELLIA128,
2196 SSL_SHA256,
2197 TLS1_2_VERSION, TLS1_2_VERSION,
2198 DTLS1_2_VERSION, DTLS1_2_VERSION,
2199 SSL_NOT_DEFAULT | SSL_HIGH,
2200 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2201 128,
2202 128,
2203 },
2204 {
2205 1,
2206 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2207 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2208 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2209 SSL_kEDH,
2210 SSL_aNULL,
2211 SSL_CAMELLIA128,
2212 SSL_SHA256,
2213 TLS1_2_VERSION, TLS1_2_VERSION,
2214 DTLS1_2_VERSION, DTLS1_2_VERSION,
2215 SSL_NOT_DEFAULT | SSL_HIGH,
2216 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2217 128,
2218 128,
2219 },
2220 {
2221 1,
2222 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2223 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2224 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2225 SSL_kRSA,
2226 SSL_aRSA,
2227 SSL_CAMELLIA256,
2228 SSL_SHA256,
2229 TLS1_2_VERSION, TLS1_2_VERSION,
2230 DTLS1_2_VERSION, DTLS1_2_VERSION,
2231 SSL_NOT_DEFAULT | SSL_HIGH,
2232 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2233 256,
2234 256,
2235 },
2236 {
2237 1,
2238 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2239 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2240 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2241 SSL_kEDH,
2242 SSL_aDSS,
2243 SSL_CAMELLIA256,
2244 SSL_SHA256,
2245 TLS1_2_VERSION, TLS1_2_VERSION,
2246 DTLS1_2_VERSION, DTLS1_2_VERSION,
2247 SSL_NOT_DEFAULT | SSL_HIGH,
2248 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2249 256,
2250 256,
2251 },
2252 {
2253 1,
2254 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2255 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2256 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2257 SSL_kEDH,
2258 SSL_aRSA,
2259 SSL_CAMELLIA256,
2260 SSL_SHA256,
2261 TLS1_2_VERSION, TLS1_2_VERSION,
2262 DTLS1_2_VERSION, DTLS1_2_VERSION,
2263 SSL_NOT_DEFAULT | SSL_HIGH,
2264 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2265 256,
2266 256,
2267 },
2268 {
2269 1,
2270 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2271 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2272 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2273 SSL_kEDH,
2274 SSL_aNULL,
2275 SSL_CAMELLIA256,
2276 SSL_SHA256,
2277 TLS1_2_VERSION, TLS1_2_VERSION,
2278 DTLS1_2_VERSION, DTLS1_2_VERSION,
2279 SSL_NOT_DEFAULT | SSL_HIGH,
2280 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2281 256,
2282 256,
2283 },
2284 {
2285 1,
2286 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
2287 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
2288 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
2289 SSL_kRSA,
2290 SSL_aRSA,
2291 SSL_CAMELLIA256,
2292 SSL_SHA1,
2293 SSL3_VERSION, TLS1_2_VERSION,
2294 DTLS1_BAD_VER, DTLS1_2_VERSION,
2295 SSL_NOT_DEFAULT | SSL_HIGH,
2296 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2297 256,
2298 256,
2299 },
2300 {
2301 1,
2302 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2303 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2304 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2305 SSL_kDHE,
2306 SSL_aDSS,
2307 SSL_CAMELLIA256,
2308 SSL_SHA1,
2309 SSL3_VERSION, TLS1_2_VERSION,
2310 DTLS1_BAD_VER, DTLS1_2_VERSION,
2311 SSL_NOT_DEFAULT | SSL_HIGH,
2312 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2313 256,
2314 256,
2315 },
2316 {
2317 1,
2318 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2319 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2320 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2321 SSL_kDHE,
2322 SSL_aRSA,
2323 SSL_CAMELLIA256,
2324 SSL_SHA1,
2325 SSL3_VERSION, TLS1_2_VERSION,
2326 DTLS1_BAD_VER, DTLS1_2_VERSION,
2327 SSL_NOT_DEFAULT | SSL_HIGH,
2328 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2329 256,
2330 256,
2331 },
2332 {
2333 1,
2334 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
2335 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
2336 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
2337 SSL_kDHE,
2338 SSL_aNULL,
2339 SSL_CAMELLIA256,
2340 SSL_SHA1,
2341 SSL3_VERSION, TLS1_2_VERSION,
2342 DTLS1_BAD_VER, DTLS1_2_VERSION,
2343 SSL_NOT_DEFAULT | SSL_HIGH,
2344 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2345 256,
2346 256,
2347 },
2348 {
2349 1,
2350 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
2351 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
2352 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
2353 SSL_kRSA,
2354 SSL_aRSA,
2355 SSL_CAMELLIA128,
2356 SSL_SHA1,
2357 SSL3_VERSION, TLS1_2_VERSION,
2358 DTLS1_BAD_VER, DTLS1_2_VERSION,
2359 SSL_NOT_DEFAULT | SSL_HIGH,
2360 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2361 128,
2362 128,
2363 },
2364 {
2365 1,
2366 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2367 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2368 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2369 SSL_kDHE,
2370 SSL_aDSS,
2371 SSL_CAMELLIA128,
2372 SSL_SHA1,
2373 SSL3_VERSION, TLS1_2_VERSION,
2374 DTLS1_BAD_VER, DTLS1_2_VERSION,
2375 SSL_NOT_DEFAULT | SSL_HIGH,
2376 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2377 128,
2378 128,
2379 },
2380 {
2381 1,
2382 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2383 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2384 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2385 SSL_kDHE,
2386 SSL_aRSA,
2387 SSL_CAMELLIA128,
2388 SSL_SHA1,
2389 SSL3_VERSION, TLS1_2_VERSION,
2390 DTLS1_BAD_VER, DTLS1_2_VERSION,
2391 SSL_NOT_DEFAULT | SSL_HIGH,
2392 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2393 128,
2394 128,
2395 },
2396 {
2397 1,
2398 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
2399 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
2400 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
2401 SSL_kDHE,
2402 SSL_aNULL,
2403 SSL_CAMELLIA128,
2404 SSL_SHA1,
2405 SSL3_VERSION, TLS1_2_VERSION,
2406 DTLS1_BAD_VER, DTLS1_2_VERSION,
2407 SSL_NOT_DEFAULT | SSL_HIGH,
2408 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2409 128,
2410 128,
2411 },
2412 {
2413 1,
2414 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2415 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2416 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2417 SSL_kECDHE,
2418 SSL_aECDSA,
2419 SSL_CAMELLIA128,
2420 SSL_SHA256,
2421 TLS1_2_VERSION, TLS1_2_VERSION,
2422 DTLS1_2_VERSION, DTLS1_2_VERSION,
2423 SSL_NOT_DEFAULT | SSL_HIGH,
2424 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2425 128,
2426 128,
2427 },
2428 {
2429 1,
2430 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2431 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2432 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2433 SSL_kECDHE,
2434 SSL_aECDSA,
2435 SSL_CAMELLIA256,
2436 SSL_SHA384,
2437 TLS1_2_VERSION, TLS1_2_VERSION,
2438 DTLS1_2_VERSION, DTLS1_2_VERSION,
2439 SSL_NOT_DEFAULT | SSL_HIGH,
2440 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2441 256,
2442 256,
2443 },
2444 {
2445 1,
2446 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2447 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2448 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2449 SSL_kECDHE,
2450 SSL_aRSA,
2451 SSL_CAMELLIA128,
2452 SSL_SHA256,
2453 TLS1_2_VERSION, TLS1_2_VERSION,
2454 DTLS1_2_VERSION, DTLS1_2_VERSION,
2455 SSL_NOT_DEFAULT | SSL_HIGH,
2456 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2457 128,
2458 128,
2459 },
2460 {
2461 1,
2462 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2463 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2464 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2465 SSL_kECDHE,
2466 SSL_aRSA,
2467 SSL_CAMELLIA256,
2468 SSL_SHA384,
2469 TLS1_2_VERSION, TLS1_2_VERSION,
2470 DTLS1_2_VERSION, DTLS1_2_VERSION,
2471 SSL_NOT_DEFAULT | SSL_HIGH,
2472 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2473 256,
2474 256,
2475 },
2476 {
2477 1,
2478 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2479 TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2480 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2481 SSL_kPSK,
2482 SSL_aPSK,
2483 SSL_CAMELLIA128,
2484 SSL_SHA256,
2485 TLS1_VERSION, TLS1_2_VERSION,
2486 DTLS1_BAD_VER, DTLS1_2_VERSION,
2487 SSL_NOT_DEFAULT | SSL_HIGH,
2488 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2489 128,
2490 128,
2491 },
2492 {
2493 1,
2494 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2495 TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2496 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2497 SSL_kPSK,
2498 SSL_aPSK,
2499 SSL_CAMELLIA256,
2500 SSL_SHA384,
2501 TLS1_VERSION, TLS1_2_VERSION,
2502 DTLS1_BAD_VER, DTLS1_2_VERSION,
2503 SSL_NOT_DEFAULT | SSL_HIGH,
2504 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2505 256,
2506 256,
2507 },
2508 {
2509 1,
2510 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2511 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2512 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2513 SSL_kDHEPSK,
2514 SSL_aPSK,
2515 SSL_CAMELLIA128,
2516 SSL_SHA256,
2517 TLS1_VERSION, TLS1_2_VERSION,
2518 DTLS1_BAD_VER, DTLS1_2_VERSION,
2519 SSL_NOT_DEFAULT | SSL_HIGH,
