]> git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/s3_lib.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
various spelling fixes
[thirdparty/openssl.git] / ssl / s3_lib.c
1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.]
56 */
57 /* ====================================================================
58 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
59 *
60 * Redistribution and use in source and binary forms, with or without
61 * modification, are permitted provided that the following conditions
62 * are met:
63 *
64 * 1. Redistributions of source code must retain the above copyright
65 * notice, this list of conditions and the following disclaimer.
66 *
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in
69 * the documentation and/or other materials provided with the
70 * distribution.
71 *
72 * 3. All advertising materials mentioning features or use of this
73 * software must display the following acknowledgment:
74 * "This product includes software developed by the OpenSSL Project
75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76 *
77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78 * endorse or promote products derived from this software without
79 * prior written permission. For written permission, please contact
80 * openssl-core@openssl.org.
81 *
82 * 5. Products derived from this software may not be called "OpenSSL"
83 * nor may "OpenSSL" appear in their names without prior written
84 * permission of the OpenSSL Project.
85 *
86 * 6. Redistributions of any form whatsoever must retain the following
87 * acknowledgment:
88 * "This product includes software developed by the OpenSSL Project
89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90 *
91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102 * OF THE POSSIBILITY OF SUCH DAMAGE.
103 * ====================================================================
104 *
105 * This product includes cryptographic software written by Eric Young
106 * (eay@cryptsoft.com). This product includes software written by Tim
107 * Hudson (tjh@cryptsoft.com).
108 *
109 */
110 /* ====================================================================
111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112 *
113 * Portions of the attached software ("Contribution") are developed by
114 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
115 *
116 * The Contribution is licensed pursuant to the OpenSSL open source
117 * license provided above.
118 *
119 * ECC cipher suite support in OpenSSL originally written by
120 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
121 *
122 */
123 /* ====================================================================
124 * Copyright 2005 Nokia. All rights reserved.
125 *
126 * The portions of the attached software ("Contribution") is developed by
127 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
128 * license.
129 *
130 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
131 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
132 * support (see RFC 4279) to OpenSSL.
133 *
134 * No patent licenses or other rights except those expressly stated in
135 * the OpenSSL open source license shall be deemed granted or received
136 * expressly, by implication, estoppel, or otherwise.
137 *
138 * No assurances are provided by Nokia that the Contribution does not
139 * infringe the patent or other intellectual property rights of any third
140 * party or that the license provides you with all the necessary rights
141 * to make use of the Contribution.
142 *
143 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
144 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
145 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
146 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
147 * OTHERWISE.
148 */
149
150 #include <stdio.h>
151 #include <openssl/objects.h>
152 #include "ssl_locl.h"
153 #include <openssl/md5.h>
154 #include <openssl/dh.h>
155 #include <openssl/rand.h>
156
157 #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
158
159 /*
160 * The list of available ciphers, organized into the following
161 * groups:
162 * Always there
163 * EC
164 * PSK
165 * SRP (within that: RSA EC PSK)
166 * Cipher families: Chacha/poly, Camellila, Gost, IDEA, SEED
167 * Weak ciphers
168 */
169 static SSL_CIPHER ssl3_ciphers[] =
170 {
171 {
172 1,
173 SSL3_TXT_RSA_NULL_MD5,
174 SSL3_CK_RSA_NULL_MD5,
175 SSL_kRSA,
176 SSL_aRSA,
177 SSL_eNULL,
178 SSL_MD5,
179 SSL3_VERSION, TLS1_2_VERSION,
180 DTLS1_VERSION, DTLS1_2_VERSION,
181 SSL_STRONG_NONE,
182 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
183 0,
184 0,
185 },
186 {
187 1,
188 SSL3_TXT_RSA_NULL_SHA,
189 SSL3_CK_RSA_NULL_SHA,
190 SSL_kRSA,
191 SSL_aRSA,
192 SSL_eNULL,
193 SSL_SHA1,
194 SSL3_VERSION, TLS1_2_VERSION,
195 DTLS1_VERSION, DTLS1_2_VERSION,
196 SSL_STRONG_NONE | SSL_FIPS,
197 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
198 0,
199 0,
200 },
201 {
202 1,
203 SSL3_TXT_RSA_DES_192_CBC3_SHA,
204 SSL3_CK_RSA_DES_192_CBC3_SHA,
205 SSL_kRSA,
206 SSL_aRSA,
207 SSL_3DES,
208 SSL_SHA1,
209 SSL3_VERSION, TLS1_2_VERSION,
210 DTLS1_VERSION, DTLS1_2_VERSION,
211 SSL_HIGH | SSL_FIPS,
212 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
213 112,
214 168,
215 },
216 {
217 1,
218 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
219 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
220 SSL_kDHE,
221 SSL_aDSS,
222 SSL_3DES,
223 SSL_SHA1,
224 SSL3_VERSION, TLS1_2_VERSION,
225 DTLS1_VERSION, DTLS1_2_VERSION,
226 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
227 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
228 112,
229 168,
230 },
231 {
232 1,
233 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
234 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
235 SSL_kDHE,
236 SSL_aRSA,
237 SSL_3DES,
238 SSL_SHA1,
239 SSL3_VERSION, TLS1_2_VERSION,
240 DTLS1_VERSION, DTLS1_2_VERSION,
241 SSL_HIGH | SSL_FIPS,
242 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
243 112,
244 168,
245 },
246 {
247 1,
248 SSL3_TXT_ADH_DES_192_CBC_SHA,
249 SSL3_CK_ADH_DES_192_CBC_SHA,
250 SSL_kDHE,
251 SSL_aNULL,
252 SSL_3DES,
253 SSL_SHA1,
254 SSL3_VERSION, TLS1_2_VERSION,
255 DTLS1_VERSION, DTLS1_2_VERSION,
256 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
257 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
258 112,
259 168,
260 },
261 {
262 1,
263 TLS1_TXT_RSA_WITH_AES_128_SHA,
264 TLS1_CK_RSA_WITH_AES_128_SHA,
265 SSL_kRSA,
266 SSL_aRSA,
267 SSL_AES128,
268 SSL_SHA1,
269 SSL3_VERSION, TLS1_2_VERSION,
270 DTLS1_VERSION, DTLS1_2_VERSION,
271 SSL_HIGH | SSL_FIPS,
272 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
273 128,
274 128,
275 },
276 {
277 1,
278 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
279 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
280 SSL_kDHE,
281 SSL_aDSS,
282 SSL_AES128,
283 SSL_SHA1,
284 SSL3_VERSION, TLS1_2_VERSION,
285 DTLS1_VERSION, DTLS1_2_VERSION,
286 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
287 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
288 128,
289 128,
290 },
291 {
292 1,
293 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
294 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
295 SSL_kDHE,
296 SSL_aRSA,
297 SSL_AES128,
298 SSL_SHA1,
299 SSL3_VERSION, TLS1_2_VERSION,
300 DTLS1_VERSION, DTLS1_2_VERSION,
301 SSL_HIGH | SSL_FIPS,
302 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
303 128,
304 128,
305 },
306 {
307 1,
308 TLS1_TXT_ADH_WITH_AES_128_SHA,
309 TLS1_CK_ADH_WITH_AES_128_SHA,
310 SSL_kDHE,
311 SSL_aNULL,
312 SSL_AES128,
313 SSL_SHA1,
314 SSL3_VERSION, TLS1_2_VERSION,
315 DTLS1_VERSION, DTLS1_2_VERSION,
316 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
317 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
318 128,
319 128,
320 },
321 {
322 1,
323 TLS1_TXT_RSA_WITH_AES_256_SHA,
324 TLS1_CK_RSA_WITH_AES_256_SHA,
325 SSL_kRSA,
326 SSL_aRSA,
327 SSL_AES256,
328 SSL_SHA1,
329 SSL3_VERSION, TLS1_2_VERSION,
330 DTLS1_VERSION, DTLS1_2_VERSION,
331 SSL_HIGH | SSL_FIPS,
332 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
333 256,
334 256,
335 },
336 {
337 1,
338 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
339 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
340 SSL_kDHE,
341 SSL_aDSS,
342 SSL_AES256,
343 SSL_SHA1,
344 SSL3_VERSION, TLS1_2_VERSION,
345 DTLS1_VERSION, DTLS1_2_VERSION,
346 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
347 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
348 256,
349 256,
350 },
351 {
352 1,
353 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
354 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
355 SSL_kDHE,
356 SSL_aRSA,
357 SSL_AES256,
358 SSL_SHA1,
359 SSL3_VERSION, TLS1_2_VERSION,
360 DTLS1_VERSION, DTLS1_2_VERSION,
361 SSL_HIGH | SSL_FIPS,
362 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
363 256,
364 256,
365 },
366 {
367 1,
368 TLS1_TXT_ADH_WITH_AES_256_SHA,
369 TLS1_CK_ADH_WITH_AES_256_SHA,
370 SSL_kDHE,
371 SSL_aNULL,
372 SSL_AES256,
373 SSL_SHA1,
374 SSL3_VERSION, TLS1_2_VERSION,
375 DTLS1_VERSION, DTLS1_2_VERSION,
376 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
377 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
378 256,
379 256,
380 },
381 {
382 1,
383 TLS1_TXT_RSA_WITH_NULL_SHA256,
384 TLS1_CK_RSA_WITH_NULL_SHA256,
385 SSL_kRSA,
386 SSL_aRSA,
387 SSL_eNULL,
388 SSL_SHA256,
389 TLS1_2_VERSION, TLS1_2_VERSION,
390 DTLS1_2_VERSION, DTLS1_2_VERSION,
391 SSL_STRONG_NONE | SSL_FIPS,
392 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
393 0,
394 0,
395 },
396 {
397 1,
398 TLS1_TXT_RSA_WITH_AES_128_SHA256,
399 TLS1_CK_RSA_WITH_AES_128_SHA256,
400 SSL_kRSA,
401 SSL_aRSA,
402 SSL_AES128,
403 SSL_SHA256,
404 TLS1_2_VERSION, TLS1_2_VERSION,
405 DTLS1_2_VERSION, DTLS1_2_VERSION,
406 SSL_HIGH | SSL_FIPS,
407 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
408 128,
409 128,
410 },
411 {
412 1,
413 TLS1_TXT_RSA_WITH_AES_256_SHA256,
414 TLS1_CK_RSA_WITH_AES_256_SHA256,
415 SSL_kRSA,
416 SSL_aRSA,
417 SSL_AES256,
418 SSL_SHA256,
419 TLS1_2_VERSION, TLS1_2_VERSION,
420 DTLS1_2_VERSION, DTLS1_2_VERSION,
421 SSL_HIGH | SSL_FIPS,
422 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
423 256,
424 256,
425 },
426 {
427 1,
428 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
429 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
430 SSL_kDHE,
431 SSL_aDSS,
432 SSL_AES128,
433 SSL_SHA256,
434 TLS1_2_VERSION, TLS1_2_VERSION,
435 DTLS1_2_VERSION, DTLS1_2_VERSION,
436 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
437 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
438 128,
439 128,
440 },
441 {
442 1,
443 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
444 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
445 SSL_kDHE,
446 SSL_aRSA,
447 SSL_AES128,
448 SSL_SHA256,
449 TLS1_2_VERSION, TLS1_2_VERSION,
450 DTLS1_2_VERSION, DTLS1_2_VERSION,
451 SSL_HIGH | SSL_FIPS,
452 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
453 128,
454 128,
455 },
456 {
457 1,
458 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
459 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
460 SSL_kDHE,
461 SSL_aDSS,
462 SSL_AES256,
463 SSL_SHA256,
464 TLS1_2_VERSION, TLS1_2_VERSION,
465 DTLS1_2_VERSION, DTLS1_2_VERSION,
466 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
467 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
468 256,
469 256,
470 },
471 {
472 1,
473 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
474 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
475 SSL_kDHE,
476 SSL_aRSA,
477 SSL_AES256,
478 SSL_SHA256,
479 TLS1_2_VERSION, TLS1_2_VERSION,
480 DTLS1_2_VERSION, DTLS1_2_VERSION,
481 SSL_HIGH | SSL_FIPS,
482 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
483 256,
484 256,
485 },
486 {
487 1,
488 TLS1_TXT_ADH_WITH_AES_128_SHA256,
489 TLS1_CK_ADH_WITH_AES_128_SHA256,
490 SSL_kDHE,
491 SSL_aNULL,
492 SSL_AES128,
493 SSL_SHA256,
494 TLS1_2_VERSION, TLS1_2_VERSION,
495 DTLS1_2_VERSION, DTLS1_2_VERSION,
496 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
497 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
498 128,
499 128,
500 },
501 {
502 1,
503 TLS1_TXT_ADH_WITH_AES_256_SHA256,
504 TLS1_CK_ADH_WITH_AES_256_SHA256,
505 SSL_kDHE,
506 SSL_aNULL,
507 SSL_AES256,
508 SSL_SHA256,
509 TLS1_2_VERSION, TLS1_2_VERSION,
510 DTLS1_2_VERSION, DTLS1_2_VERSION,
511 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
512 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
513 256,
514 256,
515 },
516 {
517 1,
518 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
519 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
520 SSL_kRSA,
521 SSL_aRSA,
522 SSL_AES128GCM,
523 SSL_AEAD,
524 TLS1_2_VERSION, TLS1_2_VERSION,
525 DTLS1_2_VERSION, DTLS1_2_VERSION,
526 SSL_HIGH | SSL_FIPS,
527 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
528 128,
529 128,
530 },
531 {
532 1,
533 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
534 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
535 SSL_kRSA,
536 SSL_aRSA,
537 SSL_AES256GCM,
538 SSL_AEAD,
539 TLS1_2_VERSION, TLS1_2_VERSION,
540 DTLS1_2_VERSION, DTLS1_2_VERSION,
541 SSL_HIGH | SSL_FIPS,
542 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
543 256,
544 256,
545 },
546 {
547 1,
548 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
549 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
550 SSL_kDHE,
551 SSL_aRSA,
552 SSL_AES128GCM,
553 SSL_AEAD,
554 TLS1_2_VERSION, TLS1_2_VERSION,
555 DTLS1_2_VERSION, DTLS1_2_VERSION,
556 SSL_HIGH | SSL_FIPS,
557 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
558 128,
559 128,
560 },
561 {
562 1,
563 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
564 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
565 SSL_kDHE,
566 SSL_aRSA,
567 SSL_AES256GCM,
568 SSL_AEAD,
569 TLS1_2_VERSION, TLS1_2_VERSION,
570 DTLS1_2_VERSION, DTLS1_2_VERSION,
571 SSL_HIGH | SSL_FIPS,
572 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
573 256,
574 256,
575 },
576 {
577 1,
578 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
579 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
580 SSL_kDHE,
581 SSL_aDSS,
582 SSL_AES128GCM,
583 SSL_AEAD,
584 TLS1_2_VERSION, TLS1_2_VERSION,
585 DTLS1_2_VERSION, DTLS1_2_VERSION,
586 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
587 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
588 128,
589 128,
590 },
591 {
592 1,
593 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
594 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
595 SSL_kDHE,
596 SSL_aDSS,
597 SSL_AES256GCM,
598 SSL_AEAD,
599 TLS1_2_VERSION, TLS1_2_VERSION,
600 DTLS1_2_VERSION, DTLS1_2_VERSION,
601 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
602 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
603 256,
604 256,
605 },
606 {
607 1,
608 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
609 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
610 SSL_kDHE,
611 SSL_aNULL,
612 SSL_AES128GCM,
613 SSL_AEAD,
614 TLS1_2_VERSION, TLS1_2_VERSION,
615 DTLS1_2_VERSION, DTLS1_2_VERSION,
616 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
617 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
618 128,
619 128,
620 },
621 {
622 1,
623 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
624 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
625 SSL_kDHE,
626 SSL_aNULL,
627 SSL_AES256GCM,
628 SSL_AEAD,
629 TLS1_2_VERSION, TLS1_2_VERSION,
630 DTLS1_2_VERSION, DTLS1_2_VERSION,
631 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
632 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
633 256,
634 256,
635 },
636 {
637 1,
638 TLS1_TXT_RSA_WITH_AES_128_CCM,
639 TLS1_CK_RSA_WITH_AES_128_CCM,
640 SSL_kRSA,
641 SSL_aRSA,
642 SSL_AES128CCM,
643 SSL_AEAD,
644 TLS1_2_VERSION, TLS1_2_VERSION,
645 DTLS1_2_VERSION, DTLS1_2_VERSION,
646 SSL_NOT_DEFAULT | SSL_HIGH,
647 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
648 128,
649 128,
650 },
651 {
652 1,
653 TLS1_TXT_RSA_WITH_AES_256_CCM,
654 TLS1_CK_RSA_WITH_AES_256_CCM,
655 SSL_kRSA,
656 SSL_aRSA,
657 SSL_AES256CCM,
658 SSL_AEAD,
659 TLS1_2_VERSION, TLS1_2_VERSION,
660 DTLS1_2_VERSION, DTLS1_2_VERSION,
661 SSL_NOT_DEFAULT | SSL_HIGH,
662 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
663 256,
664 256,
665 },
666 {
667 1,
668 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
669 TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
670 SSL_kDHE,
671 SSL_aRSA,
672 SSL_AES128CCM,
673 SSL_AEAD,
674 TLS1_2_VERSION, TLS1_2_VERSION,
675 DTLS1_2_VERSION, DTLS1_2_VERSION,
676 SSL_NOT_DEFAULT | SSL_HIGH,
677 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
678 128,
679 128,
680 },
681 {
682 1,
683 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
684 TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
685 SSL_kDHE,
686 SSL_aRSA,
687 SSL_AES256CCM,
688 SSL_AEAD,
689 TLS1_2_VERSION, TLS1_2_VERSION,
690 DTLS1_2_VERSION, DTLS1_2_VERSION,
691 SSL_NOT_DEFAULT | SSL_HIGH,
692 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
693 256,
694 256,
695 },
696 {
697 1,
698 TLS1_TXT_RSA_WITH_AES_128_CCM_8,
699 TLS1_CK_RSA_WITH_AES_128_CCM_8,
700 SSL_kRSA,
701 SSL_aRSA,
702 SSL_AES128CCM8,
703 SSL_AEAD,
704 TLS1_2_VERSION, TLS1_2_VERSION,
705 DTLS1_2_VERSION, DTLS1_2_VERSION,
706 SSL_NOT_DEFAULT | SSL_HIGH,
707 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
708 128,
709 128,
710 },
711 {
712 1,
713 TLS1_TXT_RSA_WITH_AES_256_CCM_8,
714 TLS1_CK_RSA_WITH_AES_256_CCM_8,
715 SSL_kRSA,
716 SSL_aRSA,
717 SSL_AES256CCM8,
718 SSL_AEAD,
719 TLS1_2_VERSION, TLS1_2_VERSION,
720 DTLS1_2_VERSION, DTLS1_2_VERSION,
721 SSL_NOT_DEFAULT | SSL_HIGH,
722 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
723 256,
724 256,
725 },
726 {
727 1,
728 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
729 TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
730 SSL_kDHE,
731 SSL_aRSA,
732 SSL_AES128CCM8,
733 SSL_AEAD,
734 TLS1_2_VERSION, TLS1_2_VERSION,
735 DTLS1_2_VERSION, DTLS1_2_VERSION,
736 SSL_NOT_DEFAULT | SSL_HIGH,
737 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
738 128,
739 128,
740 },
741 {
742 1,
743 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
744 TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
745 SSL_kDHE,
746 SSL_aRSA,
747 SSL_AES256CCM8,
748 SSL_AEAD,
749 TLS1_2_VERSION, TLS1_2_VERSION,
750 DTLS1_2_VERSION, DTLS1_2_VERSION,
751 SSL_NOT_DEFAULT | SSL_HIGH,
752 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
753 256,
754 256,
755 },
756 {
757 1,
758 TLS1_TXT_PSK_WITH_AES_128_CCM,
759 TLS1_CK_PSK_WITH_AES_128_CCM,
760 SSL_kPSK,
761 SSL_aPSK,
762 SSL_AES128CCM,
763 SSL_AEAD,
764 TLS1_2_VERSION, TLS1_2_VERSION,
765 DTLS1_2_VERSION, DTLS1_2_VERSION,
766 SSL_NOT_DEFAULT | SSL_HIGH,
767 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
768 128,
769 128,
770 },
771 {
772 1,
773 TLS1_TXT_PSK_WITH_AES_256_CCM,
774 TLS1_CK_PSK_WITH_AES_256_CCM,
775 SSL_kPSK,
776 SSL_aPSK,
777 SSL_AES256CCM,
778 SSL_AEAD,
779 TLS1_2_VERSION, TLS1_2_VERSION,
780 DTLS1_2_VERSION, DTLS1_2_VERSION,
781 SSL_NOT_DEFAULT | SSL_HIGH,
782 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
783 256,
784 256,
785 },
786 {
787 1,
788 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
789 TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
790 SSL_kDHEPSK,
791 SSL_aPSK,
792 SSL_AES128CCM,
793 SSL_AEAD,
794 TLS1_2_VERSION, TLS1_2_VERSION,
795 DTLS1_2_VERSION, DTLS1_2_VERSION,
796 SSL_NOT_DEFAULT | SSL_HIGH,
797 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
798 128,
799 128,
800 },
801 {
802 1,
803 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
804 TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
805 SSL_kDHEPSK,
806 SSL_aPSK,
807 SSL_AES256CCM,
808 SSL_AEAD,
809 TLS1_2_VERSION, TLS1_2_VERSION,
810 DTLS1_2_VERSION, DTLS1_2_VERSION,
811 SSL_NOT_DEFAULT | SSL_HIGH,
812 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
813 256,
814 256,
815 },
816 {
817 1,
818 TLS1_TXT_PSK_WITH_AES_128_CCM_8,
819 TLS1_CK_PSK_WITH_AES_128_CCM_8,
820 SSL_kPSK,
821 SSL_aPSK,
822 SSL_AES128CCM8,
823 SSL_AEAD,
824 TLS1_2_VERSION, TLS1_2_VERSION,
825 DTLS1_2_VERSION, DTLS1_2_VERSION,
826 SSL_NOT_DEFAULT | SSL_HIGH,
827 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
828 128,
829 128,
830 },
831 {
832 1,
833 TLS1_TXT_PSK_WITH_AES_256_CCM_8,
834 TLS1_CK_PSK_WITH_AES_256_CCM_8,
835 SSL_kPSK,
836 SSL_aPSK,
837 SSL_AES256CCM8,
838 SSL_AEAD,
839 TLS1_2_VERSION, TLS1_2_VERSION,
840 DTLS1_2_VERSION, DTLS1_2_VERSION,
841 SSL_NOT_DEFAULT | SSL_HIGH,
842 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
843 256,
844 256,
845 },
846 {
847 1,
848 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
849 TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
850 SSL_kDHEPSK,
851 SSL_aPSK,
852 SSL_AES128CCM8,
853 SSL_AEAD,
854 TLS1_2_VERSION, TLS1_2_VERSION,
855 DTLS1_2_VERSION, DTLS1_2_VERSION,
856 SSL_NOT_DEFAULT | SSL_HIGH,
857 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
858 128,
859 128,
860 },
861 {
862 1,
863 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
864 TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
865 SSL_kDHEPSK,
866 SSL_aPSK,
867 SSL_AES256CCM8,
868 SSL_AEAD,
869 TLS1_2_VERSION, TLS1_2_VERSION,
870 DTLS1_2_VERSION, DTLS1_2_VERSION,
871 SSL_NOT_DEFAULT | SSL_HIGH,
872 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
873 256,
874 256,
875 },
876 {
877 1,
878 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
879 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
880 SSL_kECDHE,
881 SSL_aECDSA,
882 SSL_AES128CCM,
883 SSL_AEAD,
884 TLS1_2_VERSION, TLS1_2_VERSION,
885 DTLS1_2_VERSION, DTLS1_2_VERSION,
886 SSL_NOT_DEFAULT | SSL_HIGH,
887 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
888 128,
889 128,
890 },
891 {
892 1,
893 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
894 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
895 SSL_kECDHE,
896 SSL_aECDSA,
897 SSL_AES256CCM,
898 SSL_AEAD,
899 TLS1_2_VERSION, TLS1_2_VERSION,
900 DTLS1_2_VERSION, DTLS1_2_VERSION,
901 SSL_NOT_DEFAULT | SSL_HIGH,
902 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
903 256,
904 256,
905 },
906 {
907 1,
908 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
909 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
910 SSL_kECDHE,
911 SSL_aECDSA,
912 SSL_AES128CCM8,
913 SSL_AEAD,
914 TLS1_2_VERSION, TLS1_2_VERSION,
915 DTLS1_2_VERSION, DTLS1_2_VERSION,
916 SSL_NOT_DEFAULT | SSL_HIGH,
917 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
918 128,
919 128,
920 },
921 {
922 1,
923 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
924 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
925 SSL_kECDHE,
926 SSL_aECDSA,
927 SSL_AES256CCM8,
928 SSL_AEAD,
929 TLS1_2_VERSION, TLS1_2_VERSION,
930 DTLS1_2_VERSION, DTLS1_2_VERSION,
931 SSL_NOT_DEFAULT | SSL_HIGH,
932 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
933 256,
934 256,
935 },
936
937 #ifndef OPENSSL_NO_EC
938 {
939 1,
940 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
941 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
942 SSL_kECDHE,
943 SSL_aECDSA,
944 SSL_eNULL,
945 SSL_SHA1,
946 SSL3_VERSION, TLS1_2_VERSION,
947 DTLS1_VERSION, DTLS1_2_VERSION,
948 SSL_STRONG_NONE | SSL_FIPS,
949 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
950 0,
951 0,
952 },
953 {
954 1,
955 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
956 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
957 SSL_kECDHE,
958 SSL_aECDSA,
959 SSL_3DES,
960 SSL_SHA1,
961 SSL3_VERSION, TLS1_2_VERSION,
962 DTLS1_VERSION, DTLS1_2_VERSION,
963 SSL_HIGH | SSL_FIPS,
964 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
965 112,
966 168,
967 },
968 {
969 1,
970 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
971 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
972 SSL_kECDHE,
973 SSL_aECDSA,
974 SSL_AES128,
975 SSL_SHA1,
976 SSL3_VERSION, TLS1_2_VERSION,
977 DTLS1_VERSION, DTLS1_2_VERSION,
978 SSL_HIGH | SSL_FIPS,
979 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
980 128,
981 128,
982 },
983 {
984 1,
985 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
986 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
987 SSL_kECDHE,
988 SSL_aECDSA,
989 SSL_AES256,
990 SSL_SHA1,
991 SSL3_VERSION, TLS1_2_VERSION,
992 DTLS1_VERSION, DTLS1_2_VERSION,
993 SSL_HIGH | SSL_FIPS,
994 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
995 256,
996 256,
997 },
998 {
999 1,
1000 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1001 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1002 SSL_kECDHE,
1003 SSL_aRSA,
1004 SSL_eNULL,
1005 SSL_SHA1,
1006 SSL3_VERSION, TLS1_2_VERSION,
1007 DTLS1_VERSION, DTLS1_2_VERSION,
1008 SSL_STRONG_NONE | SSL_FIPS,
1009 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1010 0,
1011 0,
1012 },
1013 {
1014 1,
1015 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1016 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1017 SSL_kECDHE,
1018 SSL_aRSA,
1019 SSL_3DES,
1020 SSL_SHA1,
1021 SSL3_VERSION, TLS1_2_VERSION,
1022 DTLS1_VERSION, DTLS1_2_VERSION,
1023 SSL_HIGH | SSL_FIPS,
1024 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1025 112,
1026 168,
1027 },
1028 {
1029 1,
1030 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1031 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1032 SSL_kECDHE,
1033 SSL_aRSA,
1034 SSL_AES128,
1035 SSL_SHA1,
1036 SSL3_VERSION, TLS1_2_VERSION,
1037 DTLS1_VERSION, DTLS1_2_VERSION,
1038 SSL_HIGH | SSL_FIPS,
1039 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1040 128,
1041 128,
1042 },
1043 {
1044 1,
1045 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1046 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1047 SSL_kECDHE,
1048 SSL_aRSA,
1049 SSL_AES256,
1050 SSL_SHA1,
1051 SSL3_VERSION, TLS1_2_VERSION,
1052 DTLS1_VERSION, DTLS1_2_VERSION,
1053 SSL_HIGH | SSL_FIPS,
1054 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1055 256,
1056 256,
1057 },
1058 {
1059 1,
1060 TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1061 TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1062 SSL_kECDHE,
1063 SSL_aNULL,
1064 SSL_eNULL,
1065 SSL_SHA1,
1066 SSL3_VERSION, TLS1_2_VERSION,
1067 DTLS1_VERSION, DTLS1_2_VERSION,
1068 SSL_STRONG_NONE | SSL_FIPS,
1069 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1070 0,
1071 0,
1072 },
1073 {
1074 1,
1075 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1076 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1077 SSL_kECDHE,
1078 SSL_aNULL,
1079 SSL_3DES,
1080 SSL_SHA1,
1081 SSL3_VERSION, TLS1_2_VERSION,
1082 DTLS1_VERSION, DTLS1_2_VERSION,
1083 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1084 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1085 112,