2520 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2521 128,
2522 128,
2523 },
2524 {
2525 1,
2526 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2527 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2528 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2529 SSL_kDHEPSK,
2530 SSL_aPSK,
2531 SSL_CAMELLIA256,
2532 SSL_SHA384,
2533 TLS1_VERSION, TLS1_2_VERSION,
2534 DTLS1_BAD_VER, DTLS1_2_VERSION,
2535 SSL_NOT_DEFAULT | SSL_HIGH,
2536 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2537 256,
2538 256,
2539 },
2540 {
2541 1,
2542 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2543 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2544 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2545 SSL_kRSAPSK,
2546 SSL_aRSA,
2547 SSL_CAMELLIA128,
2548 SSL_SHA256,
2549 TLS1_VERSION, TLS1_2_VERSION,
2550 DTLS1_BAD_VER, DTLS1_2_VERSION,
2551 SSL_NOT_DEFAULT | SSL_HIGH,
2552 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2553 128,
2554 128,
2555 },
2556 {
2557 1,
2558 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2559 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2560 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2561 SSL_kRSAPSK,
2562 SSL_aRSA,
2563 SSL_CAMELLIA256,
2564 SSL_SHA384,
2565 TLS1_VERSION, TLS1_2_VERSION,
2566 DTLS1_BAD_VER, DTLS1_2_VERSION,
2567 SSL_NOT_DEFAULT | SSL_HIGH,
2568 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2569 256,
2570 256,
2571 },
2572 {
2573 1,
2574 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2575 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2576 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2577 SSL_kECDHEPSK,
2578 SSL_aPSK,
2579 SSL_CAMELLIA128,
2580 SSL_SHA256,
2581 TLS1_VERSION, TLS1_2_VERSION,
2582 DTLS1_BAD_VER, DTLS1_2_VERSION,
2583 SSL_NOT_DEFAULT | SSL_HIGH,
2584 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2585 128,
2586 128,
2587 },
2588 {
2589 1,
2590 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2591 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2592 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2593 SSL_kECDHEPSK,
2594 SSL_aPSK,
2595 SSL_CAMELLIA256,
2596 SSL_SHA384,
2597 TLS1_VERSION, TLS1_2_VERSION,
2598 DTLS1_BAD_VER, DTLS1_2_VERSION,
2599 SSL_NOT_DEFAULT | SSL_HIGH,
2600 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2601 256,
2602 256,
2603 },
2604 #endif /* OPENSSL_NO_CAMELLIA */
2605
2606 #ifndef OPENSSL_NO_GOST
2607 {
2608 1,
2609 "GOST2001-GOST89-GOST89",
2610 "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
2611 0x3000081,
2612 SSL_kGOST,
2613 SSL_aGOST01,
2614 SSL_eGOST2814789CNT,
2615 SSL_GOST89MAC,
2616 TLS1_VERSION, TLS1_2_VERSION,
2617 0, 0,
2618 SSL_HIGH,
2619 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
2620 256,
2621 256,
2622 },
2623 {
2624 1,
2625 "GOST2001-NULL-GOST94",
2626 "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
2627 0x3000083,
2628 SSL_kGOST,
2629 SSL_aGOST01,
2630 SSL_eNULL,
2631 SSL_GOST94,
2632 TLS1_VERSION, TLS1_2_VERSION,
2633 0, 0,
2634 SSL_STRONG_NONE,
2635 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
2636 0,
2637 0,
2638 },
2639 {
2640 1,
2641 "IANA-GOST2012-GOST8912-GOST8912",
2642 NULL,
2643 0x0300c102,
2644 SSL_kGOST,
2645 SSL_aGOST12 | SSL_aGOST01,
2646 SSL_eGOST2814789CNT12,
2647 SSL_GOST89MAC12,
2648 TLS1_VERSION, TLS1_2_VERSION,
2649 0, 0,
2650 SSL_HIGH,
2651 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2652 256,
2653 256,
2654 },
2655 {
2656 1,
2657 "LEGACY-GOST2012-GOST8912-GOST8912",
2658 NULL,
2659 0x0300ff85,
2660 SSL_kGOST,
2661 SSL_aGOST12 | SSL_aGOST01,
2662 SSL_eGOST2814789CNT12,
2663 SSL_GOST89MAC12,
2664 TLS1_VERSION, TLS1_2_VERSION,
2665 0, 0,
2666 SSL_HIGH,
2667 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2668 256,
2669 256,
2670 },
2671 {
2672 1,
2673 "GOST2012-NULL-GOST12",
2674 NULL,
2675 0x0300ff87,
2676 SSL_kGOST,
2677 SSL_aGOST12 | SSL_aGOST01,
2678 SSL_eNULL,
2679 SSL_GOST12_256,
2680 TLS1_VERSION, TLS1_2_VERSION,
2681 0, 0,
2682 SSL_STRONG_NONE,
2683 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2684 0,
2685 0,
2686 },
2687 {
2688 1,
2689 "GOST2012-KUZNYECHIK-KUZNYECHIKOMAC",
2690 NULL,
2691 0x0300C100,
2692 SSL_kGOST18,
2693 SSL_aGOST12,
2694 SSL_KUZNYECHIK,
2695 SSL_KUZNYECHIKOMAC,
2696 TLS1_2_VERSION, TLS1_2_VERSION,
2697 0, 0,
2698 SSL_HIGH,
2699 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
2700 256,
2701 256,
2702 },
2703 {
2704 1,
2705 "GOST2012-MAGMA-MAGMAOMAC",
2706 NULL,
2707 0x0300C101,
2708 SSL_kGOST18,
2709 SSL_aGOST12,
2710 SSL_MAGMA,
2711 SSL_MAGMAOMAC,
2712 TLS1_2_VERSION, TLS1_2_VERSION,
2713 0, 0,
2714 SSL_HIGH,
2715 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
2716 256,
2717 256,
2718 },
2719 #endif /* OPENSSL_NO_GOST */
2720
2721 #ifndef OPENSSL_NO_IDEA
2722 {
2723 1,
2724 SSL3_TXT_RSA_IDEA_128_SHA,
2725 SSL3_RFC_RSA_IDEA_128_SHA,
2726 SSL3_CK_RSA_IDEA_128_SHA,
2727 SSL_kRSA,
2728 SSL_aRSA,
2729 SSL_IDEA,
2730 SSL_SHA1,
2731 SSL3_VERSION, TLS1_1_VERSION,
2732 DTLS1_BAD_VER, DTLS1_VERSION,
2733 SSL_NOT_DEFAULT | SSL_MEDIUM,
2734 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2735 128,
2736 128,
2737 },
2738 #endif
2739
2740 #ifndef OPENSSL_NO_SEED
2741 {
2742 1,
2743 TLS1_TXT_RSA_WITH_SEED_SHA,
2744 TLS1_RFC_RSA_WITH_SEED_SHA,
2745 TLS1_CK_RSA_WITH_SEED_SHA,
2746 SSL_kRSA,
2747 SSL_aRSA,
2748 SSL_SEED,
2749 SSL_SHA1,
2750 SSL3_VERSION, TLS1_2_VERSION,
2751 DTLS1_BAD_VER, DTLS1_2_VERSION,
2752 SSL_NOT_DEFAULT | SSL_MEDIUM,
2753 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2754 128,
2755 128,
2756 },
2757 {
2758 1,
2759 TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
2760 TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
2761 TLS1_CK_DHE_DSS_WITH_SEED_SHA,
2762 SSL_kDHE,
2763 SSL_aDSS,
2764 SSL_SEED,
2765 SSL_SHA1,
2766 SSL3_VERSION, TLS1_2_VERSION,
2767 DTLS1_BAD_VER, DTLS1_2_VERSION,
2768 SSL_NOT_DEFAULT | SSL_MEDIUM,
2769 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2770 128,
2771 128,
2772 },
2773 {
2774 1,
2775 TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
2776 TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
2777 TLS1_CK_DHE_RSA_WITH_SEED_SHA,
2778 SSL_kDHE,
2779 SSL_aRSA,
2780 SSL_SEED,
2781 SSL_SHA1,
2782 SSL3_VERSION, TLS1_2_VERSION,
2783 DTLS1_BAD_VER, DTLS1_2_VERSION,
2784 SSL_NOT_DEFAULT | SSL_MEDIUM,
2785 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2786 128,
2787 128,
2788 },
2789 {
2790 1,
2791 TLS1_TXT_ADH_WITH_SEED_SHA,
2792 TLS1_RFC_ADH_WITH_SEED_SHA,
2793 TLS1_CK_ADH_WITH_SEED_SHA,
2794 SSL_kDHE,
2795 SSL_aNULL,
2796 SSL_SEED,
2797 SSL_SHA1,
2798 SSL3_VERSION, TLS1_2_VERSION,
2799 DTLS1_BAD_VER, DTLS1_2_VERSION,
2800 SSL_NOT_DEFAULT | SSL_MEDIUM,
2801 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2802 128,
2803 128,
2804 },
2805 #endif /* OPENSSL_NO_SEED */
2806
2807 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
2808 {
2809 1,
2810 SSL3_TXT_RSA_RC4_128_MD5,
2811 SSL3_RFC_RSA_RC4_128_MD5,
2812 SSL3_CK_RSA_RC4_128_MD5,
2813 SSL_kRSA,
2814 SSL_aRSA,
2815 SSL_RC4,
2816 SSL_MD5,
2817 SSL3_VERSION, TLS1_2_VERSION,
2818 0, 0,
2819 SSL_NOT_DEFAULT | SSL_MEDIUM,
2820 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2821 128,
2822 128,
2823 },
2824 {
2825 1,
2826 SSL3_TXT_RSA_RC4_128_SHA,
2827 SSL3_RFC_RSA_RC4_128_SHA,
2828 SSL3_CK_RSA_RC4_128_SHA,
2829 SSL_kRSA,
2830 SSL_aRSA,
2831 SSL_RC4,
2832 SSL_SHA1,
2833 SSL3_VERSION, TLS1_2_VERSION,
2834 0, 0,
2835 SSL_NOT_DEFAULT | SSL_MEDIUM,
2836 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2837 128,
2838 128,
2839 },
2840 {
2841 1,
2842 SSL3_TXT_ADH_RC4_128_MD5,
2843 SSL3_RFC_ADH_RC4_128_MD5,
2844 SSL3_CK_ADH_RC4_128_MD5,
2845 SSL_kDHE,
2846 SSL_aNULL,
2847 SSL_RC4,
2848 SSL_MD5,
2849 SSL3_VERSION, TLS1_2_VERSION,
2850 0, 0,
2851 SSL_NOT_DEFAULT | SSL_MEDIUM,
2852 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2853 128,
2854 128,
2855 },
2856 {
2857 1,
2858 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
2859 TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
2860 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2861 SSL_kECDHEPSK,
2862 SSL_aPSK,
2863 SSL_RC4,
2864 SSL_SHA1,
2865 TLS1_VERSION, TLS1_2_VERSION,
2866 0, 0,
2867 SSL_NOT_DEFAULT | SSL_MEDIUM,
2868 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2869 128,
2870 128,
2871 },
2872 {
2873 1,
2874 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2875 TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
2876 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2877 SSL_kECDHE,
2878 SSL_aNULL,
2879 SSL_RC4,
2880 SSL_SHA1,
2881 TLS1_VERSION, TLS1_2_VERSION,
2882 0, 0,
2883 SSL_NOT_DEFAULT | SSL_MEDIUM,
2884 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2885 128,
2886 128,
2887 },
2888 {
2889 1,
2890 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2891 TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
2892 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2893 SSL_kECDHE,
2894 SSL_aECDSA,
2895 SSL_RC4,
2896 SSL_SHA1,
2897 TLS1_VERSION, TLS1_2_VERSION,
2898 0, 0,
2899 SSL_NOT_DEFAULT | SSL_MEDIUM,
2900 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2901 128,
2902 128,
2903 },
2904 {
2905 1,