1086 168,
1087 },
1088 {
1089 1,
1090 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1091 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1092 SSL_kECDHE,
1093 SSL_aNULL,
1094 SSL_AES128,
1095 SSL_SHA1,
1096 SSL3_VERSION, TLS1_2_VERSION,
1097 DTLS1_VERSION, DTLS1_2_VERSION,
1098 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1099 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1100 128,
1101 128,
1102 },
1103 {
1104 1,
1105 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1106 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1107 SSL_kECDHE,
1108 SSL_aNULL,
1109 SSL_AES256,
1110 SSL_SHA1,
1111 SSL3_VERSION, TLS1_2_VERSION,
1112 DTLS1_VERSION, DTLS1_2_VERSION,
1113 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1114 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1115 256,
1116 256,
1117 },
1118 {
1119 1,
1120 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1121 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1122 SSL_kECDHE,
1123 SSL_aECDSA,
1124 SSL_AES128,
1125 SSL_SHA256,
1126 TLS1_2_VERSION, TLS1_2_VERSION,
1127 DTLS1_2_VERSION, DTLS1_2_VERSION,
1128 SSL_HIGH | SSL_FIPS,
1129 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1130 128,
1131 128,
1132 },
1133 {
1134 1,
1135 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1136 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1137 SSL_kECDHE,
1138 SSL_aECDSA,
1139 SSL_AES256,
1140 SSL_SHA384,
1141 TLS1_2_VERSION, TLS1_2_VERSION,
1142 DTLS1_2_VERSION, DTLS1_2_VERSION,
1143 SSL_HIGH | SSL_FIPS,
1144 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1145 256,
1146 256,
1147 },
1148 {
1149 1,
1150 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1151 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1152 SSL_kECDHE,
1153 SSL_aRSA,
1154 SSL_AES128,
1155 SSL_SHA256,
1156 TLS1_2_VERSION, TLS1_2_VERSION,
1157 DTLS1_2_VERSION, DTLS1_2_VERSION,
1158 SSL_HIGH | SSL_FIPS,
1159 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1160 128,
1161 128,
1162 },
1163 {
1164 1,
1165 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
1166 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
1167 SSL_kECDHE,
1168 SSL_aRSA,
1169 SSL_AES256,
1170 SSL_SHA384,
1171 TLS1_2_VERSION, TLS1_2_VERSION,
1172 DTLS1_2_VERSION, DTLS1_2_VERSION,
1173 SSL_HIGH | SSL_FIPS,
1174 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1175 256,
1176 256,
1177 },
1178 {
1179 1,
1180 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1181 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1182 SSL_kECDHE,
1183 SSL_aECDSA,
1184 SSL_AES128GCM,
1185 SSL_AEAD,
1186 TLS1_2_VERSION, TLS1_2_VERSION,
1187 DTLS1_2_VERSION, DTLS1_2_VERSION,
1188 SSL_HIGH | SSL_FIPS,
1189 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1190 128,
1191 128,
1192 },
1193 {
1194 1,
1195 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1196 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1197 SSL_kECDHE,
1198 SSL_aECDSA,
1199 SSL_AES256GCM,
1200 SSL_AEAD,
1201 TLS1_2_VERSION, TLS1_2_VERSION,
1202 DTLS1_2_VERSION, DTLS1_2_VERSION,
1203 SSL_HIGH | SSL_FIPS,
1204 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1205 256,
1206 256,
1207 },
1208 {
1209 1,
1210 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1211 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1212 SSL_kECDHE,
1213 SSL_aRSA,
1214 SSL_AES128GCM,
1215 SSL_AEAD,
1216 TLS1_2_VERSION, TLS1_2_VERSION,
1217 DTLS1_2_VERSION, DTLS1_2_VERSION,
1218 SSL_HIGH | SSL_FIPS,
1219 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1220 128,
1221 128,
1222 },
1223 {
1224 1,
1225 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1226 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1227 SSL_kECDHE,
1228 SSL_aRSA,
1229 SSL_AES256GCM,
1230 SSL_AEAD,
1231 TLS1_2_VERSION, TLS1_2_VERSION,
1232 DTLS1_2_VERSION, DTLS1_2_VERSION,
1233 SSL_HIGH | SSL_FIPS,
1234 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1235 256,
1236 256,
1237 },
1238 #endif /* OPENSSL_NO_EC */
1239
1240 #ifndef OPENSSL_NO_PSK
1241 {
1242 1,
1243 TLS1_TXT_PSK_WITH_NULL_SHA,
1244 TLS1_CK_PSK_WITH_NULL_SHA,
1245 SSL_kPSK,
1246 SSL_aPSK,
1247 SSL_eNULL,
1248 SSL_SHA1,
1249 SSL3_VERSION, TLS1_2_VERSION,
1250 DTLS1_VERSION, DTLS1_2_VERSION,
1251 SSL_STRONG_NONE | SSL_FIPS,
1252 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1253 0,
1254 0,
1255 },
1256 {
1257 1,
1258 TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
1259 TLS1_CK_DHE_PSK_WITH_NULL_SHA,
1260 SSL_kDHEPSK,
1261 SSL_aPSK,
1262 SSL_eNULL,
1263 SSL_SHA1,
1264 SSL3_VERSION, TLS1_2_VERSION,
1265 DTLS1_VERSION, DTLS1_2_VERSION,
1266 SSL_STRONG_NONE | SSL_FIPS,
1267 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1268 0,
1269 0,
1270 },
1271 {
1272 1,
1273 TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
1274 TLS1_CK_RSA_PSK_WITH_NULL_SHA,
1275 SSL_kRSAPSK,
1276 SSL_aRSA,
1277 SSL_eNULL,
1278 SSL_SHA1,
1279 SSL3_VERSION, TLS1_2_VERSION,
1280 DTLS1_VERSION, DTLS1_2_VERSION,
1281 SSL_STRONG_NONE | SSL_FIPS,
1282 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1283 0,
1284 0,
1285 },
1286 {
1287 1,
1288 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1289 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1290 SSL_kPSK,
1291 SSL_aPSK,
1292 SSL_3DES,
1293 SSL_SHA1,
1294 SSL3_VERSION, TLS1_2_VERSION,
1295 DTLS1_VERSION, DTLS1_2_VERSION,
1296 SSL_HIGH | SSL_FIPS,
1297 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1298 112,
1299 168,
1300 },
1301 {
1302 1,
1303 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1304 TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1305 SSL_kPSK,
1306 SSL_aPSK,
1307 SSL_AES128,
1308 SSL_SHA1,
1309 SSL3_VERSION, TLS1_2_VERSION,
1310 DTLS1_VERSION, DTLS1_2_VERSION,
1311 SSL_HIGH | SSL_FIPS,
1312 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1313 128,
1314 128,
1315 },
1316 {
1317 1,
1318 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1319 TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1320 SSL_kPSK,
1321 SSL_aPSK,
1322 SSL_AES256,
1323 SSL_SHA1,
1324 SSL3_VERSION, TLS1_2_VERSION,
1325 DTLS1_VERSION, DTLS1_2_VERSION,
1326 SSL_HIGH | SSL_FIPS,
1327 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1328 256,
1329 256,
1330 },
1331 {
1332 1,
1333 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1334 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1335 SSL_kDHEPSK,
1336 SSL_aPSK,
1337 SSL_3DES,
1338 SSL_SHA1,
1339 SSL3_VERSION, TLS1_2_VERSION,
1340 DTLS1_VERSION, DTLS1_2_VERSION,
1341 SSL_HIGH | SSL_FIPS,
1342 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1343 112,
1344 168,
1345 },
1346 {
1347 1,
1348 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
1349 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1350 SSL_kDHEPSK,
1351 SSL_aPSK,
1352 SSL_AES128,
1353 SSL_SHA1,
1354 SSL3_VERSION, TLS1_2_VERSION,
1355 DTLS1_VERSION, DTLS1_2_VERSION,
1356 SSL_HIGH | SSL_FIPS,
1357 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1358 128,
1359 128,
1360 },
1361 {
1362 1,
1363 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
1364 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1365 SSL_kDHEPSK,
1366 SSL_aPSK,
1367 SSL_AES256,
1368 SSL_SHA1,
1369 SSL3_VERSION, TLS1_2_VERSION,
1370 DTLS1_VERSION, DTLS1_2_VERSION,
1371 SSL_HIGH | SSL_FIPS,
1372 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1373 256,
1374 256,
1375 },
1376 {
1377 1,
1378 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1379 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1380 SSL_kRSAPSK,
1381 SSL_aRSA,
1382 SSL_3DES,
1383 SSL_SHA1,
1384 SSL3_VERSION, TLS1_2_VERSION,
1385 DTLS1_VERSION, DTLS1_2_VERSION,
1386 SSL_HIGH | SSL_FIPS,
1387 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1388 112,
1389 168,
1390 },
1391 {
1392 1,
1393 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
1394 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1395 SSL_kRSAPSK,
1396 SSL_aRSA,
1397 SSL_AES128,
1398 SSL_SHA1,
1399 SSL3_VERSION, TLS1_2_VERSION,
1400 DTLS1_VERSION, DTLS1_2_VERSION,
1401 SSL_HIGH | SSL_FIPS,
1402 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1403 128,
1404 128,
1405 },
1406 {
1407 1,
1408 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1409 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1410 SSL_kRSAPSK,
1411 SSL_aRSA,
1412 SSL_AES256,
1413 SSL_SHA1,
1414 SSL3_VERSION, TLS1_2_VERSION,
1415 DTLS1_VERSION, DTLS1_2_VERSION,
1416 SSL_HIGH | SSL_FIPS,
1417 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1418 256,
1419 256,
1420 },
1421 {
1422 1,
1423 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1424 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1425 SSL_kPSK,
1426 SSL_aPSK,
1427 SSL_AES128GCM,
1428 SSL_AEAD,
1429 TLS1_2_VERSION, TLS1_2_VERSION,
1430 DTLS1_2_VERSION, DTLS1_2_VERSION,
1431 SSL_HIGH | SSL_FIPS,
1432 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1433 128,
1434 128,
1435 },
1436 {
1437 1,
1438 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1439 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1440 SSL_kPSK,
1441 SSL_aPSK,
1442 SSL_AES256GCM,
1443 SSL_AEAD,
1444 TLS1_2_VERSION, TLS1_2_VERSION,
1445 DTLS1_2_VERSION, DTLS1_2_VERSION,
1446 SSL_HIGH | SSL_FIPS,
1447 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1448 256,
1449 256,
1450 },
1451 {
1452 1,
1453 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1454 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1455 SSL_kDHEPSK,
1456 SSL_aPSK,
1457 SSL_AES128GCM,
1458 SSL_AEAD,
1459 TLS1_2_VERSION, TLS1_2_VERSION,
1460 DTLS1_2_VERSION, DTLS1_2_VERSION,
1461 SSL_HIGH | SSL_FIPS,
1462 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1463 128,
1464 128,
1465 },
1466 {
1467 1,
1468 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1469 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1470 SSL_kDHEPSK,
1471 SSL_aPSK,
1472 SSL_AES256GCM,
1473 SSL_AEAD,
1474 TLS1_2_VERSION, TLS1_2_VERSION,
1475 DTLS1_2_VERSION, DTLS1_2_VERSION,
1476 SSL_HIGH | SSL_FIPS,
1477 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1478 256,
1479 256,
1480 },
1481 {
1482 1,
1483 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1484 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1485 SSL_kRSAPSK,
1486 SSL_aRSA,
1487 SSL_AES128GCM,
1488 SSL_AEAD,
1489 TLS1_2_VERSION, TLS1_2_VERSION,
1490 DTLS1_2_VERSION, DTLS1_2_VERSION,
1491 SSL_HIGH | SSL_FIPS,
1492 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1493 128,
1494 128,
1495 },
1496 {
1497 1,
1498 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1499 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1500 SSL_kRSAPSK,
1501 SSL_aRSA,
1502 SSL_AES256GCM,
1503 SSL_AEAD,
1504 TLS1_2_VERSION, TLS1_2_VERSION,
1505 DTLS1_2_VERSION, DTLS1_2_VERSION,
1506 SSL_HIGH | SSL_FIPS,
1507 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1508 256,
1509 256,
1510 },
1511 {
1512 1,
1513 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1514 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1515 SSL_kPSK,
1516 SSL_aPSK,
1517 SSL_AES128,
1518 SSL_SHA256,
1519 TLS1_VERSION, TLS1_2_VERSION,
1520 DTLS1_VERSION, DTLS1_2_VERSION,
1521 SSL_HIGH | SSL_FIPS,
1522 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1523 128,
1524 128,
1525 },
1526 {
1527 1,
1528 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1529 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1530 SSL_kPSK,
1531 SSL_aPSK,
1532 SSL_AES256,
1533 SSL_SHA384,
1534 TLS1_VERSION, TLS1_2_VERSION,
1535 DTLS1_VERSION, DTLS1_2_VERSION,
1536 SSL_HIGH | SSL_FIPS,
1537 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1538 256,
1539 256,
1540 },
1541 {
1542 1,
1543 TLS1_TXT_PSK_WITH_NULL_SHA256,
1544 TLS1_CK_PSK_WITH_NULL_SHA256,
1545 SSL_kPSK,
1546 SSL_aPSK,
1547 SSL_eNULL,
1548 SSL_SHA256,
1549 TLS1_VERSION, TLS1_2_VERSION,
1550 DTLS1_VERSION, DTLS1_2_VERSION,
1551 SSL_STRONG_NONE | SSL_FIPS,
1552 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1553 0,
1554 0,
1555 },
1556 {
1557 1,
1558 TLS1_TXT_PSK_WITH_NULL_SHA384,
1559 TLS1_CK_PSK_WITH_NULL_SHA384,
1560 SSL_kPSK,
1561 SSL_aPSK,
1562 SSL_eNULL,
1563 SSL_SHA384,
1564 TLS1_VERSION, TLS1_2_VERSION,
1565 DTLS1_VERSION, DTLS1_2_VERSION,
1566 SSL_STRONG_NONE | SSL_FIPS,
1567 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1568 0,
1569 0,
1570 },
1571 {
1572 1,
1573 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1574 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1575 SSL_kDHEPSK,
1576 SSL_aPSK,
1577 SSL_AES128,
1578 SSL_SHA256,
1579 TLS1_VERSION, TLS1_2_VERSION,
1580 DTLS1_VERSION, DTLS1_2_VERSION,
1581 SSL_HIGH | SSL_FIPS,
1582 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1583 128,
1584 128,
1585 },
1586 {
1587 1,
1588 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1589 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1590 SSL_kDHEPSK,
1591 SSL_aPSK,
1592 SSL_AES256,
1593 SSL_SHA384,
1594 TLS1_VERSION, TLS1_2_VERSION,
1595 DTLS1_VERSION, DTLS1_2_VERSION,
1596 SSL_HIGH | SSL_FIPS,
1597 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1598 256,
1599 256,
1600 },
1601 {
1602 1,
1603 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1604 TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1605 SSL_kDHEPSK,
1606 SSL_aPSK,
1607 SSL_eNULL,
1608 SSL_SHA256,
1609 TLS1_VERSION, TLS1_2_VERSION,
1610 DTLS1_VERSION, DTLS1_2_VERSION,
1611 SSL_STRONG_NONE | SSL_FIPS,
1612 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1613 0,
1614 0,
1615 },
1616 {
1617 1,
1618 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1619 TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1620 SSL_kDHEPSK,
1621 SSL_aPSK,
1622 SSL_eNULL,
1623 SSL_SHA384,
1624 TLS1_VERSION, TLS1_2_VERSION,
1625 DTLS1_VERSION, DTLS1_2_VERSION,
1626 SSL_STRONG_NONE | SSL_FIPS,
1627 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1628 0,
1629 0,
1630 },
1631 {
1632 1,
1633 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1634 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1635 SSL_kRSAPSK,
1636 SSL_aRSA,
1637 SSL_AES128,
1638 SSL_SHA256,
1639 TLS1_VERSION, TLS1_2_VERSION,
1640 DTLS1_VERSION, DTLS1_2_VERSION,
1641 SSL_HIGH | SSL_FIPS,
1642 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1643 128,
1644 128,
1645 },
1646 {
1647 1,
1648 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
1649 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1650 SSL_kRSAPSK,
1651 SSL_aRSA,
1652 SSL_AES256,
1653 SSL_SHA384,
1654 TLS1_VERSION, TLS1_2_VERSION,
1655 DTLS1_VERSION, DTLS1_2_VERSION,
1656 SSL_HIGH | SSL_FIPS,
1657 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1658 256,
1659 256,
1660 },
1661 {
1662 1,
1663 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
1664 TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1665 SSL_kRSAPSK,
1666 SSL_aRSA,
1667 SSL_eNULL,
1668 SSL_SHA256,
1669 TLS1_VERSION, TLS1_2_VERSION,
1670 DTLS1_VERSION, DTLS1_2_VERSION,
1671 SSL_STRONG_NONE | SSL_FIPS,
1672 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1673 0,
1674 0,
1675 },
1676 {
1677 1,
1678 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
1679 TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1680 SSL_kRSAPSK,
1681 SSL_aRSA,
1682 SSL_eNULL,
1683 SSL_SHA384,
1684 TLS1_VERSION, TLS1_2_VERSION,
1685 DTLS1_VERSION, DTLS1_2_VERSION,
1686 SSL_STRONG_NONE | SSL_FIPS,
1687 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1688 0,
1689 0,
1690 },
1691 # ifndef OPENSSL_NO_EC
1692 {
1693 1,
1694 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1695 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1696 SSL_kECDHEPSK,
1697 SSL_aPSK,
1698 SSL_3DES,
1699 SSL_SHA1,
1700 SSL3_VERSION, TLS1_2_VERSION,
1701 DTLS1_VERSION, DTLS1_2_VERSION,
1702 SSL_HIGH | SSL_FIPS,
1703 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1704 112,
1705 168,
1706 },
1707 {
1708 1,
1709 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1710 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1711 SSL_kECDHEPSK,
1712 SSL_aPSK,
1713 SSL_AES128,
1714 SSL_SHA1,
1715 SSL3_VERSION, TLS1_2_VERSION,
1716 DTLS1_VERSION, DTLS1_2_VERSION,
1717 SSL_HIGH | SSL_FIPS,
1718 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1719 128,
1720 128,
1721 },
1722 {
1723 1,
1724 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1725 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1726 SSL_kECDHEPSK,
1727 SSL_aPSK,
1728 SSL_AES256,
1729 SSL_SHA1,
1730 SSL3_VERSION, TLS1_2_VERSION,
1731 DTLS1_VERSION, DTLS1_2_VERSION,
1732 SSL_HIGH | SSL_FIPS,
1733 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1734 256,
1735 256,
1736 },
1737 {
1738 1,
1739 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1740 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1741 SSL_kECDHEPSK,
1742 SSL_aPSK,
1743 SSL_AES128,
1744 SSL_SHA256,
1745 TLS1_VERSION, TLS1_2_VERSION,
1746 DTLS1_VERSION, DTLS1_2_VERSION,
1747 SSL_HIGH | SSL_FIPS,
1748 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1749 128,
1750 128,
1751 },
1752 {
1753 1,
1754 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1755 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1756 SSL_kECDHEPSK,
1757 SSL_aPSK,
1758 SSL_AES256,
1759 SSL_SHA384,
1760 TLS1_VERSION, TLS1_2_VERSION,
1761 DTLS1_VERSION, DTLS1_2_VERSION,
1762 SSL_HIGH | SSL_FIPS,
1763 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1764 256,
1765 256,
1766 },
1767 {
1768 1,
1769 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
1770 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
1771 SSL_kECDHEPSK,
1772 SSL_aPSK,
1773 SSL_eNULL,
1774 SSL_SHA1,
1775 SSL3_VERSION, TLS1_2_VERSION,
1776 DTLS1_VERSION, DTLS1_2_VERSION,
1777 SSL_STRONG_NONE | SSL_FIPS,
1778 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1779 0,
1780 0,
1781 },
1782 {
1783 1,
1784 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
1785 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
1786 SSL_kECDHEPSK,
1787 SSL_aPSK,
1788 SSL_eNULL,
1789 SSL_SHA256,
1790 TLS1_VERSION, TLS1_2_VERSION,
1791 DTLS1_VERSION, DTLS1_2_VERSION,
1792 SSL_STRONG_NONE | SSL_FIPS,
1793 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1794 0,
1795 0,
1796 },
1797 {
1798 1,
1799 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
1800 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
1801 SSL_kECDHEPSK,
1802 SSL_aPSK,
1803 SSL_eNULL,
1804 SSL_SHA384,
1805 TLS1_VERSION, TLS1_2_VERSION,
1806 DTLS1_VERSION, DTLS1_2_VERSION,
1807 SSL_STRONG_NONE | SSL_FIPS,
1808 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1809 0,
1810 0,
1811 },
1812 # endif /* OPENSSL_NO_EC */
1813 #endif /* OPENSSL_NO_PSK */
1814
1815 #ifndef OPENSSL_NO_SRP
1816 {
1817 1,
1818 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1819 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1820 SSL_kSRP,
1821 SSL_aSRP,
1822 SSL_3DES,
1823 SSL_SHA1,
1824 SSL3_VERSION, TLS1_2_VERSION,
1825 DTLS1_VERSION, DTLS1_2_VERSION,
1826 SSL_HIGH,
1827 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1828 112,
1829 168,
1830 },
1831 {
1832 1,
1833 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1834 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1835 SSL_kSRP,
1836 SSL_aRSA,
1837 SSL_3DES,
1838 SSL_SHA1,
1839 SSL3_VERSION, TLS1_2_VERSION,
1840 DTLS1_VERSION, DTLS1_2_VERSION,
1841 SSL_HIGH,
1842 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1843 112,
1844 168,
1845 },
1846 {
1847 1,
1848 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1849 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1850 SSL_kSRP,
1851 SSL_aDSS,
1852 SSL_3DES,
1853 SSL_SHA1,
1854 SSL3_VERSION, TLS1_2_VERSION,
1855 DTLS1_VERSION, DTLS1_2_VERSION,
1856 SSL_NOT_DEFAULT | SSL_HIGH,
1857 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1858 112,
1859 168,
1860 },
1861 {
1862 1,
1863 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
1864 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1865 SSL_kSRP,
1866 SSL_aSRP,
1867 SSL_AES128,
1868 SSL_SHA1,
1869 SSL3_VERSION, TLS1_2_VERSION,
1870 DTLS1_VERSION, DTLS1_2_VERSION,
1871 SSL_HIGH,
1872 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1873 128,
1874 128,
1875 },
1876 {
1877 1,
1878 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1879 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1880 SSL_kSRP,
1881 SSL_aRSA,
1882 SSL_AES128,
1883 SSL_SHA1,
1884 SSL3_VERSION, TLS1_2_VERSION,
1885 DTLS1_VERSION, DTLS1_2_VERSION,
1886 SSL_HIGH,
1887 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1888 128,
1889 128,
1890 },
1891 {
1892 1,
1893 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1894 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1895 SSL_kSRP,
1896 SSL_aDSS,
1897 SSL_AES128,
1898 SSL_SHA1,
1899 SSL3_VERSION, TLS1_2_VERSION,
1900 DTLS1_VERSION, DTLS1_2_VERSION,
1901 SSL_NOT_DEFAULT | SSL_HIGH,
1902 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1903 128,
1904 128,
1905 },
1906 {
1907 1,
1908 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
1909 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
1910 SSL_kSRP,
1911 SSL_aSRP,
1912 SSL_AES256,
1913 SSL_SHA1,
1914 SSL3_VERSION, TLS1_2_VERSION,
1915 DTLS1_VERSION, DTLS1_2_VERSION,
1916 SSL_HIGH,
1917 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1918 256,
1919 256,
1920 },
1921 {
1922 1,
1923 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
1924 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
1925 SSL_kSRP,
1926 SSL_aRSA,
1927 SSL_AES256,
1928 SSL_SHA1,
1929 SSL3_VERSION, TLS1_2_VERSION,
1930 DTLS1_VERSION, DTLS1_2_VERSION,
1931 SSL_HIGH,
1932 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1933 256,
1934 256,
1935 },
1936 {
1937 1,
1938 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
1939 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
1940 SSL_kSRP,
1941 SSL_aDSS,
1942 SSL_AES256,
1943 SSL_SHA1,
1944 SSL3_VERSION, TLS1_2_VERSION,
1945 DTLS1_VERSION, DTLS1_2_VERSION,
1946 SSL_NOT_DEFAULT | SSL_HIGH,
1947 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1948 256,
1949 256,
1950 },
1951 #endif /* OPENSSL_NO_SRP */
1952
1953 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1954 # ifndef OPENSSL_NO_RSA
1955 {
1956 1,
1957 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
1958 TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
1959 SSL_kDHE,
1960 SSL_aRSA,
1961 SSL_CHACHA20POLY1305,
1962 SSL_AEAD,
1963 TLS1_2_VERSION, TLS1_2_VERSION,
1964 DTLS1_2_VERSION, DTLS1_2_VERSION,
1965 SSL_HIGH,
1966 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1967 256,
1968 256,
1969 },
1970 # endif /* OPENSSL_NO_RSA */
1971
1972 # ifndef OPENSSL_NO_EC
1973 {
1974 1,
1975 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
1976 TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
1977 SSL_kECDHE,
1978 SSL_aRSA,
1979 SSL_CHACHA20POLY1305,
1980 SSL_AEAD,
1981 TLS1_2_VERSION, TLS1_2_VERSION,
1982 DTLS1_2_VERSION, DTLS1_2_VERSION,
1983 SSL_HIGH,
1984 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1985 256,
1986 256,
1987 },
1988 {
1989 1,
1990 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
1991 TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
1992 SSL_kECDHE,
1993 SSL_aECDSA,
1994 SSL_CHACHA20POLY1305,
1995 SSL_AEAD,
1996 TLS1_2_VERSION, TLS1_2_VERSION,
1997 DTLS1_2_VERSION, DTLS1_2_VERSION,
1998 SSL_HIGH,
1999 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2000 256,
2001 256,
2002 },
2003 # endif /* OPENSSL_NO_EC */
2004
2005 # ifndef OPENSSL_NO_PSK
2006 {
2007 1,
2008 TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
2009 TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2010 SSL_kPSK,
2011 SSL_aPSK,
2012 SSL_CHACHA20POLY1305,
2013 SSL_AEAD,
2014 TLS1_2_VERSION, TLS1_2_VERSION,
2015 DTLS1_2_VERSION, DTLS1_2_VERSION,
2016 SSL_HIGH,
2017 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2018 256,
2019 256,
2020 },
2021 {
2022 1,
2023 TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2024 TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2025 SSL_kECDHEPSK,
2026 SSL_aPSK,
2027 SSL_CHACHA20POLY1305,
2028 SSL_AEAD,
2029 TLS1_2_VERSION, TLS1_2_VERSION,
2030 DTLS1_2_VERSION, DTLS1_2_VERSION,
2031 SSL_HIGH,
2032 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2033 256,
2034 256,
2035 },
2036 {
2037 1,
2038 TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
2039 TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2040 SSL_kDHEPSK,
2041 SSL_aPSK,
2042 SSL_CHACHA20POLY1305,
2043 SSL_AEAD,
2044 TLS1_2_VERSION, TLS1_2_VERSION,
2045 DTLS1_2_VERSION, DTLS1_2_VERSION,
2046 SSL_HIGH,
2047 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2048 256,
2049 256,
2050 },
2051 {
2052 1,
2053 TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
2054 TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2055 SSL_kRSAPSK,
2056 SSL_aRSA,
2057 SSL_CHACHA20POLY1305,
2058 SSL_AEAD,
2059 TLS1_2_VERSION, TLS1_2_VERSION,
2060 DTLS1_2_VERSION, DTLS1_2_VERSION,
2061 SSL_HIGH,
2062 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2063 256,
2064 256,
2065 },
2066 # endif /* OPENSSL_NO_PSK */
2067 #endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
2068
2069 #ifndef OPENSSL_NO_CAMELLIA
2070 {
2071 1,
2072 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2073 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2074 SSL_kRSA,
2075 SSL_aRSA,
2076 SSL_CAMELLIA128,
2077 SSL_SHA256,
2078 TLS1_2_VERSION, TLS1_2_VERSION,
2079 DTLS1_2_VERSION, DTLS1_2_VERSION,
2080 SSL_NOT_DEFAULT | SSL_HIGH,
2081 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2082 128,
2083 128,
2084 },
2085 {
2086 1,
2087 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2088 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2089 SSL_kEDH,
2090 SSL_aDSS,
2091 SSL_CAMELLIA128,
2092 SSL_SHA256,
2093 TLS1_2_VERSION, TLS1_2_VERSION,
2094 DTLS1_2_VERSION, DTLS1_2_VERSION,
2095 SSL_NOT_DEFAULT | SSL_HIGH,
2096 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2097 128,
2098 128,
2099 },
2100 {
2101 1,
2102 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2103 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2104 SSL_kEDH,
2105 SSL_aRSA,
2106 SSL_CAMELLIA128,
2107 SSL_SHA256,
2108 TLS1_2_VERSION, TLS1_2_VERSION,
2109 DTLS1_2_VERSION, DTLS1_2_VERSION,
2110 SSL_NOT_DEFAULT | SSL_HIGH,
2111 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2112 128,
2113 128,
2114 },
2115 {
2116 1,
2117 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2118 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2119 SSL_kEDH,
2120 SSL_aNULL,
2121 SSL_CAMELLIA128,
2122 SSL_SHA256,
2123 TLS1_2_VERSION, TLS1_2_VERSION,
2124 DTLS1_2_VERSION, DTLS1_2_VERSION,
2125 SSL_NOT_DEFAULT | SSL_HIGH,
2126 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2127 128,
2128 128,
2129 },
2130 {
2131 1,