2906 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2907 TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
2908 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2909 SSL_kECDHE,
2910 SSL_aRSA,
2911 SSL_RC4,
2912 SSL_SHA1,
2913 TLS1_VERSION, TLS1_2_VERSION,
2914 0, 0,
2915 SSL_NOT_DEFAULT | SSL_MEDIUM,
2916 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2917 128,
2918 128,
2919 },
2920 {
2921 1,
2922 TLS1_TXT_PSK_WITH_RC4_128_SHA,
2923 TLS1_RFC_PSK_WITH_RC4_128_SHA,
2924 TLS1_CK_PSK_WITH_RC4_128_SHA,
2925 SSL_kPSK,
2926 SSL_aPSK,
2927 SSL_RC4,
2928 SSL_SHA1,
2929 SSL3_VERSION, TLS1_2_VERSION,
2930 0, 0,
2931 SSL_NOT_DEFAULT | SSL_MEDIUM,
2932 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2933 128,
2934 128,
2935 },
2936 {
2937 1,
2938 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
2939 TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
2940 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
2941 SSL_kRSAPSK,
2942 SSL_aRSA,
2943 SSL_RC4,
2944 SSL_SHA1,
2945 SSL3_VERSION, TLS1_2_VERSION,
2946 0, 0,
2947 SSL_NOT_DEFAULT | SSL_MEDIUM,
2948 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2949 128,
2950 128,
2951 },
2952 {
2953 1,
2954 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
2955 TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
2956 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
2957 SSL_kDHEPSK,
2958 SSL_aPSK,
2959 SSL_RC4,
2960 SSL_SHA1,
2961 SSL3_VERSION, TLS1_2_VERSION,
2962 0, 0,
2963 SSL_NOT_DEFAULT | SSL_MEDIUM,
2964 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2965 128,
2966 128,
2967 },
2968 #endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
2969
2970 #ifndef OPENSSL_NO_ARIA
2971 {
2972 1,
2973 TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
2974 TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
2975 TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
2976 SSL_kRSA,
2977 SSL_aRSA,
2978 SSL_ARIA128GCM,
2979 SSL_AEAD,
2980 TLS1_2_VERSION, TLS1_2_VERSION,
2981 DTLS1_2_VERSION, DTLS1_2_VERSION,
2982 SSL_NOT_DEFAULT | SSL_HIGH,
2983 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2984 128,
2985 128,
2986 },
2987 {
2988 1,
2989 TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
2990 TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
2991 TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
2992 SSL_kRSA,
2993 SSL_aRSA,
2994 SSL_ARIA256GCM,
2995 SSL_AEAD,
2996 TLS1_2_VERSION, TLS1_2_VERSION,
2997 DTLS1_2_VERSION, DTLS1_2_VERSION,
2998 SSL_NOT_DEFAULT | SSL_HIGH,
2999 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3000 256,
3001 256,
3002 },
3003 {
3004 1,
3005 TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
3006 TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
3007 TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
3008 SSL_kDHE,
3009 SSL_aRSA,
3010 SSL_ARIA128GCM,
3011 SSL_AEAD,
3012 TLS1_2_VERSION, TLS1_2_VERSION,
3013 DTLS1_2_VERSION, DTLS1_2_VERSION,
3014 SSL_NOT_DEFAULT | SSL_HIGH,
3015 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3016 128,
3017 128,
3018 },
3019 {
3020 1,
3021 TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3022 TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3023 TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3024 SSL_kDHE,
3025 SSL_aRSA,
3026 SSL_ARIA256GCM,
3027 SSL_AEAD,
3028 TLS1_2_VERSION, TLS1_2_VERSION,
3029 DTLS1_2_VERSION, DTLS1_2_VERSION,
3030 SSL_NOT_DEFAULT | SSL_HIGH,
3031 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3032 256,
3033 256,
3034 },
3035 {
3036 1,
3037 TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3038 TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3039 TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3040 SSL_kDHE,
3041 SSL_aDSS,
3042 SSL_ARIA128GCM,
3043 SSL_AEAD,
3044 TLS1_2_VERSION, TLS1_2_VERSION,
3045 DTLS1_2_VERSION, DTLS1_2_VERSION,
3046 SSL_NOT_DEFAULT | SSL_HIGH,
3047 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3048 128,
3049 128,
3050 },
3051 {
3052 1,
3053 TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3054 TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3055 TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3056 SSL_kDHE,
3057 SSL_aDSS,
3058 SSL_ARIA256GCM,
3059 SSL_AEAD,
3060 TLS1_2_VERSION, TLS1_2_VERSION,
3061 DTLS1_2_VERSION, DTLS1_2_VERSION,
3062 SSL_NOT_DEFAULT | SSL_HIGH,
3063 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3064 256,
3065 256,
3066 },
3067 {
3068 1,
3069 TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3070 TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3071 TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3072 SSL_kECDHE,
3073 SSL_aECDSA,
3074 SSL_ARIA128GCM,
3075 SSL_AEAD,
3076 TLS1_2_VERSION, TLS1_2_VERSION,
3077 DTLS1_2_VERSION, DTLS1_2_VERSION,
3078 SSL_NOT_DEFAULT | SSL_HIGH,
3079 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3080 128,
3081 128,
3082 },
3083 {
3084 1,
3085 TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3086 TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3087 TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3088 SSL_kECDHE,
3089 SSL_aECDSA,
3090 SSL_ARIA256GCM,
3091 SSL_AEAD,
3092 TLS1_2_VERSION, TLS1_2_VERSION,
3093 DTLS1_2_VERSION, DTLS1_2_VERSION,
3094 SSL_NOT_DEFAULT | SSL_HIGH,
3095 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3096 256,
3097 256,
3098 },
3099 {
3100 1,
3101 TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3102 TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3103 TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3104 SSL_kECDHE,
3105 SSL_aRSA,
3106 SSL_ARIA128GCM,
3107 SSL_AEAD,
3108 TLS1_2_VERSION, TLS1_2_VERSION,
3109 DTLS1_2_VERSION, DTLS1_2_VERSION,
3110 SSL_NOT_DEFAULT | SSL_HIGH,
3111 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3112 128,
3113 128,
3114 },
3115 {
3116 1,
3117 TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3118 TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3119 TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3120 SSL_kECDHE,
3121 SSL_aRSA,
3122 SSL_ARIA256GCM,
3123 SSL_AEAD,
3124 TLS1_2_VERSION, TLS1_2_VERSION,
3125 DTLS1_2_VERSION, DTLS1_2_VERSION,
3126 SSL_NOT_DEFAULT | SSL_HIGH,
3127 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3128 256,
3129 256,
3130 },
3131 {
3132 1,
3133 TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
3134 TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
3135 TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
3136 SSL_kPSK,
3137 SSL_aPSK,
3138 SSL_ARIA128GCM,
3139 SSL_AEAD,
3140 TLS1_2_VERSION, TLS1_2_VERSION,
3141 DTLS1_2_VERSION, DTLS1_2_VERSION,
3142 SSL_NOT_DEFAULT | SSL_HIGH,
3143 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3144 128,
3145 128,
3146 },
3147 {
3148 1,
3149 TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
3150 TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
3151 TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
3152 SSL_kPSK,
3153 SSL_aPSK,
3154 SSL_ARIA256GCM,
3155 SSL_AEAD,
3156 TLS1_2_VERSION, TLS1_2_VERSION,
3157 DTLS1_2_VERSION, DTLS1_2_VERSION,
3158 SSL_NOT_DEFAULT | SSL_HIGH,
3159 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3160 256,
3161 256,
3162 },
3163 {
3164 1,
3165 TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3166 TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3167 TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3168 SSL_kDHEPSK,
3169 SSL_aPSK,
3170 SSL_ARIA128GCM,
3171 SSL_AEAD,
3172 TLS1_2_VERSION, TLS1_2_VERSION,
3173 DTLS1_2_VERSION, DTLS1_2_VERSION,
3174 SSL_NOT_DEFAULT | SSL_HIGH,
3175 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3176 128,
3177 128,
3178 },
3179 {
3180 1,
3181 TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3182 TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3183 TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3184 SSL_kDHEPSK,
3185 SSL_aPSK,
3186 SSL_ARIA256GCM,
3187 SSL_AEAD,
3188 TLS1_2_VERSION, TLS1_2_VERSION,
3189 DTLS1_2_VERSION, DTLS1_2_VERSION,
3190 SSL_NOT_DEFAULT | SSL_HIGH,
3191 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3192 256,
3193 256,
3194 },
3195 {
3196 1,
3197 TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3198 TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3199 TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3200 SSL_kRSAPSK,
3201 SSL_aRSA,
3202 SSL_ARIA128GCM,
3203 SSL_AEAD,
3204 TLS1_2_VERSION, TLS1_2_VERSION,
3205 DTLS1_2_VERSION, DTLS1_2_VERSION,
3206 SSL_NOT_DEFAULT | SSL_HIGH,
3207 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3208 128,
3209 128,
3210 },
3211 {
3212 1,
3213 TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3214 TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3215 TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3216 SSL_kRSAPSK,
3217 SSL_aRSA,
3218 SSL_ARIA256GCM,
3219 SSL_AEAD,
3220 TLS1_2_VERSION, TLS1_2_VERSION,
3221 DTLS1_2_VERSION, DTLS1_2_VERSION,
3222 SSL_NOT_DEFAULT | SSL_HIGH,
3223 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3224 256,
3225 256,
3226 },
3227 #endif /* OPENSSL_NO_ARIA */
3228 };
3229
3230 /*
3231 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
3232 * values stuffed into the ciphers field of the wire protocol for signalling
3233 * purposes.