2132 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2133 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2134 SSL_kRSA,
2135 SSL_aRSA,
2136 SSL_CAMELLIA256,
2137 SSL_SHA256,
2138 TLS1_2_VERSION, TLS1_2_VERSION,
2139 DTLS1_2_VERSION, DTLS1_2_VERSION,
2140 SSL_NOT_DEFAULT | SSL_HIGH,
2141 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2142 256,
2143 256,
2144 },
2145 {
2146 1,
2147 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2148 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2149 SSL_kEDH,
2150 SSL_aDSS,
2151 SSL_CAMELLIA256,
2152 SSL_SHA256,
2153 TLS1_2_VERSION, TLS1_2_VERSION,
2154 DTLS1_2_VERSION, DTLS1_2_VERSION,
2155 SSL_NOT_DEFAULT | SSL_HIGH,
2156 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2157 256,
2158 256,
2159 },
2160 {
2161 1,
2162 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2163 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2164 SSL_kEDH,
2165 SSL_aRSA,
2166 SSL_CAMELLIA256,
2167 SSL_SHA256,
2168 TLS1_2_VERSION, TLS1_2_VERSION,
2169 DTLS1_2_VERSION, DTLS1_2_VERSION,
2170 SSL_NOT_DEFAULT | SSL_HIGH,
2171 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2172 256,
2173 256,
2174 },
2175 {
2176 1,
2177 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2178 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2179 SSL_kEDH,
2180 SSL_aNULL,
2181 SSL_CAMELLIA256,
2182 SSL_SHA256,
2183 TLS1_2_VERSION, TLS1_2_VERSION,
2184 DTLS1_2_VERSION, DTLS1_2_VERSION,
2185 SSL_NOT_DEFAULT | SSL_HIGH,
2186 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2187 256,
2188 256,
2189 },
2190 {
2191 1,
2192 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
2193 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
2194 SSL_kRSA,
2195 SSL_aRSA,
2196 SSL_CAMELLIA256,
2197 SSL_SHA1,
2198 SSL3_VERSION, TLS1_2_VERSION,
2199 DTLS1_VERSION, DTLS1_2_VERSION,
2200 SSL_NOT_DEFAULT | SSL_HIGH,
2201 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2202 256,
2203 256,
2204 },
2205 {
2206 1,
2207 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2208 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2209 SSL_kDHE,
2210 SSL_aDSS,
2211 SSL_CAMELLIA256,
2212 SSL_SHA1,
2213 SSL3_VERSION, TLS1_2_VERSION,
2214 DTLS1_VERSION, DTLS1_2_VERSION,
2215 SSL_NOT_DEFAULT | SSL_HIGH,
2216 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2217 256,
2218 256,
2219 },
2220 {
2221 1,
2222 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2223 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2224 SSL_kDHE,
2225 SSL_aRSA,
2226 SSL_CAMELLIA256,
2227 SSL_SHA1,
2228 SSL3_VERSION, TLS1_2_VERSION,
2229 DTLS1_VERSION, DTLS1_2_VERSION,
2230 SSL_NOT_DEFAULT | SSL_HIGH,
2231 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2232 256,
2233 256,
2234 },
2235 {
2236 1,
2237 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
2238 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
2239 SSL_kDHE,
2240 SSL_aNULL,
2241 SSL_CAMELLIA256,
2242 SSL_SHA1,
2243 SSL3_VERSION, TLS1_2_VERSION,
2244 DTLS1_VERSION, DTLS1_2_VERSION,
2245 SSL_NOT_DEFAULT | SSL_HIGH,
2246 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2247 256,
2248 256,
2249 },
2250 {
2251 1,
2252 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
2253 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
2254 SSL_kRSA,
2255 SSL_aRSA,
2256 SSL_CAMELLIA128,
2257 SSL_SHA1,
2258 SSL3_VERSION, TLS1_2_VERSION,
2259 DTLS1_VERSION, DTLS1_2_VERSION,
2260 SSL_NOT_DEFAULT | SSL_HIGH,
2261 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2262 128,
2263 128,
2264 },
2265 {
2266 1,
2267 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2268 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2269 SSL_kDHE,
2270 SSL_aDSS,
2271 SSL_CAMELLIA128,
2272 SSL_SHA1,
2273 SSL3_VERSION, TLS1_2_VERSION,
2274 DTLS1_VERSION, DTLS1_2_VERSION,
2275 SSL_NOT_DEFAULT | SSL_HIGH,
2276 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2277 128,
2278 128,
2279 },
2280 {
2281 1,
2282 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2283 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2284 SSL_kDHE,
2285 SSL_aRSA,
2286 SSL_CAMELLIA128,
2287 SSL_SHA1,
2288 SSL3_VERSION, TLS1_2_VERSION,
2289 DTLS1_VERSION, DTLS1_2_VERSION,
2290 SSL_NOT_DEFAULT | SSL_HIGH,
2291 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2292 128,
2293 128,
2294 },
2295 {
2296 1,
2297 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
2298 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
2299 SSL_kDHE,
2300 SSL_aNULL,
2301 SSL_CAMELLIA128,
2302 SSL_SHA1,
2303 SSL3_VERSION, TLS1_2_VERSION,
2304 DTLS1_VERSION, DTLS1_2_VERSION,
2305 SSL_NOT_DEFAULT | SSL_HIGH,
2306 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2307 128,
2308 128,
2309 },
2310
2311 # ifndef OPENSSL_NO_EC
2312 {
2313 1,
2314 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2315 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2316 SSL_kECDHE,
2317 SSL_aECDSA,
2318 SSL_CAMELLIA128,
2319 SSL_SHA256,
2320 TLS1_2_VERSION, TLS1_2_VERSION,
2321 DTLS1_2_VERSION, DTLS1_2_VERSION,
2322 SSL_NOT_DEFAULT | SSL_HIGH,
2323 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2324 128,
2325 128
2326 },
2327 {
2328 1,
2329 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2330 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2331 SSL_kECDHE,
2332 SSL_aECDSA,
2333 SSL_CAMELLIA256,
2334 SSL_SHA384,
2335 TLS1_2_VERSION, TLS1_2_VERSION,
2336 DTLS1_2_VERSION, DTLS1_2_VERSION,
2337 SSL_NOT_DEFAULT | SSL_HIGH,
2338 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2339 256,
2340 256
2341 },
2342 {
2343 1,
2344 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2345 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2346 SSL_kECDHE,
2347 SSL_aRSA,
2348 SSL_CAMELLIA128,
2349 SSL_SHA256,
2350 TLS1_2_VERSION, TLS1_2_VERSION,
2351 DTLS1_2_VERSION, DTLS1_2_VERSION,
2352 SSL_NOT_DEFAULT | SSL_HIGH,
2353 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2354 128,
2355 128
2356 },
2357 {
2358 1,
2359 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2360 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2361 SSL_kECDHE,
2362 SSL_aRSA,
2363 SSL_CAMELLIA256,
2364 SSL_SHA384,
2365 TLS1_2_VERSION, TLS1_2_VERSION,
2366 DTLS1_2_VERSION, DTLS1_2_VERSION,
2367 SSL_NOT_DEFAULT | SSL_HIGH,
2368 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2369 256,
2370 256
2371 },
2372 # endif /* OPENSSL_NO_EC */
2373
2374 # ifndef OPENSSL_NO_PSK
2375 {
2376 1,
2377 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2378 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2379 SSL_kPSK,
2380 SSL_aPSK,
2381 SSL_CAMELLIA128,
2382 SSL_SHA256,
2383 TLS1_VERSION, TLS1_2_VERSION,
2384 DTLS1_VERSION, DTLS1_2_VERSION,
2385 SSL_NOT_DEFAULT | SSL_HIGH,
2386 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2387 128,
2388 128
2389 },
2390 {
2391 1,
2392 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2393 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2394 SSL_kPSK,
2395 SSL_aPSK,
2396 SSL_CAMELLIA256,
2397 SSL_SHA384,
2398 TLS1_VERSION, TLS1_2_VERSION,
2399 DTLS1_VERSION, DTLS1_2_VERSION,
2400 SSL_NOT_DEFAULT | SSL_HIGH,
2401 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2402 256,
2403 256
2404 },
2405 {
2406 1,
2407 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2408 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2409 SSL_kDHEPSK,
2410 SSL_aPSK,
2411 SSL_CAMELLIA128,
2412 SSL_SHA256,
2413 TLS1_VERSION, TLS1_2_VERSION,
2414 DTLS1_VERSION, DTLS1_2_VERSION,
2415 SSL_NOT_DEFAULT | SSL_HIGH,
2416 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2417 128,
2418 128
2419 },
2420 {
2421 1,
2422 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2423 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2424 SSL_kDHEPSK,
2425 SSL_aPSK,
2426 SSL_CAMELLIA256,
2427 SSL_SHA384,
2428 TLS1_VERSION, TLS1_2_VERSION,
2429 DTLS1_VERSION, DTLS1_2_VERSION,
2430 SSL_NOT_DEFAULT | SSL_HIGH,
2431 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2432 256,
2433 256
2434 },
2435 {
2436 1,
2437 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2438 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2439 SSL_kRSAPSK,
2440 SSL_aRSA,
2441 SSL_CAMELLIA128,
2442 SSL_SHA256,
2443 TLS1_VERSION, TLS1_2_VERSION,
2444 DTLS1_VERSION, DTLS1_2_VERSION,
2445 SSL_NOT_DEFAULT | SSL_HIGH,
2446 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2447 128,
2448 128
2449 },
2450 {
2451 1,
2452 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2453 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2454 SSL_kRSAPSK,
2455 SSL_aRSA,
2456 SSL_CAMELLIA256,
2457 SSL_SHA384,
2458 TLS1_VERSION, TLS1_2_VERSION,
2459 DTLS1_VERSION, DTLS1_2_VERSION,
2460 SSL_NOT_DEFAULT | SSL_HIGH,
2461 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2462 256,
2463 256
2464 },
2465 {
2466 1,
2467 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2468 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2469 SSL_kECDHEPSK,
2470 SSL_aPSK,
2471 SSL_CAMELLIA128,
2472 SSL_SHA256,
2473 TLS1_VERSION, TLS1_2_VERSION,
2474 DTLS1_VERSION, DTLS1_2_VERSION,
2475 SSL_NOT_DEFAULT | SSL_HIGH,
2476 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2477 128,
2478 128
2479 },
2480 {
2481 1,
2482 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2483 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2484 SSL_kECDHEPSK,
2485 SSL_aPSK,
2486 SSL_CAMELLIA256,
2487 SSL_SHA384,
2488 TLS1_VERSION, TLS1_2_VERSION,
2489 DTLS1_VERSION, DTLS1_2_VERSION,
2490 SSL_NOT_DEFAULT | SSL_HIGH,
2491 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2492 256,
2493 256
2494 },
2495 # endif /* OPENSSL_NO_PSK */
2496
2497 #endif /* OPENSSL_NO_CAMELLIA */
2498
2499 #ifndef OPENSSL_NO_GOST
2500 {
2501 1,
2502 "GOST2001-GOST89-GOST89",
2503 0x3000081,
2504 SSL_kGOST,
2505 SSL_aGOST01,
2506 SSL_eGOST2814789CNT,
2507 SSL_GOST89MAC,
2508 TLS1_VERSION, TLS1_2_VERSION,
2509 DTLS1_VERSION, DTLS1_2_VERSION,
2510 SSL_HIGH,
2511 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
2512 256,
2513 256
2514 },
2515 {
2516 1,
2517 "GOST2001-NULL-GOST94",
2518 0x3000083,
2519 SSL_kGOST,
2520 SSL_aGOST01,
2521 SSL_eNULL,
2522 SSL_GOST94,
2523 TLS1_VERSION, TLS1_2_VERSION,
2524 DTLS1_VERSION, DTLS1_2_VERSION,
2525 SSL_STRONG_NONE,
2526 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
2527 0,
2528 0
2529 },
2530 {
2531 1,
2532 "GOST2012-GOST8912-GOST8912",
2533 0x0300ff85,
2534 SSL_kGOST,
2535 SSL_aGOST12 | SSL_aGOST01,
2536 SSL_eGOST2814789CNT12,
2537 SSL_GOST89MAC12,
2538 TLS1_VERSION, TLS1_2_VERSION,
2539 DTLS1_VERSION, DTLS1_2_VERSION,
2540 SSL_HIGH,
2541 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2542 256,
2543 256
2544 },
2545 {
2546 1,
2547 "GOST2012-NULL-GOST12",
2548 0x0300ff87,
2549 SSL_kGOST,
2550 SSL_aGOST12 | SSL_aGOST01,
2551 SSL_eNULL,
2552 SSL_GOST12_256,
2553 TLS1_VERSION, TLS1_2_VERSION,
2554 DTLS1_VERSION, DTLS1_2_VERSION,
2555 SSL_STRONG_NONE,
2556 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2557 0,
2558 0},
2559 #endif /* OPENSSL_NO_GOST */
2560
2561 #ifndef OPENSSL_NO_IDEA
2562 {
2563 1,
2564 SSL3_TXT_RSA_IDEA_128_SHA,
2565 SSL3_CK_RSA_IDEA_128_SHA,
2566 SSL_kRSA,
2567 SSL_aRSA,
2568 SSL_IDEA,
2569 SSL_SHA1,
2570 SSL3_VERSION, TLS1_1_VERSION,
2571 DTLS1_VERSION, DTLS1_VERSION,
2572 SSL_NOT_DEFAULT | SSL_MEDIUM,
2573 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2574 128,
2575 128,
2576 },
2577 #endif
2578
2579 #ifndef OPENSSL_NO_SEED
2580 {
2581 1,
2582 TLS1_TXT_RSA_WITH_SEED_SHA,
2583 TLS1_CK_RSA_WITH_SEED_SHA,
2584 SSL_kRSA,
2585 SSL_aRSA,
2586 SSL_SEED,
2587 SSL_SHA1,
2588 SSL3_VERSION, TLS1_2_VERSION,
2589 DTLS1_VERSION, DTLS1_2_VERSION,
2590 SSL_NOT_DEFAULT | SSL_MEDIUM,
2591 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2592 128,
2593 128,
2594 },
2595 {
2596 1,
2597 TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
2598 TLS1_CK_DHE_DSS_WITH_SEED_SHA,
2599 SSL_kDHE,
2600 SSL_aDSS,
2601 SSL_SEED,
2602 SSL_SHA1,
2603 SSL3_VERSION, TLS1_2_VERSION,
2604 DTLS1_VERSION, DTLS1_2_VERSION,
2605 SSL_NOT_DEFAULT | SSL_MEDIUM,
2606 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2607 128,
2608 128,
2609 },
2610 {
2611 1,
2612 TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
2613 TLS1_CK_DHE_RSA_WITH_SEED_SHA,
2614 SSL_kDHE,
2615 SSL_aRSA,
2616 SSL_SEED,
2617 SSL_SHA1,
2618 SSL3_VERSION, TLS1_2_VERSION,
2619 DTLS1_VERSION, DTLS1_2_VERSION,
2620 SSL_NOT_DEFAULT | SSL_MEDIUM,
2621 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2622 128,
2623 128,
2624 },
2625 {
2626 1,
2627 TLS1_TXT_ADH_WITH_SEED_SHA,
2628 TLS1_CK_ADH_WITH_SEED_SHA,
2629 SSL_kDHE,
2630 SSL_aNULL,
2631 SSL_SEED,
2632 SSL_SHA1,
2633 SSL3_VERSION, TLS1_2_VERSION,
2634 DTLS1_VERSION, DTLS1_2_VERSION,
2635 SSL_NOT_DEFAULT | SSL_MEDIUM,
2636 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2637 128,
2638 128,
2639 },
2640 #endif /* OPENSSL_NO_SEED */
2641
2642 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
2643 {
2644 1,
2645 SSL3_TXT_RSA_RC4_128_MD5,
2646 SSL3_CK_RSA_RC4_128_MD5,
2647 SSL_kRSA,
2648 SSL_aRSA,
2649 SSL_RC4,
2650 SSL_MD5,
2651 SSL3_VERSION, TLS1_2_VERSION,
2652 0, 0,
2653 SSL_NOT_DEFAULT | SSL_MEDIUM,
2654 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2655 128,
2656 128,
2657 },
2658 {
2659 1,
2660 SSL3_TXT_RSA_RC4_128_SHA,
2661 SSL3_CK_RSA_RC4_128_SHA,
2662 SSL_kRSA,
2663 SSL_aRSA,
2664 SSL_RC4,
2665 SSL_SHA1,
2666 SSL3_VERSION, TLS1_2_VERSION,
2667 0, 0,
2668 SSL_NOT_DEFAULT | SSL_MEDIUM,