3234 */
3235 static SSL_CIPHER ssl3_scsvs[] = {
3236 {
3237 0,
3238 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3239 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3240 SSL3_CK_SCSV,
3241 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3242 },
3243 {
3244 0,
3245 "TLS_FALLBACK_SCSV",
3246 "TLS_FALLBACK_SCSV",
3247 SSL3_CK_FALLBACK_SCSV,
3248 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3249 },
3250 };
3251
3252 static int cipher_compare(const void *a, const void *b)
3253 {
3254 const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
3255 const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
3256
3257 if (ap->id == bp->id)
3258 return 0;
3259 return ap->id < bp->id ? -1 : 1;
3260 }
3261
3262 void ssl_sort_cipher_list(void)
3263 {
3264 qsort(tls13_ciphers, TLS13_NUM_CIPHERS, sizeof(tls13_ciphers[0]),
3265 cipher_compare);
3266 qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(ssl3_ciphers[0]),
3267 cipher_compare);
3268 qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof(ssl3_scsvs[0]), cipher_compare);
3269 }
3270
3271 static int ssl_undefined_function_1(SSL *ssl, unsigned char *r, size_t s,
3272 const char * t, size_t u,
3273 const unsigned char * v, size_t w, int x)
3274 {
3275 (void)r;
3276 (void)s;
3277 (void)t;
3278 (void)u;
3279 (void)v;
3280 (void)w;
3281 (void)x;
3282 return ssl_undefined_function(ssl);
3283 }
3284
3285 const SSL3_ENC_METHOD SSLv3_enc_data = {
3286 ssl3_enc,
3287 n_ssl3_mac,
3288 ssl3_setup_key_block,
3289 ssl3_generate_master_secret,
3290 ssl3_change_cipher_state,
3291 ssl3_final_finish_mac,
3292 SSL3_MD_CLIENT_FINISHED_CONST, 4,
3293 SSL3_MD_SERVER_FINISHED_CONST, 4,
3294 ssl3_alert_code,
3295 ssl_undefined_function_1,
3296 0,
3297 ssl3_set_handshake_header,
3298 tls_close_construct_packet,
3299 ssl3_handshake_write
3300 };
3301
3302 long ssl3_default_timeout(void)
3303 {
3304 /*
3305 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
3306 * http, the cache would over fill
3307 */
3308 return (60 * 60 * 2);
3309 }
3310
3311 int ssl3_num_ciphers(void)
3312 {
3313 return SSL3_NUM_CIPHERS;
3314 }
3315
3316 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
3317 {
3318 if (u < SSL3_NUM_CIPHERS)
3319 return &(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]);
3320 else
3321 return NULL;
3322 }
3323
3324 int ssl3_set_handshake_header(SSL *s, WPACKET *pkt, int htype)
3325 {
3326 /* No header in the event of a CCS */
3327 if (htype == SSL3_MT_CHANGE_CIPHER_SPEC)
3328 return 1;
3329
3330 /* Set the content type and 3 bytes for the message len */
3331 if (!WPACKET_put_bytes_u8(pkt, htype)
3332 || !WPACKET_start_sub_packet_u24(pkt))
3333 return 0;
3334
3335 return 1;
3336 }
3337
3338 int ssl3_handshake_write(SSL *s)
3339 {
3340 return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3341 }
3342
3343 int ssl3_new(SSL *s)
3344 {
3345 #ifndef OPENSSL_NO_SRP
3346 if (!SSL_SRP_CTX_init(s))
3347 return 0;
3348 #endif
3349
3350 if (!s->method->ssl_clear(s))
3351 return 0;
3352
3353 return 1;
3354 }
3355
3356 void ssl3_free(SSL *s)
3357 {
3358 if (s == NULL)
3359 return;
3360
3361 ssl3_cleanup_key_block(s);
3362
3363 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3364 EVP_PKEY_free(s->s3.peer_tmp);
3365 s->s3.peer_tmp = NULL;
3366 EVP_PKEY_free(s->s3.tmp.pkey);
3367 s->s3.tmp.pkey = NULL;
3368 #endif
3369
3370 ssl_evp_cipher_free(s->s3.tmp.new_sym_enc);
3371 ssl_evp_md_free(s->s3.tmp.new_hash);
3372
3373 OPENSSL_free(s->s3.tmp.ctype);
3374 sk_X509_NAME_pop_free(s->s3.tmp.peer_ca_names, X509_NAME_free);
3375 OPENSSL_free(s->s3.tmp.ciphers_raw);
3376 OPENSSL_clear_free(s->s3.tmp.pms, s->s3.tmp.pmslen);
3377 OPENSSL_free(s->s3.tmp.peer_sigalgs);
3378 OPENSSL_free(s->s3.tmp.peer_cert_sigalgs);
3379 ssl3_free_digest_list(s);
3380 OPENSSL_free(s->s3.alpn_selected);
3381 OPENSSL_free(s->s3.alpn_proposed);
3382
3383 #ifndef OPENSSL_NO_SRP
3384 SSL_SRP_CTX_free(s);
3385 #endif
3386 memset(&s->s3, 0, sizeof(s->s3));
3387 }
3388
3389 int ssl3_clear(SSL *s)
3390 {
3391 ssl3_cleanup_key_block(s);
3392 OPENSSL_free(s->s3.tmp.ctype);
3393 sk_X509_NAME_pop_free(s->s3.tmp.peer_ca_names, X509_NAME_free);
3394 OPENSSL_free(s->s3.tmp.ciphers_raw);
3395 OPENSSL_clear_free(s->s3.tmp.pms, s->s3.tmp.pmslen);
3396 OPENSSL_free(s->s3.tmp.peer_sigalgs);
3397 OPENSSL_free(s->s3.tmp.peer_cert_sigalgs);
3398
3399 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3400 EVP_PKEY_free(s->s3.tmp.pkey);
3401 EVP_PKEY_free(s->s3.peer_tmp);
3402 #endif /* !OPENSSL_NO_EC */
3403
3404 ssl3_free_digest_list(s);
3405
3406 OPENSSL_free(s->s3.alpn_selected);
3407 OPENSSL_free(s->s3.alpn_proposed);
3408
3409 /* NULL/zero-out everything in the s3 struct */
3410 memset(&s->s3, 0, sizeof(s->s3));
3411
3412 if (!ssl_free_wbio_buffer(s))
3413 return 0;
3414
3415 s->version = SSL3_VERSION;
3416
3417 #if !defined(OPENSSL_NO_NEXTPROTONEG)
3418 OPENSSL_free(s->ext.npn);
3419 s->ext.npn = NULL;
3420 s->ext.npn_len = 0;
3421 #endif
3422
3423 return 1;
3424 }
3425
3426 #ifndef OPENSSL_NO_SRP
3427 static char *srp_password_from_info_cb(SSL *s, void *arg)
3428 {
3429 return OPENSSL_strdup(s->srp_ctx.info);
3430 }
3431 #endif
3432
3433 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
3434
3435 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3436 {
3437 int ret = 0;
3438
3439 switch (cmd) {
3440 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3441 break;
3442 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3443 ret = s->s3.num_renegotiations;
3444 break;
3445 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3446 ret = s->s3.num_renegotiations;
3447 s->s3.num_renegotiations = 0;
3448 break;
3449 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3450 ret = s->s3.total_renegotiations;
3451 break;
3452 case SSL_CTRL_GET_FLAGS:
3453 ret = (int)(s->s3.flags);
3454 break;
3455 #if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3456 case SSL_CTRL_SET_TMP_DH:
3457 {
3458 EVP_PKEY *pkdh = NULL;
3459 if (parg == NULL) {
3460 ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3461 return 0;
3462 }
3463 pkdh = ssl_dh_to_pkey(parg);
3464 if (pkdh == NULL) {
3465 ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
3466 return 0;
3467 }
3468 return SSL_set0_tmp_dh_pkey(s, pkdh);
3469 }
3470 break;
3471 case SSL_CTRL_SET_TMP_DH_CB:
3472 {
3473 ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3474 return ret;
3475 }
3476 #endif
3477 case SSL_CTRL_SET_DH_AUTO:
3478 s->cert->dh_tmp_auto = larg;
3479 return 1;
3480 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3481 case SSL_CTRL_SET_TMP_ECDH:
3482 {
3483 if (parg == NULL) {
3484 ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3485 return 0;
3486 }
3487 return ssl_set_tmp_ecdh_groups(&s->ext.supportedgroups,
3488 &s->ext.supportedgroups_len,
3489 parg);
3490 }
3491 #endif
3492 case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3493 /*
3494 * TODO(OpenSSL1.2)
3495 * This API is only used for a client to set what SNI it will request
3496 * from the server, but we currently allow it to be used on servers
3497 * as well, which is a programming error. Currently we just clear
3498 * the field in SSL_do_handshake() for server SSLs, but when we can
3499 * make ABI-breaking changes, we may want to make use of this API
3500 * an error on server SSLs.
3501 */
3502 if (larg == TLSEXT_NAMETYPE_host_name) {
3503 size_t len;
3504
3505 OPENSSL_free(s->ext.hostname);
3506 s->ext.hostname = NULL;
3507
3508 ret = 1;
3509 if (parg == NULL)
3510 break;
3511 len = strlen((char *)parg);
3512 if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
3513 ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3514 return 0;
3515 }
3516 if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) {
3517 ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
3518 return 0;
3519 }
3520 } else {
3521 ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3522 return 0;
3523 }
3524 break;
3525 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3526 s->ext.debug_arg = parg;
3527 ret = 1;
3528 break;
3529
3530 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3531 ret = s->ext.status_type;
3532 break;
3533
3534 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3535 s->ext.status_type = larg;
3536 ret = 1;
3537 break;
3538
3539 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3540 *(STACK_OF(X509_EXTENSION) **)parg = s->ext.ocsp.exts;
3541 ret = 1;
3542 break;
3543
3544 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3545 s->ext.ocsp.exts = parg;
3546 ret = 1;
3547 break;
3548
3549 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3550 *(STACK_OF(OCSP_RESPID) **)parg = s->ext.ocsp.ids;
3551 ret = 1;
3552 break;
3553
3554 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3555 s->ext.ocsp.ids = parg;
3556 ret = 1;
3557 break;
3558
3559 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3560 *(unsigned char **)parg = s->ext.ocsp.resp;
3561 if (s->ext.ocsp.resp_len == 0
3562 || s->ext.ocsp.resp_len > LONG_MAX)
3563 return -1;
3564 return (long)s->ext.ocsp.resp_len;
3565
3566 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3567 OPENSSL_free(s->ext.ocsp.resp);
3568 s->ext.ocsp.resp = parg;
3569 s->ext.ocsp.resp_len = larg;
3570 ret = 1;
3571 break;
3572
3573 case SSL_CTRL_CHAIN:
3574 if (larg)
3575 return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
3576 else
3577 return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);
3578
3579 case SSL_CTRL_CHAIN_CERT:
3580 if (larg)
3581 return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
3582 else
3583 return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);
3584
3585 case SSL_CTRL_GET_CHAIN_CERTS:
3586 *(STACK_OF(X509) **)parg = s->cert->key->chain;
3587 ret = 1;
3588 break;
3589
3590 case SSL_CTRL_SELECT_CURRENT_CERT:
3591 return ssl_cert_select_current(s->cert, (X509 *)parg);
3592
3593 case SSL_CTRL_SET_CURRENT_CERT:
3594 if (larg == SSL_CERT_SET_SERVER) {
3595 const SSL_CIPHER *cipher;
3596 if (!s->server)
3597 return 0;
3598 cipher = s->s3.tmp.new_cipher;
3599 if (cipher == NULL)
3600 return 0;
3601 /*
3602 * No certificate for unauthenticated ciphersuites or using SRP
3603 * authentication
3604 */
3605 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3606 return 2;
3607 if (s->s3.tmp.cert == NULL)
3608 return 0;
3609 s->cert->key = s->s3.tmp.cert;
3610 return 1;
3611 }
3612 return ssl_cert_set_current(s->cert, larg);
3613
3614 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3615 case SSL_CTRL_GET_GROUPS:
3616 {
3617 uint16_t *clist;
3618 size_t clistlen;
3619
3620 if (!s->session)
3621 return 0;
3622 clist = s->ext.peer_supportedgroups;
3623 clistlen = s->ext.peer_supportedgroups_len;
3624 if (parg) {
3625 size_t i;
3626 int *cptr = parg;
3627
3628 for (i = 0; i < clistlen; i++) {
3629 const TLS_GROUP_INFO *cinf
3630 = tls1_group_id_lookup(s->ctx, clist[i]);
3631
3632 if (cinf != NULL)
3633 cptr[i] = tls1_group_id2nid(cinf->group_id, 1);
3634 else
3635 cptr[i] = TLSEXT_nid_unknown | clist[i];
3636 }
3637 }
3638 return (int)clistlen;
3639 }
3640
3641 case SSL_CTRL_SET_GROUPS:
3642 return tls1_set_groups(&s->ext.supportedgroups,
3643 &s->ext.supportedgroups_len, parg, larg);
3644
3645 case SSL_CTRL_SET_GROUPS_LIST:
3646 return tls1_set_groups_list(s->ctx, &s->ext.supportedgroups,
3647 &s->ext.supportedgroups_len, parg);
3648
3649 case SSL_CTRL_GET_SHARED_GROUP:
3650 {
3651 uint16_t id = tls1_shared_group(s, larg);
3652
3653 if (larg != -1)
3654 return tls1_group_id2nid(id, 1);
3655 return id;
3656 }
3657 case SSL_CTRL_GET_NEGOTIATED_GROUP:
3658 ret = tls1_group_id2nid(s->s3.group_id, 1);
3659 break;
3660 #endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
3661
3662 case SSL_CTRL_SET_SIGALGS:
3663 return tls1_set_sigalgs(s->cert, parg, larg, 0);
3664
3665 case SSL_CTRL_SET_SIGALGS_LIST:
3666 return tls1_set_sigalgs_list(s->cert, parg, 0);
3667
3668 case SSL_CTRL_SET_CLIENT_SIGALGS:
3669 return tls1_set_sigalgs(s->cert, parg, larg, 1);
3670
3671 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3672 return tls1_set_sigalgs_list(s->cert, parg, 1);
3673
3674 case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3675 {
3676 const unsigned char **pctype = parg;
3677 if (s->server || !s->s3.tmp.cert_req)
3678 return 0;
3679 if (pctype)
3680 *pctype = s->s3.tmp.ctype;
3681 return s->s3.tmp.ctype_len;
3682 }
3683
3684 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3685 if (!s->server)
3686 return 0;
3687 return ssl3_set_req_cert_type(s->cert, parg, larg);
3688
3689 case SSL_CTRL_BUILD_CERT_CHAIN:
3690 return ssl_build_cert_chain(s, NULL, larg);
3691
3692 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3693 return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
3694
3695 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3696 return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
3697
3698 case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3699 if (s->s3.tmp.peer_sigalg == NULL)
3700 return 0;
3701 *(int *)parg = s->s3.tmp.peer_sigalg->hash;
3702 return 1;
3703
3704 case SSL_CTRL_GET_SIGNATURE_NID:
3705 if (s->s3.tmp.sigalg == NULL)
3706 return 0;
3707 *(int *)parg = s->s3.tmp.sigalg->hash;
3708 return 1;
3709
3710 case SSL_CTRL_GET_PEER_TMP_KEY:
3711 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3712 if (s->session == NULL || s->s3.peer_tmp == NULL) {
3713 return 0;
3714 } else {
3715 EVP_PKEY_up_ref(s->s3.peer_tmp);
3716 *(EVP_PKEY **)parg = s->s3.peer_tmp;
3717 return 1;
3718 }
3719 #else
3720 return 0;
3721 #endif
3722
3723 case SSL_CTRL_GET_TMP_KEY:
3724 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3725 if (s->session == NULL || s->s3.tmp.pkey == NULL) {
3726 return 0;
3727 } else {
3728 EVP_PKEY_up_ref(s->s3.tmp.pkey);
3729 *(EVP_PKEY **)parg = s->s3.tmp.pkey;
3730 return 1;
3731 }
3732 #else
3733 return 0;
3734 #endif
3735
3736 #ifndef OPENSSL_NO_EC
3737 case SSL_CTRL_GET_EC_POINT_FORMATS:
3738 {
3739 const unsigned char **pformat = parg;
3740
3741 if (s->ext.peer_ecpointformats == NULL)
3742 return 0;
3743 *pformat = s->ext.peer_ecpointformats;
3744 return (int)s->ext.peer_ecpointformats_len;
3745 }
3746 #endif
3747
3748 default:
3749 break;
3750 }
3751 return ret;
3752 }
3753
3754 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3755 {
3756 int ret = 0;
3757
3758 switch (cmd) {
3759 #if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3760 case SSL_CTRL_SET_TMP_DH_CB:
3761 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3762 ret = 1;
3763 break;
3764 #endif
3765 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3766 s->ext.debug_cb = (void (*)(SSL *, int, int,
3767 const unsigned char *, int, void *))fp;
3768 ret = 1;
3769 break;
3770
3771 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3772 s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3773 ret = 1;
3774 break;
3775 default:
3776 break;
3777 }
3778 return ret;
3779 }
3780
3781 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3782 {
3783 switch (cmd) {
3784 #if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3785 case SSL_CTRL_SET_TMP_DH:
3786 {
3787 EVP_PKEY *pkdh = NULL;
3788 if (parg == NULL) {
3789 ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3790 return 0;
3791 }
3792 pkdh = ssl_dh_to_pkey(parg);
3793 if (pkdh == NULL) {
3794 ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
3795 return 0;
3796 }
3797 return SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh);
3798 }
3799 case SSL_CTRL_SET_TMP_DH_CB:
3800 {
3801 ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3802 return 0;
3803 }
3804 #endif
3805 case SSL_CTRL_SET_DH_AUTO:
3806 ctx->cert->dh_tmp_auto = larg;
3807 return 1;
3808 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3809 case SSL_CTRL_SET_TMP_ECDH:
3810 {
3811 if (parg == NULL) {
3812 ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3813 return 0;
3814 }
3815 return ssl_set_tmp_ecdh_groups(&ctx->ext.supportedgroups,
3816 &ctx->ext.supportedgroups_len,
3817 parg);
3818 }
3819 #endif
3820 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3821 ctx->ext.servername_arg = parg;
3822 break;
3823 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3824 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3825 {
3826 unsigned char *keys = parg;
3827 long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
3828 sizeof(ctx->ext.secure->tick_hmac_key) +
3829 sizeof(ctx->ext.secure->tick_aes_key));
3830 if (keys == NULL)
3831 return tick_keylen;
3832 if (larg != tick_keylen) {
3833 ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3834 return 0;
3835 }
3836 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3837 memcpy(ctx->ext.tick_key_name, keys,
3838 sizeof(ctx->ext.tick_key_name));
3839 memcpy(ctx->ext.secure->tick_hmac_key,
3840 keys + sizeof(ctx->ext.tick_key_name),
3841 sizeof(ctx->ext.secure->tick_hmac_key));
3842 memcpy(ctx->ext.secure->tick_aes_key,
3843 keys + sizeof(ctx->ext.tick_key_name) +
3844 sizeof(ctx->ext.secure->tick_hmac_key),
3845 sizeof(ctx->ext.secure->tick_aes_key));
3846 } else {
3847 memcpy(keys, ctx->ext.tick_key_name,
3848 sizeof(ctx->ext.tick_key_name));
3849 memcpy(keys + sizeof(ctx->ext.tick_key_name),
3850 ctx->ext.secure->tick_hmac_key,
3851 sizeof(ctx->ext.secure->tick_hmac_key));
3852 memcpy(keys + sizeof(ctx->ext.tick_key_name) +
3853 sizeof(ctx->ext.secure->tick_hmac_key),
3854 ctx->ext.secure->tick_aes_key,
3855 sizeof(ctx->ext.secure->tick_aes_key));
3856 }
3857 return 1;
3858 }
3859
3860 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3861 return ctx->ext.status_type;
3862
3863 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3864 ctx->ext.status_type = larg;
3865 break;
3866
3867 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3868 ctx->ext.status_arg = parg;
3869 return 1;
3870
3871 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
3872 *(void**)parg = ctx->ext.status_arg;
3873 break;
3874
3875 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
3876 *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
3877 break;
3878
3879 #ifndef OPENSSL_NO_SRP
3880 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3881 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3882 OPENSSL_free(ctx->srp_ctx.login);
3883 ctx->srp_ctx.login = NULL;
3884 if (parg == NULL)
3885 break;
3886 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
3887 ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SRP_USERNAME);
3888 return 0;
3889 }
3890 if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
3891 ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
3892 return 0;
3893 }
3894 break;
3895 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3896 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3897 srp_password_from_info_cb;
3898 if (ctx->srp_ctx.info != NULL)