2669 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2670 128,
2671 128,
2672 },
2673 {
2674 1,
2675 SSL3_TXT_ADH_RC4_128_MD5,
2676 SSL3_CK_ADH_RC4_128_MD5,
2677 SSL_kDHE,
2678 SSL_aNULL,
2679 SSL_RC4,
2680 SSL_MD5,
2681 SSL3_VERSION, TLS1_2_VERSION,
2682 0, 0,
2683 SSL_NOT_DEFAULT | SSL_MEDIUM,
2684 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2685 128,
2686 128,
2687 },
2688
2689 # ifndef OPENSSL_NO_EC
2690 {
2691 1,
2692 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
2693 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2694 SSL_kECDHEPSK,
2695 SSL_aPSK,
2696 SSL_RC4,
2697 SSL_SHA1,
2698 SSL3_VERSION, TLS1_2_VERSION,
2699 0, 0,
2700 SSL_NOT_DEFAULT | SSL_MEDIUM,
2701 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2702 128,
2703 128,
2704 },
2705 {
2706 1,
2707 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2708 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2709 SSL_kECDHE,
2710 SSL_aNULL,
2711 SSL_RC4,
2712 SSL_SHA1,
2713 SSL3_VERSION, TLS1_2_VERSION,
2714 0, 0,
2715 SSL_NOT_DEFAULT | SSL_MEDIUM,
2716 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2717 128,
2718 128,
2719 },
2720 {
2721 1,
2722 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2723 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2724 SSL_kECDHE,
2725 SSL_aECDSA,
2726 SSL_RC4,
2727 SSL_SHA1,
2728 SSL3_VERSION, TLS1_2_VERSION,
2729 0, 0,
2730 SSL_NOT_DEFAULT | SSL_MEDIUM,
2731 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2732 128,
2733 128,
2734 },
2735 {
2736 1,
2737 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2738 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2739 SSL_kECDHE,
2740 SSL_aRSA,
2741 SSL_RC4,
2742 SSL_SHA1,
2743 SSL3_VERSION, TLS1_2_VERSION,
2744 0, 0,
2745 SSL_NOT_DEFAULT | SSL_MEDIUM,
2746 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2747 128,
2748 128,
2749 },
2750 # endif /* OPENSSL_NO_EC */
2751
2752 # ifndef OPENSSL_NO_PSK
2753 {
2754 1,
2755 TLS1_TXT_PSK_WITH_RC4_128_SHA,
2756 TLS1_CK_PSK_WITH_RC4_128_SHA,
2757 SSL_kPSK,
2758 SSL_aPSK,
2759 SSL_RC4,
2760 SSL_SHA1,
2761 SSL3_VERSION, TLS1_2_VERSION,
2762 0, 0,
2763 SSL_NOT_DEFAULT | SSL_MEDIUM,
2764 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2765 128,
2766 128,
2767 },
2768 {
2769 1,
2770 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
2771 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
2772 SSL_kRSAPSK,
2773 SSL_aRSA,
2774 SSL_RC4,
2775 SSL_SHA1,
2776 SSL3_VERSION, TLS1_2_VERSION,
2777 0, 0,
2778 SSL_NOT_DEFAULT | SSL_MEDIUM,
2779 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2780 128,
2781 128,
2782 },
2783 {
2784 1,
2785 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
2786 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
2787 SSL_kDHEPSK,
2788 SSL_aPSK,
2789 SSL_RC4,
2790 SSL_SHA1,
2791 SSL3_VERSION, TLS1_2_VERSION,
2792 0, 0,
2793 SSL_NOT_DEFAULT | SSL_MEDIUM,
2794 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2795 128,
2796 128,
2797 },
2798 # endif /* OPENSSL_NO_PSK */
2799
2800 #endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
2801
2802 };
2803
2804
2805 static int cipher_compare(const void *a, const void *b)
2806 {
2807 const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
2808 const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
2809
2810 return ap->id - bp->id;
2811 }
2812
2813 void ssl_sort_cipher_list(void)
2814 {
2815 qsort(ssl3_ciphers, OSSL_NELEM(ssl3_ciphers), sizeof ssl3_ciphers[0],
2816 cipher_compare);
2817 }
2818
2819
2820 const SSL3_ENC_METHOD SSLv3_enc_data = {
2821 ssl3_enc,
2822 n_ssl3_mac,
2823 ssl3_setup_key_block,
2824 ssl3_generate_master_secret,
2825 ssl3_change_cipher_state,
2826 ssl3_final_finish_mac,
2827 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
2828 SSL3_MD_CLIENT_FINISHED_CONST, 4,
2829 SSL3_MD_SERVER_FINISHED_CONST, 4,
2830 ssl3_alert_code,
2831 (int (*)(SSL *, unsigned char *, size_t, const char *,
2832 size_t, const unsigned char *, size_t,
2833 int use_context))ssl_undefined_function,
2834 0,
2835 SSL3_HM_HEADER_LENGTH,
2836 ssl3_set_handshake_header,
2837 ssl3_handshake_write
2838 };
2839
2840 long ssl3_default_timeout(void)
2841 {
2842 /*
2843 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
2844 * http, the cache would over fill
2845 */
2846 return (60 * 60 * 2);
2847 }
2848
2849 int ssl3_num_ciphers(void)
2850 {
2851 return (SSL3_NUM_CIPHERS);
2852 }
2853
2854 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
2855 {
2856 if (u < SSL3_NUM_CIPHERS)
2857 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
2858 else
2859 return (NULL);
2860 }
2861
2862 int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
2863 {
2864 unsigned char *p = (unsigned char *)s->init_buf->data;
2865 *(p++) = htype;
2866 l2n3(len, p);
2867 s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
2868 s->init_off = 0;
2869
2870 return 1;
2871 }
2872
2873 int ssl3_handshake_write(SSL *s)
2874 {
2875 return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
2876 }
2877
2878 int ssl3_new(SSL *s)
2879 {
2880 SSL3_STATE *s3;
2881
2882 if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL)
2883 goto err;
2884 s->s3 = s3;
2885
2886 #ifndef OPENSSL_NO_SRP
2887 if (!SSL_SRP_CTX_init(s))
2888 goto err;
2889 #endif
2890 s->method->ssl_clear(s);
2891 return (1);
2892 err:
2893 return (0);
2894 }
2895
2896 void ssl3_free(SSL *s)
2897 {
2898 if (s == NULL || s->s3 == NULL)
2899 return;
2900
2901 ssl3_cleanup_key_block(s);
2902
2903 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
2904 EVP_PKEY_free(s->s3->peer_tmp);
2905 s->s3->peer_tmp = NULL;
2906 EVP_PKEY_free(s->s3->tmp.pkey);
2907 s->s3->tmp.pkey = NULL;
2908 #endif
2909
2910 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
2911 OPENSSL_free(s->s3->tmp.ciphers_raw);
2912 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
2913 OPENSSL_free(s->s3->tmp.peer_sigalgs);
2914 ssl3_free_digest_list(s);
2915 OPENSSL_free(s->s3->alpn_selected);
2916 OPENSSL_free(s->s3->alpn_proposed);
2917
2918 #ifndef OPENSSL_NO_SRP
2919 SSL_SRP_CTX_free(s);
2920 #endif
2921 OPENSSL_clear_free(s->s3, sizeof(*s->s3));
2922 s->s3 = NULL;
2923 }
2924
2925 void ssl3_clear(SSL *s)
2926 {
2927 ssl3_cleanup_key_block(s);
2928 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
2929 OPENSSL_free(s->s3->tmp.ciphers_raw);
2930 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
2931 OPENSSL_free(s->s3->tmp.peer_sigalgs);
2932
2933 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
2934 EVP_PKEY_free(s->s3->tmp.pkey);
2935 EVP_PKEY_free(s->s3->peer_tmp);
2936 #endif /* !OPENSSL_NO_EC */
2937
2938 ssl3_free_digest_list(s);
2939
2940 OPENSSL_free(s->s3->alpn_selected);
2941 OPENSSL_free(s->s3->alpn_proposed);
2942
2943 /* NULL/zero-out everything in the s3 struct */
2944 memset(s->s3, 0, sizeof(*s->s3));
2945
2946 ssl_free_wbio_buffer(s);
2947
2948 s->version = SSL3_VERSION;
2949
2950 #if !defined(OPENSSL_NO_NEXTPROTONEG)
2951 OPENSSL_free(s->next_proto_negotiated);
2952 s->next_proto_negotiated = NULL;
2953 s->next_proto_negotiated_len = 0;
2954 #endif
2955 }
2956
2957 #ifndef OPENSSL_NO_SRP
2958 static char *srp_password_from_info_cb(SSL *s, void *arg)
2959 {
2960 return OPENSSL_strdup(s->srp_ctx.info);
2961 }
2962 #endif
2963
2964 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p,
2965 size_t len);
2966
2967 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2968 {
2969 int ret = 0;
2970
2971 switch (cmd) {
2972 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
2973 break;
2974 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
2975 ret = s->s3->num_renegotiations;
2976 break;
2977 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
2978 ret = s->s3->num_renegotiations;
2979 s->s3->num_renegotiations = 0;
2980 break;
2981 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
2982 ret = s->s3->total_renegotiations;
2983 break;
2984 case SSL_CTRL_GET_FLAGS:
2985 ret = (int)(s->s3->flags);
2986 break;
2987 #ifndef OPENSSL_NO_DH
2988 case SSL_CTRL_SET_TMP_DH:
2989 {
2990 DH *dh = (DH *)parg;
2991 EVP_PKEY *pkdh = NULL;
2992 if (dh == NULL) {
2993 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
2994 return (ret);
2995 }
2996 pkdh = ssl_dh_to_pkey(dh);
2997 if (pkdh == NULL) {
2998 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
2999 return 0;
3000 }
3001 if (!ssl_security(s, SSL_SECOP_TMP_DH,
3002 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3003 SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3004 EVP_PKEY_free(pkdh);
3005 return ret;
3006 }
3007 EVP_PKEY_free(s->cert->dh_tmp);
3008 s->cert->dh_tmp = pkdh;
3009 ret = 1;
3010 }
3011 break;
3012 case SSL_CTRL_SET_TMP_DH_CB:
3013 {
3014 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3015 return (ret);
3016 }
3017 case SSL_CTRL_SET_DH_AUTO:
3018 s->cert->dh_tmp_auto = larg;
3019 return 1;
3020 #endif
3021 #ifndef OPENSSL_NO_EC
3022 case SSL_CTRL_SET_TMP_ECDH:
3023 {
3024 const EC_GROUP *group = NULL;
3025 int nid;
3026
3027 if (parg == NULL) {
3028 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3029 return 0;
3030 }
3031 group = EC_KEY_get0_group((const EC_KEY *)parg);
3032 if (group == NULL) {
3033 SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS);
3034 return 0;
3035 }
3036 nid = EC_GROUP_get_curve_name(group);
3037 if (nid == NID_undef)
3038 return 0;
3039 return tls1_set_curves(&s->tlsext_ellipticcurvelist,
3040 &s->tlsext_ellipticcurvelist_length,
3041 &nid, 1);
3042 }
3043 break;
3044 #endif /* !OPENSSL_NO_EC */
3045 case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3046 if (larg == TLSEXT_NAMETYPE_host_name) {
3047 size_t len;
3048
3049 OPENSSL_free(s->tlsext_hostname);
3050 s->tlsext_hostname = NULL;
3051
3052 ret = 1;
3053 if (parg == NULL)
3054 break;
3055 len = strlen((char *)parg);
3056 if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
3057 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3058 return 0;
3059 }
3060 if ((s->tlsext_hostname = OPENSSL_strdup((char *)parg)) == NULL) {
3061 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3062 return 0;
3063 }
3064 } else {
3065 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3066 return 0;
3067 }
3068 break;
3069 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3070 s->tlsext_debug_arg = parg;
3071 ret = 1;
3072 break;
3073
3074 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3075 s->tlsext_status_type = larg;
3076 ret = 1;
3077 break;
3078
3079 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3080 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
3081 ret = 1;
3082 break;
3083
3084 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3085 s->tlsext_ocsp_exts = parg;
3086 ret = 1;
3087 break;
3088
3089 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3090 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
3091 ret = 1;
3092 break;
3093
3094 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3095 s->tlsext_ocsp_ids = parg;
3096 ret = 1;
3097 break;
3098
3099 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3100 *(unsigned char **)parg = s->tlsext_ocsp_resp;
3101 return s->tlsext_ocsp_resplen;
3102
3103 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3104 OPENSSL_free(s->tlsext_ocsp_resp);
3105 s->tlsext_ocsp_resp = parg;
3106 s->tlsext_ocsp_resplen = larg;
3107 ret = 1;
3108 break;
3109
3110 #ifndef OPENSSL_NO_HEARTBEATS
3111 case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT:
3112 if (SSL_IS_DTLS(s))
3113 ret = dtls1_heartbeat(s);
3114 break;
3115
3116 case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING:
3117 if (SSL_IS_DTLS(s))
3118 ret = s->tlsext_hb_pending;
3119 break;
3120
3121 case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS:
3122 if (SSL_IS_DTLS(s)) {
3123 if (larg)
3124 s->tlsext_heartbeat |= SSL_DTLSEXT_HB_DONT_RECV_REQUESTS;
3125 else
3126 s->tlsext_heartbeat &= ~SSL_DTLSEXT_HB_DONT_RECV_REQUESTS;
3127 ret = 1;
3128 }
3129 break;
3130 #endif
3131
3132 case SSL_CTRL_CHAIN:
3133 if (larg)
3134 return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
3135 else
3136 return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);
3137
3138 case SSL_CTRL_CHAIN_CERT:
3139 if (larg)
3140 return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
3141 else
3142 return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);
3143
3144 case SSL_CTRL_GET_CHAIN_CERTS:
3145 *(STACK_OF(X509) **)parg = s->cert->key->chain;
3146 break;
3147
3148 case SSL_CTRL_SELECT_CURRENT_CERT:
3149 return ssl_cert_select_current(s->cert, (X509 *)parg);
3150
3151 case SSL_CTRL_SET_CURRENT_CERT:
3152 if (larg == SSL_CERT_SET_SERVER) {
3153 CERT_PKEY *cpk;
3154 const SSL_CIPHER *cipher;
3155 if (!s->server)
3156 return 0;
3157 cipher = s->s3->tmp.new_cipher;
3158 if (!cipher)
3159 return 0;
3160 /*
3161 * No certificate for unauthenticated ciphersuites or using SRP
3162 * authentication
3163 */
3164 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3165 return 2;
3166 cpk = ssl_get_server_send_pkey(s);
3167 if (!cpk)
3168 return 0;
3169 s->cert->key = cpk;
3170 return 1;
3171 }
3172 return ssl_cert_set_current(s->cert, larg);
3173
3174 #ifndef OPENSSL_NO_EC
3175 case SSL_CTRL_GET_CURVES:
3176 {
3177 unsigned char *clist;
3178 size_t clistlen;
3179 if (!s->session)
3180 return 0;
3181 clist = s->session->tlsext_ellipticcurvelist;
3182 clistlen = s->session->tlsext_ellipticcurvelist_length / 2;