3899 OPENSSL_free(ctx->srp_ctx.info);
3900 if ((ctx->srp_ctx.info = OPENSSL_strdup((char *)parg)) == NULL) {
3901 ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
3902 return 0;
3903 }
3904 break;
3905 case SSL_CTRL_SET_SRP_ARG:
3906 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3907 ctx->srp_ctx.SRP_cb_arg = parg;
3908 break;
3909
3910 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3911 ctx->srp_ctx.strength = larg;
3912 break;
3913 #endif
3914
3915 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3916 case SSL_CTRL_SET_GROUPS:
3917 return tls1_set_groups(&ctx->ext.supportedgroups,
3918 &ctx->ext.supportedgroups_len,
3919 parg, larg);
3920
3921 case SSL_CTRL_SET_GROUPS_LIST:
3922 return tls1_set_groups_list(ctx, &ctx->ext.supportedgroups,
3923 &ctx->ext.supportedgroups_len,
3924 parg);
3925 #endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
3926
3927 case SSL_CTRL_SET_SIGALGS:
3928 return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
3929
3930 case SSL_CTRL_SET_SIGALGS_LIST:
3931 return tls1_set_sigalgs_list(ctx->cert, parg, 0);
3932
3933 case SSL_CTRL_SET_CLIENT_SIGALGS:
3934 return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
3935
3936 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3937 return tls1_set_sigalgs_list(ctx->cert, parg, 1);
3938
3939 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3940 return ssl3_set_req_cert_type(ctx->cert, parg, larg);
3941
3942 case SSL_CTRL_BUILD_CERT_CHAIN:
3943 return ssl_build_cert_chain(NULL, ctx, larg);
3944
3945 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3946 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
3947
3948 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3949 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
3950
3951 /* A Thawte special :-) */
3952 case SSL_CTRL_EXTRA_CHAIN_CERT:
3953 if (ctx->extra_certs == NULL) {
3954 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
3955 ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
3956 return 0;
3957 }
3958 }
3959 if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
3960 ERR_raise(ERR_LIB_SSL, ERR_R_MALLOC_FAILURE);
3961 return 0;
3962 }
3963 break;
3964
3965 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3966 if (ctx->extra_certs == NULL && larg == 0)
3967 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3968 else
3969 *(STACK_OF(X509) **)parg = ctx->extra_certs;
3970 break;
3971
3972 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3973 sk_X509_pop_free(ctx->extra_certs, X509_free);
3974 ctx->extra_certs = NULL;
3975 break;
3976
3977 case SSL_CTRL_CHAIN:
3978 if (larg)
3979 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3980 else
3981 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3982
3983 case SSL_CTRL_CHAIN_CERT:
3984 if (larg)
3985 return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
3986 else
3987 return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
3988
3989 case SSL_CTRL_GET_CHAIN_CERTS:
3990 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3991 break;
3992
3993 case SSL_CTRL_SELECT_CURRENT_CERT:
3994 return ssl_cert_select_current(ctx->cert, (X509 *)parg);
3995
3996 case SSL_CTRL_SET_CURRENT_CERT:
3997 return ssl_cert_set_current(ctx->cert, larg);
3998
3999 default:
4000 return 0;
4001 }
4002 return 1;
4003 }
4004
4005 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
4006 {
4007 switch (cmd) {
4008 #if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
4009 case SSL_CTRL_SET_TMP_DH_CB:
4010 {
4011 ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
4012 }
4013 break;
4014 #endif
4015 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
4016 ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
4017 break;
4018
4019 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
4020 ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
4021 break;
4022
4023 # ifndef OPENSSL_NO_DEPRECATED_3_0
4024 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
4025 ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
4026 unsigned char *,
4027 EVP_CIPHER_CTX *,
4028 HMAC_CTX *, int))fp;
4029 break;
4030 #endif
4031
4032 #ifndef OPENSSL_NO_SRP
4033 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
4034 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4035 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
4036 break;
4037 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
4038 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4039 ctx->srp_ctx.TLS_ext_srp_username_callback =
4040 (int (*)(SSL *, int *, void *))fp;
4041 break;
4042 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
4043 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4044 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
4045 (char *(*)(SSL *, void *))fp;
4046 break;
4047 #endif
4048 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
4049 {
4050 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4051 }
4052 break;
4053 default:
4054 return 0;
4055 }
4056 return 1;
4057 }
4058
4059 int SSL_CTX_set_tlsext_ticket_key_evp_cb
4060 (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *,
4061 EVP_CIPHER_CTX *, EVP_MAC_CTX *, int))
4062 {
4063 ctx->ext.ticket_key_evp_cb = fp;
4064 return 1;
4065 }
4066
4067 const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
4068 {
4069 SSL_CIPHER c;
4070 const SSL_CIPHER *cp;
4071
4072 c.id = id;
4073 cp = OBJ_bsearch_ssl_cipher_id(&c, tls13_ciphers, TLS13_NUM_CIPHERS);
4074 if (cp != NULL)
4075 return cp;
4076 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
4077 if (cp != NULL)
4078 return cp;
4079 return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
4080 }
4081
4082 const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
4083 {
4084 SSL_CIPHER *tbl;
4085 SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers, ssl3_scsvs};
4086 size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS,
4087 SSL3_NUM_SCSVS};
4088
4089 /* this is not efficient, necessary to optimize this? */
4090 for (j = 0; j < OSSL_NELEM(alltabs); j++) {
4091 for (i = 0, tbl = alltabs[j]; i < tblsize[j]; i++, tbl++) {
4092 if (tbl->stdname == NULL)
4093 continue;
4094 if (strcmp(stdname, tbl->stdname) == 0) {
4095 return tbl;
4096 }
4097 }
4098 }
4099 return NULL;
4100 }
4101
4102 /*
4103 * This function needs to check if the ciphers required are actually
4104 * available
4105 */
4106 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
4107 {
4108 return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
4109 | ((uint32_t)p[0] << 8L)
4110 | (uint32_t)p[1]);
4111 }
4112
4113 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
4114 {
4115 if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) {
4116 *len = 0;
4117 return 1;
4118 }
4119
4120 if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
4121 return 0;
4122
4123 *len = 2;
4124 return 1;
4125 }
4126
4127 /*
4128 * ssl3_choose_cipher - choose a cipher from those offered by the client
4129 * @s: SSL connection
4130 * @clnt: ciphers offered by the client
4131 * @srvr: ciphers enabled on the server?
4132 *
4133 * Returns the selected cipher or NULL when no common ciphers.
4134 */
4135 const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
4136 STACK_OF(SSL_CIPHER) *srvr)
4137 {
4138 const SSL_CIPHER *c, *ret = NULL;
4139 STACK_OF(SSL_CIPHER) *prio, *allow;
4140 int i, ii, ok, prefer_sha256 = 0;
4141 unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
4142 #ifndef OPENSSL_NO_CHACHA
4143 STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
4144 #endif
4145
4146 /* Let's see which ciphers we can support */
4147
4148 /*
4149 * Do not set the compare functions, because this may lead to a
4150 * reordering by "id". We want to keep the original ordering. We may pay
4151 * a price in performance during sk_SSL_CIPHER_find(), but would have to
4152 * pay with the price of sk_SSL_CIPHER_dup().
4153 */
4154
4155 OSSL_TRACE_BEGIN(TLS_CIPHER) {
4156 BIO_printf(trc_out, "Server has %d from %p:\n",
4157 sk_SSL_CIPHER_num(srvr), (void *)srvr);
4158 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
4159 c = sk_SSL_CIPHER_value(srvr, i);
4160 BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
4161 }
4162 BIO_printf(trc_out, "Client sent %d from %p:\n",
4163 sk_SSL_CIPHER_num(clnt), (void *)clnt);
4164 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
4165 c = sk_SSL_CIPHER_value(clnt, i);
4166 BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
4167 }
4168 } OSSL_TRACE_END(TLS_CIPHER);
4169
4170 /* SUITE-B takes precedence over server preference and ChaCha priortiy */
4171 if (tls1_suiteb(s)) {
4172 prio = srvr;
4173 allow = clnt;
4174 } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
4175 prio = srvr;
4176 allow = clnt;
4177 #ifndef OPENSSL_NO_CHACHA
4178 /* If ChaCha20 is at the top of the client preference list,
4179 and there are ChaCha20 ciphers in the server list, then
4180 temporarily prioritize all ChaCha20 ciphers in the servers list. */
4181 if (s->options & SSL_OP_PRIORITIZE_CHACHA && sk_SSL_CIPHER_num(clnt) > 0) {
4182 c = sk_SSL_CIPHER_value(clnt, 0);
4183 if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4184 /* ChaCha20 is client preferred, check server... */
4185 int num = sk_SSL_CIPHER_num(srvr);
4186 int found = 0;
4187 for (i = 0; i < num; i++) {
4188 c = sk_SSL_CIPHER_value(srvr, i);
4189 if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4190 found = 1;
4191 break;
4192 }
4193 }
4194 if (found) {
4195 prio_chacha = sk_SSL_CIPHER_new_reserve(NULL, num);
4196 /* if reserve fails, then there's likely a memory issue */
4197 if (prio_chacha != NULL) {
4198 /* Put all ChaCha20 at the top, starting with the one we just found */
4199 sk_SSL_CIPHER_push(prio_chacha, c);
4200 for (i++; i < num; i++) {
4201 c = sk_SSL_CIPHER_value(srvr, i);
4202 if (c->algorithm_enc == SSL_CHACHA20POLY1305)
4203 sk_SSL_CIPHER_push(prio_chacha, c);
4204 }
4205 /* Pull in the rest */
4206 for (i = 0; i < num; i++) {
4207 c = sk_SSL_CIPHER_value(srvr, i);
4208 if (c->algorithm_enc != SSL_CHACHA20POLY1305)
4209 sk_SSL_CIPHER_push(prio_chacha, c);
4210 }
4211 prio = prio_chacha;
4212 }
4213 }
4214 }
4215 }
4216 # endif
4217 } else {
4218 prio = clnt;
4219 allow = srvr;
4220 }
4221
4222 if (SSL_IS_TLS13(s)) {
4223 #ifndef OPENSSL_NO_PSK
4224 int j;
4225
4226 /*
4227 * If we allow "old" style PSK callbacks, and we have no certificate (so
4228 * we're not going to succeed without a PSK anyway), and we're in
4229 * TLSv1.3 then the default hash for a PSK is SHA-256 (as per the
4230 * TLSv1.3 spec). Therefore we should prioritise ciphersuites using
4231 * that.
4232 */
4233 if (s->psk_server_callback != NULL) {
4234 for (j = 0; j < SSL_PKEY_NUM && !ssl_has_cert(s, j); j++);
4235 if (j == SSL_PKEY_NUM) {
4236 /* There are no certificates */
4237 prefer_sha256 = 1;
4238 }
4239 }
4240 #endif
4241 } else {
4242 tls1_set_cert_validity(s);
4243 ssl_set_masks(s);
4244 }
4245
4246 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
4247 c = sk_SSL_CIPHER_value(prio, i);
4248
4249 /* Skip ciphers not supported by the protocol version */
4250 if (!SSL_IS_DTLS(s) &&
4251 ((s->version < c->min_tls) || (s->version > c->max_tls)))
4252 continue;
4253 if (SSL_IS_DTLS(s) &&
4254 (DTLS_VERSION_LT(s->version, c->min_dtls) ||
4255 DTLS_VERSION_GT(s->version, c->max_dtls)))
4256 continue;
4257
4258 /*
4259 * Since TLS 1.3 ciphersuites can be used with any auth or
4260 * key exchange scheme skip tests.