3183 if (parg) {
3184 size_t i;
3185 int *cptr = parg;
3186 unsigned int cid, nid;
3187 for (i = 0; i < clistlen; i++) {
3188 n2s(clist, cid);
3189 nid = tls1_ec_curve_id2nid(cid);
3190 if (nid != 0)
3191 cptr[i] = nid;
3192 else
3193 cptr[i] = TLSEXT_nid_unknown | cid;
3194 }
3195 }
3196 return (int)clistlen;
3197 }
3198
3199 case SSL_CTRL_SET_CURVES:
3200 return tls1_set_curves(&s->tlsext_ellipticcurvelist,
3201 &s->tlsext_ellipticcurvelist_length,
3202 parg, larg);
3203
3204 case SSL_CTRL_SET_CURVES_LIST:
3205 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist,
3206 &s->tlsext_ellipticcurvelist_length,
3207 parg);
3208
3209 case SSL_CTRL_GET_SHARED_CURVE:
3210 return tls1_shared_curve(s, larg);
3211
3212 #endif
3213 case SSL_CTRL_SET_SIGALGS:
3214 return tls1_set_sigalgs(s->cert, parg, larg, 0);
3215
3216 case SSL_CTRL_SET_SIGALGS_LIST:
3217 return tls1_set_sigalgs_list(s->cert, parg, 0);
3218
3219 case SSL_CTRL_SET_CLIENT_SIGALGS:
3220 return tls1_set_sigalgs(s->cert, parg, larg, 1);
3221
3222 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3223 return tls1_set_sigalgs_list(s->cert, parg, 1);
3224
3225 case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3226 {
3227 const unsigned char **pctype = parg;
3228 if (s->server || !s->s3->tmp.cert_req)
3229 return 0;
3230 if (s->cert->ctypes) {
3231 if (pctype)
3232 *pctype = s->cert->ctypes;
3233 return (int)s->cert->ctype_num;
3234 }
3235 if (pctype)
3236 *pctype = (unsigned char *)s->s3->tmp.ctype;
3237 return s->s3->tmp.ctype_num;
3238 }
3239
3240 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3241 if (!s->server)
3242 return 0;
3243 return ssl3_set_req_cert_type(s->cert, parg, larg);
3244
3245 case SSL_CTRL_BUILD_CERT_CHAIN:
3246 return ssl_build_cert_chain(s, NULL, larg);
3247
3248 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3249 return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
3250
3251 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3252 return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
3253
3254 case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3255 if (SSL_USE_SIGALGS(s)) {
3256 if (s->session) {
3257 const EVP_MD *sig;
3258 sig = s->s3->tmp.peer_md;
3259 if (sig) {
3260 *(int *)parg = EVP_MD_type(sig);
3261 return 1;
3262 }
3263 }
3264 return 0;
3265 }
3266 /* Might want to do something here for other versions */
3267 else
3268 return 0;
3269
3270 case SSL_CTRL_GET_SERVER_TMP_KEY:
3271 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3272 if (s->server || s->session == NULL || s->s3->peer_tmp == NULL) {
3273 return 0;
3274 } else {
3275 EVP_PKEY_up_ref(s->s3->peer_tmp);
3276 *(EVP_PKEY **)parg = s->s3->peer_tmp;
3277 return 1;
3278 }
3279 #else
3280 return 0;
3281 #endif
3282 #ifndef OPENSSL_NO_EC
3283 case SSL_CTRL_GET_EC_POINT_FORMATS:
3284 {
3285 SSL_SESSION *sess = s->session;
3286 const unsigned char **pformat = parg;
3287 if (!sess || !sess->tlsext_ecpointformatlist)
3288 return 0;
3289 *pformat = sess->tlsext_ecpointformatlist;
3290 return (int)sess->tlsext_ecpointformatlist_length;
3291 }
3292 #endif
3293
3294 default:
3295 break;
3296 }
3297 return (ret);
3298 }
3299
3300 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3301 {
3302 int ret = 0;
3303
3304 switch (cmd) {
3305 #ifndef OPENSSL_NO_DH
3306 case SSL_CTRL_SET_TMP_DH_CB:
3307 {
3308 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3309 }
3310 break;
3311 #endif
3312 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3313 s->tlsext_debug_cb = (void (*)(SSL *, int, int,
3314 const unsigned char *, int, void *))fp;
3315 break;
3316
3317 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3318 {
3319 s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3320 }
3321 break;
3322 default:
3323 break;
3324 }
3325 return (ret);
3326 }
3327
3328 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3329 {
3330 switch (cmd) {
3331 #ifndef OPENSSL_NO_DH
3332 case SSL_CTRL_SET_TMP_DH:
3333 {
3334 DH *dh = (DH *)parg;
3335 EVP_PKEY *pkdh = NULL;
3336 if (dh == NULL) {
3337 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3338 return 0;
3339 }
3340 pkdh = ssl_dh_to_pkey(dh);
3341 if (pkdh == NULL) {
3342 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3343 return 0;
3344 }
3345 if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
3346 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3347 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3348 EVP_PKEY_free(pkdh);
3349 return 1;
3350 }
3351 EVP_PKEY_free(ctx->cert->dh_tmp);
3352 ctx->cert->dh_tmp = pkdh;
3353 return 1;
3354 }
3355 /*
3356 * break;
3357 */
3358 case SSL_CTRL_SET_TMP_DH_CB:
3359 {
3360 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3361 return (0);
3362 }
3363 case SSL_CTRL_SET_DH_AUTO:
3364 ctx->cert->dh_tmp_auto = larg;
3365 return 1;
3366 #endif
3367 #ifndef OPENSSL_NO_EC
3368 case SSL_CTRL_SET_TMP_ECDH:
3369 {
3370 const EC_GROUP *group = NULL;
3371 int nid;
3372
3373 if (parg == NULL) {
3374 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3375 return 0;
3376 }
3377 group = EC_KEY_get0_group((const EC_KEY *)parg);
3378 if (group == NULL) {
3379 SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS);
3380 return 0;
3381 }
3382 nid = EC_GROUP_get_curve_name(group);
3383 if (nid == NID_undef)
3384 return 0;
3385 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
3386 &ctx->tlsext_ellipticcurvelist_length,
3387 &nid, 1);
3388 }
3389 /* break; */
3390 #endif /* !OPENSSL_NO_EC */
3391 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3392 ctx->tlsext_servername_arg = parg;
3393 break;
3394 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3395 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3396 {
3397 unsigned char *keys = parg;
3398 if (!keys)
3399 return 48;
3400 if (larg != 48) {
3401 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3402 return 0;
3403 }
3404 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3405 memcpy(ctx->tlsext_tick_key_name, keys, 16);
3406 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
3407 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
3408 } else {
3409 memcpy(keys, ctx->tlsext_tick_key_name, 16);
3410 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
3411 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
3412 }
3413 return 1;
3414 }
3415
3416 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3417 ctx->tlsext_status_arg = parg;
3418 return 1;
3419
3420 #ifndef OPENSSL_NO_SRP
3421 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3422 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3423 OPENSSL_free(ctx->srp_ctx.login);
3424 ctx->srp_ctx.login = NULL;
3425 if (parg == NULL)
3426 break;
3427 if (strlen((const char *)parg) > 255
3428 || strlen((const char *)parg) < 1) {
3429 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3430 return 0;
3431 }
3432 if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
3433 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3434 return 0;
3435 }
3436 break;
3437 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3438 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3439 srp_password_from_info_cb;
3440 ctx->srp_ctx.info = parg;
3441 break;
3442 case SSL_CTRL_SET_SRP_ARG:
3443 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3444 ctx->srp_ctx.SRP_cb_arg = parg;
3445 break;
3446
3447 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3448 ctx->srp_ctx.strength = larg;
3449 break;
3450 #endif
3451
3452 #ifndef OPENSSL_NO_EC
3453 case SSL_CTRL_SET_CURVES:
3454 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
3455 &ctx->tlsext_ellipticcurvelist_length,
3456 parg, larg);
3457
3458 case SSL_CTRL_SET_CURVES_LIST:
3459 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
3460 &ctx->tlsext_ellipticcurvelist_length,
3461 parg);
3462 #endif
3463 case SSL_CTRL_SET_SIGALGS:
3464 return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
3465
3466 case SSL_CTRL_SET_SIGALGS_LIST:
3467 return tls1_set_sigalgs_list(ctx->cert, parg, 0);
3468
3469 case SSL_CTRL_SET_CLIENT_SIGALGS:
3470 return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
3471
3472 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3473 return tls1_set_sigalgs_list(ctx->cert, parg, 1);
3474
3475 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3476 return ssl3_set_req_cert_type(ctx->cert, parg, larg);
3477
3478 case SSL_CTRL_BUILD_CERT_CHAIN:
3479 return ssl_build_cert_chain(NULL, ctx, larg);
3480
3481 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3482 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
3483
3484 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3485 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
3486
3487 /* A Thawte special :-) */
3488 case SSL_CTRL_EXTRA_CHAIN_CERT:
3489 if (ctx->extra_certs == NULL) {
3490 if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
3491 return (0);
3492 }
3493 sk_X509_push(ctx->extra_certs, (X509 *)parg);
3494 break;
3495
3496 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3497 if (ctx->extra_certs == NULL && larg == 0)
3498 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3499 else
3500 *(STACK_OF(X509) **)parg = ctx->extra_certs;
3501 break;
3502
3503 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3504 sk_X509_pop_free(ctx->extra_certs, X509_free);
3505 ctx->extra_certs = NULL;
3506 break;
3507
3508 case SSL_CTRL_CHAIN:
3509 if (larg)
3510 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3511 else
3512 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3513
3514 case SSL_CTRL_CHAIN_CERT:
3515 if (larg)
3516 return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
3517 else
3518 return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
3519
3520 case SSL_CTRL_GET_CHAIN_CERTS:
3521 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3522 break;
3523
3524 case SSL_CTRL_SELECT_CURRENT_CERT:
3525 return ssl_cert_select_current(ctx->cert, (X509 *)parg);
3526
3527 case SSL_CTRL_SET_CURRENT_CERT:
3528 return ssl_cert_set_current(ctx->cert, larg);
3529
3530 default:
3531 return (0);
3532 }
3533 return (1);
3534 }
3535
3536 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
3537 {
3538 switch (cmd) {
3539 #ifndef OPENSSL_NO_DH
3540 case SSL_CTRL_SET_TMP_DH_CB:
3541 {
3542 ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3543 }
3544 break;
3545 #endif
3546 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3547 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
3548 break;
3549
3550 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
3551 ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
3552 break;
3553
3554 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
3555 ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *,
3556 unsigned char *,
3557 EVP_CIPHER_CTX *,
3558 HMAC_CTX *, int))fp;
3559 break;
3560
3561 #ifndef OPENSSL_NO_SRP
3562 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
3563 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3564 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
3565 break;
3566 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
3567 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3568 ctx->srp_ctx.TLS_ext_srp_username_callback =
3569 (int (*)(SSL *, int *, void *))fp;
3570 break;
3571 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
3572 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3573 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3574 (char *(*)(SSL *, void *))fp;
3575 break;
3576 #endif
3577 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3578 {
3579 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3580 }
3581 break;
3582 default:
3583 return (0);
3584 }
3585 return (1);
3586 }
3587
3588 /*
3589 * This function needs to check if the ciphers required are actually
3590 * available
3591 */
3592 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
3593 {
3594 SSL_CIPHER c;
3595 const SSL_CIPHER *cp;
3596 uint32_t id;
3597
3598 id = 0x03000000 | ((uint32_t)p[0] << 8L) | (uint32_t)p[1];
3599 c.id = id;
3600 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
3601 return cp;
3602 }
3603
3604 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
3605 {
3606 long l;
3607
3608 if (p != NULL) {
3609 l = c->id;
3610 if ((l & 0xff000000) != 0x03000000)
3611 return (0);
3612 p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
3613 p[1] = ((unsigned char)(l)) & 0xFF;
3614 }
3615 return (2);
3616 }
3617
3618 /*
3619 * ssl3_choose_cipher - choose a cipher from those offered by the client
3620 * @s: SSL connection
3621 * @clnt: ciphers offered by the client
3622 * @srvr: ciphers enabled on the server?
3623 *
3624 * Returns the selected cipher or NULL when no common ciphers.
3625 */
3626 const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3627 STACK_OF(SSL_CIPHER) *srvr)
3628 {
3629 const SSL_CIPHER *c, *ret = NULL;
3630 STACK_OF(SSL_CIPHER) *prio, *allow;
3631 int i, ii, ok;
3632 unsigned long alg_k, alg_a, mask_k, mask_a;
3633
3634 /* Let's see which ciphers we can support */
3635
3636 #if 0
3637 /*
3638 * Do not set the compare functions, because this may lead to a
3639 * reordering by "id". We want to keep the original ordering. We may pay
3640 * a price in performance during sk_SSL_CIPHER_find(), but would have to
3641 * pay with the price of sk_SSL_CIPHER_dup().
3642 */
3643 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
3644 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
3645 #endif
3646
3647 #ifdef CIPHER_DEBUG
3648 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
3649 (void *)srvr);
3650 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
3651 c = sk_SSL_CIPHER_value(srvr, i);
3652 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
3653 }
3654 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
3655 (void *)clnt);
3656 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
3657 c = sk_SSL_CIPHER_value(clnt, i);
3658 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
3659 }
3660 #endif
3661
3662 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
3663 prio = srvr;
3664 allow = clnt;
3665 } else {
3666 prio = clnt;
3667 allow = srvr;
3668 }
3669
3670 tls1_set_cert_validity(s);
3671 ssl_set_masks(s);
3672
3673 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
3674 c = sk_SSL_CIPHER_value(prio, i);
3675
3676 /* Skip ciphers not supported by the protocol version */
3677 if (!SSL_IS_DTLS(s) &&
3678 ((s->version < c->min_tls) || (s->version > c->max_tls)))
3679 continue;
3680 if (SSL_IS_DTLS(s) &&
3681 (DTLS_VERSION_LT(s->version, c->min_dtls) ||
3682 DTLS_VERSION_GT(s->version, c->max_dtls)))
3683 continue;
3684
3685 mask_k = s->s3->tmp.mask_k;
3686 mask_a = s->s3->tmp.mask_a;
3687 #ifndef OPENSSL_NO_SRP
3688 if (s->srp_ctx.srp_Mask & SSL_kSRP) {
3689 mask_k |= SSL_kSRP;
3690 mask_a |= SSL_aSRP;
3691 }
3692 #endif
3693
3694 alg_k = c->algorithm_mkey;
3695 alg_a = c->algorithm_auth;
3696
3697 #ifndef OPENSSL_NO_PSK
3698 /* with PSK there must be server callback set */
3699 if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
3700 continue;
3701 #endif /* OPENSSL_NO_PSK */
3702
3703 ok = (alg_k & mask_k) && (alg_a & mask_a);
3704 #ifdef CIPHER_DEBUG
3705 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
3706 alg_a, mask_k, mask_a, (void *)c, c->name);
3707 #endif
3708
3709 # ifndef OPENSSL_NO_EC
3710 /*
3711 * if we are considering an ECC cipher suite that uses an ephemeral
3712 * EC key check it
3713 */
3714 if (alg_k & SSL_kECDHE)
3715 ok = ok && tls1_check_ec_tmp_key(s, c->id);
3716 # endif /* OPENSSL_NO_EC */
3717
3718 if (!ok)
3719 continue;
3720 ii = sk_SSL_CIPHER_find(allow, c);
3721 if (ii >= 0) {
3722 /* Check security callback permits this cipher */
3723 if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
3724 c->strength_bits, 0, (void *)c))
3725 continue;
3726 #if !defined(OPENSSL_NO_EC)
3727 if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
3728 && s->s3->is_probably_safari) {
3729 if (!ret)
3730 ret = sk_SSL_CIPHER_value(allow, ii);
3731 continue;
3732 }
3733 #endif
3734 ret = sk_SSL_CIPHER_value(allow, ii);
3735 break;
3736 }
3737 }
3738 return (ret);
3739 }
3740
3741 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
3742 {
3743 int ret = 0;
3744 uint32_t alg_k, alg_a = 0;
3745
3746 /* If we have custom certificate types set, use them */
3747 if (s->cert->ctypes) {
3748 memcpy(p, s->cert->ctypes, s->cert->ctype_num);
3749 return (int)s->cert->ctype_num;
3750 }
3751 /* Get mask of algorithms disabled by signature list */
3752 ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
3753
3754 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
3755
3756 #ifndef OPENSSL_NO_GOST
3757 if (s->version >= TLS1_VERSION) {
3758 if (alg_k & SSL_kGOST) {
3759 p[ret++] = TLS_CT_GOST01_SIGN;
3760 p[ret++] = TLS_CT_GOST12_SIGN;
3761 p[ret++] = TLS_CT_GOST12_512_SIGN;
3762 return (ret);
3763 }
3764 }
3765 #endif
3766
3767 if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
3768 #ifndef OPENSSL_NO_DH
3769 # ifndef OPENSSL_NO_RSA
3770 p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
3771 # endif
3772 # ifndef OPENSSL_NO_DSA
3773 p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH;
3774 # endif
3775 #endif /* !OPENSSL_NO_DH */
3776 }
3777 #ifndef OPENSSL_NO_RSA
3778 if (!(alg_a & SSL_aRSA))
3779 p[ret++] = SSL3_CT_RSA_SIGN;
3780 #endif
3781 #ifndef OPENSSL_NO_DSA
3782 if (!(alg_a & SSL_aDSS))
3783 p[ret++] = SSL3_CT_DSS_SIGN;
3784 #endif
3785 #ifndef OPENSSL_NO_EC
3786 /*
3787 * ECDSA certs can be used with RSA cipher suites too so we don't
3788 * need to check for SSL_kECDH or SSL_kECDHE
3789 */
3790 if (s->version >= TLS1_VERSION) {
3791 if (!(alg_a & SSL_aECDSA))
3792 p[ret++] = TLS_CT_ECDSA_SIGN;
3793 }
3794 #endif
3795 return (ret);
3796 }
3797
3798 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
3799 {
3800 OPENSSL_free(c->ctypes);
3801 c->ctypes = NULL;
3802 if (!p || !len)
3803 return 1;
3804 if (len > 0xff)
3805 return 0;
3806 c->ctypes = OPENSSL_malloc(len);
3807 if (c->ctypes == NULL)
3808 return 0;
3809 memcpy(c->ctypes, p, len);
3810 c->ctype_num = len;
3811 return 1;
3812 }
3813
3814 int ssl3_shutdown(SSL *s)
3815 {
3816 int ret;
3817
3818 /*
3819 * Don't do anything much if we have not done the handshake or we don't
3820 * want to send messages :-)
3821 */
3822 if (s->quiet_shutdown || SSL_in_before(s)) {
3823 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
3824 return (1);
3825 }
3826
3827 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
3828 s->shutdown |= SSL_SENT_SHUTDOWN;
3829 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
3830 /*
3831 * our shutdown alert has been sent now, and if it still needs to be
3832 * written, s->s3->alert_dispatch will be true
3833 */
3834 if (s->s3->alert_dispatch)
3835 return (-1); /* return WANT_WRITE */
3836 } else if (s->s3->alert_dispatch) {
3837 /* resend it if not sent */
3838 ret = s->method->ssl_dispatch_alert(s);
3839 if (ret == -1) {
3840 /*
3841 * we only get to return -1 here the 2nd/Nth invocation, we must
3842 * have already signalled return 0 upon a previous invocation,
3843 * return WANT_WRITE
3844 */
3845 return (ret);
3846 }
3847 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
3848 /*
3849 * If we are waiting for a close from our peer, we are closed
3850 */
3851 s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0);
3852 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
3853 return (-1); /* return WANT_READ */
3854 }
3855 }
3856
3857 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
3858 !s->s3->alert_dispatch)
3859 return (1);
3860 else
3861 return (0);
3862 }
3863
3864 int ssl3_write(SSL *s, const void *buf, int len)
3865 {
3866 clear_sys_error();
3867 if (s->s3->renegotiate)
3868 ssl3_renegotiate_check(s);
3869
3870 return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
3871 buf, len);
3872 }
3873
3874 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
3875 {
3876 int ret;
3877
3878 clear_sys_error();
3879 if (s->s3->renegotiate)
3880 ssl3_renegotiate_check(s);
3881 s->s3->in_read_app_data = 1;
3882 ret =
3883 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
3884 peek);
3885 if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
3886 /*
3887 * ssl3_read_bytes decided to call s->handshake_func, which called
3888 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
3889 * actually found application data and thinks that application data
3890 * makes sense here; so disable handshake processing and try to read
3891 * application data again.
3892 */
3893 ossl_statem_set_in_handshake(s, 1);
3894 ret =
3895 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
3896 len, peek);
3897 ossl_statem_set_in_handshake(s, 0);
3898 } else
3899 s->s3->in_read_app_data = 0;
3900
3901 return (ret);
3902 }
3903
3904 int ssl3_read(SSL *s, void *buf, int len)
3905 {
3906 return ssl3_read_internal(s, buf, len, 0);
3907 }
3908
3909 int ssl3_peek(SSL *s, void *buf, int len)
3910 {
3911 return ssl3_read_internal(s, buf, len, 1);
3912 }
3913
3914 int ssl3_renegotiate(SSL *s)
3915 {
3916 if (s->handshake_func == NULL)
3917 return (1);
3918
3919 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
3920 return (0);
3921
3922 s->s3->renegotiate = 1;
3923 return (1);
3924 }
3925
3926 int ssl3_renegotiate_check(SSL *s)
3927 {
3928 int ret = 0;
3929
3930 if (s->s3->renegotiate) {
3931 if (!RECORD_LAYER_read_pending(&s->rlayer)
3932 && !RECORD_LAYER_write_pending(&s->rlayer)
3933 && !SSL_in_init(s)) {
3934 /*
3935 * if we are the server, and we have sent a 'RENEGOTIATE'
3936 * message, we need to set the state machine into the renegotiate
3937 * state.
3938 */
3939 ossl_statem_set_renegotiate(s);
3940 s->s3->renegotiate = 0;
3941 s->s3->num_renegotiations++;
3942 s->s3->total_renegotiations++;
3943 ret = 1;
3944 }
3945 }
3946 return (ret);
3947 }
3948
3949 /*
3950 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
3951 * handshake macs if required.
3952 *
3953 * If PSK and using SHA384 for TLS < 1.2 switch to default.
3954 */
3955 long ssl_get_algorithm2(SSL *s)
3956 {
3957 long alg2 = s->s3->tmp.new_cipher->algorithm2;
3958 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
3959 if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
3960 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
3961 } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) {
3962 if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
3963 return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
3964 }
3965 return alg2;
3966 }
3967
3968 /*
3969 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
3970 * failure, 1 on success.
3971 */
3972 int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
3973 {
3974 int send_time = 0;
3975
3976 if (len < 4)
3977 return 0;
3978 if (server)
3979 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
3980 else
3981 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
3982 if (send_time) {
3983 unsigned long Time = (unsigned long)time(NULL);
3984 unsigned char *p = result;
3985 l2n(Time, p);
3986 return RAND_bytes(p, len - 4);
3987 } else
3988 return RAND_bytes(result, len);
3989 }
3990
3991 int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
3992 int free_pms)
3993 {
3994 #ifndef OPENSSL_NO_PSK
3995 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
3996 if (alg_k & SSL_PSK) {
3997 unsigned char *pskpms, *t;
3998 size_t psklen = s->s3->tmp.psklen;
3999 size_t pskpmslen;
4000
4001 /* create PSK premaster_secret */
4002
4003 /* For plain PSK "other_secret" is psklen zeroes */
4004 if (alg_k & SSL_kPSK)
4005 pmslen = psklen;
4006
4007 pskpmslen = 4 + pmslen + psklen;
4008 pskpms = OPENSSL_malloc(pskpmslen);
4009 if (pskpms == NULL) {
4010 s->session->master_key_length = 0;
4011 goto err;
4012 }
4013 t = pskpms;
4014 s2n(pmslen, t);
4015 if (alg_k & SSL_kPSK)
4016 memset(t, 0, pmslen);
4017 else
4018 memcpy(t, pms, pmslen);
4019 t += pmslen;
4020 s2n(psklen, t);
4021 memcpy(t, s->s3->tmp.psk, psklen);
4022
4023 OPENSSL_clear_free(s->s3->tmp.psk, psklen);
4024 s->s3->tmp.psk = NULL;
4025 s->session->master_key_length =
4026 s->method->ssl3_enc->generate_master_secret(s,
4027 s->session->master_key,
4028 pskpms, pskpmslen);
4029 OPENSSL_clear_free(pskpms, pskpmslen);
4030 } else
4031 #endif
4032 s->session->master_key_length =
4033 s->method->ssl3_enc->generate_master_secret(s,
4034 s->session->master_key,
4035 pms, pmslen);
4036 #ifndef OPENSSL_NO_PSK
4037 err:
4038 #endif
4039 if (pms) {
4040 if (free_pms)
4041 OPENSSL_clear_free(pms, pmslen);
4042 else
4043 OPENSSL_cleanse(pms, pmslen);
4044 }
4045 if (s->server == 0)
4046 s->s3->tmp.pms = NULL;
4047 return s->session->master_key_length >= 0;
4048 }
4049
4050 /* Generate a private key from parameters or a curve NID */
4051 EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm, int nid)
4052 {
4053 EVP_PKEY_CTX *pctx = NULL;
4054 EVP_PKEY *pkey = NULL;
4055 if (pm != NULL) {
4056 pctx = EVP_PKEY_CTX_new(pm, NULL);
4057 } else {
4058 /*
4059 * Generate a new key for this curve.
4060 * Should not be called if EC is disabled: if it is it will
4061 * fail with an unknown algorithm error.
4062 */
4063 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4064 }
4065 if (pctx == NULL)
4066 goto err;
4067 if (EVP_PKEY_keygen_init(pctx) <= 0)
4068 goto err;
4069 #ifndef OPENSSL_NO_EC
4070 if (pm == NULL && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, nid) <= 0)
4071 goto err;
4072 #endif
4073
4074 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4075 EVP_PKEY_free(pkey);
4076 pkey = NULL;
4077 }
4078
4079 err:
4080 EVP_PKEY_CTX_free(pctx);
4081 return pkey;
4082 }
4083 /* Derive premaster or master secret for ECDH/DH */
4084 int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey)
4085 {
4086 int rv = 0;
4087 unsigned char *pms = NULL;
4088 size_t pmslen = 0;
4089 EVP_PKEY_CTX *pctx;
4090
4091 if (privkey == NULL || pubkey == NULL)
4092 return 0;
4093
4094 pctx = EVP_PKEY_CTX_new(privkey, NULL);
4095
4096 if (EVP_PKEY_derive_init(pctx) <= 0
4097 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4098 || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
4099 goto err;
4100 }
4101
4102 pms = OPENSSL_malloc(pmslen);
4103 if (pms == NULL)
4104 goto err;
4105
4106 if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0)
4107 goto err;
4108
4109 if (s->server) {
4110 /* For server generate master secret and discard premaster */
4111 rv = ssl_generate_master_secret(s, pms, pmslen, 1);
4112 pms = NULL;
4113 } else {
4114 /* For client just save premaster secret */
4115 s->s3->tmp.pms = pms;
4116 s->s3->tmp.pmslen = pmslen;
4117 pms = NULL;
4118 rv = 1;
4119 }
4120
4121 err:
4122 OPENSSL_clear_free(pms, pmslen);
4123 EVP_PKEY_CTX_free(pctx);
4124 return rv;
4125 }
4126
4127 #ifndef OPENSSL_NO_DH
4128 EVP_PKEY *ssl_dh_to_pkey(DH *dh)
4129 {
4130 EVP_PKEY *ret;
4131 if (dh == NULL)
4132 return NULL;
4133 ret = EVP_PKEY_new();
4134 if (EVP_PKEY_set1_DH(ret, dh) <= 0) {
4135 EVP_PKEY_free(ret);
4136 return NULL;
4137 }
4138 return ret;
4139 }
4140 #endif
A mirror of the official openssl repository