4261 */
4262 if (!SSL_IS_TLS13(s)) {
4263 mask_k = s->s3.tmp.mask_k;
4264 mask_a = s->s3.tmp.mask_a;
4265 #ifndef OPENSSL_NO_SRP
4266 if (s->srp_ctx.srp_Mask & SSL_kSRP) {
4267 mask_k |= SSL_kSRP;
4268 mask_a |= SSL_aSRP;
4269 }
4270 #endif
4271
4272 alg_k = c->algorithm_mkey;
4273 alg_a = c->algorithm_auth;
4274
4275 #ifndef OPENSSL_NO_PSK
4276 /* with PSK there must be server callback set */
4277 if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
4278 continue;
4279 #endif /* OPENSSL_NO_PSK */
4280
4281 ok = (alg_k & mask_k) && (alg_a & mask_a);
4282 OSSL_TRACE7(TLS_CIPHER,
4283 "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
4284 ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
4285
4286 #ifndef OPENSSL_NO_EC
4287 /*
4288 * if we are considering an ECC cipher suite that uses an ephemeral
4289 * EC key check it
4290 */
4291 if (alg_k & SSL_kECDHE)
4292 ok = ok && tls1_check_ec_tmp_key(s, c->id);
4293 #endif /* OPENSSL_NO_EC */
4294
4295 if (!ok)
4296 continue;
4297 }
4298 ii = sk_SSL_CIPHER_find(allow, c);
4299 if (ii >= 0) {
4300 /* Check security callback permits this cipher */
4301 if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
4302 c->strength_bits, 0, (void *)c))
4303 continue;
4304 #if !defined(OPENSSL_NO_EC)
4305 if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
4306 && s->s3.is_probably_safari) {
4307 if (!ret)
4308 ret = sk_SSL_CIPHER_value(allow, ii);
4309 continue;
4310 }
4311 #endif
4312 if (prefer_sha256) {
4313 const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
4314
4315 /*
4316 * TODO: When there are no more legacy digests we can just use
4317 * OSSL_DIGEST_NAME_SHA2_256 instead of calling OBJ_nid2sn
4318 */
4319 if (EVP_MD_is_a(ssl_md(s->ctx, tmp->algorithm2),
4320 OBJ_nid2sn(NID_sha256))) {
4321 ret = tmp;
4322 break;
4323 }
4324 if (ret == NULL)
4325 ret = tmp;
4326 continue;
4327 }
4328 ret = sk_SSL_CIPHER_value(allow, ii);
4329 break;
4330 }
4331 }
4332 #ifndef OPENSSL_NO_CHACHA
4333 sk_SSL_CIPHER_free(prio_chacha);
4334 #endif
4335 return ret;
4336 }
4337
4338 int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt)
4339 {
4340 uint32_t alg_k, alg_a = 0;
4341
4342 /* If we have custom certificate types set, use them */
4343 if (s->cert->ctype)
4344 return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
4345 /* Get mask of algorithms disabled by signature list */
4346 ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
4347
4348 alg_k = s->s3.tmp.new_cipher->algorithm_mkey;
4349
4350 #ifndef OPENSSL_NO_GOST
4351 if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST))
4352 if (!WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN)
4353 || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_SIGN)
4354 || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_512_SIGN)
4355 || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_LEGACY_SIGN)
4356 || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_LEGACY_512_SIGN))
4357 return 0;
4358
4359 if (s->version >= TLS1_2_VERSION && (alg_k & SSL_kGOST18))
4360 if (!WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_SIGN)
4361 || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_512_SIGN))
4362 return 0;
4363 #endif
4364
4365 if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
4366 #ifndef OPENSSL_NO_DH
4367 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
4368 return 0;
4369 # ifndef OPENSSL_NO_DSA
4370 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
4371 return 0;
4372 # endif
4373 #endif /* !OPENSSL_NO_DH */
4374 }
4375 if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
4376 return 0;
4377 #ifndef OPENSSL_NO_DSA
4378 if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
4379 return 0;
4380 #endif
4381 #ifndef OPENSSL_NO_EC
4382 /*
4383 * ECDSA certs can be used with RSA cipher suites too so we don't
4384 * need to check for SSL_kECDH or SSL_kECDHE
4385 */
4386 if (s->version >= TLS1_VERSION
4387 && !(alg_a & SSL_aECDSA)
4388 && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
4389 return 0;
4390 #endif
4391 return 1;
4392 }
4393
4394 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
4395 {
4396 OPENSSL_free(c->ctype);
4397 c->ctype = NULL;
4398 c->ctype_len = 0;
4399 if (p == NULL || len == 0)
4400 return 1;
4401 if (len > 0xff)
4402 return 0;
4403 c->ctype = OPENSSL_memdup(p, len);
4404 if (c->ctype == NULL)
4405 return 0;
4406 c->ctype_len = len;
4407 return 1;
4408 }
4409
4410 int ssl3_shutdown(SSL *s)
4411 {
4412 int ret;
4413
4414 /*
4415 * Don't do anything much if we have not done the handshake or we don't
4416 * want to send messages :-)
4417 */
4418 if (s->quiet_shutdown || SSL_in_before(s)) {
4419 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
4420 return 1;
4421 }
4422
4423 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
4424 s->shutdown |= SSL_SENT_SHUTDOWN;
4425 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
4426 /*
4427 * our shutdown alert has been sent now, and if it still needs to be
4428 * written, s->s3.alert_dispatch will be true
4429 */
4430 if (s->s3.alert_dispatch)
4431 return -1; /* return WANT_WRITE */
4432 } else if (s->s3.alert_dispatch) {
4433 /* resend it if not sent */
4434 ret = s->method->ssl_dispatch_alert(s);
4435 if (ret == -1) {
4436 /*
4437 * we only get to return -1 here the 2nd/Nth invocation, we must
4438 * have already signalled return 0 upon a previous invocation,
4439 * return WANT_WRITE
4440 */
4441 return ret;
4442 }
4443 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4444 size_t readbytes;
4445 /*
4446 * If we are waiting for a close from our peer, we are closed
4447 */
4448 s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
4449 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4450 return -1; /* return WANT_READ */
4451 }
4452 }
4453
4454 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
4455 !s->s3.alert_dispatch)
4456 return 1;
4457 else
4458 return 0;
4459 }
4460
4461 int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
4462 {
4463 clear_sys_error();
4464 if (s->s3.renegotiate)
4465 ssl3_renegotiate_check(s, 0);
4466
4467 return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
4468 written);
4469 }
4470
4471 static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
4472 size_t *readbytes)
4473 {
4474 int ret;
4475
4476 clear_sys_error();
4477 if (s->s3.renegotiate)
4478 ssl3_renegotiate_check(s, 0);
4479 s->s3.in_read_app_data = 1;
4480 ret =
4481 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
4482 peek, readbytes);
4483 if ((ret == -1) && (s->s3.in_read_app_data == 2)) {
4484 /*
4485 * ssl3_read_bytes decided to call s->handshake_func, which called
4486 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4487 * actually found application data and thinks that application data
4488 * makes sense here; so disable handshake processing and try to read
4489 * application data again.
4490 */
4491 ossl_statem_set_in_handshake(s, 1);
4492 ret =
4493 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
4494 len, peek, readbytes);
4495 ossl_statem_set_in_handshake(s, 0);
4496 } else
4497 s->s3.in_read_app_data = 0;
4498
4499 return ret;
4500 }
4501
4502 int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes)
4503 {
4504 return ssl3_read_internal(s, buf, len, 0, readbytes);
4505 }
4506
4507 int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
4508 {
4509 return ssl3_read_internal(s, buf, len, 1, readbytes);
4510 }
4511
4512 int ssl3_renegotiate(SSL *s)
4513 {
4514 if (s->handshake_func == NULL)
4515 return 1;
4516
4517 s->s3.renegotiate = 1;
4518 return 1;
4519 }
4520
4521 /*
4522 * Check if we are waiting to do a renegotiation and if so whether now is a
4523 * good time to do it. If |initok| is true then we are being called from inside
4524 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
4525 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
4526 * should do a renegotiation now and sets up the state machine for it. Otherwise
4527 * returns 0.
4528 */
4529 int ssl3_renegotiate_check(SSL *s, int initok)
4530 {
4531 int ret = 0;
4532
4533 if (s->s3.renegotiate) {
4534 if (!RECORD_LAYER_read_pending(&s->rlayer)
4535 && !RECORD_LAYER_write_pending(&s->rlayer)
4536 && (initok || !SSL_in_init(s))) {
4537 /*
4538 * if we are the server, and we have sent a 'RENEGOTIATE'
4539 * message, we need to set the state machine into the renegotiate
4540 * state.
4541 */
4542 ossl_statem_set_renegotiate(s);
4543 s->s3.renegotiate = 0;
4544 s->s3.num_renegotiations++;
4545 s->s3.total_renegotiations++;
4546 ret = 1;
4547 }
4548 }
4549 return ret;
4550 }
4551
4552 /*
4553 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4554 * handshake macs if required.
4555 *
4556 * If PSK and using SHA384 for TLS < 1.2 switch to default.
4557 */
4558 long ssl_get_algorithm2(SSL *s)
4559 {
4560 long alg2;
4561 if (s->s3.tmp.new_cipher == NULL)
4562 return -1;
4563 alg2 = s->s3.tmp.new_cipher->algorithm2;
4564 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4565 if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4566 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4567 } else if (s->s3.tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4568 if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4569 return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4570 }
4571 return alg2;
4572 }
4573
4574 /*
4575 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4576 * failure, 1 on success.
4577 */
4578 int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len,
4579 DOWNGRADE dgrd)
4580 {
4581 int send_time = 0, ret;
4582
4583 if (len < 4)
4584 return 0;
4585 if (server)
4586 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4587 else
4588 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4589 if (send_time) {
4590 unsigned long Time = (unsigned long)time(NULL);
4591 unsigned char *p = result;
4592
4593 l2n(Time, p);
4594 ret = RAND_bytes_ex(s->ctx->libctx, p, len - 4);
4595 } else {
4596 ret = RAND_bytes_ex(s->ctx->libctx, result, len);
4597 }
4598
4599 if (ret > 0) {
4600 if (!ossl_assert(sizeof(tls11downgrade) < len)
4601 || !ossl_assert(sizeof(tls12downgrade) < len))
4602 return 0;
4603 if (dgrd == DOWNGRADE_TO_1_2)
4604 memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
4605 sizeof(tls12downgrade));
4606 else if (dgrd == DOWNGRADE_TO_1_1)
4607 memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
4608 sizeof(tls11downgrade));
4609 }
4610
4611 return ret;
4612 }
4613
4614 int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
4615 int free_pms)
4616 {
4617 unsigned long alg_k = s->s3.tmp.new_cipher->algorithm_mkey;
4618 int ret = 0;
4619
4620 if (alg_k & SSL_PSK) {
4621 #ifndef OPENSSL_NO_PSK
4622 unsigned char *pskpms, *t;
4623 size_t psklen = s->s3.tmp.psklen;
4624 size_t pskpmslen;
4625
4626 /* create PSK premaster_secret */
4627
4628 /* For plain PSK "other_secret" is psklen zeroes */
4629 if (alg_k & SSL_kPSK)
4630 pmslen = psklen;
4631
4632 pskpmslen = 4 + pmslen + psklen;
4633 pskpms = OPENSSL_malloc(pskpmslen);
4634 if (pskpms == NULL)
4635 goto err;
4636 t = pskpms;
4637 s2n(pmslen, t);
4638 if (alg_k & SSL_kPSK)
4639 memset(t, 0, pmslen);
4640 else
4641 memcpy(t, pms, pmslen);
4642 t += pmslen;
4643 s2n(psklen, t);
4644 memcpy(t, s->s3.tmp.psk, psklen);
4645
4646 OPENSSL_clear_free(s->s3.tmp.psk, psklen);
4647 s->s3.tmp.psk = NULL;
4648 if (!s->method->ssl3_enc->generate_master_secret(s,
4649 s->session->master_key, pskpms, pskpmslen,
4650 &s->session->master_key_length)) {
4651 OPENSSL_clear_free(pskpms, pskpmslen);
4652 /* SSLfatal() already called */
4653 goto err;
4654 }
4655 OPENSSL_clear_free(pskpms, pskpmslen);
4656 #else
4657 /* Should never happen */
4658 goto err;
4659 #endif
4660 } else {
4661 if (!s->method->ssl3_enc->generate_master_secret(s,
4662 s->session->master_key, pms, pmslen,
4663 &s->session->master_key_length)) {
4664 /* SSLfatal() already called */
4665 goto err;
4666 }
4667 }
4668
4669 ret = 1;
4670 err:
4671 if (pms) {
4672 if (free_pms)
4673 OPENSSL_clear_free(pms, pmslen);
4674 else
4675 OPENSSL_cleanse(pms, pmslen);
4676 }
4677 if (s->server == 0)
4678 s->s3.tmp.pms = NULL;
4679 return ret;
4680 }
4681
4682 /* Generate a private key from parameters */
4683 EVP_PKEY *ssl_generate_pkey(SSL *s, EVP_PKEY *pm)
4684 {
4685 EVP_PKEY_CTX *pctx = NULL;
4686 EVP_PKEY *pkey = NULL;
4687
4688 if (pm == NULL)
4689 return NULL;
4690 pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, pm, s->ctx->propq);
4691 if (pctx == NULL)
4692 goto err;
4693 if (EVP_PKEY_keygen_init(pctx) <= 0)
4694 goto err;
4695 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4696 EVP_PKEY_free(pkey);
4697 pkey = NULL;
4698 }
4699
4700 err:
4701 EVP_PKEY_CTX_free(pctx);
4702 return pkey;
4703 }
4704
4705 /* Generate a private key from a group ID */
4706 EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id)
4707 {
4708 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(s->ctx, id);
4709 EVP_PKEY_CTX *pctx = NULL;
4710 EVP_PKEY *pkey = NULL;
4711
4712 if (ginf == NULL) {
4713 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4714 goto err;
4715 }
4716
4717 pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, ginf->algorithm,
4718 s->ctx->propq);
4719
4720 if (pctx == NULL) {
4721 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
4722 goto err;
4723 }
4724 if (EVP_PKEY_keygen_init(pctx) <= 0) {
4725 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4726 goto err;
4727 }
4728 if (!EVP_PKEY_CTX_set_group_name(pctx, ginf->realname)) {
4729 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4730 goto err;
4731 }
4732 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4733 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4734 EVP_PKEY_free(pkey);
4735 pkey = NULL;
4736 }
4737
4738 err:
4739 EVP_PKEY_CTX_free(pctx);
4740 return pkey;
4741 }
4742
4743 /*
4744 * Generate parameters from a group ID
4745 */
4746 EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id)
4747 {
4748 EVP_PKEY_CTX *pctx = NULL;
4749 EVP_PKEY *pkey = NULL;
4750 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(s->ctx, id);
4751
4752 if (ginf == NULL)
4753 goto err;
4754
4755 pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, ginf->algorithm,
4756 s->ctx->propq);
4757
4758 if (pctx == NULL)
4759 goto err;
4760 if (EVP_PKEY_paramgen_init(pctx) <= 0)
4761 goto err;
4762 if (!EVP_PKEY_CTX_set_group_name(pctx, ginf->realname)) {
4763 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4764 goto err;
4765 }
4766 if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) {
4767 EVP_PKEY_free(pkey);
4768 pkey = NULL;
4769 }
4770
4771 err:
4772 EVP_PKEY_CTX_free(pctx);
4773 return pkey;
4774 }
4775
4776 /* Generate secrets from pms */
4777 int ssl_gensecret(SSL *s, unsigned char *pms, size_t pmslen)
4778 {
4779 int rv = 0;
4780
4781 /* SSLfatal() called as appropriate in the below functions */
4782 if (SSL_IS_TLS13(s)) {
4783 /*
4784 * If we are resuming then we already generated the early secret
4785 * when we created the ClientHello, so don't recreate it.
4786 */
4787 if (!s->hit)
4788 rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
4789 0,
4790 (unsigned char *)&s->early_secret);
4791 else
4792 rv = 1;
4793
4794 rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
4795 } else {
4796 rv = ssl_generate_master_secret(s, pms, pmslen, 0);
4797 }
4798
4799 return rv;
4800 }
4801
4802 /* Derive secrets for ECDH/DH */
4803 int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
4804 {
4805 int rv = 0;
4806 unsigned char *pms = NULL;
4807 size_t pmslen = 0;
4808 EVP_PKEY_CTX *pctx;
4809
4810 if (privkey == NULL || pubkey == NULL) {
4811 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4812 return 0;
4813 }
4814
4815 pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, privkey, s->ctx->propq);
4816
4817 if (EVP_PKEY_derive_init(pctx) <= 0
4818 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4819 || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
4820 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4821 goto err;
4822 }
4823
4824 #ifndef OPENSSL_NO_DH
4825 if (SSL_IS_TLS13(s) && EVP_PKEY_id(privkey) == EVP_PKEY_DH)
4826 EVP_PKEY_CTX_set_dh_pad(pctx, 1);
4827 #endif
4828
4829 pms = OPENSSL_malloc(pmslen);
4830 if (pms == NULL) {
4831 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
4832 goto err;
4833 }
4834
4835 if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) {
4836 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4837 goto err;
4838 }
4839
4840 if (gensecret) {
4841 /* SSLfatal() called as appropriate in the below functions */
4842 rv = ssl_gensecret(s, pms, pmslen);
4843 } else {
4844 /* Save premaster secret */
4845 s->s3.tmp.pms = pms;
4846 s->s3.tmp.pmslen = pmslen;
4847 pms = NULL;
4848 rv = 1;
4849 }
4850
4851 err:
4852 OPENSSL_clear_free(pms, pmslen);
4853 EVP_PKEY_CTX_free(pctx);
4854 return rv;
4855 }
4856
4857 /* Decapsulate secrets for KEM */
4858 int ssl_decapsulate(SSL *s, EVP_PKEY *privkey,
4859 const unsigned char *ct, size_t ctlen,
4860 int gensecret)
4861 {
4862 int rv = 0;
4863 unsigned char *pms = NULL;
4864 size_t pmslen = 0;
4865 EVP_PKEY_CTX *pctx;
4866
4867 if (privkey == NULL) {
4868 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4869 return 0;
4870 }
4871
4872 pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, privkey, s->ctx->propq);
4873
4874 if (EVP_PKEY_decapsulate_init(pctx) <= 0
4875 || EVP_PKEY_decapsulate(pctx, NULL, &pmslen, ct, ctlen) <= 0) {
4876 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4877 goto err;
4878 }
4879
4880 pms = OPENSSL_malloc(pmslen);
4881 if (pms == NULL) {
4882 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
4883 goto err;
4884 }
4885
4886 if (EVP_PKEY_decapsulate(pctx, pms, &pmslen, ct, ctlen) <= 0) {
4887 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4888 goto err;
4889 }
4890
4891 if (gensecret) {
4892 /* SSLfatal() called as appropriate in the below functions */
4893 rv = ssl_gensecret(s, pms, pmslen);
4894 } else {
4895 /* Save premaster secret */
4896 s->s3.tmp.pms = pms;
4897 s->s3.tmp.pmslen = pmslen;
4898 pms = NULL;
4899 rv = 1;
4900 }
4901
4902 err:
4903 OPENSSL_clear_free(pms, pmslen);
4904 EVP_PKEY_CTX_free(pctx);
4905 return rv;
4906 }
4907
4908 int ssl_encapsulate(SSL *s, EVP_PKEY *pubkey,
4909 unsigned char **ctp, size_t *ctlenp,
4910 int gensecret)
4911 {
4912 int rv = 0;
4913 unsigned char *pms = NULL, *ct = NULL;
4914 size_t pmslen = 0, ctlen = 0;
4915 EVP_PKEY_CTX *pctx;
4916
4917 if (pubkey == NULL) {
4918 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4919 return 0;
4920 }
4921
4922 pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, pubkey, s->ctx->propq);
4923
4924 if (EVP_PKEY_encapsulate_init(pctx) <= 0
4925 || EVP_PKEY_encapsulate(pctx, NULL, &ctlen, NULL, &pmslen) <= 0
4926 || pmslen == 0 || ctlen == 0) {
4927 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4928 goto err;
4929 }
4930
4931 pms = OPENSSL_malloc(pmslen);
4932 ct = OPENSSL_malloc(ctlen);
4933 if (pms == NULL || ct == NULL) {
4934 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
4935 goto err;
4936 }
4937
4938 if (EVP_PKEY_encapsulate(pctx, ct, &ctlen, pms, &pmslen) <= 0) {
4939 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4940 goto err;
4941 }
4942
4943 if (gensecret) {
4944 /* SSLfatal() called as appropriate in the below functions */
4945 rv = ssl_gensecret(s, pms, pmslen);
4946 } else {
4947 /* Save premaster secret */
4948 s->s3.tmp.pms = pms;
4949 s->s3.tmp.pmslen = pmslen;
4950 pms = NULL;
4951 rv = 1;
4952 }
4953
4954 if (rv > 0) {
4955 /* Pass ownership of ct to caller */
4956 *ctp = ct;
4957 *ctlenp = ctlen;
4958 ct = NULL;
4959 }
4960
4961 err:
4962 OPENSSL_clear_free(pms, pmslen);
4963 OPENSSL_free(ct);
4964 EVP_PKEY_CTX_free(pctx);
4965 return rv;
4966 }
4967
4968 const char *SSL_group_to_name(SSL *s, int nid) {
4969 int group_id = 0;
4970 const TLS_GROUP_INFO *cinf = NULL;
4971
4972 /* first convert to real group id for internal and external IDs */
4973 if (nid & TLSEXT_nid_unknown)
4974 group_id = nid & 0xFFFF;
4975 else
4976 group_id = tls1_nid2group_id(nid);
4977
4978 /* then look up */
4979 cinf = tls1_group_id_lookup(s->ctx, group_id);
4980
4981 if (cinf != NULL)
4982 return cinf->tlsname;
4983 return NULL;
4984 }
A mirror of the official openssl repository